[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] tls key negotiation failed to occur within 60 seconds


  • Subject: [Openvpn-users] tls key negotiation failed to occur within 60 seconds
  • From: "Harry Doyle" <harry@xxxxxxxxx>
  • Date: Sat, 22 Sep 2007 15:59:43 -0300

hello everyone,
i tried to set up openvpn server on windows 2003 behind a dlink di-524 wireless router to do remote access for a client. i'm using openvpn 2.1 beta 7 and openvpn gui 1.0.3. and the client machine runs openvpn 2.09 on xp.

i was following a howto found at http://www.runpcrun.com/howtoopenvpn

server can connect to itself fine and get the stock ip of 10.8.0.1. when i try and connect the client to it from a remote location, i get this:

Sat Sep 22 15:43:48 2007 Restart pause, 5 second(s)
Sat Sep 22 15:43:53 2007 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Sat Sep 22 15:43:53 2007 Re-using SSL/TLS context
Sat Sep 22 15:43:53 2007 LZO compression initialized
Sat Sep 22 15:43:53 2007 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sat Sep 22 15:43:53 2007 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Sep 22 15:43:53 2007 Local Options hash (VER=V4): '69109d17'
Sat Sep 22 15:43:53 2007 Expected Remote Options hash (VER=V4): 'c0103fa8'
Sat Sep 22 15:43:53 2007 Attempting to establish TCP connection with 142.176.166.78:1194
Sat Sep 22 15:43:53 2007 TCP connection established with 142.176.166.78:1194
Sat Sep 22 15:43:53 2007 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sat Sep 22 15:43:53 2007 TCPv4_CLIENT link local: [undef]
Sat Sep 22 15:43:53 2007 TCPv4_CLIENT link remote: 142.176.166.78:1194
Sat Sep 22 15:43:53 2007 TLS: Initial packet from 142.176.166.78:1194, sid=5d592391 8dfc7691
Sat Sep 22 15:43:54 2007 Connection reset, restarting [0]
Sat Sep 22 15:43:54 2007 TCP/UDP: Closing socket
Sat Sep 22 15:43:54 2007 SIGUSR1[soft,connection-reset] received, process restarting
Sat Sep 22 15:43:54 2007 Restart pause, 5 second(s)


and this is what the server says:

Sat Sep 22 15:42:37 2007 142.167.228.175:2065 TLS: Initial packet from 142.167.228.175:2065, sid=53185f37 ac60545f
Sat Sep 22 15:42:38 2007 142.167.228.175:2065 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Sep 22 15:42:38 2007 142.167.228.175:2065 TLS Error: TLS handshake failed
Sat Sep 22 15:42:38 2007 142.167.228.175:2065 Fatal TLS error (check_tls_errors_co), restarting
Sat Sep 22 15:42:38 2007 142.167.228.175:2065 SIGUSR1[soft,tls-error] received, client-instance restarting
Sat Sep 22 15:42:38 2007 TCP/UDP: Closing socket


server config:
## server.ovpn ##
port 1194
proto tcp
dev tun
ca ca.crt
cert cbp.crt
key cbp.key
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.0.0 255.255.255.0"
push "dhcp-option WINS 192.168.0.1" (i will change their local ip range later, but it doesn't conflict with mine)
push "dhcp-option DNS 192.168.0.1"
push "dhcp-option DOMAIN cbp.local"
keepalive 10 120
comp-lzo
max-clients 4
persist-key
persist-tun
status openvpn-status.log
verb 3


client config:

## acme.ovpn ##
client
proto tcp
dev tun
remote xxxxxxxxxxxxxx  1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.cbp.crt
cert harrycbp.crt
key harrycbp.key
comp-lzo
verb 3


thanks!
harry