(client0 Issue vith certificate

Official client software for OpenVPN Access Server and OpenVPN Cloud.
Post Reply
stanzani
OpenVpn Newbie
Posts: 7
Joined: Thu Jan 05, 2017 8:44 am

(client0 Issue vith certificate

Post by stanzani » Thu Jan 05, 2017 8:49 am

Hi there I am trying to connect to my QNAP openvpn server using an ipad. What I did
- make the NAS QNAP generating the configuration file and the certificate (ok)
- send the certificate by email (ok)
- install openvpn to the ipad (OK)
- go to mailbox from ipda: I the tapped th certificate which is being installed ok (appereantly) to the ipad
- i tapped the configuration file: openvpn window pop up telling me that a new configuration is ready ro be installed
- I tap the new configuration but open vpn says that ca.crt cannot be found
Actually i added a line to the configuration file
ca ca.crt (i read this suggestion on the wbe somewhere)
but this does not help
Please hep

(p.s. config file and certificate works perfectly on a windows 10 open vpn client)

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: (client0 Issue vith certificate

Post by TinCanTech » Thu Jan 05, 2017 4:53 pm

stanzani wrote: I tap the new configuration but open vpn says that ca.crt cannot be found
Try making your config file Inline

stanzani
OpenVpn Newbie
Posts: 7
Joined: Thu Jan 05, 2017 8:44 am

Re: (client0 Issue vith certificate

Post by stanzani » Thu Jan 05, 2017 8:17 pm

thank you it looked a good suggestion but if i tried to attach the ovpn file with inline certificate the attachment is split int two ovpn and ca.crt files by the crappy IOS mail client %$#@&^^

stanzani
OpenVpn Newbie
Posts: 7
Joined: Thu Jan 05, 2017 8:44 am

Re: (client0 Issue vith certificate

Post by stanzani » Thu Jan 05, 2017 8:41 pm

ok i did it but cannot connect (connection timeout grrrr.)

here is the file. shoud i put both <ca> and <cert> tags?

client
dev tun2001
script-security 3
proto udp
remote xxxxxxxx 1194
resolv-retry infinite
nobind
auth-user-pass
reneg-sec 0
cipher AES-128-CBC
tls-cipher ......-SHA
comp-lzo
<ca>
-----BEGIN CERTIFICATE-----
....
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----

,,,
-----END CERTIFICATE-----
</cert>

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: (client0 Issue vith certificate

Post by TinCanTech » Thu Jan 05, 2017 8:49 pm

Please post some details ..

This will show you what we need to help:
HOWTO: Request Help !

stanzani
OpenVpn Newbie
Posts: 7
Joined: Thu Jan 05, 2017 8:44 am

Re: (client0 Issue vith certificate

Post by stanzani » Thu Jan 05, 2017 10:06 pm

ok i cannot get easily the server configuration and open vpn server version file since i enabled open vpn server from the qts interface of my qnap ts219p NAS. The server looks ok, by the way ... i can connect with openvpnclient under windows 10.
i'll try to connect to the nas and get a linux prompt with telnet in my LAN ...
i cannot find a way to get a log file from the crappy Apple tablet ... there are very few option to dig into it ...
i did the vpn client configuration under windows in 5 minute with the same config ovpn and certificate :(

inline certificate is a great suggestion but i was overoptimistic ...

hate apple and IOS ...

thanks much anyway

stanzani
OpenVpn Newbie
Posts: 7
Joined: Thu Jan 05, 2017 8:44 am

Re: (client0 Issue vith certificate

Post by stanzani » Fri Jan 06, 2017 12:03 pm

ok
here is the log file from the open vpn client installed on the apple tablet

2017-01-06 12:51:03 EVENT: RESOLVE
2017-01-06 12:51:03 Contacting 2.230.xxx.xxx:1194 via UDP
2017-01-06 12:51:03 EVENT: WAIT
2017-01-06 12:51:03 SetTunnelSocket returned 1
2017-01-06 12:51:03 Connecting to [2.230.xxx.xxx]:1194 (2.230.xxx.xxx) via UDPv4
2017-01-06 12:51:03 EVENT: CONNECTING
2017-01-06 12:51:03 Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client
2017-01-06 12:51:03 Creds: Username/Password
2017-01-06 12:51:03 Peer Info:
IV_GUI_VER=net.openvpn.connect.ios 1.0.7-199
IV_VER=3.0.11
IV_PLAT=ios
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO=1

2017-01-06 12:51:21 EVENT: CONNECTION_TIMEOUT [ERR]
2017-01-06 12:51:21 EVENT: DISCONNECTED
2017-01-06 12:51:21 Raw stats on disconnect:
BYTES_IN : 96
BYTES_OUT : 5126
PACKETS_IN : 4
PACKETS_OUT : 33
KEEPALIVE_TIMEOUT : 1
CONNECTION_TIMEOUT : 1
N_RECONNECT : 1
2017-01-06 12:51:21 Performance stats on disconnect:
CPU usage (microseconds): 26036
Network bytes per CPU second: 200568
Tunnel bytes per CPU second: 0
2017-01-06 12:51:21 EVENT: DISCONNECT_PENDING
2017-01-06 12:51:21 ----- OpenVPN Stop -----
2017-01-06 12:52:20 ----- OpenVPN Start ----- OpenVPN core 3.0.11 ios arm64 64-bit built on Apr 15 2016 14:13:50
2017-01-06 12:52:20 Frame=512/2048/512 mssfix-ctrl=1250
2017-01-06 12:52:20 UNUSED OPTIONS
2 [script-security] [3]
5 [resolv-retry] [infinite]
6 [nobind]
10 [tls-cipher] [TLS-SRP-SHA-RSA-WITH-3DES-EDE-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-C...]

2017-01-06 12:52:20 EVENT: RESOLVE
2017-01-06 12:52:20 Contacting 2.230.xxx.xxx:1194 via UDP
2017-01-06 12:52:20 EVENT: WAIT
2017-01-06 12:52:20 SetTunnelSocket returned 1
2017-01-06 12:52:20 Connecting to [2.230.xxx.xxx]:1194 (2.230.xxx.xxx) via UDPv4
2017-01-06 12:52:20 EVENT: CONNECTING
2017-01-06 12:52:20 Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client
2017-01-06 12:52:20 Creds: Username/Password
2017-01-06 12:52:20 Peer Info:
IV_GUI_VER=net.openvpn.connect.ios 1.0.7-199
IV_VER=3.0.11
IV_PLAT=ios
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO=1

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: (client0 Issue vith certificate

Post by TinCanTech » Fri Jan 06, 2017 12:32 pm

stanzani wrote:config file and certificate works perfectly on a windows 10 open vpn client
Is that from within you home LAN ?
stanzani wrote:2017-01-06 12:51:03 EVENT: CONNECTING
2017-01-06 12:51:03 Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client
2017-01-06 12:51:03 Creds: Username/Password
2017-01-06 12:51:03 Peer Info:
IV_GUI_VER=net.openvpn.connect.ios 1.0.7-199
IV_VER=3.0.11
IV_PLAT=ios
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO=1

2017-01-06 12:51:21 EVENT: CONNECTION_TIMEOUT [ERR]
2017-01-06 12:51:21 EVENT: DISCONNECTED
This probably means that your client cannot contact your server .. maybe port forwarding on your router needs to be done ..

stanzani
OpenVpn Newbie
Posts: 7
Joined: Thu Jan 05, 2017 8:44 am

Re: (client0 Issue vith certificate

Post by stanzani » Fri Jan 06, 2017 12:50 pm

ok but i installed the open vpn client on a windows10 pc in my LAN (I am in my lan in both cases) and this works, menaing the port forwarding (open port 1194) in fine -...
the two clients operates from within my LAN but use the same config file (namely, same port external IP etc)
i am enabling / disabling the firewall, just in case. no joy ...

thanks
Last edited by stanzani on Fri Jan 06, 2017 1:03 pm, edited 1 time in total.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: (client0 Issue vith certificate

Post by TinCanTech » Fri Jan 06, 2017 12:55 pm

stanzani wrote:menaing the port forwarding (open port 1194) in fine
It means nothing ..

stanzani
OpenVpn Newbie
Posts: 7
Joined: Thu Jan 05, 2017 8:44 am

Re: (client0 Issue vith certificate

Post by stanzani » Fri Jan 06, 2017 2:51 pm

the port is open. whatelse?

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: (client0 Issue vith certificate

Post by TinCanTech » Fri Jan 06, 2017 4:26 pm

Try logging in remotely ..

Post Reply