23 Jul
2020
23 Jul
'20
4:34 a.m.
Hi List,
I'm trying to setup the VPN using my LotW cert and followed the
instructions on the Wiki for Windows. There was a security issue at first
but I added the
tls-cipher "DEFAULT:@SECLEVEL=0"
line in the .ovpn file and made some progress until I got this:
Wed Jul 22 20:14:59 2020 TLS Error: TLS key negotiation failed to occur
within 60 seconds (check your network connectivity)
Searching the archives here I've tried a few things such as editing the
authorities file to show the last block only as was suggested by another
list member. I also edited the authorities file to show the first block
only, but to no avail. Now the user and authorities certs are concatenated
as per the WIki instructions, so it's all stock.
Any tips for further investigation?
73 Chris VE7YSF aka VA7CAB
24 Jul
24 Jul
1:50 a.m.
Hi
I had the same problem .
What I found was the Intermediate Certificate had expired back in 2019 so I renewed my
Certificate and then made sure to only include the certificates that we current and had
not expired.
73 Andrew (KK4ZUZ)
-----Original Message-----
From: Chris Brougham [mailto:ve7ysf@gmail.com]
Sent: Wednesday, July 22, 2020 10:34 PM
To: 44net(a)mailman.ampr.org
Subject: [44net] AMPRNet VPN TLS Error
Hi List,
I'm trying to setup the VPN using my LotW cert and followed the instructions on the
Wiki for Windows. There was a security issue at first but I added the
tls-cipher "DEFAULT:@SECLEVEL=0"
line in the .ovpn file and made some progress until I got this:
Wed Jul 22 20:14:59 2020 TLS Error: TLS key negotiation failed to occur within 60 seconds
(check your network connectivity)
Searching the archives here I've tried a few things such as editing the authorities
file to show the last block only as was suggested by another list member. I also edited
the authorities file to show the first block only, but to no avail. Now the user and
authorities certs are concatenated as per the WIki instructions, so it's all stock.
Any tips for further investigation?
73 Chris VE7YSF aka VA7CAB
25 Jul
25 Jul
2:59 a.m.
Thanks Andrew,
That was indeed the case. I had just recently renewed my VA7CAB cert and so
reapplied for a new VE7YSF certificate. This renewed the authorities file
and appended both VA7CAB key and VE7YSF key to the users file. I removed
the VA7CAB entry from users (as it didn't work at first with both call sign
certs) and concatenated just the VE7YSF entry to the new authorities file
(as per the wiki), and connected right away.
Many thanks. This will help me greatly in configuring my gateway as I'm
having difficulty determining if it's my internal LAN or ISP that's
causing IPIP issues (another story).
73 Chris VE7YSF aka VA7CAB
On Thu, Jul 23, 2020 at 5:50 PM Andrew Cameron <apcameron(a)softhome.net>
wrote:
Hi
I had the same problem .
What I found was the Intermediate Certificate had expired back in 2019 so
I renewed my Certificate and then made sure to only include the
certificates that we current and had not expired.
73 Andrew (KK4ZUZ)
-----Original Message-----
From: Chris Brougham [mailto:ve7ysf@gmail.com]
Sent: Wednesday, July 22, 2020 10:34 PM
To: 44net(a)mailman.ampr.org
Subject: [44net] AMPRNet VPN TLS Error
Hi List,
I'm trying to setup the VPN using my LotW cert and followed the
instructions on the Wiki for Windows. There was a security issue at first
but I added the
tls-cipher "DEFAULT:@SECLEVEL=0"
line in the .ovpn file and made some progress until I got this:
Wed Jul 22 20:14:59 2020 TLS Error: TLS key negotiation failed to occur
within 60 seconds (check your network connectivity)
Searching the archives here I've tried a few things such as editing the
authorities file to show the last block only as was suggested by another
list member. I also edited the authorities file to show the first block
only, but to no avail. Now the user and authorities certs are concatenated
as per the WIki instructions, so it's all stock.
Any tips for further investigation?
73 Chris VE7YSF aka VA7CAB
1374
days inactive
1376
days old
2 comments
2 participants
participants (2)
-
Andrew Cameron -
Chris Brougham