Road Warrior - no connection from Client to server / No TLS negotiation

[redskate]

Dear all

PREMISE:
I am trying to setup an openVPN connection between my home network (firewalled by OpenSense) and an UMTS-wifi-connected miniPC with ubuntu22 and relative (built-in) OpenVPN 2.5.9 client.
I have been operating this nice firewall since 2021 without problems, have 2 LANS.
The firewall version is OPNsense 23.7.9-amd64.

For this I followed 1:1 the nice guide on https://docs.opnsense.org/manual/how-tos/sslvpn_instance_roadwarrior.html - setup CA, certificate and user, setup a server instance on port 1194 and created ONE SINGLE WAN rule for 1194 precisely as indicated in the guide. The WAN interface allows local networks.

On the miniPC there is no firewall (hence 1194 goes through) for the moment.

On this miniPC I can start an OpenVPN session using an ovpn file coming from my synology simple VPN - which is not so performant but does function! This VPN works on port 1197. The nc command opens the server ip on port 1197, so until there a connection can be shown. From the logs it shows a TLS negiotiation error. Here I examined every certificate and the unique static key. Everything shows to me OK.

PROBLEM:
The OpenVPN client starts but gets an error on TLS negotiation and a timeout after 60 seconds and it stops.

QESTIONS:
1) why does the client get no "response" from the server when it connects?
2) is this guide COMPLETE? What might have been omitted here (considering a nearly-newbie like I am)
3) what should I try to do to get this config running ? Do I have to setup more rules?
4) why under OpenVPN->servers I did not have to create any server? (no servers showing up here)
5) what logs do you need to figure out better what is (not) working (I will attach the client logs for (hopefully) more clarity).
6) which guide is better to setup a running RoadWarrier OpenVPN  ?

Thanks a lot for any hint or solution

[redskate]

I added here the server instance (jpg)
And the ovpn file