0

I have an OpenVPN server on port 443. I can not connect to this OpenVPN server:

Thu Oct 13 10:11:39 2022 TLS Error: TLS handshake failed
Thu Oct 13 10:11:39 2022 Fatal TLS error (check_tls_errors_co), restarting
Thu Oct 13 10:11:39 2022 SIGUSR1[soft,tls-error] received, process restarting

OpenVPN is up and running and port 443 is open:

[mehrdad@rock ~]$ sudo nmap -sS -O -p80,443 <the-server-ip>
Starting Nmap 7.70 ( https://nmap.org ) at 2022-10-13 15:04 +0330
Nmap scan report for <the-server-ip>
Host is up (0.13s latency).

PORT    STATE  SERVICE
80/tcp  closed http
443/tcp open   https

I suspect that the ISP has blocked SSL connections. how can I test this?

what does the following means?

[mehrdad@rock ~]$ openssl s_client -connect <server-ip>:443
CONNECTED(00000003)
write:errno=0
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 293 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
Steffen Ullrich
  • 13,227
  • 27
  • 39
mhrsalehi
  • 95
  • 1
  • **OpenVPN is not SSL**. You cannot use `openssl s_client` to connect to an openvpn server - see also https://serverfault.com/q/708577/208324. Thus your question (*"... establish ssl connection..."*) does not fit what you have as endpoint for the connection (openvpn, not SSL). – Steffen Ullrich Oct 13 '22 at 12:40
  • I know! I just wanted to test that can a SSL connection be established between these hosts. the first log in answer is the output of `openvpn ./config-file.ovpn` – mhrsalehi Oct 13 '22 at 13:08
  • Again, if you have an openvpn server on port 443 then you cannot check if there is a SSL connection - because you have a openvpn server there and no SSL server. – Steffen Ullrich Oct 13 '22 at 13:23
  • I suggest that you read about SSL VPNs! – mhrsalehi Oct 14 '22 at 06:13
  • I know what a SSL VPN is. But openvpn is not a SSL VPN, yet you are trying to use it as one. – Steffen Ullrich Oct 14 '22 at 10:02
  • "... OpenVPN is an SSL VPN ..." https://openvpn.net/faq/why-ssl-vpn/ – mhrsalehi Oct 14 '22 at 11:39
  • Let us [continue this discussion in chat](https://chat.stackexchange.com/rooms/139862/discussion-between-steffen-ullrich-and-mhrsalehi). – Steffen Ullrich Oct 14 '22 at 12:24

0 Answers0