Why client does not connect to the OPEN VPN server?

Good time of day.Installed OPENVPN on the server, imported the configuration of user, connect and get the error.

Here is the log:
Fri May 03 20:17:23 OpenVPN 2019 2.4.7 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 25 2019
Fri May 03 20:17:23 2019 Windows version 6.2 (Windows 8 or greater) 64bit
Fri May 03 20:17:23 2019 library versions: OpenSSL 1.1.0 j 20 Nov 2018, LZO 2.10
Enter Management Password:
Fri May 03 20:17:23 2019 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Fri May 03 20:17:23 2019 Need hold release from management interface, waiting...
Fri May 03 20:17:23 2019 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Fri May 03 20:17:23 2019 MANAGEMENT: CMD 'state on'
Fri May 03 20:17:23 2019 MANAGEMENT: CMD 'log all on'
Fri May 03 20:17:23 2019 MANAGEMENT: CMD 'echo on all'
Fri May 03 20:17:23 2019 MANAGEMENT: CMD 'bytecount 5'
Fri May 03 20:17:23 2019 MANAGEMENT: CMD 'hold off'
Fri May 03 20:17:23 2019 MANAGEMENT: CMD 'hold release'
Fri May 03 20:17:24 2019 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Fri May 03 20:17:24 2019 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Fri May 03 20:17:24 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]*IP of my server*:1194
Fri May 03 20:17:24 2019 Socket Buffers: R=[65536->65536] S=[65536->65536]
Fri May 03 20:17:24 2019 UDP link local: (not bound)
Fri May 03 20:17:24 2019 UDP link remote: [AF_INET]*IP of my server*:1194
Fri May 03 20:17:24 2019 MANAGEMENT: >STATE:1556903844,WAIT,,,,,,
Fri May 03 20:18:24 2019 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri May 03 20:18:24 2019 TLS Error: TLS handshake failed
Fri May 03 20:18:24 2019 SIGUSR1[soft,tls-error] received, process restarting
Fri May 03 20:18:24 2019 MANAGEMENT: >STATE:1556903904,RECONNECTING,tls-error,,,,,
Fri May 03 20:18:24 2019 Restart pause, 5 second(s)
Fri May 03 20:18:29 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]*IP of my server*:1194
Fri May 03 20:18:29 2019 Socket Buffers: R=[65536->65536] S=[65536->65536]
Fri May 03 20:18:29 2019 UDP link local: (not bound)
Fri May 03 20:18:29 2019 UDP link remote: [AF_INET]*IP of my server*:1194
Fri May 03 20:18:29 2019 MANAGEMENT: >STATE:1556903909,WAIT,,,,,,
Fri May 03 20:19:29 2019 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri May 03 20:19:29 2019 TLS Error: TLS handshake failed
Fri May 03 20:19:29 2019 SIGUSR1[soft,tls-error] received, process restarting
Fri May 03 20:19:29 2019 MANAGEMENT: >STATE:1556903969,RECONNECTING,tls-error,,,,,
Fri May 03 20:19:29 2019 Restart pause, 5 second(s)
Fri May 03 20:19:34 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]*IP of my server*:1194
Fri May 03 20:19:34 2019 Socket Buffers: R=[65536->65536] S=[65536->65536]
Fri May 03 20:19:34 2019 UDP link local: (not bound)
Fri May 03 20:19:34 2019 UDP link remote: [AF_INET]*IP of my server*:1194
Fri May 03 20:19:34 2019 MANAGEMENT: >STATE:1556903974,WAIT,,,,,,


Help, please.
March 20th 20 at 11:40
1 answer
March 20th 20 at 11:42
Judging by the fact that TLS key negotiation falls off by timeout - most likely the server is not available (turned off, blocked the traffic, not proposed port, etc.).
The server is running, the provider asked, OpenVPN is allowed. Do you have instructions for setting up port, and so on? - nikita.Stracke commented on March 20th 20 at 11:45
@clovis24, but you have other clients working with this server? They have all right?
VPN server behind the firewall and NATом? or directly looks in the Internet (then the same firewall can block)?
You have the client out in the Internet?
The server is at home or in your organization? And the client? - pasquale_Bahringer93 commented on March 20th 20 at 11:48
@elody11, @elody11, I put on the video, there are no deep settings, simple 2-minute setup, finally got the client.ovpn, which threw in the config program - nikita.Stracke commented on March 20th 20 at 11:51
@elody11, installed the wget command https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh - nikita.Stracke commented on March 20th 20 at 11:54
@clovis24Have OpenVPN is the server part and client. Though in fact it is the same software, but they have different settings (configs). You set up which one?
Judging by the fact that you got a client.conf - do you set up the client.

Ie about a server you know nothing about?
There are a few points:
1. OpenVPN can operate over UDP (your client is so configured default) or TCP.
2. The connection port can be easily changed in the config (you have the default udp/1194).
These inputs need to connect to any OpenVPN server. One address is not enough.

3.If you generate the client keys on their own, it is likely that your server will not work. Keys for OpenVPN is to be signed by the CA. Most often, the keys to customers generates the admin of OpenVPN server and give customers, though it is not the correct procedure, but it is easier.
Correct: the client generates a certificate request and sends it to the TSA administrator, the administrator confirms and sends the signed client certificate. The client uses the received certificate and your personally generated private key to configure a OpenVPN client. For this procedure there are different automation tools. - pasquale_Bahringer93 commented on March 20th 20 at 11:57
@elody11all figured out. Thank you. - nikita.Stracke commented on March 20th 20 at 12:00

Find more questions by tags OpenVPNVPN