Hallo allemaal,
Ik heb sinds gisteren een UDM. Deze heb ik ter vervanging van mijn Synology router. Achter deze UDM hangt een Synology DS1517+. Hierop staat het pakket VPNServer geïnstalleerd. Toen ik nog mijn Synology router gebruikte, kon ik gebruik maken van het VPNSever pakket op mijn NAS, om mijn netwerk extern te benaderen. Echter nu met de UDM krijg ik maar geen verbinding met OpenVPN via UDP. Het vreemde is dat wanneer ik in de OpenVPNServer het protocol op TCP zet, ik wel verbinding kan maken via OpenVPN.
De firewall in de NAS staat goed (zie screenshot) en de poort staat ook geforward naar de NAS (zie screenshot).
Ik voeg voor de volledigheid ook de logbestanden bij wanneer ik een niet succesvolle verbinding maak via UDP en een succesvolle verbinding met middels TCP toe.
Ter info ook via het L2TP protocol krijg ik geen verbinding.
LOG:
Via UDP:
2020-02-01 17:57:13: Viscosity Mac 1.8.4 (1528)
2020-02-01 17:57:13: Viscosity OpenVPN Engine Started
2020-02-01 17:57:13: Running on macOS 10.15.3
2020-02-01 17:57:13: ---------
2020-02-01 17:57:13: State changed to Bezig met verbinden
2020-02-01 17:57:13: Nakijken of verbinding beschikbaar is...
2020-02-01 17:57:13: De verbinding is beschikbaar. Er wordt gepoogd de verbinding op te zetten.
2020-02-01 17:57:13: OpenVPN 2.4.8 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Dec 21 2019
2020-02-01 17:57:13: library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10
2020-02-01 17:57:27: Resolving address: ddns.synology.me
2020-02-01 17:57:27: Valid endpoint found: public_ip:1194:udp
2020-02-01 17:57:27: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2020-02-01 17:57:27: TCP/UDP: Preserving recently used remote address: [AF_INET]public_ip:1194
2020-02-01 17:57:27: UDP link local (bound): [AF_INET][undef]:1194
2020-02-01 17:57:27: UDP link remote: [AF_INET]public_ip:1194
2020-02-01 17:58:27: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2020-02-01 17:58:27: TLS Error: TLS handshake failed
2020-02-01 17:58:27: SIGTERM[soft,tls-error] received, process exiting
2020-02-01 17:58:27: State changed to Verbroken
2020-02-01 17:58:28: Viscosity Mac 1.8.4 (1528)
2020-02-01 17:58:28: Viscosity OpenVPN Engine Started
2020-02-01 17:58:28: Running on macOS 10.15.3
2020-02-01 17:58:28: ---------
2020-02-01 17:58:28: State changed to Bezig met verbinden
2020-02-01 17:58:28: Nakijken of verbinding beschikbaar is...
2020-02-01 17:58:28: De verbinding is beschikbaar. Er wordt gepoogd de verbinding op te zetten.
2020-02-01 17:58:28: OpenVPN 2.4.8 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Dec 21 2019
2020-02-01 17:58:28: library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10
2020-02-01 17:58:28: Resolving address: ddns.synology.me
2020-02-01 17:58:28: Resolving address: ddns.synology.me
2020-02-01 17:58:28: Valid endpoint found: public_ip:1194:udp
2020-02-01 17:58:29: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2020-02-01 17:58:29: TCP/UDP: Preserving recently used remote address: [AF_INET]public_ip:1194
2020-02-01 17:58:29: UDP link local (bound): [AF_INET][undef]:1194
2020-02-01 17:58:29: UDP link remote: [AF_INET]public_ip:1194
2020-02-01 17:59:29: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2020-02-01 17:59:29: TLS Error: TLS handshake failed
2020-02-01 17:59:29: SIGTERM[soft,tls-error] received, process exiting
2020-02-01 17:59:29: State changed to Verbroken
2020-02-01 17:59:29: Delaying connection reconnect attempt by 5 seconds
2020-02-01 17:59:34: Viscosity Mac 1.8.4 (1528)
2020-02-01 17:59:34: Viscosity OpenVPN Engine Started
2020-02-01 17:59:34: Running on macOS 10.15.3
2020-02-01 17:59:34: ---------
2020-02-01 17:59:34: State changed to Bezig met verbinden
2020-02-01 17:59:34: Nakijken of verbinding beschikbaar is...
2020-02-01 17:59:34: De verbinding is beschikbaar. Er wordt gepoogd de verbinding op te zetten.
2020-02-01 17:59:34: OpenVPN 2.4.8 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Dec 21 2019
2020-02-01 17:59:34: library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10
2020-02-01 17:59:34: Resolving address: ddns.synology.me
2020-02-01 17:59:35: Resolving address: ddns.synology.me
2020-02-01 17:59:35: Valid endpoint found: public_ip:1194:udp
2020-02-01 17:59:35: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2020-02-01 17:59:35: TCP/UDP: Preserving recently used remote address: [AF_INET]public_ip:1194
2020-02-01 17:59:35: UDP link local (bound): [AF_INET][undef]:1194
2020-02-01 17:59:35: UDP link remote: [AF_INET]public_ip:1194
Via TCP:
2020-02-01 18:08:30: ---------
2020-02-01 18:08:30: State changed to Bezig met verbinden
2020-02-01 18:08:30: Nakijken of verbinding beschikbaar is...
2020-02-01 18:08:30: De verbinding is beschikbaar. Er wordt gepoogd de verbinding op te zetten.
2020-02-01 18:08:30: OpenVPN 2.4.8 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Dec 21 2019
2020-02-01 18:08:30: library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10
2020-02-01 18:08:30: Resolving address: ddns.synology.me
2020-02-01 18:08:31: Valid endpoint found: public_ip:1194:tcp-client
2020-02-01 18:08:31: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2020-02-01 18:08:31: TCP/UDP: Preserving recently used remote address: [AF_INET]public_ip:1194
2020-02-01 18:08:31: Attempting to establish TCP connection with [AF_INET]public_ip:1194 [nonblock]
2020-02-01 18:08:32: TCP connection established with [AF_INET]public_ip:1194
2020-02-01 18:08:32: TCP_CLIENT link local: (not bound)
2020-02-01 18:08:32: TCP_CLIENT link remote: [AF_INET]public_ip:1194
2020-02-01 18:08:32: State changed to Valideren
2020-02-01 18:08:32: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2020-02-01 18:08:33: [ddns.synology.me] Peer Connection Initiated with [AF_INET]public_ip:1194
2020-02-01 18:08:33: Opened utun device utun10
2020-02-01 18:08:33: /sbin/ifconfig utun10 delete
2020-02-01 18:08:33: NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2020-02-01 18:08:33: /sbin/ifconfig utun10 10.10.10.6 10.10.10.5 mtu 1500 netmask 255.255.255.255 up
2020-02-01 18:08:33: Initialization Sequence Completed
2020-02-01 18:08:33: DNS mode set to Split
2020-02-01 18:08:33: WARNING: Split DNS is being used however no DNS domains are present. The DNS server/s for this connection may not be used. For more information please see: https://www.sparklabs.com/support/k...eing-used-however-no-dns-domains-are-present/
2020-02-01 18:08:33: State changed to Verbonden
Ik heb sinds gisteren een UDM. Deze heb ik ter vervanging van mijn Synology router. Achter deze UDM hangt een Synology DS1517+. Hierop staat het pakket VPNServer geïnstalleerd. Toen ik nog mijn Synology router gebruikte, kon ik gebruik maken van het VPNSever pakket op mijn NAS, om mijn netwerk extern te benaderen. Echter nu met de UDM krijg ik maar geen verbinding met OpenVPN via UDP. Het vreemde is dat wanneer ik in de OpenVPNServer het protocol op TCP zet, ik wel verbinding kan maken via OpenVPN.
De firewall in de NAS staat goed (zie screenshot) en de poort staat ook geforward naar de NAS (zie screenshot).
Ik voeg voor de volledigheid ook de logbestanden bij wanneer ik een niet succesvolle verbinding maak via UDP en een succesvolle verbinding met middels TCP toe.
Ter info ook via het L2TP protocol krijg ik geen verbinding.
LOG:
Via UDP:
2020-02-01 17:57:13: Viscosity Mac 1.8.4 (1528)
2020-02-01 17:57:13: Viscosity OpenVPN Engine Started
2020-02-01 17:57:13: Running on macOS 10.15.3
2020-02-01 17:57:13: ---------
2020-02-01 17:57:13: State changed to Bezig met verbinden
2020-02-01 17:57:13: Nakijken of verbinding beschikbaar is...
2020-02-01 17:57:13: De verbinding is beschikbaar. Er wordt gepoogd de verbinding op te zetten.
2020-02-01 17:57:13: OpenVPN 2.4.8 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Dec 21 2019
2020-02-01 17:57:13: library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10
2020-02-01 17:57:27: Resolving address: ddns.synology.me
2020-02-01 17:57:27: Valid endpoint found: public_ip:1194:udp
2020-02-01 17:57:27: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2020-02-01 17:57:27: TCP/UDP: Preserving recently used remote address: [AF_INET]public_ip:1194
2020-02-01 17:57:27: UDP link local (bound): [AF_INET][undef]:1194
2020-02-01 17:57:27: UDP link remote: [AF_INET]public_ip:1194
2020-02-01 17:58:27: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2020-02-01 17:58:27: TLS Error: TLS handshake failed
2020-02-01 17:58:27: SIGTERM[soft,tls-error] received, process exiting
2020-02-01 17:58:27: State changed to Verbroken
2020-02-01 17:58:28: Viscosity Mac 1.8.4 (1528)
2020-02-01 17:58:28: Viscosity OpenVPN Engine Started
2020-02-01 17:58:28: Running on macOS 10.15.3
2020-02-01 17:58:28: ---------
2020-02-01 17:58:28: State changed to Bezig met verbinden
2020-02-01 17:58:28: Nakijken of verbinding beschikbaar is...
2020-02-01 17:58:28: De verbinding is beschikbaar. Er wordt gepoogd de verbinding op te zetten.
2020-02-01 17:58:28: OpenVPN 2.4.8 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Dec 21 2019
2020-02-01 17:58:28: library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10
2020-02-01 17:58:28: Resolving address: ddns.synology.me
2020-02-01 17:58:28: Resolving address: ddns.synology.me
2020-02-01 17:58:28: Valid endpoint found: public_ip:1194:udp
2020-02-01 17:58:29: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2020-02-01 17:58:29: TCP/UDP: Preserving recently used remote address: [AF_INET]public_ip:1194
2020-02-01 17:58:29: UDP link local (bound): [AF_INET][undef]:1194
2020-02-01 17:58:29: UDP link remote: [AF_INET]public_ip:1194
2020-02-01 17:59:29: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2020-02-01 17:59:29: TLS Error: TLS handshake failed
2020-02-01 17:59:29: SIGTERM[soft,tls-error] received, process exiting
2020-02-01 17:59:29: State changed to Verbroken
2020-02-01 17:59:29: Delaying connection reconnect attempt by 5 seconds
2020-02-01 17:59:34: Viscosity Mac 1.8.4 (1528)
2020-02-01 17:59:34: Viscosity OpenVPN Engine Started
2020-02-01 17:59:34: Running on macOS 10.15.3
2020-02-01 17:59:34: ---------
2020-02-01 17:59:34: State changed to Bezig met verbinden
2020-02-01 17:59:34: Nakijken of verbinding beschikbaar is...
2020-02-01 17:59:34: De verbinding is beschikbaar. Er wordt gepoogd de verbinding op te zetten.
2020-02-01 17:59:34: OpenVPN 2.4.8 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Dec 21 2019
2020-02-01 17:59:34: library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10
2020-02-01 17:59:34: Resolving address: ddns.synology.me
2020-02-01 17:59:35: Resolving address: ddns.synology.me
2020-02-01 17:59:35: Valid endpoint found: public_ip:1194:udp
2020-02-01 17:59:35: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2020-02-01 17:59:35: TCP/UDP: Preserving recently used remote address: [AF_INET]public_ip:1194
2020-02-01 17:59:35: UDP link local (bound): [AF_INET][undef]:1194
2020-02-01 17:59:35: UDP link remote: [AF_INET]public_ip:1194
Via TCP:
2020-02-01 18:08:30: ---------
2020-02-01 18:08:30: State changed to Bezig met verbinden
2020-02-01 18:08:30: Nakijken of verbinding beschikbaar is...
2020-02-01 18:08:30: De verbinding is beschikbaar. Er wordt gepoogd de verbinding op te zetten.
2020-02-01 18:08:30: OpenVPN 2.4.8 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Dec 21 2019
2020-02-01 18:08:30: library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10
2020-02-01 18:08:30: Resolving address: ddns.synology.me
2020-02-01 18:08:31: Valid endpoint found: public_ip:1194:tcp-client
2020-02-01 18:08:31: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2020-02-01 18:08:31: TCP/UDP: Preserving recently used remote address: [AF_INET]public_ip:1194
2020-02-01 18:08:31: Attempting to establish TCP connection with [AF_INET]public_ip:1194 [nonblock]
2020-02-01 18:08:32: TCP connection established with [AF_INET]public_ip:1194
2020-02-01 18:08:32: TCP_CLIENT link local: (not bound)
2020-02-01 18:08:32: TCP_CLIENT link remote: [AF_INET]public_ip:1194
2020-02-01 18:08:32: State changed to Valideren
2020-02-01 18:08:32: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2020-02-01 18:08:33: [ddns.synology.me] Peer Connection Initiated with [AF_INET]public_ip:1194
2020-02-01 18:08:33: Opened utun device utun10
2020-02-01 18:08:33: /sbin/ifconfig utun10 delete
2020-02-01 18:08:33: NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2020-02-01 18:08:33: /sbin/ifconfig utun10 10.10.10.6 10.10.10.5 mtu 1500 netmask 255.255.255.255 up
2020-02-01 18:08:33: Initialization Sequence Completed
2020-02-01 18:08:33: DNS mode set to Split
2020-02-01 18:08:33: WARNING: Split DNS is being used however no DNS domains are present. The DNS server/s for this connection may not be used. For more information please see: https://www.sparklabs.com/support/k...eing-used-however-no-dns-domains-are-present/
2020-02-01 18:08:33: State changed to Verbonden