pendrive |
10-27-2011 07:50 AM |
openvpn error: TLS Error: TLS key negotiation failed to occur within 60 seconds
hi guys
I've got a problem on implementin openvpn So I'm here and hope some one could help me
the story:
I've installed openvpn server on a ubuntu server VPS and I've used the tun point-to-point instead of tap bridge.
there is no error caused by miss configuration on the server.
When I issue the openvpn client.conf command on the client, it gives me:
Code:
Thu Oct 27 15:17:39 2011 OpenVPN 2.1.0 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 12 2010
Thu Oct 27 15:17:39 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Thu Oct 27 15:17:39 2011 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Thu Oct 27 15:17:39 2011 LZO compression initialized
Thu Oct 27 15:17:39 2011 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Oct 27 15:17:39 2011 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Thu Oct 27 15:17:39 2011 Local Options hash (VER=V4): '69109d17'
Thu Oct 27 15:17:39 2011 Expected Remote Options hash (VER=V4): 'c0103fa8'
Thu Oct 27 15:17:39 2011 Attempting to establish TCP connection with [AF_INET]VPS_IP_ADDR:4242 [nonblock]
Thu Oct 27 15:17:40 2011 TCP connection established with [AF_INET]VPS_IP_ADDR:PORT_NUM
Thu Oct 27 15:17:40 2011 Socket Buffers: R=[87380->131072] S=[16384->131072]
Thu Oct 27 15:17:40 2011 TCPv4_CLIENT link local: [undef]
Thu Oct 27 15:17:40 2011 TCPv4_CLIENT link remote: [AF_INET]VPS_IP_ADDR:4242
Thu Oct 27 15:17:40 2011 TLS: Initial packet from [AF_INET]VPS_IP_ADDR:4242, sid=b78095e0 079e400c
Thu Oct 27 15:18:40 2011 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Oct 27 15:18:40 2011 TLS Error: TLS handshake failed
Thu Oct 27 15:18:40 2011 Fatal TLS error (check_tls_errors_co), restarting
Thu Oct 27 15:18:40 2011 TCP/UDP: Closing socket
Thu Oct 27 15:18:40 2011 SIGUSR1[soft,tls-error] received, process restarting
Thu Oct 27 15:18:40 2011 Restart pause, 5 second(s)
When I googled the problem I found out people and the openvpn manual itself are saying it's caused by the server's firewall configuration
here are my rules:
Code:
iptables -A INPUT -p tcp --dport 4242 -j ACCEPT
iptables -A OUTPUT -p tcp --sport 4242 -j ACCEPT
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to VPS_IP_ADDR
and my default policy in all chains are ACCEPT and ip forwarding is enabled.
So do you think my firewall still does not let the tls to negotiat?
|