Apologies, I forgot I am only subscribed to the daily digest, so I am sure this response is breaking the threading. My response to Mathias is posted following his comment.
>Message: 7 >Date: Mon, 19 May 2014 23:54:16 +0200 >From: Mathias Jeschke <openvpn-us...@0xaffe.de> >Subject: Re: [Openvpn-users] OpenVPN connection issue >To: openvpn-users@lists.sourceforge.net >Message-ID: <537a7d88.9020...@0xaffe.de> >Content-Type: text/plain; charset=UTF-8; format=flowed > >Hi Jeff, > >Am 19.05.14 21:58, schrieb Jeff Boyce: > >> This makes it appear as if there is a blocking >> firewall between my Windows client and the OpenWRT box. Is it possible >> that >> my DSL provider is blocking this communication? What am I missing, what >> additional diagnosis is needed, and what options do I have that might >> still >> be available to me to connect to an OpenVPN server at my home? > >Additionally - in case icmp works properly - you could try to find the >blocking firewall by using traceroute: > >$ traceroute -U -p 1194 <FQDN> > >vs. > >$ traceroute <FQDN> > >If port 1194 is being blocked you should not get (icmp) answers from >that router. > >Cheers, >Mathias. I ran traceroute both ways as you show above. This was run with the firewall rules in place, which includes a rule for allowing OpenVPN access to Port 1194. The results for both are the same, with the excerpts shown below, with my public IP's sanitized. [root@disect ~]# traceroute <fqdn> traceroute to <fqdn> (66.77.88.99), 30 hops max, 60 byte packets 1 pfgateway.mei.lan (192.168.112.11) 0.151 ms 0.131 ms 0.191 ms ... snip ... 19 66.77.88.99 (66.77.88.99) 62.059 ms 62.765 ms 57.293 ms [root@disect ~]# traceroute -U -p 1194 <fqdn> traceroute to <fqdn> (66.77.88.99), 30 hops max, 60 byte packets 1 pfgateway.mei.lan (192.168.112.11) 0.173 ms 0.166 ms 0.155 ms ... snip ... 19 66.77.88.99 (66.77.88.99) 60.778 ms 64.631 ms 61.087 ms So with this information and my previous tests, which is correct. Traceroute saying that Port 1194 is open, or nmap saying the Port 1194 is not open. I am beginning to think that it is not a firewall issue, and that there is something else causing the TLS error. What other potential things might cause the TLS error listed below? Tue May 06 12:57:14 2014 us=986234 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054) Tue May 06 12:57:44 2014 us=875834 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Tue May 06 12:57:44 2014 us=875834 TLS Error: TLS handshake failed Tue May 06 12:57:44 2014 us=875834 TCP/UDP: Closing socket Jeff Boyce Meridian Environmental ------------------------------------------------------------------------------ "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE Instantly run your Selenium tests across 300+ browser/OS combos. Get unparalleled scalability from the best Selenium testing platform available Simple to use. Nothing to install. Get started now for free." http://p.sf.net/sfu/SauceLabs _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
