[Solved] Unable to generate a functional client.ovpn
Posted: Sat Jun 24, 2017 5:18 pm
I have openvpn server running on Linux and am attempting to connect via the iOS client but I get the following on the iOS client using the ovpn file I generated:
I should note that I have used the following process on the links given below in the past successfully before...
On the linux server, everything appears OK until the client connects:
Code: Select all
server certificate verification failed: polarssl : ssl read error : x509 - certificate verification failed e.g. CRL, CA or signature...
- I generated the server files and client files following the guide published
https://wiki.archlinux.org/index.php/Easy-RSA
I created the client.ovpn using https://github.com/graysky2/ovpngen
On the linux server, everything appears OK until the client connects:
Code: Select all
openvpn /etc/openvpn/server/ovpn.conf
Sat Jun 24 13:09:58 2017 OpenVPN 2.4.3 x86_64-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jun 21 2017
Sat Jun 24 13:09:58 2017 library versions: OpenSSL 1.1.0f 25 May 2017, LZO 2.10
Sat Jun 24 13:09:58 2017 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
Sat Jun 24 13:09:58 2017 Diffie-Hellman initialized with 2048 bit key
Sat Jun 24 13:09:58 2017 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Sat Jun 24 13:09:58 2017 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Sat Jun 24 13:09:58 2017 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=eth0 HWADDR=ee:ec:fa:e9:56:7e
Sat Jun 24 13:09:58 2017 TUN/TAP device tun0 opened
Sat Jun 24 13:09:58 2017 TUN/TAP TX queue length set to 100
Sat Jun 24 13:09:58 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Sat Jun 24 13:09:58 2017 /usr/bin/ip link set dev tun0 up mtu 1500
Sat Jun 24 13:09:58 2017 /usr/bin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
Sat Jun 24 13:09:58 2017 /usr/bin/ip route add 10.8.0.0/24 via 10.8.0.2
Sat Jun 24 13:09:58 2017 Could not determine IPv4/IPv6 protocol. Using AF_INET
Sat Jun 24 13:09:58 2017 Socket Buffers: R=[87380->87380] S=[16384->16384]
Sat Jun 24 13:09:58 2017 Listening for incoming TCP connection on [AF_INET][undef]:443
Sat Jun 24 13:09:58 2017 TCPv4_SERVER link local (bound): [AF_INET][undef]:443
Sat Jun 24 13:09:58 2017 TCPv4_SERVER link remote: [AF_UNSPEC]
Sat Jun 24 13:09:58 2017 GID set to nobody
Sat Jun 24 13:09:58 2017 UID set to nobody
Sat Jun 24 13:09:58 2017 MULTI: multi_init called, r=256 v=256
Sat Jun 24 13:09:58 2017 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Sat Jun 24 13:09:58 2017 IFCONFIG POOL LIST
Sat Jun 24 13:09:58 2017 MULTI: TCP INIT maxclients=4 maxevents=8
Sat Jun 24 13:09:58 2017 Initialization Sequence Completed
<<< client tries to connect here >>>
Sat Jun 24 13:10:03 2017 TCP connection established with [AF_INET]xxx.xxx.xxx.xxx:53814
Sat Jun 24 13:10:03 2017 xxx.xxx.xxx.xxx:53814 TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:53814, sid=225125ca 902967b1
Sat Jun 24 13:10:03 2017 xxx.xxx.xxx.xxx:53814 Connection reset, restarting [0]
Sat Jun 24 13:10:03 2017 xxx.xxx.xxx.xxx:53814 SIGUSR1[soft,connection-reset] received, client-instance restarting