Skip to content
TLS Error: TLS handshake failed, stuck on Connecting
Got a problem with Viscosity or need help? Ask here!
- Posts: 1
- Joined: Sat Mar 01, 2014 5:54 am
Having trouble to connect, see the log below. I am on Verizon FIOS, the vpn has been working for a year now, all the sudden it stopped.
Using Wireshark i can see packets been exchanged, certificates been passed on, but at some point the server seems to drop the ball.
Is there a way to increase the verbosity of the log to see more details on the failure?
authentication type:SSL/TLS PCS512
Feb 28 01:55:06: State changed to Disconnecting
Feb 28 01:55:07: State changed to Disconnected
Feb 28 01:55:26: State changed to Connecting
Feb 28 01:55:26: Viscosity 1.4.7 (1222)
Feb 28 01:55:26: Running on Microsoft Windows 7 Home Basic
Feb 28 01:55:26: Bringing up interface...
Feb 28 01:55:26: Checking reachability status of connection...
Feb 28 01:55:26: Connection is reachable. Starting connection attempt.
Feb 28 01:55:26: OpenVPN 2.3.2 Windows-MSVC [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Dec 13 2013
Feb 28 01:55:26: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Feb 28 01:55:27: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Feb 28 01:55:27: Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Feb 28 01:55:27: UDPv4 link local: [undef]
Feb 28 01:55:27: UDPv4 link remote: [AF_INET]173.9.45.73:1194
Feb 28 01:56:26: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Feb 28 01:56:26: TLS Error: TLS handshake failed
Feb 28 01:56:26: SIGUSR1[soft,tls-error] received, process restarting
Feb 28 01:56:26: State changed to Connecting
Using Wireshark i can see packets been exchanged, certificates been passed on, but at some point the server seems to drop the ball.
Is there a way to increase the verbosity of the log to see more details on the failure?
authentication type:SSL/TLS PCS512
Feb 28 01:55:06: State changed to Disconnecting
Feb 28 01:55:07: State changed to Disconnected
Feb 28 01:55:26: State changed to Connecting
Feb 28 01:55:26: Viscosity 1.4.7 (1222)
Feb 28 01:55:26: Running on Microsoft Windows 7 Home Basic
Feb 28 01:55:26: Bringing up interface...
Feb 28 01:55:26: Checking reachability status of connection...
Feb 28 01:55:26: Connection is reachable. Starting connection attempt.
Feb 28 01:55:26: OpenVPN 2.3.2 Windows-MSVC [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Dec 13 2013
Feb 28 01:55:26: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Feb 28 01:55:27: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Feb 28 01:55:27: Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Feb 28 01:55:27: UDPv4 link local: [undef]
Feb 28 01:55:27: UDPv4 link remote: [AF_INET]173.9.45.73:1194
Feb 28 01:56:26: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Feb 28 01:56:26: TLS Error: TLS handshake failed
Feb 28 01:56:26: SIGUSR1[soft,tls-error] received, process restarting
Feb 28 01:56:26: State changed to Connecting
Hi ivanpedruzzi,
You can increase the verbosity by adding verb 5 to the advanced section of your configuration, though it won't give you any more details about this problem. The server is rejecting your client certificate most likely because the certificate has expired. If you control this server, you will need to produce new certificates, otherwise, you will need to contact your VPN Provider for assistance. http://www.sparklabs.com/support/how_do ... _my_vpn_p/
Regards,
Eric
You can increase the verbosity by adding verb 5 to the advanced section of your configuration, though it won't give you any more details about this problem. The server is rejecting your client certificate most likely because the certificate has expired. If you control this server, you will need to produce new certificates, otherwise, you will need to contact your VPN Provider for assistance. http://www.sparklabs.com/support/how_do ... _my_vpn_p/
Regards,
Eric
Eric Thorpe
Viscosity Developer
Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs
Viscosity Developer
Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs
2 posts
Page 1 of 1