Hi,
Please help me to connect to my server centos7 with openvpn, below are my configs.
NOTE: I did not added my certificate.
server.conf
port 1194
proto tcp
dev tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key # This file should be kept secret
dh dh2048.pem
topology subnet
server 10.0.104.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "DHCP-OPTION DNS 8.8.8.8"
keepalive 10 120
tls-crypt /etc/openvpn/myvpn.tlsauth
cipher AES-256-CBC
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
log-append openvpn.log
verb 3
remote-cert-eku "TLS Web Client Authentication"
===========================================================
client config
client
dev tun
proto tcp
remote 10.0.105.85 1194
#remote 119.46.97.195 1194
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
;resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
<ca>
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
</ca>
remote-cert-tls server
tls-client
#tls-auth ta.key.1 1
key-direction 0
redirect-gateway def1
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
-----END OpenVPN Static key V1-----
</tls-auth>
cipher AES-256-CBC
here's the error
Wed Aug 15 06:21:43 2018 TCP connection established with [AF_INET]10.0.109.43:51444
Wed Aug 15 06:21:44 2018 10.0.109.43:51444 TLS: Initial packet from [AF_INET]10.0.x.x:51444, sid=ab891c06 e58049f6
Wed Aug 15 06:21:44 2018 10.0.109.43:51444 tls-crypt unwrap error: packet too short
Wed Aug 15 06:21:44 2018 10.0.109.43:51444 TLS Error: tls-crypt unwrapping failed from [AF_INET]10.0.x.x:51444
Wed Aug 15 06:21:44 2018 10.0.109.43:51444 Fatal TLS error (check_tls_errors_co), restarting
Wed Aug 15 06:21:44 2018 10.0.109.43:51444 SIGUSR1[soft,tls-error] received, client-instance restarting
openvpn unable to connect
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVpn Newbie
- Posts: 2
- Joined: Wed Aug 15, 2018 10:43 am
Re: openvpn unable to connect
this is fixed, thank you