[ previous ] [ next ] [ threads ]
 From:  Vincent Fleuranceau <vincent at bikost dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Cc:  Morten Trab <mailing at trab dot dk>
 Subject:  Re: [m0n0wall] OpenVPN get blocked in firewall
 Date:  Sun, 09 Jan 2005 23:41:24 +0100
Morten Trab a écrit :
> Hi,
> I'm trying to make OpenVPN in 1.2b3 work...
> Whenever trying to get the client to connect the following line get repeated
> in the firewall logs of m0n0wall:
> X WAN 80.197.xxx.xxx, port 5000 80.62.xxx.xxx, port 5000 UDP
> In my firewall I have the following rule under the WAN pane:
> UDP * * LAN net 5000 OpenVPN -> LAN
> How come the connections get blocked??
> The client keep saying the following:
> Sun Jan  9 21:48:22 2005 30[1]: TLS Error: TLS key negotiation failed to
> occur within 60 seconds
> Sun Jan  9 21:48:22 2005 31[1]: TLS Error: TLS handshake failed


All OpenVPN clients connect to the server which is litening on port 
5000. There must be a rule to allow this (note : 5000 is the DESTINATION 
port in the rule).

Assuming your are testing m0n0wall's OpenVPN client feature, there must 
be a rule for the server to reach the client, too. On a given host, the 
(first) OpenVPN client is listening on port 5001, the next client (on 
the same host) on port 5002, and so on. I hope your problem is here...


-- Vincent