VPN configuration. - Printable Version +- Yealink Forums (http://forum.yealink.com/forum) +-- Forum: IP Phone Series (/forumdisplay.php?fid=4) +--- Forum: Configuration (/forumdisplay.php?fid=24) +--- Thread: VPN configuration. (/showthread.php?tid=164) |
VPN configuration. - jaymemaciejewski - 01-08-2013 12:51 AM I am trying to configure a few T32G phones to connect with our 3CX server using OpenVPN for our home users. I keep getting a TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) when i try with the phone. I have tested my configuration with a laptop with OpenVPN installed (using the same router/network as the phone that is failing) and it works perfectly with the same configuration. #Client Config client dev tun persist-tun persist-key proto udp nobind remote x.x.x.x 1194 resolv-retry infinite ca /config/openvpn/keys/ca.crt cert /config/openvpn/keys/client.crt key /config/openvpn/keys/client.key Here are the server logs when the phone fails to connect (the public IP has been replaced with x.x.x.x): Dec 31 14:20:14 openvpn[14850]: WARNING: using --duplicate-cn and --client-config-dir together is probably not what you want Dec 31 14:20:14 openvpn[14850]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Dec 31 14:20:14 openvpn[14850]: TUN/TAP device /dev/tun1 opened Dec 31 14:20:14 openvpn[14850]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Dec 31 14:20:14 openvpn[14850]: /sbin/ifconfig ovpns1 192.168.35.1 192.168.35.2 mtu 1500 netmask 255.255.255.255 up Dec 31 14:20:14 openvpn[14850]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1541 192.168.35.1 192.168.35.2 init Dec 31 14:20:14 openvpn[23033]: UDPv4 link local (bound): [AF_INET]192.168.30.243:1194 Dec 31 14:20:14 openvpn[23033]: UDPv4 link remote: [undef] Dec 31 14:20:14 openvpn[23033]: Initialization Sequence Completed Dec 31 14:40:44 openvpn[23033]: x.x.x.x:1024 Re-using SSL/TLS context Dec 31 14:40:46 openvpn[23033]: x.x.x.x:1026 Re-using SSL/TLS context Dec 31 14:40:50 openvpn[23033]: x.x.x.x:1028 Re-using SSL/TLS context Dec 31 14:40:52 openvpn[23033]: x.x.x.x:1029 Re-using SSL/TLS context Dec 31 14:41:44 openvpn[23033]: x.x.x.x:1024 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Dec 31 14:41:44 openvpn[23033]: x.x.x.x:1024 TLS Error: TLS handshake failed Dec 31 14:41:47 openvpn[23033]: x.x.x.x:1026 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Dec 31 14:41:47 openvpn[23033]: x.x.x.x:1026 TLS Error: TLS handshake failed Dec 31 14:41:50 openvpn[23033]: x.x.x.x:1028 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Dec 31 14:41:50 openvpn[23033]: x.x.x.x:1028 TLS Error: TLS handshake failed Dec 31 14:41:53 openvpn[23033]: x.x.x.x:1029 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Dec 31 14:41:53 openvpn[23033]: x.x.x.x:1029 TLS Error: TLS handshake failed Dec 31 14:41:58 openvpn[23033]: x.x.x.x:1029 Re-using SSL/TLS context The 3CX server is 192.168.30.245, the OpenVPN server (PFSense) is 192.168.30.243, and the VPN subnet for the home users is 192.168.35.0. Everything works fine with the laptop, I can connect and ping each network/server, but when I try the same on the phone, it fails to connect. The TAR file seems to be fine, I don't get any errors when I compile it or upload it into the phone. Anyone have any ideas I can try? Thanks, Jayme M. RE: VPN configuration. - _alx_ - 01-08-2013 07:25 PM What time has your server and what time does your phone has? RE: VPN configuration. - jaymemaciejewski - 01-09-2013 12:39 AM I found out what was causing the issue. When I was first provisioning and uploading the phone configurations, the 3CX server was sending the incorrect firmware update to the phone. The phones are SIP-T32G phones, but were receiving the SIP-T38G firmware. Thanks, Jayme M. |