I have recently moved to a new Synology NAS running their VPN plugin which incorporates OVPN and set up the server as follows:
-the IP/name of the NAS is a dropin replacement so port forwarding on the router will continue to work
-used the default app on the NAS settings which generated the .ovpn file below
-imported to OVPN on Android and inserted user name and password
-I get the following error message on the client:
Code: Select all
openvpn opensslcontext::ssl_cleartext BIO_read failed cap=2576 status=-1 error:1416f086 ssl routine:tls_process_server_certificate certificate verify failed
thanks
mike
Client config
dev tun
tls-client
remote myserver.synology.me 1194
# The "float" tells OpenVPN to accept authenticated packets from any address,
# not only the address which was specified in the --remote option.
# This is useful when you are connecting to a peer which holds a dynamic address
# such as a dial-in user or DHCP client.
# (Please refer to the manual of OpenVPN for more information.)
#float
# If redirect-gateway is enabled, the client will redirect it's
# default network gateway through the VPN.
# It means the VPN connection will firstly connect to the VPN Server
# and then to the internet.
# (Please refer to the manual of OpenVPN for more information.)
redirect-gateway def1
# dhcp-option DNS: To set primary domain name server address.
# Repeat this option to set secondary DNS server addresses.
dhcp-option DNS 192.168.2.254
pull
# If you want to connect by Server's IPv6 address, you should use
# "proto udp6" in UDP mode or "proto tcp6-client" in TCP mode
proto udp
script-security 2
comp-lzo
reneg-sec 0
cipher AES-256-CBC
auth SHA512
auth-user-pass
<ca>
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
</ca>