We are running IPFire firewalls at two company locations. Those locations are connected via Point to point VPN connection using IPSec. In addition to that connection, we have staff that uses the OpenVPN client to connect into one of the locations using Windows laptops. We have recently switched over from an AT&T Dedicated Fiber Internet connection that was 50Mbps up and down, to an AT&T Business Fiber Connection that is 100Mbps up and down. We also switched to a new IPFire Router. With the Business Fiber connection, we have 5 static IP addresses, so at the moment I have both the old and the new IPFire routers connected to the Business Fiber connection with different IP addresses, but I cannot get the VPN client to connect on either of the IPFire routers from the outside.
None of the VPN connections are working, and we have staff trying to work from home right now and cannot get in. In the OpenVPN client window, when trying to connect this is what is showing up:
Fri Apr 02 08:30:49 2021 MANAGEMENT: >STATE:1617370249,RECONNECTING,tls-error,,,,, Fri Apr 02 08:30:49 2021 Restart pause, 5 second(s) Fri Apr 02 08:30:54 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]<external-ip>:1194 Fri Apr 02 08:30:54 2021 Socket Buffers: R=[65536->65536] S=[65536->65536] Fri Apr 02 08:30:54 2021 UDP link local: (not bound) Fri Apr 02 08:30:54 2021 UDP link remote: [AF_INET]<external-ip>:1194 Fri Apr 02 08:30:54 2021 MANAGEMENT: >STATE:1617370254,WAIT,,,,,, Fri Apr 02 08:30:55 2021 MANAGEMENT: >STATE:1617370255,AUTH,,,,,, Fri Apr 02 08:30:55 2021 TLS: Initial packet from [AF_INET]<extrnal-ip>:1194, sid=506f71f5 dfbc538c Fri Apr 02 08:30:55 2021 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: C=US, ST=XX, L=XXX, O=XXX, OU=XX, CN=XXX, emailAddress=XXX, serial=XXXXXXXXX Fri Apr 02 08:30:55 2021 OpenSSL: error:1416F086:SSL **routines:tls_process_server_certificate:certificate verify failed** **Fri Apr 02 08:30:55 2021 TLS_ERROR: BIO read tls_read_plaintext error** **Fri Apr 02 08:30:55 2021 TLS Error: TLS object -> incoming plaintext read error** **Fri Apr 02 08:30:55 2021 TLS Error: TLS handshake failed** **Fri Apr 02 08:30:55 2021 SIGUSR1[soft,tls-error] received, process restarting** Fri Apr 02 08:30:55 2021 MANAGEMENT: >STATE:1617370255,RECONNECTING,tls-error,,,,, Fri Apr 02 08:30:55 2021 Restart pause, 5 second(s)
I need your assistance, thank you for your time.