[SOLVED] TLS error (OpenVPN) on Buster

Kernels & Hardware, configuring network, installing services

[SOLVED] TLS error (OpenVPN) on Buster

Postby GabrieleMax » 2018-11-07 13:01

Hi everybody!

I got a Debian Buster server (without desktop) where I have OpenVPN+SSL, when I use two smartphones with android I can connect to the server but on a client with Debian Buster+KDE I got a TLS error and I can't understand why it happens...

GabrieleMax
Last edited by GabrieleMax on 2018-12-05 14:55, edited 1 time in total.
GabrieleMax
 
Posts: 63
Joined: 2016-09-07 20:24
Location: Senigallia

Re: TLS error (OpenVPN) on Buster

Postby bw123 » 2018-11-08 02:22

Wow, that's bad. I hate that for ya. You really need to give a better problem description. Why are you using testing?
User avatar
bw123
 
Posts: 3585
Joined: 2011-05-09 06:02
Location: TN_USA

Re: TLS error (OpenVPN) on Buster

Postby Bulkley » 2018-11-08 03:11

You're running a server on a testing platform? There's a recipe for problems.
Bulkley
 
Posts: 5668
Joined: 2006-02-11 18:35

Re: TLS error (OpenVPN) on Buster

Postby GabrieleMax » 2018-11-08 07:27

This is the openvpn configuration:
Code: Select all
tls-crypt /etc/openvpn/easy-rsa/keys/ta.key 0 # This file is secret
auth SHA512    # This needs to be in client.ovpn too though.
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
ncp-ciphers AES-256-GCM:AES-256-CBC

Here below you can read the error of my debian client:
Code: Select all
Sun Nov  4 21:36:37 2018 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sun Nov  4 21:36:37 2018 TLS Error: TLS handshake failed
Sun Nov  4 21:36:37 2018 SIGUSR1[soft,tls-error] received, process restarting

I remember I had a quite close issue in another Debian Buster client, I remember I installed a packet but... I don't remember which packet! :)
GabrieleMax
 
Posts: 63
Joined: 2016-09-07 20:24
Location: Senigallia

[SOLVED] TLS error (OpenVPN) on Buster

Postby GabrieleMax » 2018-12-05 14:53

I solved the problem:
Code: Select all
tls-crypt ta.key 1
cipher AES-256-GCM
auth SHA512
auth-nocache
comp-lzo adaptive


And I installed on KDE:
Code: Select all
network-manager-openvpn
GabrieleMax
 
Posts: 63
Joined: 2016-09-07 20:24
Location: Senigallia


Return to System configuration

Who is online

Users browsing this forum: No registered users and 6 guests

fashionable