Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

[SOLVED] TLS error (OpenVPN) on Buster

Linux Kernel, Network, and Services configuration.
Post Reply
Message
Author
GabrieleMax
Posts: 126
Joined: 2016-09-07 20:24
Location: Senigallia (AN) - Italy
Has thanked: 4 times
Been thanked: 1 time
Contact:

[SOLVED] TLS error (OpenVPN) on Buster

#1 Post by GabrieleMax »

Hi everybody!

I got a Debian Buster server (without desktop) where I have OpenVPN+SSL, when I use two smartphones with android I can connect to the server but on a client with Debian Buster+KDE I got a TLS error and I can't understand why it happens...

GabrieleMax
Last edited by GabrieleMax on 2018-12-05 14:55, edited 1 time in total.

User avatar
bw123
Posts: 4015
Joined: 2011-05-09 06:02
Has thanked: 1 time
Been thanked: 28 times

Re: TLS error (OpenVPN) on Buster

#2 Post by bw123 »

Wow, that's bad. I hate that for ya. You really need to give a better problem description. Why are you using testing?
resigned by AI ChatGPT

Bulkley
Posts: 6383
Joined: 2006-02-11 18:35
Has thanked: 2 times
Been thanked: 39 times

Re: TLS error (OpenVPN) on Buster

#3 Post by Bulkley »

You're running a server on a testing platform? There's a recipe for problems.

GabrieleMax
Posts: 126
Joined: 2016-09-07 20:24
Location: Senigallia (AN) - Italy
Has thanked: 4 times
Been thanked: 1 time
Contact:

Re: TLS error (OpenVPN) on Buster

#4 Post by GabrieleMax »

This is the openvpn configuration:

Code: Select all

tls-crypt /etc/openvpn/easy-rsa/keys/ta.key 0 # This file is secret
auth SHA512    # This needs to be in client.ovpn too though.
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
ncp-ciphers AES-256-GCM:AES-256-CBC 
Here below you can read the error of my debian client:

Code: Select all

Sun Nov  4 21:36:37 2018 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sun Nov  4 21:36:37 2018 TLS Error: TLS handshake failed
Sun Nov  4 21:36:37 2018 SIGUSR1[soft,tls-error] received, process restarting
I remember I had a quite close issue in another Debian Buster client, I remember I installed a packet but... I don't remember which packet! :)

GabrieleMax
Posts: 126
Joined: 2016-09-07 20:24
Location: Senigallia (AN) - Italy
Has thanked: 4 times
Been thanked: 1 time
Contact:

[SOLVED] TLS error (OpenVPN) on Buster

#5 Post by GabrieleMax »

I solved the problem:

Code: Select all

tls-crypt ta.key 1
cipher AES-256-GCM
auth SHA512
auth-nocache
comp-lzo adaptive
And I installed on KDE:

Code: Select all

network-manager-openvpn

Post Reply