Happy to report this as solved. The issue was indeed with the IPCop
config, thanks to the off-list response indicating that following
creating a port forwarding rule for UDP 1194 I should NOT select the
additional option to "add external access".
Thanks to everyone for their previous replies.
Roger
Roger Searle wrote:
The server can accept connections - from the local network anyway,
where from a client I get "Initialization Sequence Completed", see the
network appear in ifconfig and can ping the server. So the issue is
with either the router or the IPCop box (as in, how I have configured
it!) and so will investigate further.
Thu Nov 19 19:34:33 2009 TLS Error: TLS key negotiation failed to
occur within 60 seconds (check your network connectivity)
Thu Nov 19 19:34:33 2009 TLS Error: TLS handshake failed
It is a networking problem somewhere along the line. Is the OpenVPN
server recognising the clients attempt to connect?
Could you show the config files for bth client and server??
server.conf:
port 1194
proto udp
dev tun
ca "/etc/openvpn/ca.crt"
cert "/etc/openvpn/jupiter.crt"
key "/etc/openvpn/jupiter.key" # This file should be kept secret
dh "/etc/openvpn/dh1024.pem"
server 10.20.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
log-append /var/log/openvpn.log
verb 9
client.conf:
client
dev tun
proto udp
remote 203.109.x.y 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca "/home/roger/openvpn/ca.crt"
cert "/home/roger/openvpn/roger.crt"
key "/home/roger/openvpn/roger.key"
ns-cert-type server
comp-lzo
verb 9
