nf3PSZf4TDa6GU 0 Posted ... Hi, I use OpenVPN on archlinux and update-resolv-conf and I also added following line to the ovpn (which I got from the generator): script-security 2 up /etc/openvpn/update-resolv-conf down /etc/openvpn/update-resolv-conf A couple of weeks ago it worked, but now when I use following then I get an error: sudo openvpn AirVPN_United-Kingdom_UDP-443.ovpn Error: Tue Aug 18 19:35:25 2015 OpenVPN 2.3.6 i686-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Dec 2 2014 Tue Aug 18 19:35:25 2015 library versions: OpenSSL 1.0.2d 9 Jul 2015, LZO 2.09 Tue Aug 18 19:35:25 2015 Control Channel Authentication: tls-auth using INLINE static key file Tue Aug 18 19:35:25 2015 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Aug 18 19:35:25 2015 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Aug 18 19:35:25 2015 Socket Buffers: R=[163840->131072] S=[163840->131072] Tue Aug 18 19:35:25 2015 UDPv4 link local: [undef] Tue Aug 18 19:35:25 2015 UDPv4 link remote: [AF_INET]94.229.74.90:443 Tue Aug 18 19:36:25 2015 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Tue Aug 18 19:36:25 2015 TLS Error: TLS handshake failed Tue Aug 18 19:36:25 2015 SIGUSR1[soft,tls-error] received, process restarting Tue Aug 18 19:36:25 2015 Restart pause, 2 second(s) I also tried to download the config file again and to add the three lines from above, but still same error. Where is the problem here??? Quote Share this post Link to post
nf3PSZf4TDa6GU 0 Posted ... The TLS Error: TLS handshake failed is probably due to ports not open, right? Because I was still in the office when I tried it... And a couple of weeks ago it was working, but it seems that they changed something. So it was not working anymore.Now at home it works Quote Share this post Link to post
InactiveUser 188 Posted ... Well, looks like the corporate firewall doesn't like outbound UDP/443. Try TCP on 443, or SSL Tunneling.And - don't get fired Quote Hide InactiveUser's signature Hide all signatures all of my content is released under CC-BY-SA 2.0 Share this post Link to post
nf3PSZf4TDa6GU 0 Posted ... Thanks for your answer! No, no problem I work at a university. They should accept curious people trying things out (as long as it is not illegal) Quote Share this post Link to post
Not connected, Your IP: 3.145.75.238
Online: 25928 users - 289237 Mbit/s total BW