[ previous ] [ next ] [ threads ]
 
 From:  Vincent Fleuranceau <vincent at bikost dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] OpenVPN problem
 Date:  Sat, 22 Jan 2005 21:42:57 +0100
> Hello,
> 
> I want to test the OpenVPN om m0n0wall.
> 
> However I encounter a problem which occurs on all
> the following version:
> 1.2b2
> 1.2b3
> 1.2b3o
> 
> I am using the CF version on a generic-pc with a wan and a lan interface.
> 
> wan -> 10.0.0.100
> Lan -> 192.168.10.254
> OpenVPN 10.0.10.0/24
> 
> The problem is that when I connect I see the connection is build up
> in the log of the incomming firewall. There is also some exchange of 
> data but no VPN connection.
> 
> In the system log file there is the following:(newest on top)
> 
> openvpn[986]: 10.0.0.200:1194 write UDPv4: No route to host (code=65)
> openvpn[986]: 10.0.0.200:1194 write UDPv4: No route to host (code=65)
> openvpn[986]: 10.0.0.200:1194 Re-using SSL/TLS context
> openvpn[986]: 10.0.0.200:1194 Re-using SSL/TLS context
> openvpn[986]: 10.0.0.200:1194 TLS Error: TLS handshake failed
> openvpn[986]: 10.0.0.200:1194 TLS Error: TLS handshake failed
> openvpn[986]: 10.0.0.200:1194 TLS Error: TLS key negotiation failed to 
> occur within 60 seconds (check your network connectivity)
> last message repeated 33 times
> openvpn[986]: 10.0.0.200:1194 TLS Error: TLS key negotiation failed to 
> occur within 60 seconds (check your network connectivity)
> last message repeated 33 times
> last message repeated 23 times
> last message repeated 23 times
> openvpn[986]: 10.0.0.200:1194 write UDPv4: No route to host (code=65)
> openvpn[986]: 10.0.0.200:1194 write UDPv4: No route to host (code=65)
> openvpn[986]: 10.0.0.200:1194 Re-using SSL/TLS context
> openvpn[986]: 10.0.0.200:1194 Re-using SSL/TLS context
> 
> 10.0.0.200 is the host which is trying to connect.
> 
> Can someone inform me where to find the solution for this problem?
> 

Did you set the firewall rules to allow the client(s) to connect to the
server?

FYI: by default, the server is listening on port 5000 and the (first)
client is listening on port 5001. If you need all the details, take a
look at:

http://m0n0.ch/wall/list/?action=show_msg&actionargs[]=103&actionargs[]=58

-- Vincent