0

I'm having an issue using the Viscosity OpenVPN client on a network behind a pfSense firewall. I'm unable to connect to my office vpn from this particular network, however the connection works just fine from other networks. Below is a log from Viscosity showing the error with our IP Address redacted. Any help would be appreciated. 

Jan 03 12:21:38: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Jan 03 12:21:38: Re-using SSL/TLS context
Jan 03 12:21:38: LZO compression initialized
Jan 03 12:21:38: UDPv4 link local: [undef]
Jan 03 12:21:38: UDPv4 link remote: redacted:1196
Jan 03 12:22:38: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jan 03 12:22:38: TLS Error: TLS handshake failed
Jan 03 12:22:38: SIGUSR1[soft,tls-error] received, process restarting
kirps
  • 101
  • 2

1 Answers1

2

Hard to tell definitively without seeing the server log too, but usually logs along those lines means the client can't communicate with the server on UDP 1196. Without knowing more about the setup as a whole it's impossible to pinpoint a cause, but in general the following are the most likely:

  • if you have egress filtering employed on your pfSense, you could be blocking outbound UDP 1196. Packet capture on WAN to ensure it's leaving, if it is, you've ruled out pfSense at least.
  • something upstream from you (DSL modem, similar), or on your ISP's network, is blocking the traffic. Packet capture on the server would tell you whether the traffic is getting there, my guess is it isn't.
  • something server-side is blocking the traffic, such as source IP restrictions on the server itself, a firewall, or something else potentially applying such restrictions.
Chris Buechler
  • 2,938
  • 14
  • 18