From your logs, it looks like the incoming packet is being sent to your server. Could it be that IPCop is blocking the outgoing traffic on 1194/UDP?
You can wind up the debugging on the server ( verb 9 ) to get it to log just about everything. It'd be good to see the packets arriving from the outside world. For example... -- 8< -- port 1194 proto udp dev tun ca ca.crt cert server.crt key server.key dh dh2048.pem server 192.168.99.0 255.255.255.0 push "route 192.168.99.0 255.255.255.0" route 192.168.99.0 255.255.255.0 keepalive 10 120 comp-lzo status /var/log/openvpn/status.log log /var/log/openvpn/openvpn.log log-append /var/log/openvpn/openvpn.log verb 9 -- 8< -- creates all virtual interfaces on the 192.168.99.0/24 subnet, and at least 6 tons of logging. ( and ensure /var/log/openvpn exists! ) On Fri, 2009-11-20 at 11:18 +1300, Roger Searle wrote: > Steve Holdoway wrote: > > On Thu, 2009-11-19 at 22:20 +1300, Roger Searle wrote: > > > >> Thu Nov 19 19:34:33 2009 TLS Error: TLS key negotiation failed to > >> occur > >> within 60 seconds (check your network connectivity) > >> Thu Nov 19 19:34:33 2009 TLS Error: TLS handshake failed > >> > > > > It is a networking problem somewhere along the line. Is the OpenVPN > > server recognising the clients attempt to connect? > > > > Could you show the config files for bth client and server?? > > > > Cheers, > > > > Steve > > > > > Sure, unfortunately will have to wait until tonight as I can't get to > the client config partition from here. I can get to the server from > home though. Is it better to send full config files, or remove all the > commented lines? > > Where would I look to see if the server is seeing the client connect > attempts? 2 places I know to look are /var/log/messages and log file as > specified via the server config - is there anywhere else I should be > looking? > > Cheers, > Roger -- Steve Holdoway <[email protected]> http://www.greengecko.co.nz MSN: [email protected] GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0
signature.asc
Description: This is a digitally signed message part
