What's new

TLS key negotiation failed to occur within 60 seconds

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

FlyByWire

Regular Contributor
Hi there,

I'm having a problem to establish an openVPN connection to PureVPN.

My setup:

I have a Sphairon AR-780 Modem that is connected to Router 1 (FritzBox 7390 on LAN1) which is responsible for setting up Internet connection and supplying VoIP. Connected to LAN2 of the FritzBox is a Asus RT-AC68U (here WAN adapter) running Merlin 378.56_2. Asus is configured to have a static IP out of the subnet from the FritzBox.

Baseline:

For 2 weeks I'm running openVPN client on ExpressVPN servers without any problem. I've setup 5 different servers in the Asus setup. All working.

Problem:

Yesterday I tried to setup a openVPN connection to PureVPN using the config provided by them.
Neither UPD nor TCP is working. The VPN Status (on the Asus) says "connecting..." but thats all. The log shows (on UDP connection):
Code:
Nov 15 01:32:18 openvpn[26761]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Nov 15 01:32:18 openvpn[26761]: TLS Error: TLS handshake failed
I did contact the online support of PureVPN and they assumed that my ISP is blocking the needed ports (UDP 53, TCP 80). I really can't believe that TCP Port 80 is blocked by my ISP as this is used for web traffic?!

Anybody an idea what the problem could be?

Thanks

FlyByWire
 
TLS settings are wrong is most likely the problem as I'm sure those ports aren't blocked. :)

does Pure VPN have 2 certs and 2 keys in the ovpn file? do they use username/password?
 
does Pure VPN have 2 certs and 2 keys in the ovpn file? do they use username/password?

1 cert and 1 key and yes they do require username and password. Suprising to me was that after importing the ovpn config I had to change some setting to make it trying to connect at all (Must define certificate authority, Verify Server Certificate was not "yes" and tls-auth was not disabled as that all should be according to their guide?!
 
1 cert and 1 key and yes they do require username and password. Suprising to me was that after importing the ovpn config I had to change some setting to make it trying to connect at all (Must define certificate authority, Verify Server Certificate was not "yes" and tls-auth was not disabled as that all should be according to their guide?!

verify server certificate should probably be set to "no". username/pass auth only is also "no" because the ca.crt should have been uploaded as part of the ovpn. what is the setting for extra HMAC authorization? I'm thinking since you have been given a key that that should be set to outgoing (1).
 
wow, worked with the settings suggested by you! Thanks a lot.
meaning two things:
1.) Theire guide is wrong!
2.) The support is incapable!

Not the best precondition to start a long term relationship with them...;)
 

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Top