4

We have our own VPN in my workplace. Everyone has its own key. However I am the only one who works on linux, the rest use either Macs or Windows machines. Unfortunately I have not found any good client application for OpenVPN so I am launching it from terminal:

sudo openvpn --config client.ovpn

The problem is that sometimes connection breaks with the following error:

TLS Error: local/remote TLS keys are out of sync: [AF_INET]

and I need to restart it 15-20 times until succesful reconnection occurs. Here is a content of client.ovpn config file.

dev tun
proto udp
remote /*ip-address of server here*/ 1194
client
resolv-retry infinite
ca "ca.crt"
cert "mycrt.crt"
key "mykey.key"
tls-auth "ta.key" 1
remote-cert-tls server
persist-key
persist-tun
verb 3
status-version 3
tls-timeout 120
tun-mtu 1500
fragment 1300
mssfix 1300
Improve this question
3
  • Have you try to sync the time of your machine?
    – Romeo Ninov
    Commented Dec 27, 2018 at 8:46
  • @RomeoNinov, no I have not. I have set automatic date-time. The vpn server is located in different place.
    – FirePapaya
    Commented Dec 27, 2018 at 9:05
  • 1
    Install on your machine ntp and run it. Because this can be the reason of your problem
    – Romeo Ninov
    Commented Dec 27, 2018 at 9:06

1 Answer 1

Reset to default
-1

I fixed this issue by setting the timezone to be the same as where my VPN that I was using was located.

Improve this answer
2
  • 1
    Your answer could be improved with additional supporting information. Please edit to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers in the help center.
    – Community Bot
    Commented Feb 27, 2022 at 4:44
  • Setting the same time zone is not required. (For instance, I am using it having different time zones here and there.) All you need to do is to make both you and the server agree on which UTC time is currently, as OpenVPN uses UTC for time comparisons. The easiest way to do this is set up time synchronization using NTP, as suggested in comments.
    – Nikita Kipriyanov
    Commented Aug 1, 2023 at 3:35

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .