thanks for your assistance. I have followed that and it doesn't seem to work. Please can you examine my setup below for any obvious errors? (note that I have it running seamlessly if the RUT955 is the client and my laptop is the server).
Laptop as client on public static IP but behind office router. Router ports opened for UDP and TCP on 1194 to my laptop.
RUT is on a fixed public IP and configured as vpn server. Firmware version is RUT9XX_R_00.05.03.3 Here is screenshot of RUT set up
10.143.100.0 255.255.255.0 is the lan behind the rut955.
I did not set anything up under TLS clients as I only want the clients to be able to see the RUT LAN.
I have tried with and without the Push Route option.
When it is enabled and running the STATUS-NETWORK-OPENVPN tab on the WebUI says it is connected and sat on IP 10.250.0.1
here is the OVPN file from the laptop. Laptop is running windows 10 with latest OpenVPN installed.
client
dev tun
proto udp
remote DELETED.BY.ME.201 1194
route 10.250.0.0 255.255.255.255
resolv-retry infinite
nobind
persist-key
persist-tun
<ca>
-----BEGIN CERTIFICATE-----
DELETED BY ME
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
DELETED BY ME
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
DELETED BY ME
-----END PRIVATE KEY-----
</key>
# I GET A WARNING ON OPEN VPN SO I'VE TRIED WITH AND WITHOUT THE NEXT LINE, BU IT DOESN'T HELP
;remote-cert-tls server
cipher AES-256-CBC
comp-lzo
verb 3
Finally here is the log from the windows client end -
Wed Jan 30 15:13:02 2019 OpenVPN 2.4.6 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 26 2018
Wed Jan 30 15:13:02 2019 Windows version 6.2 (Windows 8 or greater) 64bit
Wed Jan 30 15:13:02 2019 library versions: OpenSSL 1.1.0h 27 Mar 2018, LZO 2.10
Enter Management Password:
Wed Jan 30 15:13:02 2019 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Wed Jan 30 15:13:02 2019 Need hold release from management interface, waiting...
Wed Jan 30 15:13:03 2019 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Wed Jan 30 15:13:03 2019 MANAGEMENT: CMD 'state on'
Wed Jan 30 15:13:03 2019 MANAGEMENT: CMD 'log all on'
Wed Jan 30 15:13:03 2019 MANAGEMENT: CMD 'echo all on'
Wed Jan 30 15:13:03 2019 MANAGEMENT: CMD 'bytecount 5'
Wed Jan 30 15:13:03 2019 MANAGEMENT: CMD 'hold off'
Wed Jan 30 15:13:03 2019 MANAGEMENT: CMD 'hold release'
Wed Jan 30 15:13:03 2019 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Wed Jan 30 15:13:03 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]DELETED.BY.ME.201:1194
Wed Jan 30 15:13:03 2019 Socket Buffers: R=[65536->65536] S=[65536->65536]
Wed Jan 30 15:13:03 2019 UDP link local: (not bound)
Wed Jan 30 15:13:03 2019 UDP link remote: [AF_INET]DELETED.BY.ME.201:1194
Wed Jan 30 15:13:03 2019 MANAGEMENT: >STATE:1548861183,WAIT,,,,,,
Wed Jan 30 15:16:13 2019 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Jan 30 15:16:13 2019 TLS Error: TLS handshake failed
Wed Jan 30 15:16:13 2019 SIGUSR1[soft,tls-error] received, process restarting
Wed Jan 30 15:16:13 2019 MANAGEMENT: >STATE:1548861373,RECONNECTING,tls-error,,,,,
Wed Jan 30 15:16:13 2019 Restart pause, 5 second(s)
Although it works fine with the laptop as the server, I was concerned there may be a windows/ovpn issue here. I generated another ovpn client config file with different certificated and tried connecting to the RUT with OpenVPN running on an android phone. That also timed out. (it works when laptop is the server).
Thanks in advance for any assistance you can provide.