Hey all, my client logs are full of "server poll timeout" messages, and I am not sure why my clients can't find the server, or why the server isn't running.
I have attached a series of screenshots detailing my different configuration settings
Hardware: ASUS RT-N13U
Firmware: DD-WRT v3.0-r29002 std (02/01/16)
Client Info/Log: (For privacy and security I have removed my IP and DNS info from the log).
2017-04-21 09:18:33 ----- OpenVPN Start -----
OpenVPN core 3.1.2 ios arm64 64-bit built on Dec 5 2016 12:50:25
2017-04-21 09:18:33 Keychain Cert Extraction: 1 certificate(s) found
2017-04-21 09:18:33 Frame=512/2048/512 mssfix-ctrl=1250
2017-04-21 09:18:33 EVENT: RESOLVE
2017-04-21 09:18:33 Contacting MYWANIPADDRESS:1194 via UDP
2017-04-21 09:18:33 EVENT: WAIT
2017-04-21 09:18:33 SetTunnelSocket returned 1
2017-04-21 09:18:33 Connecting to [MYDNS.crabdance.com]:1194 (MYWANIPADDRESS) via UDPv4
2017-04-21 09:18:34 NET Internet:ReachableViaWiFi/-R t------
2017-04-21 09:18:43 Server poll timeout, trying next remote entry...
2017-04-21 09:18:43 EVENT: RECONNECTING
2017-04-21 09:18:43 Contacting MYWANIPADDRESS:1194 via UDP
2017-04-21 09:18:43 EVENT: WAIT
2017-04-21 09:18:43 SetTunnelSocket returned 1
2017-04-21 09:18:43 Connecting to [MYDNS.crabdance.com]:1194 (MYWANIPADDRESS) via UDPv4
2017-04-21 09:18:48 EVENT: DISCONNECTED
2017-04-21 09:18:48 Raw stats on disconnect:
BYTES_OUT : 210
PACKETS_OUT : 15
N_RECONNECT : 1
2017-04-21 09:18:48 Performance stats on disconnect:
CPU usage (microseconds): 15197
Network bytes per CPU second: 13818
Tunnel bytes per CPU second: 0
2017-04-21 09:18:48 ----- OpenVPN Stop -----
Posted: Mon Apr 24, 2017 3:15 Post subject: Solution!
Thanks eibgrad!
It turns out that
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,742FD14FC2DE219A
is a file header indicating that the keys themselves are encrypted, and must be first decrypted using
"openssl rsa -in temp.key -out mydomain.key" in order for them to be usable (where temp.key is the encrypted key, and mydomain.key is the unencrypted key).
eibgrad was also correct, that no modification of the firewall or port forwarding was necessary.
I wish that an incorrect key returned a message to that effect, it would have made it a lot easier to troubleshoot this issue.