1 2 3 4 Previous Next 54 Replies Latest reply: Jan 6, 2018 10:48 AM by Michael RSS

    OpenVPN errors

    Anthony

      Hi all,

       

      Could you please offer some advice regarding OPENVPN and Tunnelblick as per the installation instructions... I have everything enabled and installed but for some reason my VPN connection will not come up

       

       

      2017-12-29 19:34:10 TCP: connect to [AF_INET]192.168.0.5:443 failed, will try again in 5 seconds: Operation timed out

       

      I have added the configuration files correctly on Mac book pro.

       

      Do i need to enable any specific port forwarding ?

       

      I initially opened port 443 with a map to my VIRL server IP 192.168.0.5 but this still did not work.

       

      My broadband supplier is SKY broadband if that makes any difference lol

       

      Thanks in advanced guys

       

      Anthony

        • 1. Re: OpenVPN errors
          Jeffrey

          Hey Anthony, I can't diagnose your problem as I haven't played with openvpn in some time nor can I see your configs or your environment but, when I built my server for a school project I used https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-16-04  

          You will have to direct your client to your public IP and allow port forwarding on your router. That is how you will get your traffic across the router into your local net.

          So port forward will go Public ip at port 443 to private ip to port 443. You are not locked into these ports and can apply how you see fit.

          Also ensure firewall is not blocking traffic locally

          • 2. Re: OpenVPN errors
            Michael

            Did you check the SSL Certificate is correct and working?   If you are going through a firewall to it, did you setup the port forwarding rules properly to reach it?  Anything in the OpenVPN error logs?    I ended up getting a Fortinet 60E firewall with VPN services.  Much easier to setup. 

            • 3. Re: OpenVPN errors
              Anthony

              My current setup has no firewall and the certificate was created by the VIRL server when i enabled all the settings not sure how i can check that.

               

              I have checked that port 443 is open via my external IP and it is

               

              I am a little confused what this could be as it looks a very simple thing to setup

              • 4. Re: OpenVPN errors
                Anthony

                One thing to add is I am using my phone as the external network to test this maybe that could be the issue i am not sure

                • 5. Re: OpenVPN errors
                  Michael

                  Cisco VIRL was a pain to setup.    The firewall I am talking about is your router/firewall.   Are you trying to access it from outside your router like I do from work.   I use my Fortinet VPN to go through my firewall and VM Maestro to attach to my VIRL to use it.

                   

                  VPN uses the external IP of my modem and the VPN port I assigned in the Fortinet VPN client to get through the firewall.   I changed the port from 443 because https uses it.   I set a unique number like 8443 for my VPN to use.   What VPN client are you using to access it?   On my firewall and old DLINk modem, I port forwarded that port to the NAT address of the device.   So port 80 traffic port forwards to my web site NAT IP.  8443 would have gone to OpenVPN. 

                  • 6. Re: OpenVPN errors
                    Anthony

                    Yes i want to be able to connect from outside my LAN at the moment i have my laptop hooked onto my iPhone personal hotspot to simulate the external connection.

                     

                    I have configured port 443 --> 192.168.0.5 {VIRL IP}

                     

                    I could try another random port and see if that works...

                     

                    So on my ISP router/firewall i have configured a rule to allow incoming connections on port 443 to be forwarded to IP 192.168.0.5

                    • 7. Re: OpenVPN errors
                      Anthony

                      I am using TunnelBlick as suggested on the VIRL setup video

                      • 8. Re: OpenVPN errors
                        Michael

                        go to bing type what is my IP.  Get the IPv4 address of your modem/router that.   Go into VIRL UWMadmin

                         

                         

                         

                        This is where you change the port.  Save and reboot.

                         

                        You need to set port forwarding rules for whatever port you use to access it.  Make sure both boxes are checked at the top.  

                        • 9. Re: OpenVPN errors
                          Anthony

                          Ok i have enabled the rule in my ISP router and also checked port 8443 is now open i will test my VPN connection now Screen Shot 2017-12-29 at 21.32.56.png

                          • 10. Re: OpenVPN errors
                            Anthony

                            Hi guys,

                             

                            Still no luck do you know if i would need to enable ports for the OPENVPN Tunnelblick application to run

                            • 11. Re: OpenVPN errors
                              Michael

                              Why did you enable IPv6?   can you enable IPv4 policy?  Can you telnet to WANIP on port 8443?  Does OpenVPN have OpenVPN and it is enabled?  Telnet to it inside your router and outside your route. 

                              • 12. Re: OpenVPN errors
                                Anthony

                                it is just enabled by default now on the ISP router IPV6 is the only option although it allows you to configure ipv4 rules... its just how the admin area is labelled if that makes sense

                                • 13. Re: OpenVPN errors
                                  Michael

                                  I would start by telnet 192.169.0.5:8443 on a computer connected to the same switch.  See if it work.  Then, try to reach it from behind your router.  This will determine if OpenVPN is working.   I would then look at your router logs to see if you are even reaching it.   OpenVPN would have logs but you need to SSH into VIRL to get to them. 

                                  • 14. Re: OpenVPN errors
                                    Anthony

                                    If i telnet to my external ip with 8443 it says connected

                                    1 2 3 4 Previous Next