First of all, I would like to congratulate to OpenVPN and its volunteers for making this great service possible.
I would like to connect my iPhone to a home-made OpenVPN network but when I try to connect I receive the following error message:
Code: Select all
Client exception in transport_recv_excode: PolarSSL: SSL read error : SSL - Processing of the ServerKeyExchange handshake message failedCode: Select all
client
dev tun
proto udp
remote [editedIP] [editedPort]
ns-cert-type server
comp-lzo
cipher AES-256-CBC
<ca>
-----BEGIN CERTIFICATE-----
[edited]
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
[edited]
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
[edited]
-----END PRIVATE KEY-----
</key>
Code: Select all
#using UDP
proto udp
port 1194
#create IP tunnel
dev tun
#root SSL/TLS certificate
ca ca.crt
#server private certificate
cert server.crt
#server private key
key server.key
#Diffie-Hellman file
dh dh8192.pem
#IP and mask of the network
server 10.89.0.0 255.255.255.0
#configuring openDNS DNS servers
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
#making the new default gateway the openVPN servers one
#bypass-dhcp to dont remove the clients original gateway configuration
push "redirect-gateway def1 bypass-dhcp"
#do not assign user to the service
user nobody
group nobody
persist-key
persist-tun
#log file
status openvpn-status.log
#verbosity level
verb 4
#enable cipher
cipher AES-256-CBC
The version of the OpenVPN server is
Code: Select all
srv:/etc/openvpn # openvpn --version
OpenVPN 2.3.8 x86_64-suse-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Aug 4 2015
library versions: OpenSSL 1.0.2j-fips 26 Sep 2016, LZO 2.08
Originally developed by James Yonan
Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
Compile time defines: enable_crypto=yes enable_crypto_ofb_cfb=yes enable_debug=yes enable_def_auth=yes enable_dependency_tracking=no enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=needless enable_fragment=yes enable_http_proxy=yes enable_iproute2=yes enable_libtool_lock=yes enable_lzo=yes enable_lzo_stub=no enable_management=yes enable_multi=yes enable_multihome=yes enable_pam_dlopen=no enable_password_save=yes enable_pedantic=no enable_pf=yes enable_pkcs11=no enable_plugin_auth_pam=yes enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_selinux=no enable_server=yes enable_shared=yes enable_shared_with_static_runtimes=no enable_small=no enable_socks=yes enable_ssl=yes enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=yes enable_win32_dll=yes enable_x509_alt_username=yes with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no with_plugindir='$(libdir)/openvpn/plugins' with_sysroot=no
Code: Select all
srv:/etc/openvpn # uname -a
Linux srv 4.4.46-11-default #1 SMP Sat Feb 4 06:07:41 UTC 2017 (f555e41) x86_64 x86_64 x86_64 GNU/Linux
Can you give me some ideas why does this happen? What error may have this configuration?
Thanks in advance
