Can not connect to VPN

Shiba asked a question...

Hi,
Did everything according to this instruction https://riseup.net/en/vpn/vpn-red/windows
I try to connect, I enter login / password, but there is a connection error. (Windows 7 x64). Help please,
Log:
Wed Apr 05 18:27:34 2017 us=594766 TLS_ERROR: BIO read tls_read_plaintext error
Wed Apr 05 18:27:34 2017 us=594766 TLS Error: TLS object -> incoming plaintext read error
Wed Apr 05 18:27:34 2017 us=594766 TLS Error: TLS handshake failed
Wed Apr 05 18:27:34 2017 us=641567 TCP/UDP: Closing socket
Wed Apr 05 18:27:34 2017 us=641567 SIGUSR1[soft,tls-error] received, process restarting
Wed Apr 05 18:27:34 2017 us=641567 MANAGEMENT: >STATE:1491398854,RECONNECTING,tls-error,,,,,
Wed Apr 05 18:27:34 2017 us=641567 Restart pause, 5 second(s)
Wed Apr 05 18:27:39 2017 us=711575 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Wed Apr 05 18:27:39 2017 us=711575 Control Channel MTU parms [ L:1653 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Wed Apr 05 18:27:39 2017 us=711575 MANAGEMENT: >STATE:1491398859,RESOLVE,,,,,,
Wed Apr 05 18:27:39 2017 us=711575 Data Channel MTU parms [ L:1653 D:1450 EF:121 EB:411 ET:32 EL:3 ]
Wed Apr 05 18:27:39 2017 us=711575 Local Options String (VER=V4): 'V4,dev-type tap,link-mtu 1601,tun-mtu 1532,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-client'
Wed Apr 05 18:27:39 2017 us=711575 Expected Remote Options String (VER=V4): 'V4,dev-type tap,link-mtu 1601,tun-mtu 1532,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-server'
Wed Apr 05 18:27:39 2017 us=711575 TCP/UDP: Preserving recently used remote address: [AF_INET]198.252.153.226:80
Wed Apr 05 18:27:39 2017 us=711575 Socket Buffers: R=[8192->8192] S=[8192->8192]
Wed Apr 05 18:27:39 2017 us=711575 UDP link local (bound): [AF_INET][undef]:1194
Wed Apr 05 18:27:39 2017 us=711575 UDP link remote: [AF_INET]198.252.153.226:80
Wed Apr 05 18:27:39 2017 us=711575 MANAGEMENT: >STATE:1491398859,WAIT,,,,,,
Wed Apr 05 18:27:39 2017 us=883176 TLS Error: Unroutable control packet received from [AF_INET]198.252.153.226:80 (si=3 op=P_CONTROL_V1)
Wed Apr 05 18:27:39 2017 us=961176 MANAGEMENT: >STATE:1491398859,AUTH,,,,,,
Wed Apr 05 18:27:39 2017 us=961176 TLS: Initial packet from [AF_INET]198.252.153.226:80, sid=a2270f11 67b79658
Wed Apr 05 18:27:40 2017 us=257576 OpenSSL: error:14077102:SSL routines:SSL23_GET_SERVER_HELLO:unsupported protocol
Wed Apr 05 18:27:40 2017 us=257576 TLS_ERROR: BIO read tls_read_plaintext error
Wed Apr 05 18:27:40 2017 us=257576 TLS Error: TLS object -> incoming plaintext read error
Wed Apr 05 18:27:40 2017 us=257576 TLS Error: TLS handshake failed
Wed Apr 05 18:27:40 2017 us=257576 TCP/UDP: Closing socket
Wed Apr 05 18:27:40 2017 us=257576 SIGUSR1[soft,tls-error] received, process restarting
Wed Apr 05 18:27:40 2017 us=257576 MANAGEMENT: >STATE:1491398860,RECONNECTING,tls-error,,,,,
Wed Apr 05 18:27:40 2017 us=257576 Restart pause, 5 second(s)
Wed Apr 05 18:27:44 2017 us=313584 SIGTERM[hard,init_instance] received, process exiting
Wed Apr 05 18:27:44 2017 us=313584 MANAGEMENT: >STATE:1491398864,EXITING,init_instance,,,,,

Upvote | 5
Flag for Review
Basal replied...

Hi Shiba,
I had the same issue and had to do a couple things to fix it:
1. Make sure to put config files where OpenVPN is looking for them. For me this was C:\Users\[username]\OpenVPN\config\ instead of C:\Program Files\OpenVPN\config\
2. Use the example configuration file at https://riseup.net/en/vpn/vpn-red it was updated in March 2017 but the other documentation doesn't seem to have gotten the same update.
cheers!

Upvote | 1
Flag for Review
Kholid replied...

Hi Shiba and Basal,

I'm using Tunnelblick 3.7.1b for Mac. Now I'm using MacOSX El Capitan. Can I use https://riseup.net/en/vpn/vpn-red too for configuration file? Because when I using the configuration file from Mac documentation https://riseup.net/en/vpn/vpn-red/mac, it so hard to start the VPN. But, when I use the configuration from link that you've suggest to Shiba, my Mac can connect the VPN clearly.

Please let me know if it was ok to use the configuration file from https://riseup.net/en/vpn/vpn-red

Best regards,

Upvote | 0
Flag for Review
Gren replied...

Hi Shiba

Well but you can try to change this line from config file (ovpn)
tls-version-min 1.x

into
tls-version-min 1.0

Upvote | 0
Flag for Review