2 Antworten
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
1
It would be good, if you could have posted the actuall error. I assume that you might have mutual authentication . Please refer to the below articles for troubleshooting.
https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/troubleshooting.html
https://docs.aws.amazon.com/vpn/latest/clientvpn-user/common-troubleshooting.html
If you still face issues, please post with more logs .
beantwortet vor einem Jahr
1
The culprit is the client certificate revocation list (crl), which expired on 30 Nov 2022. The resolution is to generate a new crl and upload to the client vpn endpoint.
beantwortet vor einem Jahr
I had the same issue, and solved it based on @blacktulip11's comment. You can check crl expiration via:
openssl crl -in file.crl -text
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor 8 Monaten
- AWS OFFICIALAktualisiert vor 2 Jahren
- Wie verbinde ich verschiedene Zweigstellen mithilfe von AWS Site-to-Site VPN und AWS Direct Connect?AWS OFFICIALAktualisiert vor einem Jahr
- AWS OFFICIALAktualisiert vor 10 Monaten
Here's the snippet of the OpenVPN Connect log. Seems the DNS server was resolved but the ssl handshake failed.
Connecting to [ascfd.cvpn-endpoint-xxxxxxxxxxxx.prod.clientvpn.ap-southeast-1.amazonaws.com]:443 (xx.xxx.xxx.xxx) via UDPv4 EVENT: CONNECTING Tunnel Options:V4,dev-type tun,link-mtu 1521,tun-mtu 1500,proto UDPv4,cipher AES-256-GCM,auth [null-digest],keysize 256,key-method 2,tls-client ... Session invalidated: KEEPALIVE_TIMEOUT Client terminated, restarting in..
I re-created a new server certificate and a few client certificates. Still doesn't work.
Im facing a similar issue, everything worked great, no changes were made at all, I can connect but now nothing resolves. I cannot get online or hit internal resources.