OpenVPN; client does not connect to server

Issues related to configuring your network
Post Reply
wp.rauchholz
Posts: 133
Joined: 2016/11/20 11:58:45

OpenVPN; client does not connect to server

Post by wp.rauchholz » 2018/11/22 18:29:58

Trying to setup openvpn server for my home network.
Server:
Certificates with easy-rsa installed
Is up and running:

# systemctl status openvpn@*

openvpn@lhs.lan.service - OpenVPN Robust And Highly Flexible Tunneling Application On lhs.lan
Loaded: loaded (/usr/lib/systemd/system/openvpn@.service; disabled; vendor preset: disabled)
Active: [1;32mactive (running)[0m since Mon 2018-11-19 14:16:14 CET; 3 days ago
Main PID: 22041 (openvpn)
Status: "Initialization Sequence Completed"
CGroup: /system.slice/system-openvpn.slice/openvpn@lhs.lan.service
└─22041 /usr/sbin/openvpn --cd /etc/openvpn/ --config lhs.lan.conf

Nov 19 14:16:14 home.wo-lar.com systemd[1]: Starting OpenVPN Robust And Highly Flexible Tunneling Application On lhs.lan...
Nov 19 14:16:14 home.wo-lar.com systemd[1]: Started OpenVPN Robust And Highly Flexible Tunneling Application On lhs.lan.

# lsof -i -P -n | grep openvpn
openvpn 22041 nobody 6u IPv4 531242 0t0 UDP *:1194

# firewall-cmd --zone=external --list-all
external (active)
interfaces: enp6s0 ppp0 tun0
services: http https openvpn smtp pop3 imap pop3s imaps smtps
masquerade: yes


Client
openresolv and update-resolv-conf.sh installed

Error message says there is a problem with network connectivity. and that TLS handshake failed. I googled the last few days, but can't get it done.
The IP address X.X.X.X:1194 is the public WAN address my home server which tells me that there is some connection.


Anybody ran into a similar situation and can help? Thanks.
Attached also the config file

Thu Nov 22 18:50:47 2018 OpenVPN 2.4.6 x86_64-redhat-linux-gnu [Fedora EPEL patched] [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 26 2018
Thu Nov 22 18:50:47 2018 library versions: OpenSSL 1.0.2k-fips 26 Jan 2017, LZO 2.06
Thu Nov 22 18:50:47 2018 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Thu Nov 22 18:50:47 2018 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Nov 22 18:50:47 2018 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Nov 22 18:50:47 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]X.X.X.X:1194
Thu Nov 22 18:50:47 2018 Socket Buffers: R=[212992->212992] S=[212992->212992]
Thu Nov 22 18:50:47 2018 UDP link local: (not bound)
Thu Nov 22 18:50:47 2018 UDP link remote: [AF_INET]X.X.X.X:1194
Thu Nov 22 18:51:47 2018 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Nov 22 18:51:47 2018 TLS Error: TLS handshake failed
Thu Nov 22 18:51:47 2018 SIGUSR1[soft,tls-error] received, process restarting
Thu Nov 22 18:51:47 2018 Restart pause, 5 second(s)
Attachments
client_config.ovpn.txt
(919 Bytes) Downloaded 94 times

Post Reply