OpenVPN problems highlighted by "TLS Error: TLS key negotiation failed to occur within 60 seconds"
Posted: Wed May 29, 2019 6:28 pm
Greetings --
My name is DethB4DCaf & I am having a VPN experience that I am hoping someone can help me with.
First: long, long time *nix user with next to no VPN experience so I'm probably missing something obvious (-;
I recently was upgrading my Amahi server when I noticed that the OpenVPN application was not supported for Fedora 29.
I promptly downgraded my server to Fedora 27/Amahi 11 -- with NO updates or other patches applied as of yet -- & simply reinstalled it from the HDA's application tab ...AND... the OpenVPN tester still says my VPN is still offline, despite the fact that I have opened port 1194 for UDP traffic on my firewall & forwarded the traffic to my HDA, a look at the /var/log/amahi-app=installer.log shows OpenVPN has been installed, [then uninstalled, reinstalled... ] & the openVPN binaries ARE running on the HDA, utilizing the Amahi configuration file. }-8
In an attempt to gather more data, I attempted to create a VPN connection utilizing my HDA & one of the boxen on the same network using the code from the Amahi VPNLinux Wiki page.
I am seeing the following messages after I am prompted for my [Amahi] credentials:
Wed May 29 17:51:20 2019 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019
Wed May 29 17:51:20 2019 library versions: OpenSSL 1.1.1b 26 Feb 2019, LZO 2.10
Wed May 29 17:51:20 2019 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Wed May 29 17:51:20 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]209.212.63.166:1194
Wed May 29 17:51:20 2019 Socket Buffers: R=[212992->212992] S=[212992->212992]
Wed May 29 17:51:20 2019 UDP link local: (not bound)
Wed May 29 17:51:20 2019 UDP link remote: [AF_INET]209.212.63.166:1194
Wed May 29 17:52:20 2019 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed May 29 17:52:20 2019 TLS Error: TLS handshake failed
Wed May 29 17:52:20 2019 SIGUSR1[soft,tls-error] received, process restarting
Wed May 29 17:52:20 2019 Restart pause, 5 second(s)
Where would I look for a reason that the Amahi OpenVPN tester would think that my VPN is still inactive? ESPECIALLY given that the openvpn binaries have been installed & ARE running on my HDA when I'm executing the test?
I already uploaded a sysinfo file: https://paste.fedoraproject.org/paste/CE4oR~oD4dG5nRKQ-F7b0g [I think the 2nd-to-last character is a zero...
I notice that, at least on MY control panel (-:, the OpenVPN application doesn't have an 'List in Dashboard' option -- how does one know that the OpenVPN application has been installed [successfully]?
I do indeed appreciate all of your help, & ADVthanksANCE! DethB4DCaf
My name is DethB4DCaf & I am having a VPN experience that I am hoping someone can help me with.
First: long, long time *nix user with next to no VPN experience so I'm probably missing something obvious (-;
I recently was upgrading my Amahi server when I noticed that the OpenVPN application was not supported for Fedora 29.
I promptly downgraded my server to Fedora 27/Amahi 11 -- with NO updates or other patches applied as of yet -- & simply reinstalled it from the HDA's application tab ...AND... the OpenVPN tester still says my VPN is still offline, despite the fact that I have opened port 1194 for UDP traffic on my firewall & forwarded the traffic to my HDA, a look at the /var/log/amahi-app=installer.log shows OpenVPN has been installed, [then uninstalled, reinstalled... ] & the openVPN binaries ARE running on the HDA, utilizing the Amahi configuration file. }-8
In an attempt to gather more data, I attempted to create a VPN connection utilizing my HDA & one of the boxen on the same network using the code from the Amahi VPNLinux Wiki page.
I am seeing the following messages after I am prompted for my [Amahi] credentials:
Wed May 29 17:51:20 2019 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019
Wed May 29 17:51:20 2019 library versions: OpenSSL 1.1.1b 26 Feb 2019, LZO 2.10
Wed May 29 17:51:20 2019 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Wed May 29 17:51:20 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]209.212.63.166:1194
Wed May 29 17:51:20 2019 Socket Buffers: R=[212992->212992] S=[212992->212992]
Wed May 29 17:51:20 2019 UDP link local: (not bound)
Wed May 29 17:51:20 2019 UDP link remote: [AF_INET]209.212.63.166:1194
Wed May 29 17:52:20 2019 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed May 29 17:52:20 2019 TLS Error: TLS handshake failed
Wed May 29 17:52:20 2019 SIGUSR1[soft,tls-error] received, process restarting
Wed May 29 17:52:20 2019 Restart pause, 5 second(s)
Where would I look for a reason that the Amahi OpenVPN tester would think that my VPN is still inactive? ESPECIALLY given that the openvpn binaries have been installed & ARE running on my HDA when I'm executing the test?
I already uploaded a sysinfo file: https://paste.fedoraproject.org/paste/CE4oR~oD4dG5nRKQ-F7b0g [I think the 2nd-to-last character is a zero...
I notice that, at least on MY control panel (-:, the OpenVPN application doesn't have an 'List in Dashboard' option -- how does one know that the OpenVPN application has been installed [successfully]?
I do indeed appreciate all of your help, & ADVthanksANCE! DethB4DCaf