FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
406 views 3 comments
by

Upgrading our RUTX11 to R_00.02.05.1 breaks our openvpn connections with the following error on our Sophos UTM:

2020:11:18-21:25:37 gw03-1 openvpn[12747]: 172.17.11.60:47332 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

2020:11:18-21:25:37 gw03-1 openvpn[12747]: 172.17.11.60:47332 TLS Error: TLS handshake failed

2020:11:18-21:25:37 gw03-1 openvpn[12747]: 172.17.11.60:47332 SIGUSR1[soft,tls-error] received, client-instance restarting



Factory resetting RUTX11 to clear all setting and trying the latest firmware doesn't work either. Certs are ok.
Reverting back to previous firmware works although we do have to reload the previous config as it wipes everything going backwards.


Any ideas?

1 Answer

0 votes
by anonymous

Hello

2020:11:18-21:25:37 gw03-1 openvpn[12747]: 172.17.11.60:47332 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

From your logs, I can see that there is something wrong with your authentication.

https://openvpn.net/faq/tls-error-tls-key-negotiation-failed-to-occur-within-60-seconds-check-your-network-connectivity/

Сheck if the authentication protocols were the same on both sides and check your certificates to make sure they were generated correctly.

Regards.

by
That's correct. Everything was the same as before and confirmed. Upgrading breaks that connection. Downgrading and putting the settings in manually (as they get wiped by a downgrade works) using the same certs & credentials.
I've reset, uprgraded twice, put the settings in manually on upgrades as well as downgrades and it doesn't work on the new firmware. Tried this on 2 different devices too and can replicate that issue on both.
by anonymous

Hi

I tested the rutx11 as a client with the latest firmware version RUTX_R_00.02.05.2, the connection to the server was successful. Please update the device to the latest version and try again, if the issue persists, send me a troubleshoot file via PM.

Regards.

by anonymous

Hi,

So my boss has bought me our "testbed" RutX11 and I have to prove its fit for our purpose. 

OpenVPN from the GUI in firmware RUTX_R_00.07.00 is - yet again - seemingly completely broken ?

So I uploaded the .OVPN file and the P12 certificate into /etc/openvpn and ran it from the command line 

openvpn my_conf_file.ovpn 

asks me for the P12 password ...

lots of good data... 

"Initialisation sequence completed" 

I am connected! 

So theres nothing wrong with my uploaded .ovpn config or my P12 !

But no - the GUI still says "disconnected" 

Is this the same issue as the current build of the RUT955 (which also doesnt work from the GUI) and I need
to downgrade to the earlier firmware ? 

Where do we go from here please ? 

Regards 

The somewhat unhappy , somewhat thinking "here we are again" 

BB !