new to OPNSense

Started by Julien, June 29, 2016, 12:01:03 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 29, 2016, 12:01:03 AM Last Edit: June 29, 2016, 12:09:01 AM by jamerson
Hi Guys,
we are new to the products, we finally our contract with the Cisco and been using pfsense for over 7 years , al our customers are happy with pfsense.
today we have contacted the OPNSense team so they advised us to try it before start deploying it .
the issue now is i can't get the openvpn with two factor authentication .
i've followed the link as explained https://docs.opnsense.org/manual/how-tos/sslvpn_client.html?highlight=vpn but its keeps failing on tls handshake .
on this step :
Code Select
Create a Certificate

After creating the Authority we will also need a certificate. To create a new certificate, go to System->Trust->Certificates and click add or import certificate in the upper right corner of the form.

Fill in the form with (leave the rest default):

Click Save to create the certificate.
should we create a user or server certificate this step is unclear


can someone point me why ?
DEC4240 – OPNsense Owner
June 29, 2016, 07:34:38 AM #1
Hi jamerson,

This should be a server certificate as suggested later on: SSLVPN Server Certificate (CA: SSL VPN CA).

Do you have any logs associated with this TLS failure incident we could use to troubleshoot more?


Cheers,
Franco
June 29, 2016, 08:25:28 AM #2 Last Edit: June 29, 2016, 01:54:21 PM by jamerson
Thank you for trying to help me.
the logo I could find now after some editing .
waiting for your answer
QuoteWed Jun 29 13:49:41 2016 OpenVPN 2.3.11 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on May 10 2016
Wed Jun 29 13:49:41 2016 Windows version 6.2 (Windows 8 or greater) 64bit
Wed Jun 29 13:49:41 2016 library versions: OpenSSL 1.0.1t  3 May 2016, LZO 2.09
Wed Jun 29 13:50:00 2016 Control Channel Authentication: using 'firewall-udp-1194-vpn-ssl-tls.key' as a OpenVPN static key file
Wed Jun 29 13:50:00 2016 UDPv4 link local (bound): [undef]
Wed Jun 29 13:50:00 2016 UDPv4 link remote: [AF_INET]192.168.1.100:1194
Wed Jun 29 13:51:00 2016 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Jun 29 13:51:00 2016 TLS Error: TLS handshake failed
Wed Jun 29 13:51:00 2016 SIGUSR1[soft,tls-error] received, process restarting
Wed Jun 29 13:51:02 2016 UDPv4 link local (bound): [undef]
Wed Jun 29 13:51:02 2016 UDPv4 link remote: [AF_INET]192.168.1.100:1194
DEC4240 – OPNsense Owner
June 29, 2016, 05:29:52 PM #3
i managed to fix this,
Begon networks were blocked .has to disable this
DEC4240 – OPNsense Owner
June 29, 2016, 07:20:32 PM #4
A bit unexpected, but glad this is solved.  :)
Print
Go Up Pages1
User actions