OpenVPN not working after update to 24.1

Started by LastMohawk, February 17, 2024, 02:23:22 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 17, 2024, 02:23:22 PM
Since the update to OPNsense 24.1.1-amd64 it is not possible to get a vpn connection.
I renewed all certificates but without success. I checked all settings but I even get the message:

TLS Error: TLS key negotiation failed to occur within 60 seconds

My backup opensense with OPNsense 23.7.10_1-amd64 works fine.

Is this perhabs a known problem?
February 17, 2024, 10:27:30 PM #1
My guess is that this is due to the change to OpenSSL3.

I have the same error with some OpenVPN connect versions. Did not have that problem before with pfSense.

To me this seems like the same problem here: https://forum.opnsense.org/index.php?topic=38078.msg190354#msg190354 but unfortunately did not get any answer either.
February 18, 2024, 04:32:33 PM #2
Not sure what the root problem was here, but I found a way to make it work.

Will leave this here, maybe this helps someone else.

1. You should not export the Archive but the file only! Archive will use unsupported .p12. I don't think this is ideal from OPNsense. In my opinion, OPNsense should offer a client export that works out of the box. pfSense not only will get you the right files but even add a compatible OpenVPN connect client installer on top.

2. For some reasons I don't understand, there was a DNS problem. Instead of resolving mydomain.hopto.org (no-ip) to my WAN, it resolved to a random IP in Turkey. Not sure why, nslookup on the same host resolved to the right ip.

3. By clicking advanced and setting Ciphers to 256 GCM even the warnings did go away.
Print
Go Up Pages1
User actions