Author Topic: VPN stops working after a while  (Read 247 times)

sebsom

  • Zen Apprentice
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
VPN stops working after a while
« on: May 14, 2019, 10:39:35 pm »
Hi folks,
I'm using the VPN Module. It worked fine and without changing anything (I know about) it stopped working. The cliend is telling me TLS key negotiation failed, Serverlog in the GUI is telling me that it could noch chech the certificate. I had that problem already. That day I just made a new Certificate even if the old one was still valid but now, there are a few users and I have no Idea where to fix it.

Any ideas? Would be very nice if there is a solution wihtout new certificates...

Thx,
Bastek

Code: [Select]
Tue May 14 22:19:29 2019 OpenVPN 2.4.6 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 26 2018
Tue May 14 22:19:29 2019 Windows version 6.2 (Windows 8 or greater) 64bit
Tue May 14 22:19:29 2019 library versions: OpenSSL 1.1.0h  27 Mar 2018, LZO 2.10
Tue May 14 22:19:29 2019 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Tue May 14 22:19:29 2019 Need hold release from management interface, waiting...
Tue May 14 22:19:29 2019 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Tue May 14 22:19:29 2019 MANAGEMENT: CMD 'state on'
Tue May 14 22:19:29 2019 MANAGEMENT: CMD 'log all on'
Tue May 14 22:19:29 2019 MANAGEMENT: CMD 'echo all on'
Tue May 14 22:19:29 2019 MANAGEMENT: CMD 'bytecount 5'
Tue May 14 22:19:29 2019 MANAGEMENT: CMD 'hold off'
Tue May 14 22:19:29 2019 MANAGEMENT: CMD 'hold release'
Tue May 14 22:19:30 2019 MANAGEMENT: >STATE:1557865170,RESOLVE,,,,,,
Tue May 14 22:19:30 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]-----:1194
Tue May 14 22:19:30 2019 Socket Buffers: R=[65536->65536] S=[65536->65536]
Tue May 14 22:19:30 2019 UDP link local: (not bound)
Tue May 14 22:19:30 2019 UDP link remote: [AF_INET]-------:1194
Tue May 14 22:19:30 2019 MANAGEMENT: >STATE:1557865170,WAIT,,,,,,
Tue May 14 22:19:30 2019 MANAGEMENT: >STATE:1557865170,AUTH,,,,,,
Tue May 14 22:19:30 2019 TLS: Initial packet from [AF_INET]------:1194, sid=eed0d0bb aa62c9b3
Tue May 14 22:19:30 2019 VERIFY OK: depth=1, C=DE, O=------, CN=----- Authority Certificate
Tue May 14 22:19:30 2019 VERIFY X509NAME OK: C=DE, ------, CN=------_server
Tue May 14 22:19:30 2019 VERIFY OK: depth=0, C=DE, O=------., CN=------_server
Tue May 14 22:20:30 2019 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue May 14 22:20:30 2019 TLS Error: TLS handshake failed
Tue May 14 22:20:30 2019 SIGUSR1[soft,tls-error] received, process restarting
Tue May 14 22:20:30 2019 MANAGEMENT: >STATE:1557865230,RECONNECTING,tls-error,,,,,
Tue May 14 22:20:30 2019 Restart pause, 5 second(s)


royceb

  • Zen Monk
  • **
  • Posts: 71
  • Karma: +5/-0
    • View Profile
Re: VPN stops working after a while
« Reply #1 on: May 15, 2019, 02:58:57 pm »
It's a problem with the default config that got shipped with Zentyal

https://community.spiceworks.com/how_to/158901-how-to-fix-openvpn-zentyal-verify-error-depth-0-error-crl-has-expired-on-ubuntu

Do steps 1 - 2; then in the web interface you have to re-sign all of the existing certificates and redeploy your VPN credentials to your client machines.