Code: Select all
2011-12-06 15:36:49 [ERR_AUTH] authentication failure; user: emf; from: 24.89.191.91 (57778/) [ool-1859bf5b.static.optonline.net]; details: Cannot find KDC for requested realm (0x9a); time: 1969-12-31 19:00:00
I've confirmed that my KDC realm is all capitals (e.g. "COMPANY.COM") and that the DCs are properly identified, resolvable, and reachable. In fact, they're all used by another application on this same box.
Script revision is openvpn-super.pl v1.1.
openvpn-super.conf:
Code: Select all
domain = COMPANY.COM
dc = bowyer.company.com
dc = fletcher.company.com
group = cn=OpenVPN Users,ou=Groups,ou=US,dc=company,dc=com
mailserver = exchange.company.com
mailto = IT\@company.com
logfile = /var/log/openvpn.log
Code: Select all
local 192.168.101.76
port 1194
proto udp
dev tun
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/fieldpoint.crt
key /etc/openvpn/easy-rsa/keys/fieldpoint.key
dh /etc/openvpn/easy-rsa/keys/dh2048.pem
server 192.168.98.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.100.0 255.255.255.0"
push "route 192.168.101.0 255.255.255.0"
push "redirect-gateway def1"
push "dhcp-option DNS 192.168.101.65"
push "dhcp-option DNS 192.168.101.66"
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 5
script-security 3
client-cert-not-required
auth-user-pass-verify /etc/openvpn/openvpn-super.pl via-env
client-connect /etc/openvpn/openvpn-super.pl
client-disconnect /etc/openvpn/openvpn-super.pl
Code: Select all
client
dev tun
proto udp
remote vpn.company.com 1194
resolv-retry infinite
nobind
route-method exe
route-delay 2
ca ca.crt
ns-cert-type server
auth-user-pass
auth-retry interact
comp-lzo
verb 5