openvpn unable to connect

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
glenn_91
OpenVpn Newbie
Posts: 2
Joined: Wed Aug 15, 2018 10:43 am

openvpn unable to connect

Post by glenn_91 » Wed Aug 15, 2018 10:45 am

Hi,

Please help me to connect to my server centos7 with openvpn, below are my configs.
NOTE: I did not added my certificate.


server.conf
port 1194
proto tcp
dev tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key # This file should be kept secret
dh dh2048.pem
topology subnet
server 10.0.104.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "DHCP-OPTION DNS 8.8.8.8"
keepalive 10 120
tls-crypt /etc/openvpn/myvpn.tlsauth
cipher AES-256-CBC
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
log-append openvpn.log
verb 3
remote-cert-eku "TLS Web Client Authentication"

===========================================================

client config
client
dev tun
proto tcp

remote 10.0.105.85 1194
#remote 119.46.97.195 1194
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
;resolv-retry infinite

nobind

persist-key
persist-tun

mute-replay-warnings

# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
<ca>
-----BEGIN CERTIFICATE-----

-----END CERTIFICATE-----
</ca>

remote-cert-tls server

tls-client
#tls-auth ta.key.1 1
key-direction 0
redirect-gateway def1
<tls-auth>
-----BEGIN OpenVPN Static key V1-----

-----END OpenVPN Static key V1-----

</tls-auth>

cipher AES-256-CBC


here's the error

Wed Aug 15 06:21:43 2018 TCP connection established with [AF_INET]10.0.109.43:51444
Wed Aug 15 06:21:44 2018 10.0.109.43:51444 TLS: Initial packet from [AF_INET]10.0.x.x:51444, sid=ab891c06 e58049f6
Wed Aug 15 06:21:44 2018 10.0.109.43:51444 tls-crypt unwrap error: packet too short
Wed Aug 15 06:21:44 2018 10.0.109.43:51444 TLS Error: tls-crypt unwrapping failed from [AF_INET]10.0.x.x:51444
Wed Aug 15 06:21:44 2018 10.0.109.43:51444 Fatal TLS error (check_tls_errors_co), restarting
Wed Aug 15 06:21:44 2018 10.0.109.43:51444 SIGUSR1[soft,tls-error] received, client-instance restarting

glenn_91
OpenVpn Newbie
Posts: 2
Joined: Wed Aug 15, 2018 10:43 am

Re: openvpn unable to connect

Post by glenn_91 » Thu Aug 16, 2018 1:56 am

this is fixed, thank you

Post Reply