Unable to connect over TUN - TLS error
Posted: Mon Jan 23, 2023 1:05 am
Downloaded and imported the following configuration from my Netgear Nighthawk router to my Android phone.
Pointed app to ca.crt client.crt and client.key
Attempted to connect:
I am able to connect from my laptop using OpenVPN and a TAP connection.
Any suggestions?
Thank you.
Code: Select all
client
dev tun
proto udp
remote xx.ddns.net 12973
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
cipher AES-128-CBC
comp-lzo
verb 5
Attempted to connect:
Code: Select all
2023-01-22 18:44:42 VpnClientPro-google-api27-release-1.01.27 (23010127)
2023-01-22 18:44:42 Connecting request by user
2023-01-22 18:44:42 Current Parameter Settings:
2023-01-22 18:44:42 config = '/data/user/0/it.colucciweb.vpnclientpro/files/temp/78a6d301-02e9-49ea-97d3-0f36add865a2.conf'
2023-01-22 18:44:42 mode = 0
2023-01-22 18:44:42 persist_config = DISABLED
2023-01-22 18:44:42 persist_mode = 1
2023-01-22 18:44:42 show_ciphers = DISABLED
2023-01-22 18:44:42 show_digests = DISABLED
2023-01-22 18:44:42 show_engines = DISABLED
2023-01-22 18:44:42 genkey = DISABLED
2023-01-22 18:44:42 key_pass_file = '[UNDEF]'
2023-01-22 18:44:42 show_tls_ciphers = DISABLED
2023-01-22 18:44:42 connect_retry_max = 0
2023-01-22 18:44:42 Connection profiles [0]:
2023-01-22 18:44:42 proto = udp
2023-01-22 18:44:42 local = '[UNDEF]'
2023-01-22 18:44:42 local_port = '[UNDEF]'
2023-01-22 18:44:42 remote = 'xx.ddns.net'
2023-01-22 18:44:42 remote_port = '12973'
2023-01-22 18:44:42 remote_float = DISABLED
2023-01-22 18:44:42 bind_defined = DISABLED
2023-01-22 18:44:42 bind_local = DISABLED
2023-01-22 18:44:42 bind_ipv6_only = DISABLED
2023-01-22 18:44:42 connect_retry_seconds = 5
2023-01-22 18:44:42 connect_timeout = 120
2023-01-22 18:44:42 xormethod = 0
2023-01-22 18:44:42 xormask = ''
2023-01-22 18:44:42 xormasklen = 0
2023-01-22 18:44:42 socks_proxy_server = '[UNDEF]'
2023-01-22 18:44:42 socks_proxy_port = '[UNDEF]'
2023-01-22 18:44:42 tun_mtu = 1500
2023-01-22 18:44:42 tun_mtu_defined = ENABLED
2023-01-22 18:44:42 link_mtu = 1500
2023-01-22 18:44:42 link_mtu_defined = DISABLED
2023-01-22 18:44:42 tun_mtu_extra = 0
2023-01-22 18:44:42 tun_mtu_extra_defined = DISABLED
2023-01-22 18:44:42 mtu_discover_type = -1
2023-01-22 18:44:42 fragment = 0
2023-01-22 18:44:42 mssfix = 1450
2023-01-22 18:44:42 explicit_exit_notification = 0
2023-01-22 18:44:42 Connection profiles END
2023-01-22 18:44:42 remote_random = DISABLED
2023-01-22 18:44:42 ipchange = '[UNDEF]'
2023-01-22 18:44:42 dev = 'tun'
2023-01-22 18:44:42 dev_type = '[UNDEF]'
2023-01-22 18:44:42 dev_node = '[UNDEF]'
2023-01-22 18:44:42 lladdr = '[UNDEF]'
2023-01-22 18:44:42 topology = 1
2023-01-22 18:44:42 ifconfig_local = '[UNDEF]'
2023-01-22 18:44:42 ifconfig_remote_netmask = '[UNDEF]'
2023-01-22 18:44:42 ifconfig_noexec = DISABLED
2023-01-22 18:44:42 ifconfig_nowarn = DISABLED
2023-01-22 18:44:42 ifconfig_ipv6_local = '[UNDEF]'
2023-01-22 18:44:42 ifconfig_ipv6_netbits = 0
2023-01-22 18:44:42 ifconfig_ipv6_remote = '[UNDEF]'
2023-01-22 18:44:42 shaper = 0
2023-01-22 18:44:42 mtu_test = 0
2023-01-22 18:44:42 mlock = DISABLED
2023-01-22 18:44:42 keepalive_ping = 0
2023-01-22 18:44:42 keepalive_timeout = 0
2023-01-22 18:44:42 inactivity_timeout = 0
2023-01-22 18:44:42 ping_send_timeout = 0
2023-01-22 18:44:42 ping_rec_timeout = 0
2023-01-22 18:44:42 ping_rec_timeout_action = 0
2023-01-22 18:44:42 ping_timer_remote = DISABLED
2023-01-22 18:44:42 remap_sigusr1 = 0
2023-01-22 18:44:42 persist_tun = DISABLED
2023-01-22 18:44:42 persist_local_ip = DISABLED
2023-01-22 18:44:42 persist_remote_ip = DISABLED
2023-01-22 18:44:42 persist_key = DISABLED
2023-01-22 18:44:42 passtos = DISABLED
2023-01-22 18:44:42 resolve_retry_seconds = 1000000000
2023-01-22 18:44:42 resolve_in_advance = DISABLED
2023-01-22 18:44:42 username = '[UNDEF]'
2023-01-22 18:44:42 groupname = '[UNDEF]'
2023-01-22 18:44:42 chroot_dir = '[UNDEF]'
2023-01-22 18:44:42 cd_dir = '[UNDEF]'
2023-01-22 18:44:42 writepid = '[UNDEF]'
2023-01-22 18:44:42 up_script = '[UNDEF]'
2023-01-22 18:44:42 down_script = '[UNDEF]'
2023-01-22 18:44:42 down_pre = DISABLED
2023-01-22 18:44:42 up_restart = DISABLED
2023-01-22 18:44:42 up_delay = DISABLED
2023-01-22 18:44:42 daemon = DISABLED
2023-01-22 18:44:42 inetd = 0
2023-01-22 18:44:42 log = DISABLED
2023-01-22 18:44:42 suppress_timestamps = ENABLED
2023-01-22 18:44:42 machine_readable_output = DISABLED
2023-01-22 18:44:42 nice = 0
2023-01-22 18:44:42 verbosity = 5
2023-01-22 18:44:42 mute = 0
2023-01-22 18:44:42 gremlin = 0
2023-01-22 18:44:42 status_file = '[UNDEF]'
2023-01-22 18:44:42 status_file_version = 1
2023-01-22 18:44:42 status_file_update_freq = 60
2023-01-22 18:44:42 occ = ENABLED
2023-01-22 18:44:42 rcvbuf = 0
2023-01-22 18:44:42 sndbuf = 0
2023-01-22 18:44:42 sockflags = 0
2023-01-22 18:44:42 fast_io = DISABLED
2023-01-22 18:44:42 comp.alg = 2
2023-01-22 18:44:42 comp.flags = 1
2023-01-22 18:44:42 route_script = '[UNDEF]'
2023-01-22 18:44:42 route_default_gateway = '[UNDEF]'
2023-01-22 18:44:42 route_default_metric = 0
2023-01-22 18:44:42 route_noexec = DISABLED
2023-01-22 18:44:42 route_delay = 0
2023-01-22 18:44:42 route_delay_window = 30
2023-01-22 18:44:42 route_delay_defined = DISABLED
2023-01-22 18:44:42 route_nopull = DISABLED
2023-01-22 18:44:42 route_gateway_via_dhcp = DISABLED
2023-01-22 18:44:42 allow_pull_fqdn = DISABLED
2023-01-22 18:44:42 shared_secret_file = '[UNDEF]'
2023-01-22 18:44:42 key_direction = not set
2023-01-22 18:44:42 ciphername = 'AES-128-CBC'
2023-01-22 18:44:42 ncp_enabled = ENABLED
2023-01-22 18:44:42 ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
2023-01-22 18:44:42 authname = 'SHA1'
2023-01-22 18:44:42 prng_hash = 'SHA1'
2023-01-22 18:44:42 prng_nonce_secret_len = 16
2023-01-22 18:44:42 keysize = 0
2023-01-22 18:44:42 engine = DISABLED
2023-01-22 18:44:42 replay = ENABLED
2023-01-22 18:44:42 mute_replay_warnings = DISABLED
2023-01-22 18:44:42 replay_window = 64
2023-01-22 18:44:42 replay_time = 15
2023-01-22 18:44:42 packet_id_file = '[UNDEF]'
2023-01-22 18:44:42 use_iv = ENABLED
2023-01-22 18:44:42 test_crypto = DISABLED
2023-01-22 18:44:42 tls_server = DISABLED
2023-01-22 18:44:42 tls_client = ENABLED
2023-01-22 18:44:42 key_method = 2
2023-01-22 18:44:42 ca_file = '[[INLINE]]'
2023-01-22 18:44:42 ca_path = '[UNDEF]'
2023-01-22 18:44:42 dh_file = '[UNDEF]'
2023-01-22 18:44:42 cert_file = '[[INLINE]]'
2023-01-22 18:44:42 extra_certs_file = '[UNDEF]'
2023-01-22 18:44:42 priv_key_file = '[[INLINE]]'
2023-01-22 18:44:42 pkcs12_file = '[UNDEF]'
2023-01-22 18:44:42 cipher_list = '[UNDEF]'
2023-01-22 18:44:42 cipher_list_tls13 = '[UNDEF]'
2023-01-22 18:44:42 tls_cert_profile = '[UNDEF]'
2023-01-22 18:44:42 tls_verify = '[UNDEF]'
2023-01-22 18:44:42 tls_export_cert = '[UNDEF]'
2023-01-22 18:44:42 verify_x509_type = 0
2023-01-22 18:44:42 verify_x509_name = '[UNDEF]'
2023-01-22 18:44:42 crl_file = '[UNDEF]'
2023-01-22 18:44:42 ns_cert_type = 0
2023-01-22 18:44:42 remote_cert_ku[i] = 0
2023-01-22 18:44:42 remote_cert_ku[i] = 0
2023-01-22 18:44:42 remote_cert_ku[i] = 0
2023-01-22 18:44:42 remote_cert_ku[i] = 0
2023-01-22 18:44:42 remote_cert_ku[i] = 0
2023-01-22 18:44:42 remote_cert_ku[i] = 0
2023-01-22 18:44:42 remote_cert_ku[i] = 0
2023-01-22 18:44:42 remote_cert_ku[i] = 0
2023-01-22 18:44:42 remote_cert_ku[i] = 0
2023-01-22 18:44:42 remote_cert_ku[i] = 0
2023-01-22 18:44:42 remote_cert_ku[i] = 0
2023-01-22 18:44:42 remote_cert_ku[i] = 0
2023-01-22 18:44:42 remote_cert_ku[i] = 0
2023-01-22 18:44:42 remote_cert_ku[i] = 0
2023-01-22 18:44:42 remote_cert_ku[i] = 0
2023-01-22 18:44:42 remote_cert_ku[i] = 0
2023-01-22 18:44:42 remote_cert_eku = '[UNDEF]'
2023-01-22 18:44:42 ssl_flags = 0
2023-01-22 18:44:42 tls_timeout = 2
2023-01-22 18:44:42 renegotiate_bytes = -1
2023-01-22 18:44:42 renegotiate_packets = 0
2023-01-22 18:44:42 renegotiate_seconds = 3600
2023-01-22 18:44:42 handshake_window = 60
2023-01-22 18:44:42 transition_window = 3600
2023-01-22 18:44:42 single_session = DISABLED
2023-01-22 18:44:42 push_peer_info = DISABLED
2023-01-22 18:44:42 tls_exit = DISABLED
2023-01-22 18:44:42 tls_auth_file = '[UNDEF]'
2023-01-22 18:44:42 tls_crypt_file = '[UNDEF]'
2023-01-22 18:44:42 client = ENABLED
2023-01-22 18:44:42 pull = ENABLED
2023-01-22 18:44:42 auth_user_pass_file = '[UNDEF]'
2023-01-22 18:44:42 OpenVPN 2.4.9 android-arm64-v8a [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 7 2022
2023-01-22 18:44:42 library versions: OpenSSL 1.1.1s 1 Nov 2022, LZO 2.10
2023-01-22 18:44:42 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2023-01-22 18:44:42 LZO compression initializing
2023-01-22 18:44:42 Control Channel MTU parms [ L:1622 D:1212 EF:38 EB:0 ET:0 EL:3 ]
2023-01-22 18:44:42 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
2023-01-22 18:44:42 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
2023-01-22 18:44:42 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
2023-01-22 18:44:42 TCP/UDP: Preserving recently used remote address: [AF_INET]73.12.x.x:12973
2023-01-22 18:44:42 Socket Buffers: R=[229376->229376] S=[229376->229376]
2023-01-22 18:44:42 UDPv4 link local: (not bound)
2023-01-22 18:44:42 UDPv4 link remote: [AF_INET]73.12.x.x:12973
2023-01-22 18:44:42 W
2023-01-22 18:44:45 W
2023-01-22 18:44:49 W
2023-01-22 18:44:57 W
2023-01-22 18:45:13 W
2023-01-22 18:45:43 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2023-01-22 18:45:43 TLS Error: TLS handshake failed
2023-01-22 18:45:43 TCP/UDP: Closing socket
2023-01-22 18:45:43 SIGUSR1[soft,tls-error] received, process restarting
2023-01-22 18:45:43 Restart pause, 5 second(s)
2023-01-22 18:45:48 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2023-01-22 18:45:48 LZO compression initializing
2023-01-22 18:45:48 Control Channel MTU parms [ L:1622 D:1212 EF:38 EB:0 ET:0 EL:3 ]
2023-01-22 18:45:48 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
2023-01-22 18:45:48 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
2023-01-22 18:45:48 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
2023-01-22 18:45:48 TCP/UDP: Preserving recently used remote address: [AF_INET]73.12.x.x:12973
2023-01-22 18:45:48 Socket Buffers: R=[229376->229376] S=[229376->229376]
2023-01-22 18:45:48 UDPv4 link local: (not bound)
2023-01-22 18:45:48 UDPv4 link remote: [AF_INET]73.12.x.x:12973
2023-01-22 18:45:48 W
2023-01-22 18:45:50 W
2023-01-22 18:45:54 W
2023-01-22 18:46:02 W
2023-01-22 18:46:18 W
2023-01-22 18:51:10 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2023-01-22 18:51:10 TLS Error: TLS handshake failed
2023-01-22 18:51:10 TCP/UDP: Closing socket
2023-01-22 18:51:10 SIGUSR1[soft,tls-error] received, process restarting
2023-01-22 18:51:10 Restart pause, 5 second(s)
2023-01-22 18:51:15 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2023-01-22 18:51:15 LZO compression initializing
2023-01-22 18:51:15 Control Channel MTU parms [ L:1622 D:1212 EF:38 EB:0 ET:0 EL:3 ]
2023-01-22 18:51:15 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
2023-01-22 18:51:15 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
2023-01-22 18:51:15 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
2023-01-22 18:51:15 TCP/UDP: Preserving recently used remote address: [AF_INET]73.12.x.x:12973
2023-01-22 18:51:15 Socket Buffers: R=[229376->229376] S=[229376->229376]
2023-01-22 18:51:15 UDPv4 link local: (not bound)
2023-01-22 18:51:15 UDPv4 link remote: [AF_INET]73.12.x.x:12973
2023-01-22 18:51:15 W
2023-01-22 18:51:17 W
2023-01-22 18:51:21 W
2023-01-22 18:51:29 W
2023-01-22 18:51:39 Disconnecting request by user
2023-01-22 18:51:39 Disconnecting...
2023-01-22 18:51:39 TCP/UDP: Closing socket
2023-01-22 18:51:39 SIGINT[soft,] received, process exiting
I am able to connect from my laptop using OpenVPN and a TAP connection.
Any suggestions?
Thank you.