OpenVPN server not working: TLS handshake failed

OpenVPN server not working: TLS handshake failed

OpenVPN server not working: TLS handshake failed
OpenVPN server not working: TLS handshake failed
2024-09-19 09:16:26 - last edited 2024-09-20 01:49:41
Model: ER707-M2  
Hardware Version: V1
Firmware Version: 1.2.2

Hi there,

 

I'm trying to get a OpenVPN to work on my ER707-M2 router in controller mode. In order to do that I've done everything this guide says: https://www.tp-link.com/ae/support/faq/3633/.

 

However, when I try to connect my laptop to the VPN using the generated OVPN file, I get the following error (redacted my IP address):

 

Thu Sep 19 11:01:21 2024 DEPRECATED OPTION: --cipher set to 'AES-128-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations. 
Thu Sep 19 11:01:21 2024 OpenVPN 2.6.12 [git:v2.6.12/038a94bae57a446c] Windows [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] [DCO] built on Jul 18 2024
Thu Sep 19 11:01:21 2024 Windows version 10.0 (Windows 10 or greater), amd64 executable
Thu Sep 19 11:01:21 2024 library versions: OpenSSL 3.3.1 4 Jun 2024, LZO 2.10
Thu Sep 19 11:01:21 2024 DCO version: 1.2.1
Thu Sep 19 11:01:21 2024 TCP/UDP: Preserving recently used remote address: [AF_INET]<IP_ADDRESS>:1194
Thu Sep 19 11:01:21 2024 UDPv4 link local: (not bound)
Thu Sep 19 11:01:21 2024 UDPv4 link remote: [AF_INET]<IP_ADDRESS>:1194
Thu Sep 19 11:02:21 2024 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Sep 19 11:02:21 2024 TLS Error: TLS handshake failed
Thu Sep 19 11:02:21 2024 SIGUSR1[soft,tls-error] received, process restarting

 

When I port forward 1194 to another port on my pc, it seems to work. This rules out the ISP blocking that port. There is no modem from my ISP involved, I use the ER707 directly.

 

I've also tried PPTP, which works. However, I can't get IPSec to work either.

  0      
  0      
#1
Options
2 Reply
Re:OpenVPN server not working: TLS handshake failed
2024-09-20 01:49:25

Hi @GeneraalSpeknek 

Thanks for posting in our business forum.

What's your WAN IP address on the WAN interface of the router? Screenshot.

As the log says, something is wrong with the Internet or IP.

A diagram of your network with IP and subnet marked is necessary as well.

 

Please mosaic your sensitive information. Here is a list of information considered sensitive:

1. Public IP address on your WAN if your WAN is.

2. Real MAC address of your device.

3. Your personal information including address, domain name, and credentials.

For troubleshooting purposes, when a WAN IP is needed, please leave some values visible for identification.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  1  
  1  
#2
Options
Re:OpenVPN server not working: TLS handshake failed
2024-09-20 07:18:58 - last edited 2024-09-20 08:46:17

  @Clive_A 

Hey there,

 

Thanks for your response! Here is an image of the details of the WAN1 network:

IP address is my public IP. Gateway IP is different, but didn't know if it'd be sensitive.

This is a map of my network:

I'm still quite new to this. So if I'm missing anything please let me know and where I can find it.

 

Edit: The PPTP variant works just fine, don't know why that is.

Edit 2: OpenVPN works when on a mobile network. It just doesn't work when on the same network as the router.

 

  0  
  0  
#3
Options