[solved]openvpn -TLS key negotiation failed to occur within 60 seconds

zfish00 · 2013-05-02 03:56:48

This is the error log

----
Thu May 2 01:05:14 2013 218.86.195.206:28387 TLS: Initial packet from [AF_INET]218.86.195.206:28387, sid=86eac8aa 05140769
Thu May 2 01:06:14 2013 218.86.195.206:28280 TLS: Initial packet from [AF_INET]218.86.195.206:28280, sid=aa44605d 2b4edba3
Thu May 2 01:06:14 2013 218.86.195.206:28387 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu May 2 01:06:14 2013 218.86.195.206:28387 TLS Error: TLS handshake failed
Thu May 2 01:06:14 2013 218.86.195.206:28387 SIGUSR1[soft,tls-error] received, client-instance restarting

----

and this is my openvpn config

----

port 11994
proto udp
dev tun

# SSL/TLS
ca /etc/openvpn/ca.crt
cert /etc/openvpn/zfish.crt
key /etc/openvpn/zfish.key

tls-auth /etc/openvpn/ta.key 0

# Diffie hellman parameters
dh /etc/openvpn/dh2048.pem
script-security 2
keepalive 10 120
comp-lzo
# VPN subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist /etc/openvpn/ipp.txt
persist-key
persist-tun
status /var/log/openvpn-status.log
verb 3
push "redirect-gateway def1"
push "dhcp-option DNS 10.8.0.1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 4.4.4.4"
#push "dhcp-option DNS 208.67.222.222"

-----

and this is my andriod client config

----
#!/bin/sh
client

dev tun
proto udp
remote 106.187.49.162 11994
nobind
persist-key
persist-tun
ca ca.crt
cert MX2.crt
key MX2.key

tls-auth ta.key 1
auth-user-pass

verb 3

----

Please help me, Thanks very much!

Last edited by zfish00 (2013-05-02 17:02:21)

ub1quit33 · 2013-05-02 05:05:18

I have some experience with OpenVPN, but it's been mostly successful, so I can't promise you results in this troubleshoot.... but I'll give it a shot.

How did you generate the keys you're using?

zfish00 · 2013-05-02 05:22:38

ub1quit33 wrote:

I have some experience with OpenVPN, but it's been mostly successful, so I can't promise you results in this troubleshoot.... but I'll give it a shot.
How did you generate the keys you're using?

thanks for replying!

I did these step:

# cd /etc/openvpn/easy-rsa
# source ./vars
# ./clean-all
# ./build-ca
# ./build-key-server zfish
# ./build-dh
# ./build-key MX2

ub1quit33 · 2013-05-02 06:28:37

What are you attempting with this VPN connection? Are you attempting to connect an Android client to an Arch Linux OpenVPN server?

zfish00 · 2013-05-02 06:46:22

ub1quit33 wrote:

What are you attempting with this VPN connection? Are you attempting to connect an Android client to an Arch Linux OpenVPN server?

I am in china, beacause china have the GFW, so many website such as facebook and twitter, I cannot access these websites, I have a linode VPS in Japan, So I want to use openvpn in my vps to broke the GFW, and my phone is Android 4.1, my vps is Archlinux server , but the problem is I cannot connect my openvpn in my Andriod. So Please help me, thank you very much!

Last edited by zfish00 (2013-05-02 06:47:08)

zfish00 · 2013-05-02 07:03:46

zfish00 wrote:

ub1quit33 wrote:
What are you attempting with this VPN connection? Are you attempting to connect an Android client to an Arch Linux OpenVPN server?
I am in china, beacause china have the GFW, so many website such as facebook and twitter, I cannot access these websites, I have a linode VPS in Japan, So I want to use openvpn in my vps to broke the GFW, and my phone is Android 4.1, my vps is Archlinux server , but the problem is I cannot connect my openvpn in my Andriod. So Please help me, thank you very much!

Thanks for helping, the problem is solved! I just change the openvpn port and It just works! Maybe the GFW is terrible and great!

ub1quit33 · 2013-05-02 16:58:18

Glad to hear you figured it out! Please edit your original post and put [solved] in front of the topic so anyone encountering a similar issue can reference this in the future

zfish00 · 2013-05-02 17:03:39

ub1quit33 wrote:

Glad to hear you figured it out! Please edit your original post and put [solved] in front of the topic so anyone encountering a similar issue can reference this in the future

ok， thanks!

Arch Linux

#1 2013-05-02 03:56:48

[solved]openvpn -TLS key negotiation failed to occur within 60 seconds

#2 2013-05-02 05:05:18

Re: [solved]openvpn -TLS key negotiation failed to occur within 60 seconds

#3 2013-05-02 05:22:38

Re: [solved]openvpn -TLS key negotiation failed to occur within 60 seconds

#4 2013-05-02 06:28:37

Re: [solved]openvpn -TLS key negotiation failed to occur within 60 seconds

#5 2013-05-02 06:46:22

Re: [solved]openvpn -TLS key negotiation failed to occur within 60 seconds

#6 2013-05-02 07:03:46

Re: [solved]openvpn -TLS key negotiation failed to occur within 60 seconds

#7 2013-05-02 16:58:18

Re: [solved]openvpn -TLS key negotiation failed to occur within 60 seconds

#8 2013-05-02 17:03:39

Re: [solved]openvpn -TLS key negotiation failed to occur within 60 seconds

Board footer