GL-MT300N-V2 to OPNSense OPENVPN

Technical Support for Routers VPN, DNS, Leaks
1

Hello everyone, we've had this MT300 v2 router here for almost a month now, which is supposed to connect to Opnsense using opnvpn. It seems that NOBODY has a problem configuring it; it just doesn't work for us. Meanwhile, we need someone neutral to come up with a new approach. I'm sharing the log with you.

Mon Mar 24 10:34:42 2025 daemon.notice ovpnclient[14643]: UDP link local (bound): [AF_INET][undef]:0
Mon Mar 24 10:34:42 2025 daemon.notice ovpnclient[14643]: UDP link remote: [AF_INET]185.154.67.17:1194
Mon Mar 24 10:35:43 2025 daemon.err ovpnclient[14643]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mon Mar 24 10:35:43 2025 daemon.err ovpnclient[14643]: TLS Error: TLS handshake failed
Mon Mar 24 10:35:43 2025 daemon.notice ovpnclient[14643]: SIGHUP[soft,tls-error] received, process restarting
Mon Mar 24 10:35:43 2025 daemon.notice ovpnclient[14643]: OpenVPN 2.5.7 mipsel-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Mon Mar 24 10:35:43 2025 daemon.notice ovpnclient[14643]: library versions: OpenSSL 1.1.1t 7 Feb 2023, LZO 2.10
Mon Mar 24 10:35:48 2025 daemon.warn ovpnclient[14643]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mon Mar 24 10:35:48 2025 daemon.notice ovpnclient[14643]: TCP/UDP: Preserving recently used remote address: [AF_INET]185.154.67.17:1194
Mon Mar 24 10:35:48 2025 daemon.notice ovpnclient[14643]: UDP link local (bound): [AF_INET][undef]:0
Mon Mar 24 10:35:48 2025 daemon.notice ovpnclient[14643]: UDP link remote: [AF_INET]185.154.67.17:1194
Mon Mar 24 10:36:48 2025 daemon.err ovpnclient[14643]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mon Mar 24 10:36:48 2025 daemon.err ovpnclient[14643]: TLS Error: TLS handshake failed
Mon Mar 24 10:36:48 2025 daemon.notice ovpnclient[14643]: SIGHUP[soft,tls-error] received, process restarting
Mon Mar 24 10:36:48 2025 daemon.notice ovpnclient[14643]: OpenVPN 2.5.7 mipsel-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Mon Mar 24 10:36:48 2025 daemon.notice ovpnclient[14643]: library versions: OpenSSL 1.1.1t 7 Feb 2023, LZO 2.10
Mon Mar 24 10:36:53 2025 daemon.warn ovpnclient[14643]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mon Mar 24 10:36:53 2025 daemon.notice ovpnclient[14643]: TCP/UDP: Preserving recently used remote address: [AF_INET]185.154.67.17:1194
Mon Mar 24 10:36:53 2025 daemon.notice ovpnclient[14643]: UDP link local (bound): [AF_INET][undef]:0
Mon Mar 24 10:36:53 2025 daemon.notice ovpnclient[14643]: UDP link remote: [AF_INET]185.154.67.17:1194

2

The issue is here
Mon Mar 24 10:35:43 2025 daemon.err ovpnclient[14643]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

Check if your config is still valid, your CA is correct and OVPN isn't blocked.

3

I take the same ovpn file, the config, and use it for openvpn, where it works perfectly

4

How does your network topology looks like?

5

Our topology is actually nothing special, especially since that's exactly what we want to test. The iNET router is configured with the default settings (192.168.8.0/24), and we've inserted the exported OPNSense ovpn file into it. Our network is 192.168.16.0/24, with OPNSense as the firewall, and we want to establish a C2S connection with the device.

6

Do you try from inside your network or by using another internet connection?

7

always another connection,... i tried from home or with a hotspot

8

If you use the OVPN client on a device like a PC, will it work from this connect then?

9

yes, this works perfect

10

no idea?