Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
OpenVPN client cannot connect
« previous
next »
Print
Pages: [
1
]
Author
Topic: OpenVPN client cannot connect (Read 2699 times)
medium_grade
Newbie
Posts: 2
Karma: 0
OpenVPN client cannot connect
«
on:
February 12, 2021, 08:31:27 pm »
Greetings!
I am new to Opnsense, but I am a long time user of Pfsense so a lot of the fundamentals are familiar to me.
I am trying to setup my first OpenVPN server, but I am getting timeouts when trying to make an inbound connection. I don't see any errors on my client end except "TLS key negotiation failed to occur within 60 seconds."
Here is my setup:
LAN: 10.99.10.0/24
WAN: DHCP (using DDNS)
Server Mode: Remote Access (SSL/TLS + User Auth)
Backend for authentication: Local Database
Enforce local group: (none)
Protocol: UDP4
Device Mode: tun
Interface: WAN
Local port: 1194
DH Parameters Length: 2048 bit
Encryption algorithm: AES-256-CBC
Auth Digest Algorithm: SAH256
Hardware Crypto: No Hardware Crypto
Certificate Depth One
IPv4 Tunnel Network: 10.2.0.0/24
Redirect Gateway: Unchecked
IPv4 Local Network: 10.99.10.0/24
Firewall Rule (WAN)
Protocol: IPv4 UDP
Source: *
Port: *
Destination: WAN address
Port: 1194
Firewall Rule (OpenVPN)
Protocol: IPv4+6*
Source: *
Port: *
Destination: *
Port: *
Yes, I have verified that the DDNS host I am using is resolving to the correct IP as I can enable all inbound traffic and reach the web interface from that hostname. I had a Pfsense box here previously in which OpenVPN worked fine so I do not believe it is anything on the ISP side. Any ideas?
Logged
chemlud
Hero Member
Posts: 2486
Karma: 112
Re: OpenVPN client cannot connect
«
Reply #1 on:
February 12, 2021, 08:52:01 pm »
Do you see traffic on port 1194? Just for testing maybe try "shared key"...
Logged
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare
felix eichhorns premium katzenfutter mit der extraportion energie
A router is not a switch - A router is not a switch - A router is not a switch - A rou....
medium_grade
Newbie
Posts: 2
Karma: 0
Re: OpenVPN client cannot connect
«
Reply #2 on:
February 13, 2021, 06:26:49 pm »
Shared key only seems to be an option with a peer-to-peer connection. Will that work?
Logged
Gauss23
Hero Member
Posts: 766
Karma: 39
Re: OpenVPN client cannot connect
«
Reply #3 on:
February 16, 2021, 10:26:55 am »
How did you create the config file for the client? TLS Key negotiation sound like a wrong tls auth/crypt info in the config file.
You can enable logging on the WAN rule allowing traffic to port 1194. You should the see the connections in Firewall:Log files:Live view
Logged
„The S in IoT stands for Security!“
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
OpenVPN client cannot connect