Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
867
Views
0
Helpful
1
Replies

Issues with OpenVpn server behind Cisco Firewall

tommyorok931
Level 1
Level 1

‎05-28-2016 07:23 AM

Please help.  Networking newbie.

Here is the status of my setup:  

Clients and servers are both running Ubuntu.  Server is behind a Cisco ASA firewall.  Firewall has IP address of 24.55.108.31, this is also the server’s public IP address.  The server’s private IP is 198.25.67.40.  The address of the tun0 interface openvpn created on the server is 10.8.0.1.  Openvpn is also installed on the client however it has not created tun0.  Both the server and client sides are configured to use port 1195.  When I start openvpn on the client side, I get this error:

    • TLS Error:  TLS key negotiation failed to occur within 60 seconds

I googled the error and  results suggested a problem with firewall port forwarding however i am having issues with that.  On the client side, I have the server address listed as  24.55.108.31  and i have a rule on the firewall that forwards packets received at 24.55.108.31  on port 1195 to address 198.25.67.40 port 1195, but when I start openvpn on the client side, I am still getting the error about TLS key negotiation.  Any ideas???

Labels:
0 Helpful
1 Reply 1

Karsten Iwen
VIP
VIP

‎05-28-2016 08:52 AM

You should first check if the packets reach the Ubuntu server when the client tries to connect. If they do, it's unlikely that the problem is caused by the ASA as the ASA doesn't care about this payload.

You can check this by running tcpdump on the Ubuntu-server.

0 Helpful
Customers Also Viewed These Support Documents