TLS Error: TLS key negotiation failed to occur within 60 sec

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
View previous topic :: View next topic  
Author Message
nemzter
DD-WRT Novice


Joined: 04 Sep 2014
Posts: 12
PostPosted: Fri Sep 19, 2014 18:48    Post subject: TLS Error: TLS key negotiation failed to occur within 60 sec Reply with quote
Unable to get my RHEL6 client to connect to my OpenVPN server running on ddwrt.

Tried it with the fw off/on as well, so I don't think it's an fw issue

Thanks and have a great weekend!

# ddwrt version
DD-WRT v24-sp2 (06/07/14) vpnkong - build 22000M

# openvpn client version
2.3.2

Code:

# startup commands
openvpn --mktun --dev tap0
brctl addif br0 tap0
ifconfig tap0 0.0.0.0 promisc up

# fw commands
iptables -A INPUT -i tap0 -j ACCEPT
iptables -I INPUT -p udp --dport 1194 -j ACCEPT


Code:

# server configuration

dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem
keepalive 10 120
verb 3
mute 3
syslog
writepid /var/run/openvpnd.pid
management 127.0.0.1 14
management-log-cache 100
topology subnet
script-security 2
port 1194
proto udp
cipher bf-cbc
auth md5
client-config-dir /tmp/openvpn/ccd
comp-lzo adaptive
tls-server
ifconfig-pool-persist /tmp/openvpn/ip-pool 86400
client-to-client
fast-io
tun-mtu 1400
mtu-disc yes
server-bridge 192.168.1.1 255.255.255.0 192.168.1.240 192.168.1.250
dev tap2
tun-mtu 1500
verb 5


Code:

# client configuration

remote xxx 1194

tls-client
dev tap0
proto udp
resolv-retry infinite
nobind
persist-key
persist-tun
float

ca /usr/share/easy-rsa/2.0/keys/ca.crt
cert /usr/share/easy-rsa/2.0/keys/client1.crt
key /usr/share/easy-rsa/2.0/keys/client1.key

ns-cert-type server
verb 5


Code:

# ddwrt /var/log/messages

Sep 19 13:22:32 r0wan daemon.notice openvpn[2119]: 192.168.1.109:47019 Re-using SSL/TLS context
Sep 19 13:22:32 r0wan daemon.notice openvpn[2119]: 192.168.1.109:47019 LZO compression initialized
Sep 19 13:22:32 r0wan daemon.notice openvpn[2119]: 192.168.1.109:47019 Control Channel MTU parms [ L:1570 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sep 19 13:22:32 r0wan daemon.notice openvpn[2119]: 192.168.1.109:47019 Data Channel MTU parms [ L:1570 D:1450 EF:38 EB:135 ET:32 EL:0 AF:3/1 ]
Sep 19 13:22:32 r0wan daemon.notice openvpn[2119]: 192.168.1.109:47019 Local Options String: 'V4,dev-type tap,link-mtu 1570,tun-mtu 1532,proto UDPv4,comp-lzo,cipher BF-CBC,auth MD5,keysize 128,key-method 2,tls-server'
Sep 19 13:22:32 r0wan daemon.notice openvpn[2119]: 192.168.1.109:47019 Expected Remote Options String: 'V4,dev-type tap,link-mtu 1570,tun-mtu 1532,proto UDPv4,comp-lzo,cipher BF-CBC,auth MD5,keysize 128,key-method 2,tls-client'
Sep 19 13:22:32 r0wan daemon.notice openvpn[2119]: 192.168.1.109:47019 Local Options hash (VER=V4): '1f5f71d5'
Sep 19 13:22:32 r0wan daemon.notice openvpn[2119]: 192.168.1.109:47019 Expected Remote Options hash (VER=V4): 'ba985338'
Sep 19 13:22:32 r0wan daemon.notice openvpn[2119]: 192.168.1.109:47019 TLS: Initial packet from [AF_INET]192.168.1.109:47019, sid=e1cb2a60 e326d7e7
Sep 19 13:23:32 r0wan daemon.err openvpn[2119]: 192.168.1.109:47019 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sep 19 13:23:32 r0wan daemon.err openvpn[2119]: 192.168.1.109:47019 TLS Error: TLS handshake failed


Code:

# vpn client

Fri Sep 19 13:22:31 2014 us=993546 OpenVPN 2.3.2 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Sep 12 2013
Fri Sep 19 13:22:31 2014 us=994122 Control Channel MTU parms [ L:1573 D:138 EF:38 EB:0 ET:0 EL:0 ]
Fri Sep 19 13:22:31 2014 us=994154 Socket Buffers: R=[124928->131072] S=[124928->131072]
Fri Sep 19 13:22:32 2014 us=63469 Data Channel MTU parms [ L:1573 D:1450 EF:41 EB:4 ET:32 EL:0 ]
Fri Sep 19 13:22:32 2014 us=63557 Local Options String: 'V4,dev-type tap,link-mtu 1573,tun-mtu 1532,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Fri Sep 19 13:22:32 2014 us=63575 Expected Remote Options String: 'V4,dev-type tap,link-mtu 1573,tun-mtu 1532,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Fri Sep 19 13:22:32 2014 us=63627 Local Options hash (VER=V4): '2c50bd2c'
Fri Sep 19 13:22:32 2014 us=63653 Expected Remote Options hash (VER=V4): '0ddbb6e3'
Fri Sep 19 13:22:32 2014 us=63681 UDPv4 link local: [undef]
Fri Sep 19 13:22:32 2014 us=63704 UDPv4 link remote: [AF_INET]76.113.198.55:1194
WWWWWFri Sep 19 13:23:32 2014 us=190255 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Sep 19 13:23:32 2014 us=190332 TLS Error: TLS handshake failed
Back to top View user's profile Send private message
Sponsor
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum