OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 16.1 Legacy Series »
  • new to OPNSense
« previous next »
  • Print
Pages: [1]

Author Topic: new to OPNSense  (Read 4335 times)

Julien

  • Hero Member
  • *****
  • Posts: 651
  • Karma: 32
    • View Profile
new to OPNSense
« on: June 29, 2016, 12:01:03 am »
Hi Guys,
we are new to the products, we finally our contract with the Cisco and been using pfsense for over 7 years , al our customers are happy with pfsense.
today we have contacted the OPNSense team so they advised us to try it before start deploying it .
the issue now is i can't get the openvpn with two factor authentication .
i've followed the link as explained https://docs.opnsense.org/manual/how-tos/sslvpn_client.html?highlight=vpn but its keeps failing on tls handshake .
on this step :
Code: [Select]
Create a Certificate

After creating the Authority we will also need a certificate. To create a new certificate, go to System->Trust->Certificates and click add or import certificate in the upper right corner of the form.

Fill in the form with (leave the rest default):

Click Save to create the certificate.
should we create a user or server certificate this step is unclear


can someone point me why ?
« Last Edit: June 29, 2016, 12:09:01 am by jamerson »
Logged
An intelligent man is sometimes forced to be drunk to spend time with his fool.

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13624
  • Karma: 1171
    • View Profile
Re: new to OPNSense
« Reply #1 on: June 29, 2016, 07:34:38 am »
Hi jamerson,

This should be a server certificate as suggested later on: SSLVPN Server Certificate (CA: SSL VPN CA).

Do you have any logs associated with this TLS failure incident we could use to troubleshoot more?


Cheers,
Franco
Logged

Julien

  • Hero Member
  • *****
  • Posts: 651
  • Karma: 32
    • View Profile
Re: new to OPNSense
« Reply #2 on: June 29, 2016, 08:25:28 am »
Thank you for trying to help me.
the logo I could find now after some editing .
waiting for your answer
Quote
Wed Jun 29 13:49:41 2016 OpenVPN 2.3.11 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on May 10 2016
Wed Jun 29 13:49:41 2016 Windows version 6.2 (Windows 8 or greater) 64bit
Wed Jun 29 13:49:41 2016 library versions: OpenSSL 1.0.1t  3 May 2016, LZO 2.09
Wed Jun 29 13:50:00 2016 Control Channel Authentication: using 'firewall-udp-1194-vpn-ssl-tls.key' as a OpenVPN static key file
Wed Jun 29 13:50:00 2016 UDPv4 link local (bound): [undef]
Wed Jun 29 13:50:00 2016 UDPv4 link remote: [AF_INET]192.168.1.100:1194
Wed Jun 29 13:51:00 2016 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Jun 29 13:51:00 2016 TLS Error: TLS handshake failed
Wed Jun 29 13:51:00 2016 SIGUSR1[soft,tls-error] received, process restarting
Wed Jun 29 13:51:02 2016 UDPv4 link local (bound): [undef]
Wed Jun 29 13:51:02 2016 UDPv4 link remote: [AF_INET]192.168.1.100:1194
« Last Edit: June 29, 2016, 01:54:21 pm by jamerson »
Logged
An intelligent man is sometimes forced to be drunk to spend time with his fool.

Julien

  • Hero Member
  • *****
  • Posts: 651
  • Karma: 32
    • View Profile
Re: new to OPNSense
« Reply #3 on: June 29, 2016, 05:29:52 pm »
i managed to fix this,
Begon networks were blocked .has to disable this
Logged
An intelligent man is sometimes forced to be drunk to spend time with his fool.

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13624
  • Karma: 1171
    • View Profile
Re: new to OPNSense
« Reply #4 on: June 29, 2016, 07:20:32 pm »
A bit unexpected, but glad this is solved.  :)
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 16.1 Legacy Series »
  • new to OPNSense
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2