Inital Startup configuration issues (CentOS 6.3)

[he11fighter]

Hello, I am trying openvpn for the first time, and I am trying to get it to run on CentOS 6.3, running version 2.3.1. I got it installed and started setting up the CA certs and the server itself. Yet, when I try to start the service, it fails automatically, I think it could be my IP configuration at fault, yet I'm not sure. I am posting my server configuration file parameters, as well as the logs from when I tried to run OpenVPN.

Code: Select all

port 1194 
proto udp
dev tun
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
reneg-sec 0
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
client-cert-not-required
username-as-common-name
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 5 30
comp-lzo
persist-key
persist-tun
/var/log/messages
verb 3

Code: Select all

May 31 12:50:27 localhost dhclient[1814]: DHCPREQUEST on eth0 to 192.168.153.254 port 67 (xid=0x13c5e78a)
May 31 12:50:27 localhost dhclient[1814]: DHCPACK from 192.168.153.254 (xid=0x13c5e78a)
May 31 12:50:27 localhost dhclient[1814]: bound to 192.168.153.133 -- renewal in 796 seconds.
May 31 12:50:27 localhost NetworkManager[1769]: <info> (eth0): DHCPv4 state changed renew -> renew
May 31 12:50:27 localhost NetworkManager[1769]: <info>   address 192.168.153.133
May 31 12:50:27 localhost NetworkManager[1769]: <info>   prefix 24 (255.255.255.0)
May 31 12:50:27 localhost NetworkManager[1769]: <info>   gateway 192.168.153.2
May 31 12:50:27 localhost NetworkManager[1769]: <info>   nameserver '192.168.153.2'
May 31 12:50:27 localhost NetworkManager[1769]: <info>   domain name 'localdomain'
May 31 13:03:43 localhost dhclient[1814]: DHCPREQUEST on eth0 to 192.168.153.254 port 67 (xid=0x13c5e78a)
May 31 13:03:43 localhost dhclient[1814]: DHCPACK from 192.168.153.254 (xid=0x13c5e78a)
May 31 13:03:43 localhost dhclient[1814]: bound to 192.168.153.133 -- renewal in 845 seconds.
May 31 13:03:43 localhost NetworkManager[1769]: <info> (eth0): DHCPv4 state changed renew -> renew
May 31 13:03:43 localhost NetworkManager[1769]: <info>   address 192.168.153.133
May 31 13:03:43 localhost NetworkManager[1769]: <info>   prefix 24 (255.255.255.0)
May 31 13:03:43 localhost NetworkManager[1769]: <info>   gateway 192.168.153.2
May 31 13:03:43 localhost NetworkManager[1769]: <info>   nameserver '192.168.153.2'
May 31 13:03:43 localhost NetworkManager[1769]: <info>   domain name 'localdomain'
May 31 13:17:48 localhost dhclient[1814]: DHCPREQUEST on eth0 to 192.168.153.254 port 67 (xid=0x13c5e78a)
May 31 13:17:48 localhost dhclient[1814]: DHCPACK from 192.168.153.254 (xid=0x13c5e78a)
May 31 13:17:48 localhost dhclient[1814]: bound to 192.168.153.133 -- renewal in 800 seconds.
May 31 13:17:48 localhost NetworkManager[1769]: <info> (eth0): DHCPv4 state changed renew -> renew
May 31 13:17:48 localhost NetworkManager[1769]: <info>   address 192.168.153.133
May 31 13:17:48 localhost NetworkManager[1769]: <info>   prefix 24 (255.255.255.0)
May 31 13:17:48 localhost NetworkManager[1769]: <info>   gateway 192.168.153.2
May 31 13:17:48 localhost NetworkManager[1769]: <info>   nameserver '192.168.153.2'
May 31 13:17:48 localhost NetworkManager[1769]: <info>   domain name 'localdomain'
May 31 13:31:08 localhost dhclient[1814]: DHCPREQUEST on eth0 to 192.168.153.254 port 67 (xid=0x13c5e78a)
May 31 13:31:08 localhost dhclient[1814]: DHCPACK from 192.168.153.254 (xid=0x13c5e78a)
May 31 13:31:08 localhost dhclient[1814]: bound to 192.168.153.133 -- renewal in 744 seconds.
May 31 13:31:08 localhost NetworkManager[1769]: <info> (eth0): DHCPv4 state changed renew -> renew
May 31 13:31:08 localhost NetworkManager[1769]: <info>   address 192.168.153.133
May 31 13:31:08 localhost NetworkManager[1769]: <info>   prefix 24 (255.255.255.0)
May 31 13:31:08 localhost NetworkManager[1769]: <info>   gateway 192.168.153.2
May 31 13:31:08 localhost NetworkManager[1769]: <info>   nameserver '192.168.153.2'
May 31 13:31:08 localhost NetworkManager[1769]: <info>   domain name 'localdomain'
May 31 13:43:32 localhost dhclient[1814]: DHCPREQUEST on eth0 to 192.168.153.254 port 67 (xid=0x13c5e78a)
May 31 13:43:32 localhost dhclient[1814]: DHCPACK from 192.168.153.254 (xid=0x13c5e78a)
May 31 13:43:32 localhost dhclient[1814]: bound to 192.168.153.133 -- renewal in 869 seconds.
May 31 13:43:32 localhost NetworkManager[1769]: <info> (eth0): DHCPv4 state changed renew -> renew
May 31 13:43:32 localhost NetworkManager[1769]: <info>   address 192.168.153.133
May 31 13:43:32 localhost NetworkManager[1769]: <info>   prefix 24 (255.255.255.0)
May 31 13:43:32 localhost NetworkManager[1769]: <info>   gateway 192.168.153.2
May 31 13:43:32 localhost NetworkManager[1769]: <info>   nameserver '192.168.153.2'
May 31 13:43:32 localhost NetworkManager[1769]: <info>   domain name 'localdomain'
May 31 13:43:36 localhost dbus: avc:  received setenforce notice (enforcing=0)
May 31 13:43:36 localhost dbus: avc:  received setenforce notice (enforcing=0)
May 31 13:44:42 localhost openvpn[9968]: Options error: --client-cert-not-required must be used with --management-client-auth, an --auth-user-pass-verify script, or plugin
May 31 13:44:42 localhost openvpn[9968]: Use --help for more information.
May 31 13:48:42 localhost openvpn[10037]: Options error: --client-cert-not-required must be used with --management-client-auth, an --auth-user-pass-verify script, or plugin
May 31 13:48:42 localhost openvpn[10037]: Use --help for more information.
May 31 13:51:24 localhost openvpn[10102]: Options error: Unrecognized option or missing parameter(s) in server.conf:26: 192.168.153.133 (2.3.1)
May 31 13:51:24 localhost openvpn[10102]: Use --help for more information.
May 31 13:58:01 localhost dhclient[1814]: DHCPREQUEST on eth0 to 192.168.153.254 port 67 (xid=0x13c5e78a)
May 31 13:58:01 localhost dhclient[1814]: DHCPACK from 192.168.153.254 (xid=0x13c5e78a)
May 31 13:58:01 localhost dhclient[1814]: bound to 192.168.153.133 -- renewal in 777 seconds.
May 31 13:58:01 localhost NetworkManager[1769]: <info> (eth0): DHCPv4 state changed renew -> renew
May 31 13:58:01 localhost NetworkManager[1769]: <info>   address 192.168.153.133
May 31 13:58:01 localhost NetworkManager[1769]: <info>   prefix 24 (255.255.255.0)
May 31 13:58:01 localhost NetworkManager[1769]: <info>   gateway 192.168.153.2
May 31 13:58:01 localhost NetworkManager[1769]: <info>   nameserver '192.168.153.2'
May 31 13:58:01 localhost NetworkManager[1769]: <info>   domain name 'localdomain'
May 31 14:10:58 localhost dhclient[1814]: DHCPREQUEST on eth0 to 192.168.153.254 port 67 (xid=0x13c5e78a)
May 31 14:10:58 localhost dhclient[1814]: DHCPACK from 192.168.153.254 (xid=0x13c5e78a)
May 31 14:10:58 localhost dhclient[1814]: bound to 192.168.153.133 -- renewal in 795 seconds.
May 31 14:10:58 localhost NetworkManager[1769]: <info> (eth0): DHCPv4 state changed renew -> renew
May 31 14:10:58 localhost NetworkManager[1769]: <info>   address 192.168.153.133
May 31 14:10:58 localhost NetworkManager[1769]: <info>   prefix 24 (255.255.255.0)
May 31 14:10:58 localhost NetworkManager[1769]: <info>   gateway 192.168.153.2
May 31 14:10:58 localhost NetworkManager[1769]: <info>   nameserver '192.168.153.2'
May 31 14:10:58 localhost NetworkManager[1769]: <info>   domain name 'localdomain'
May 31 14:24:13 localhost dhclient[1814]: DHCPREQUEST on eth0 to 192.168.153.254 port 67 (xid=0x13c5e78a)
May 31 14:24:13 localhost dhclient[1814]: DHCPACK from 192.168.153.254 (xid=0x13c5e78a)
May 31 14:24:13 localhost dhclient[1814]: bound to 192.168.153.133 -- renewal in 753 seconds.
May 31 14:24:13 localhost NetworkManager[1769]: <info> (eth0): DHCPv4 state changed renew -> renew
May 31 14:24:13 localhost NetworkManager[1769]: <info>   address 192.168.153.133
May 31 14:24:13 localhost NetworkManager[1769]: <info>   prefix 24 (255.255.255.0)
May 31 14:24:13 localhost NetworkManager[1769]: <info>   gateway 192.168.153.2
May 31 14:24:13 localhost NetworkManager[1769]: <info>   nameserver '192.168.153.2'
May 31 14:24:13 localhost NetworkManager[1769]: <info>   domain name 'localdomain'
May 31 14:36:46 localhost dhclient[1814]: DHCPREQUEST on eth0 to 192.168.153.254 port 67 (xid=0x13c5e78a)
May 31 14:36:46 localhost dhclient[1814]: DHCPACK from 192.168.153.254 (xid=0x13c5e78a)
May 31 14:36:46 localhost dhclient[1814]: bound to 192.168.153.133 -- renewal in 742 seconds.
May 31 14:36:46 localhost NetworkManager[1769]: <info> (eth0): DHCPv4 state changed renew -> renew
May 31 14:36:46 localhost NetworkManager[1769]: <info>   address 192.168.153.133
May 31 14:36:46 localhost NetworkManager[1769]: <info>   prefix 24 (255.255.255.0)
May 31 14:36:46 localhost NetworkManager[1769]: <info>   gateway 192.168.153.2
May 31 14:36:46 localhost NetworkManager[1769]: <info>   nameserver '192.168.153.2'
May 31 14:36:46 localhost NetworkManager[1769]: <info>   domain name 'localdomain'
May 31 14:49:08 localhost dhclient[1814]: DHCPREQUEST on eth0 to 192.168.153.254 port 67 (xid=0x13c5e78a)
May 31 14:49:08 localhost dhclient[1814]: DHCPACK from 192.168.153.254 (xid=0x13c5e78a)
May 31 14:49:08 localhost NetworkManager[1769]: <info> (eth0): DHCPv4 state changed renew -> renew
May 31 14:49:08 localhost NetworkManager[1769]: <info>   address 192.168.153.133
May 31 14:49:08 localhost NetworkManager[1769]: <info>   prefix 24 (255.255.255.0)
May 31 14:49:08 localhost NetworkManager[1769]: <info>   gateway 192.168.153.2
May 31 14:49:08 localhost NetworkManager[1769]: <info>   nameserver '192.168.153.2'
May 31 14:49:08 localhost NetworkManager[1769]: <info>   domain name 'localdomain'
May 31 14:49:08 localhost dhclient[1814]: bound to 192.168.153.133 -- renewal in 790 seconds.
May 31 15:02:18 localhost dhclient[1814]: DHCPREQUEST on eth0 to 192.168.153.254 port 67 (xid=0x13c5e78a)
May 31 15:02:18 localhost dhclient[1814]: DHCPACK from 192.168.153.254 (xid=0x13c5e78a)
May 31 15:02:18 localhost NetworkManager[1769]: <info> (eth0): DHCPv4 state changed renew -> renew
May 31 15:02:18 localhost NetworkManager[1769]: <info>   address 192.168.153.133
May 31 15:02:18 localhost NetworkManager[1769]: <info>   prefix 24 (255.255.255.0)
May 31 15:02:18 localhost NetworkManager[1769]: <info>   gateway 192.168.153.2
May 31 15:02:18 localhost NetworkManager[1769]: <info>   nameserver '192.168.153.2'
May 31 15:02:18 localhost NetworkManager[1769]: <info>   domain name 'localdomain'
May 31 15:02:18 localhost dhclient[1814]: bound to 192.168.153.133 -- renewal in 782 seconds.
May 31 15:15:20 localhost dhclient[1814]: DHCPREQUEST on eth0 to 192.168.153.254 port 67 (xid=0x13c5e78a)
May 31 15:15:20 localhost dhclient[1814]: DHCPACK from 192.168.153.254 (xid=0x13c5e78a)
May 31 15:15:20 localhost dhclient[1814]: bound to 192.168.153.133 -- renewal in 811 seconds.
May 31 15:15:20 localhost NetworkManager[1769]: <info> (eth0): DHCPv4 state changed renew -> renew
May 31 15:15:20 localhost NetworkManager[1769]: <info>   address 192.168.153.133
May 31 15:15:20 localhost NetworkManager[1769]: <info>   prefix 24 (255.255.255.0)
May 31 15:15:20 localhost NetworkManager[1769]: <info>   gateway 192.168.153.2
May 31 15:15:20 localhost NetworkManager[1769]: <info>   nameserver '192.168.153.2'
May 31 15:15:20 localhost NetworkManager[1769]: <info>   domain name 'localdomain'
May 31 15:28:51 localhost dhclient[1814]: DHCPREQUEST on eth0 to 192.168.153.254 port 67 (xid=0x13c5e78a)
May 31 15:28:51 localhost dhclient[1814]: DHCPACK from 192.168.153.254 (xid=0x13c5e78a)
May 31 15:28:51 localhost NetworkManager[1769]: <info> (eth0): DHCPv4 state changed renew -> renew
May 31 15:28:51 localhost NetworkManager[1769]: <info>   address 192.168.153.133
May 31 15:28:51 localhost NetworkManager[1769]: <info>   prefix 24 (255.255.255.0)
May 31 15:28:51 localhost NetworkManager[1769]: <info>   gateway 192.168.153.2
May 31 15:28:51 localhost NetworkManager[1769]: <info>   nameserver '192.168.153.2'
May 31 15:28:51 localhost NetworkManager[1769]: <info>   domain name 'localdomain'
May 31 15:28:51 localhost dhclient[1814]: bound to 192.168.153.133 -- renewal in 739 seconds.
May 31 15:30:18 localhost openvpn[11053]: Options error: Unrecognized option or missing parameter(s) in server.conf:26: 192.168.153.133 (2.3.1)
May 31 15:30:18 localhost openvpn[11053]: Use --help for more information.
May 31 15:32:05 localhost openvpn[11127]: Options error: Unrecognized option or missing parameter(s) in server.conf:26: 192.168.153.133 (2.3.1)
May 31 15:32:05 localhost openvpn[11127]: Use --help for more information.
May 31 15:41:10 localhost dhclient[1814]: DHCPREQUEST on eth0 to 192.168.153.254 port 67 (xid=0x13c5e78a)
May 31 15:41:10 localhost dhclient[1814]: DHCPACK from 192.168.153.254 (xid=0x13c5e78a)
May 31 15:41:10 localhost dhclient[1814]: bound to 192.168.153.133 -- renewal in 698 seconds.
May 31 15:41:10 localhost NetworkManager[1769]: <info> (eth0): DHCPv4 state changed renew -> renew
May 31 15:41:10 localhost NetworkManager[1769]: <info>   address 192.168.153.133
May 31 15:41:10 localhost NetworkManager[1769]: <info>   prefix 24 (255.255.255.0)
May 31 15:41:10 localhost NetworkManager[1769]: <info>   gateway 192.168.153.2
May 31 15:41:10 localhost NetworkManager[1769]: <info>   nameserver '192.168.153.2'
May 31 15:41:10 localhost NetworkManager[1769]: <info>   domain name 'localdomain'

[janjust]

this warning

May 31 13:44:42 localhost openvpn[9968]: Options error: --client-cert-not-required must be used with --management-client-auth, an --auth-user-pass-verify script, or plugin

pretty much says it all - comment out 'client-cert-not-required' and try again.

[he11fighter]

Thanks, commented that line as well as the "username-as-common-name", and now OpenVPN is running. Question, will this config change affect any RSA keys made? I created my client keys before I tried to initially start OpenVPN, so I'm just wondering if I will need to start over?

[janjust]

nope, the RSA keys are independent of this.