Is OpenVPN running?

I have bought the System Admin module for FreePBX to setup VPN on some remote phones. From the VPN Server setting menu it seems to be enabled and set up correctly but the VPN connections time out.

How can I check if the OpenVPN server is actually running?

For testing at the moment I am using a windows PC with OpenVPN client to try to connect.

The router the FreePBX system is behind has an OpenVPN server and I can connect to that without any problems. When I disable it and forward port 1194 to the PBX system the connection attemt times out.

`Tue Oct 27 14:08:10 2020 OpenVPN 2.5_rc1 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 21 2020

Tue Oct 27 14:08:10 2020 Windows version 10.0 (Windows 10 or greater) 64bit
Tue Oct 27 14:08:10 2020 library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.10
Tue Oct 27 14:08:10 2020 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25341
Tue Oct 27 14:08:10 2020 Need hold release from management interface, waiting…
Tue Oct 27 14:08:11 2020 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25341
Tue Oct 27 14:08:11 2020 MANAGEMENT: CMD ‘state on’
Tue Oct 27 14:08:11 2020 MANAGEMENT: CMD ‘log all on’
Tue Oct 27 14:08:11 2020 MANAGEMENT: CMD ‘echo all on’
Tue Oct 27 14:08:11 2020 MANAGEMENT: CMD ‘bytecount 5’
Tue Oct 27 14:08:11 2020 MANAGEMENT: CMD ‘hold off’
Tue Oct 27 14:08:11 2020 MANAGEMENT: CMD ‘hold release’
Tue Oct 27 14:08:11 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]xx.xx.xx.xx:1194
Tue Oct 27 14:08:11 2020 Socket Buffers: R=[65536->65536] S=[65536->65536]
Tue Oct 27 14:08:11 2020 UDP link local: (not bound)
Tue Oct 27 14:08:11 2020 UDP link remote: [AF_INET]xx.xx.xx.xx:1194
Tue Oct 27 14:08:11 2020 MANAGEMENT: >STATE:1603807691,WAIT,
Tue Oct 27 14:09:11 2020 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Oct 27 14:09:11 2020 TLS Error: TLS handshake failed`

Does this mean the OpenVPN server is not running?

[[email protected] ~]# systemctl status [email protected][email protected] - OpenVPN Robust And Highly Flexible Tunneling Application On server
   Loaded: loaded (/usr/lib/systemd/system/[email protected]; enabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/[email protected]
       └─sangoma_openvpn_override.conf
   Active: inactive (dead)

That service won’t start until you fix

Tue Oct 27 14:09:11 2020 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Oct 27 14:09:11 2020 TLS Error: TLS handshake failed

Thanks for the reply, I figured as much but I am a bit lost with this, not my area of knowledge.

I assumed that enabling the VPN server on FreePBX and using the supplied client config file I would be able to connect. Can you point me towards what the issue may be?

Sorry, not my comfort zone here here with this flavor of openvpn, what is in

sangoma_openvpn_override.conf

?

Not much

[Service]
Environment="OPENSSL_ENABLE_MD5_VERIFY=1 NSS_HASH_ALG_SUPPORT=+MD5"

I’ll leave this to the distro experts.

Sorry but you will probably laugh. The old saying, have you tried turning it off and on again… Well I hadn’t but just did and now the VPN connects.

After some sleep I will have ago at getting the phones to connect but hopefully it will be straightforward.

Thanks again for taking the time to reply!

1 Like

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.