(client0 Issue vith certificate
-
- OpenVpn Newbie
- Posts: 7
- Joined: Thu Jan 05, 2017 8:44 am
(client0 Issue vith certificate
Hi there I am trying to connect to my QNAP openvpn server using an ipad. What I did
- make the NAS QNAP generating the configuration file and the certificate (ok)
- send the certificate by email (ok)
- install openvpn to the ipad (OK)
- go to mailbox from ipda: I the tapped th certificate which is being installed ok (appereantly) to the ipad
- i tapped the configuration file: openvpn window pop up telling me that a new configuration is ready ro be installed
- I tap the new configuration but open vpn says that ca.crt cannot be found
Actually i added a line to the configuration file
ca ca.crt (i read this suggestion on the wbe somewhere)
but this does not help
Please hep
(p.s. config file and certificate works perfectly on a windows 10 open vpn client)
- make the NAS QNAP generating the configuration file and the certificate (ok)
- send the certificate by email (ok)
- install openvpn to the ipad (OK)
- go to mailbox from ipda: I the tapped th certificate which is being installed ok (appereantly) to the ipad
- i tapped the configuration file: openvpn window pop up telling me that a new configuration is ready ro be installed
- I tap the new configuration but open vpn says that ca.crt cannot be found
Actually i added a line to the configuration file
ca ca.crt (i read this suggestion on the wbe somewhere)
but this does not help
Please hep
(p.s. config file and certificate works perfectly on a windows 10 open vpn client)
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: (client0 Issue vith certificate
Try making your config file Inlinestanzani wrote: I tap the new configuration but open vpn says that ca.crt cannot be found
-
- OpenVpn Newbie
- Posts: 7
- Joined: Thu Jan 05, 2017 8:44 am
Re: (client0 Issue vith certificate
thank you it looked a good suggestion but if i tried to attach the ovpn file with inline certificate the attachment is split int two ovpn and ca.crt files by the crappy IOS mail client %$#@&^^
-
- OpenVpn Newbie
- Posts: 7
- Joined: Thu Jan 05, 2017 8:44 am
Re: (client0 Issue vith certificate
ok i did it but cannot connect (connection timeout grrrr.)
here is the file. shoud i put both <ca> and <cert> tags?
client
dev tun2001
script-security 3
proto udp
remote xxxxxxxx 1194
resolv-retry infinite
nobind
auth-user-pass
reneg-sec 0
cipher AES-128-CBC
tls-cipher ......-SHA
comp-lzo
<ca>
-----BEGIN CERTIFICATE-----
....
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
,,,
-----END CERTIFICATE-----
</cert>
here is the file. shoud i put both <ca> and <cert> tags?
client
dev tun2001
script-security 3
proto udp
remote xxxxxxxx 1194
resolv-retry infinite
nobind
auth-user-pass
reneg-sec 0
cipher AES-128-CBC
tls-cipher ......-SHA
comp-lzo
<ca>
-----BEGIN CERTIFICATE-----
....
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
,,,
-----END CERTIFICATE-----
</cert>
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
-
- OpenVpn Newbie
- Posts: 7
- Joined: Thu Jan 05, 2017 8:44 am
Re: (client0 Issue vith certificate
ok i cannot get easily the server configuration and open vpn server version file since i enabled open vpn server from the qts interface of my qnap ts219p NAS. The server looks ok, by the way ... i can connect with openvpnclient under windows 10.
i'll try to connect to the nas and get a linux prompt with telnet in my LAN ...
i cannot find a way to get a log file from the crappy Apple tablet ... there are very few option to dig into it ...
i did the vpn client configuration under windows in 5 minute with the same config ovpn and certificate
inline certificate is a great suggestion but i was overoptimistic ...
hate apple and IOS ...
thanks much anyway
i'll try to connect to the nas and get a linux prompt with telnet in my LAN ...
i cannot find a way to get a log file from the crappy Apple tablet ... there are very few option to dig into it ...
i did the vpn client configuration under windows in 5 minute with the same config ovpn and certificate
inline certificate is a great suggestion but i was overoptimistic ...
hate apple and IOS ...
thanks much anyway
-
- OpenVpn Newbie
- Posts: 7
- Joined: Thu Jan 05, 2017 8:44 am
Re: (client0 Issue vith certificate
ok
here is the log file from the open vpn client installed on the apple tablet
2017-01-06 12:51:03 EVENT: RESOLVE
2017-01-06 12:51:03 Contacting 2.230.xxx.xxx:1194 via UDP
2017-01-06 12:51:03 EVENT: WAIT
2017-01-06 12:51:03 SetTunnelSocket returned 1
2017-01-06 12:51:03 Connecting to [2.230.xxx.xxx]:1194 (2.230.xxx.xxx) via UDPv4
2017-01-06 12:51:03 EVENT: CONNECTING
2017-01-06 12:51:03 Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client
2017-01-06 12:51:03 Creds: Username/Password
2017-01-06 12:51:03 Peer Info:
IV_GUI_VER=net.openvpn.connect.ios 1.0.7-199
IV_VER=3.0.11
IV_PLAT=ios
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO=1
2017-01-06 12:51:21 EVENT: CONNECTION_TIMEOUT [ERR]
2017-01-06 12:51:21 EVENT: DISCONNECTED
2017-01-06 12:51:21 Raw stats on disconnect:
BYTES_IN : 96
BYTES_OUT : 5126
PACKETS_IN : 4
PACKETS_OUT : 33
KEEPALIVE_TIMEOUT : 1
CONNECTION_TIMEOUT : 1
N_RECONNECT : 1
2017-01-06 12:51:21 Performance stats on disconnect:
CPU usage (microseconds): 26036
Network bytes per CPU second: 200568
Tunnel bytes per CPU second: 0
2017-01-06 12:51:21 EVENT: DISCONNECT_PENDING
2017-01-06 12:51:21 ----- OpenVPN Stop -----
2017-01-06 12:52:20 ----- OpenVPN Start ----- OpenVPN core 3.0.11 ios arm64 64-bit built on Apr 15 2016 14:13:50
2017-01-06 12:52:20 Frame=512/2048/512 mssfix-ctrl=1250
2017-01-06 12:52:20 UNUSED OPTIONS
2 [script-security] [3]
5 [resolv-retry] [infinite]
6 [nobind]
10 [tls-cipher] [TLS-SRP-SHA-RSA-WITH-3DES-EDE-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-C...]
2017-01-06 12:52:20 EVENT: RESOLVE
2017-01-06 12:52:20 Contacting 2.230.xxx.xxx:1194 via UDP
2017-01-06 12:52:20 EVENT: WAIT
2017-01-06 12:52:20 SetTunnelSocket returned 1
2017-01-06 12:52:20 Connecting to [2.230.xxx.xxx]:1194 (2.230.xxx.xxx) via UDPv4
2017-01-06 12:52:20 EVENT: CONNECTING
2017-01-06 12:52:20 Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client
2017-01-06 12:52:20 Creds: Username/Password
2017-01-06 12:52:20 Peer Info:
IV_GUI_VER=net.openvpn.connect.ios 1.0.7-199
IV_VER=3.0.11
IV_PLAT=ios
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO=1
here is the log file from the open vpn client installed on the apple tablet
2017-01-06 12:51:03 EVENT: RESOLVE
2017-01-06 12:51:03 Contacting 2.230.xxx.xxx:1194 via UDP
2017-01-06 12:51:03 EVENT: WAIT
2017-01-06 12:51:03 SetTunnelSocket returned 1
2017-01-06 12:51:03 Connecting to [2.230.xxx.xxx]:1194 (2.230.xxx.xxx) via UDPv4
2017-01-06 12:51:03 EVENT: CONNECTING
2017-01-06 12:51:03 Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client
2017-01-06 12:51:03 Creds: Username/Password
2017-01-06 12:51:03 Peer Info:
IV_GUI_VER=net.openvpn.connect.ios 1.0.7-199
IV_VER=3.0.11
IV_PLAT=ios
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO=1
2017-01-06 12:51:21 EVENT: CONNECTION_TIMEOUT [ERR]
2017-01-06 12:51:21 EVENT: DISCONNECTED
2017-01-06 12:51:21 Raw stats on disconnect:
BYTES_IN : 96
BYTES_OUT : 5126
PACKETS_IN : 4
PACKETS_OUT : 33
KEEPALIVE_TIMEOUT : 1
CONNECTION_TIMEOUT : 1
N_RECONNECT : 1
2017-01-06 12:51:21 Performance stats on disconnect:
CPU usage (microseconds): 26036
Network bytes per CPU second: 200568
Tunnel bytes per CPU second: 0
2017-01-06 12:51:21 EVENT: DISCONNECT_PENDING
2017-01-06 12:51:21 ----- OpenVPN Stop -----
2017-01-06 12:52:20 ----- OpenVPN Start ----- OpenVPN core 3.0.11 ios arm64 64-bit built on Apr 15 2016 14:13:50
2017-01-06 12:52:20 Frame=512/2048/512 mssfix-ctrl=1250
2017-01-06 12:52:20 UNUSED OPTIONS
2 [script-security] [3]
5 [resolv-retry] [infinite]
6 [nobind]
10 [tls-cipher] [TLS-SRP-SHA-RSA-WITH-3DES-EDE-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-C...]
2017-01-06 12:52:20 EVENT: RESOLVE
2017-01-06 12:52:20 Contacting 2.230.xxx.xxx:1194 via UDP
2017-01-06 12:52:20 EVENT: WAIT
2017-01-06 12:52:20 SetTunnelSocket returned 1
2017-01-06 12:52:20 Connecting to [2.230.xxx.xxx]:1194 (2.230.xxx.xxx) via UDPv4
2017-01-06 12:52:20 EVENT: CONNECTING
2017-01-06 12:52:20 Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client
2017-01-06 12:52:20 Creds: Username/Password
2017-01-06 12:52:20 Peer Info:
IV_GUI_VER=net.openvpn.connect.ios 1.0.7-199
IV_VER=3.0.11
IV_PLAT=ios
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO=1
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: (client0 Issue vith certificate
Is that from within you home LAN ?stanzani wrote:config file and certificate works perfectly on a windows 10 open vpn client
This probably means that your client cannot contact your server .. maybe port forwarding on your router needs to be done ..stanzani wrote:2017-01-06 12:51:03 EVENT: CONNECTING
2017-01-06 12:51:03 Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client
2017-01-06 12:51:03 Creds: Username/Password
2017-01-06 12:51:03 Peer Info:
IV_GUI_VER=net.openvpn.connect.ios 1.0.7-199
IV_VER=3.0.11
IV_PLAT=ios
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO=1
2017-01-06 12:51:21 EVENT: CONNECTION_TIMEOUT [ERR]
2017-01-06 12:51:21 EVENT: DISCONNECTED
-
- OpenVpn Newbie
- Posts: 7
- Joined: Thu Jan 05, 2017 8:44 am
Re: (client0 Issue vith certificate
ok but i installed the open vpn client on a windows10 pc in my LAN (I am in my lan in both cases) and this works, menaing the port forwarding (open port 1194) in fine -...
the two clients operates from within my LAN but use the same config file (namely, same port external IP etc)
i am enabling / disabling the firewall, just in case. no joy ...
thanks
the two clients operates from within my LAN but use the same config file (namely, same port external IP etc)
i am enabling / disabling the firewall, just in case. no joy ...
thanks
Last edited by stanzani on Fri Jan 06, 2017 1:03 pm, edited 1 time in total.
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: (client0 Issue vith certificate
It means nothing ..stanzani wrote:menaing the port forwarding (open port 1194) in fine
-
- OpenVpn Newbie
- Posts: 7
- Joined: Thu Jan 05, 2017 8:44 am
Re: (client0 Issue vith certificate
the port is open. whatelse?
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: (client0 Issue vith certificate
Try logging in remotely ..