• 6
name
name Punditsdkoslkdosdkoskdo

OpenVPN Connect from a Different Network

I recently setup OpenVPN on a CentOS 6 machine. The setup went smooth and I can connect to it fine from a client computer when both computers are on the same network.

I wanted to know how to make the connection when the client computer is on a different network at a different location.

At the moment I am getting the following error on the client side's log

Tue Mar 31 19:20:14 2015 OpenVPN 2.3.6 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Mar 19 2015
Tue Mar 31 19:20:14 2015 library versions: OpenSSL 1.0.1m 19 Mar 2015, LZO 2.08
Enter Management Password:
Tue Mar 31 19:20:14 2015 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Tue Mar 31 19:20:14 2015 Need hold release from management interface, waiting...
Tue Mar 31 19:20:14 2015 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Tue Mar 31 19:20:15 2015 MANAGEMENT: CMD 'state on'
Tue Mar 31 19:20:15 2015 MANAGEMENT: CMD 'log all on'
Tue Mar 31 19:20:15 2015 MANAGEMENT: CMD 'hold off'
Tue Mar 31 19:20:15 2015 MANAGEMENT: CMD 'hold release'
Tue Mar 31 19:20:15 2015 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Mar 31 19:20:15 2015 UDPv4 link local: [undef]
Tue Mar 31 19:20:15 2015 UDPv4 link remote: [AF_INET]192.168.20.17:1194
Tue Mar 31 19:20:15 2015 MANAGEMENT: >STATE:1427822415,WAIT,,,
Tue Mar 31 19:21:15 2015 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Mar 31 19:21:15 2015 TLS Error: TLS handshake failed
Tue Mar 31 19:21:15 2015 SIGUSR1[soft,tls-error] received, process restarting
Tue Mar 31 19:21:15 2015 MANAGEMENT: >STATE:1427822475,RECONNECTING,tls-error,,
Tue Mar 31 19:21:15 2015 Restart pause, 2 second(s)

The iptables is stopped so I'm not sure how to make the OpenVPN server accessable from outside the local network

      • 1
    • Do you have a gateway between the client and server networks? Does that gateway knows how to route UDP traffic to 192.168.20.17:1194? Considering you can connect to the OpenVPN server from your local network, and your firewall is stopped, it's a routing issue most probably.
    • Omg i dont know how to port forward for openvpn, i thought openvpn provided routing to the gateway, you must be right though
      • 2
    • You do it as for anything else... You should point to 192.168.20.17:1194 on UDP (at least that's what your logs are showing). OpenVPN takes care of pushing routes, but only if you connect to the server, and for that you need port forwarding. Also, please make sure the gateway of your OpenVPN server (probably 192.168.20.1) has a static route for your VPN address range, pointing to 192.168.20.17. This is required for hosts in 192.168.20.x network to be able to communicate with hosts connected over VPN and vice-versa.

Warm tip !!!

This article is reproduced from Stack Exchange / Stack Overflow, please click

Trending Tags