Hi everybody!
I got a Debian Buster server (without desktop) where I have OpenVPN+SSL, when I use two smartphones with android I can connect to the server but on a client with Debian Buster+KDE I got a TLS error and I can't understand why it happens...
GabrieleMax
Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
[SOLVED] TLS error (OpenVPN) on Buster
-
- Posts: 126
- Joined: 2016-09-07 20:24
- Location: Senigallia (AN) - Italy
- Has thanked: 4 times
- Been thanked: 1 time
- Contact:
[SOLVED] TLS error (OpenVPN) on Buster
Last edited by GabrieleMax on 2018-12-05 14:55, edited 1 time in total.
-
- Posts: 126
- Joined: 2016-09-07 20:24
- Location: Senigallia (AN) - Italy
- Has thanked: 4 times
- Been thanked: 1 time
- Contact:
Re: TLS error (OpenVPN) on Buster
This is the openvpn configuration:
Here below you can read the error of my debian client:
I remember I had a quite close issue in another Debian Buster client, I remember I installed a packet but... I don't remember which packet!
Code: Select all
tls-crypt /etc/openvpn/easy-rsa/keys/ta.key 0 # This file is secret
auth SHA512 # This needs to be in client.ovpn too though.
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
ncp-ciphers AES-256-GCM:AES-256-CBC
Code: Select all
Sun Nov 4 21:36:37 2018 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sun Nov 4 21:36:37 2018 TLS Error: TLS handshake failed
Sun Nov 4 21:36:37 2018 SIGUSR1[soft,tls-error] received, process restarting
-
- Posts: 126
- Joined: 2016-09-07 20:24
- Location: Senigallia (AN) - Italy
- Has thanked: 4 times
- Been thanked: 1 time
- Contact:
[SOLVED] TLS error (OpenVPN) on Buster
I solved the problem:
And I installed on KDE:
Code: Select all
tls-crypt ta.key 1
cipher AES-256-GCM
auth SHA512
auth-nocache
comp-lzo adaptive
Code: Select all
network-manager-openvpn