Not Connecting to Server

[Fran7802]

Hi all,
Im new to openvpn, it was setup for me, didnt work. So i decided to try myself. Installed openvpn-2.1_rc15-install on my win 7 pro 64bit machine. Installed as Admin running in Vista SP3 Compatibility mode. Created a bridge with local area connection and TAP-Win32 Adapter V9 connection - then set ip of bridge to ip / default gateway and dns of domain.
No i just installed certificates in the default location by double clicking install certificate. I will attach my log file.
Any help will be appreciated.

Sun May 08 14:28:56 2011 OpenVPN 2.1_rc15 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Nov 19 2008
Sun May 08 14:28:56 2011 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sun May 08 14:28:56 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sun May 08 14:28:56 2011 LZO compression initialized
Sun May 08 14:28:56 2011 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sun May 08 14:28:57 2011 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
Sun May 08 14:28:57 2011 Local Options hash (VER=V4): 'd79ca330'
Sun May 08 14:28:57 2011 Expected Remote Options hash (VER=V4): 'f7df56b8'
Sun May 08 14:28:57 2011 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sun May 08 14:28:57 2011 UDPv4 link local: [undef]
Sun May 08 14:28:57 2011 UDPv4 link remote: 41.241.159.62:1194
Sun May 08 14:28:57 2011 TLS: Initial packet from 41.241.159.62:1194, sid=efd4dbfa e61d9630
Sun May 08 14:28:57 2011 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: /C=SA/ST=GP/L=AREA/O=NAME-VPN/CN=server/emailAddress=me@myhost.mydomain
Sun May 08 14:28:57 2011 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Sun May 08 14:28:57 2011 TLS Error: TLS object -> incoming plaintext read error
Sun May 08 14:28:57 2011 TLS Error: TLS handshake failed
Sun May 08 14:28:57 2011 TCP/UDP: Closing socket
Sun May 08 14:28:57 2011 SIGUSR1[soft,tls-error] received, process restarting
Sun May 08 14:28:57 2011 Restart pause, 2 second(s)
Sun May 08 14:28:59 2011 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sun May 08 14:28:59 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sun May 08 14:28:59 2011 Re-using SSL/TLS context
Sun May 08 14:28:59 2011 LZO compression initialized
Sun May 08 14:28:59 2011 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sun May 08 14:28:59 2011 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
Sun May 08 14:28:59 2011 Local Options hash (VER=V4): 'd79ca330'
Sun May 08 14:28:59 2011 Expected Remote Options hash (VER=V4): 'f7df56b8'
Sun May 08 14:28:59 2011 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sun May 08 14:28:59 2011 UDPv4 link local: [undef]
Sun May 08 14:28:59 2011 UDPv4 link remote: 41.241.159.62:1194
Sun May 08 14:28:59 2011 TLS: Initial packet from 41.241.159.62:1194, sid=6a3ed33e 8dfd264e
Sun May 08 14:28:59 2011 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: /C=SA/ST=GP/L=AREA/O=NAME-VPN/CN=server/emailAddress=me@myhost.mydomain
Sun May 08 14:28:59 2011 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Sun May 08 14:28:59 2011 TLS Error: TLS object -> incoming plaintext read error
Sun May 08 14:28:59 2011 TLS Error: TLS handshake failed
Sun May 08 14:28:59 2011 TCP/UDP: Closing socket
Sun May 08 14:28:59 2011 SIGUSR1[soft,tls-error] received, process restarting
Sun May 08 14:28:59 2011 Restart pause, 2 second(s)
Sun May 08 14:29:01 2011 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sun May 08 14:29:01 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sun May 08 14:29:01 2011 Re-using SSL/TLS context
Sun May 08 14:29:01 2011 LZO compression initialized
Sun May 08 14:29:01 2011 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sun May 08 14:29:01 2011 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
Sun May 08 14:29:01 2011 Local Options hash (VER=V4): 'd79ca330'
Sun May 08 14:29:01 2011 Expected Remote Options hash (VER=V4): 'f7df56b8'
Sun May 08 14:29:01 2011 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sun May 08 14:29:01 2011 UDPv4 link local: [undef]
Sun May 08 14:29:01 2011 UDPv4 link remote: 41.241.159.62:1194
Sun May 08 14:29:01 2011 TLS: Initial packet from 41.241.159.62:1194, sid=b9fab912 7cb8f56a
Sun May 08 14:29:01 2011 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: /C=SA/ST=GP/L=AREA/O=NAME-VPN/CN=server/emailAddress=me@myhost.mydomain
Sun May 08 14:29:01 2011 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Sun May 08 14:29:01 2011 TLS Error: TLS object -> incoming plaintext read error
Sun May 08 14:29:01 2011 TLS Error: TLS handshake failed
Sun May 08 14:29:01 2011 TCP/UDP: Closing socket
Sun May 08 14:29:01 2011 SIGUSR1[soft,tls-error] received, process restarting
Sun May 08 14:29:01 2011 Restart pause, 2 second(s)
Sun May 08 14:29:03 2011 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sun May 08 14:29:03 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sun May 08 14:29:03 2011 Re-using SSL/TLS context
Sun May 08 14:29:03 2011 LZO compression initialized
Sun May 08 14:29:03 2011 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sun May 08 14:29:03 2011 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
Sun May 08 14:29:03 2011 Local Options hash (VER=V4): 'd79ca330'
Sun May 08 14:29:03 2011 Expected Remote Options hash (VER=V4): 'f7df56b8'
Sun May 08 14:29:03 2011 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sun May 08 14:29:03 2011 UDPv4 link local: [undef]
Sun May 08 14:29:03 2011 UDPv4 link remote: 41.241.159.62:1194
Sun May 08 14:29:03 2011 TCP/UDP: Closing socket
Sun May 08 14:29:03 2011 SIGTERM[hard,] received, process exiting

[maikcat]

hi there,

>No i just installed certificates in the default location by double clicking install certificate.

in order to use a already installed certificated from your openvpn you must configure
your client accordingly...

please post client/server configs.

also use ver 2.1.1 and above for win7/vista

Michael.

[zabidin2]

I have same problem. I install using yum and OS is fedora 12. This from server.conf

Code: Select all

port 443
tls-server
proto udp
dev tun
ca keys/ca.crt
cert keys/server.crt
key keys/server.key
dh keys/dh1024.pem

push "dhcp-option DNS 184.22.xxx.xxx"
push "dhcp-option DNS 184.22.xxx.xxx"
push "dhcp-option DNS 64.191.xxx.xxx"

keepalive 10 120
comp-lzo
persist-key
persist-tun
status server-udp_status.log
verb 4

This from windows client

Code: Select all

client
dev tun
proto tcp

#Change my.publicdomain.com to your public domain or IP address
remote 184.22.xxx.xxx 443

resolv-retry infinite
nobind
persist-key
persist-tun


ca ca.crt
cert client.crt
key client.key

ns-cert-type server
comp-lzo
verb 3  

Please assist me.

Thanks.