Hi,
I'm trying to configure OpenVPN using Zentyal 2.2 with Remote VPN Client for the first time following the Zentyal 2.2 Official Document.
I have 3 NIC cards. Gateway are set for Load-balancing/fail-over.
eth0 = WAN1 [PUBLIC STATIC IP ADD]
eth1 = WAN2 [PUBLIC DHCP]
eth2 = LAN
Config Details are as follows:
Zentyal Server:
Server Port: UDP 1194
VPN Address: 192.168.160.0/24
Server Certificicate: vpn-companyxyz
Client Authorizaiton by common name: disabled
NAT: Checked
Allow client-to-client connection: checked
Interface to listen on: All network Interfaces
I created an Advertised network: 192.168.x.x (my LAN)
Firewall:
Zentyal is facing the Internet and functioning as Gateway/Firewall.
- created a Service for OpenVPN on 1194
- created a Packet filter for EXTERNAL NETWORKS TO ZENTYAL to ACCEPT OpenVPN Service to allow ANY Network
- created a Packet filter for EXTERNAL NETWORKS TO INTERNET to ACCEPT OpenVPN Server to the Internal Network from ANY Network
CLIENT PC
- Then Dowloaded client bundle and install on my Laptop. And connection to the Remote Zentyal Server. My laptop is configured with a PUBLIC IP Address. And firewall is currently OFF in Windows 7.
- Put ALL the openvpn bundle to C:\Program Files (x86)\OpenVPN\config
However, I still have this error connecting to the OpenVPN Network.
Wed Sep 12 10:01:54 2012 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 12 10:02:10 2012 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 12 10:02:40 2012 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Sep 12 10:02:40 2012 TLS Error: TLS handshake failed
Wed Sep 12 10:02:40 2012 TCP/UDP: Closing socket
Wed Sep 12 10:02:40 2012 SIGUSR1[soft,tls-error] received, process restarting
Wed Sep 12 10:02:40 2012 Restart pause, 2 second(s)
Wed Sep 12 10:02:42 2012 WARNING: Make sure you understand the semantics of --tls-remote before using it (see the man page).
Wed Sep 12 10:02:42 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Wed Sep 12 10:02:42 2012 Re-using SSL/TLS context
Wed Sep 12 10:02:42 2012 LZO compression initialized
Wed Sep 12 10:02:42 2012 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed Sep 12 10:02:42 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Wed Sep 12 10:02:42 2012 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
Wed Sep 12 10:02:42 2012 Local Options hash (VER=V4): 'd79ca330'
Wed Sep 12 10:02:42 2012 Expected Remote Options hash (VER=V4): 'f7df56b8'
Wed Sep 12 10:02:42 2012 UDPv4 link local: [undef]
Wed Sep 12 10:02:42 2012 UDPv4 link remote: 115.84.xxx.x:1194
Googling for the error suggests a firewall error. However, I already provided the proper firewall policy to allow OpenVPN. I even created a PORT FORWARDING rule to forward request from PORT 1194 to the Zentyal Server but of no avail.
Hope you can shed light on this.
Appreciate any help.
Thanks in advance.