TLS密钥协商失败

Question

我正在尝试建立一个从Linux VM到我的CentOS VM的OpenVPN连接。我的CentOS机器是DNS服务器和OpenVPN服务器。当我运行client.ovpn文件时，出现错误“ TLS在60秒后无法协商”。两个VM都可以通过主机名和IP相互ping通。此外，他们可以彼此SSH和SFTP。

CentOS-192.168.1.150 Ubuntu客户端-192.168.1.151

感谢您的帮助！

我尝试禁用SElinux，添加了防火墙规则，以允许客户端和服务器上都有1194 udp端口。在CentOS机器上启用了IP转发。

root@linuxclient:/etc/openvpn/Group1VPN# ls
ca.crt  client1.crt  client1.key  client.ovpn

root@linuxclient:/etc/openvpn/Group1VPN# cat client.ovpn
client
proto udp
remote 192.168.1.150 1194 
dev tun
nobind
persist-key
persist-tun
resolv-retry infinite
remote-cert-tls server
cipher AES-256-CBC
route-metric 1
redirect-gateway def1

ca ca.crt
cert client1.crt
key client1.key


root@linuxclient:/etc/openvpn/Group1VPN# openvpn --config client.ovpn
Mon Nov  4 16:39:16 2019 OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2019
Mon Nov  4 16:39:16 2019 library versions: OpenSSL 1.1.1  11 Sep 2018, LZO 2.08
Mon Nov  4 16:39:16 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]192.168.1.150:1194
Mon Nov  4 16:39:16 2019 UDP link local: (not bound)
Mon Nov  4 16:39:16 2019 UDP link remote: [AF_INET]192.168.1.150:1194
Mon Nov  4 16:40:16 2019 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mon Nov  4 16:40:16 2019 TLS Error: TLS handshake failed
Mon Nov  4 16:40:16 2019 SIGUSR1[soft,tls-error] received, process restarting