I am setting up a Client VPN and have a few questions as I am hitting a TLS handshake issue which I believe might be related to a few questions I have regarding the setup.
Using mutual authentication when generating the server and client cert I assume the CN for the server cert needs to match the DNS name of the client VPN. Is this correct?
For the inbound ports for UDP is the client using UDP 1194 or 443? I opened up the client configuration file and it appears it is using 443. I have tried both on my security group and still having the TLS handshake issue.
What was the fix?
This seems to be under documented. I ran into the same issue, but the AWS docs don't even to mention modifying the .ovpn file at all.