[Solved] Cannot load certificate file help!

This forum is for all inquiries relating to the installation of OpenVPN from source and with binaries.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please visit (and READ) the OpenVPN HowTo http://openvpn.net/howto prior to asking any questions in here!
Locked
kraze
OpenVPN User
Posts: 36
Joined: Fri Sep 13, 2013 6:46 pm

[Solved] Cannot load certificate file help!

Post by kraze » Fri Sep 13, 2013 6:56 pm

I've been trying to setup OpenVPN for sometime now and each time I keep getting stuck at the connection. The full error my client receives when connecting is..

Code: Select all

Fri Sep 13 11:36:11 2013 OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Aug 20 2010
Fri Sep 13 11:36:11 2013 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Fri Sep 13 11:36:11 2013 Cannot load certificate file C:\Program: error:02001002:system library:fopen:No such file or directory: error:20074002:BIO routines:FILE_CTRL:system lib: error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib
Fri Sep 13 11:36:11 2013 Exiting
Looking at that I figured one of my directories was incorrect but I've checked and they all seem correct. After a few hours of troubleshooting I decided we would just start fresh, de-installed OpenVPN and installed a fresh copy, same error occurs upon connecting. I am following the guide listed here step-by-step.

https://community.openvpn.net/openvpn/w ... dows_Guide

The only thing I noticed was that the myclient.crt file the server generated is blank, is it supposed to be that way? Server is running Windows 2008 R2 and no firewalls are blocking any connections. I can provide exact config files if needed upon request.
Last edited by debbie10t on Tue Feb 11, 2014 3:19 pm, edited 1 time in total.
Reason: [solved / closed]
Top
kraze
OpenVPN User
Posts: 36
Joined: Fri Sep 13, 2013 6:46 pm

Re: Cannot load certificate file help!

Post by kraze » Fri Sep 13, 2013 9:37 pm

I was able to figure out the first issue but now I have another problem. The server is now loading the file but throwing a new error upon connecting.

Code: Select all

Fri Sep 13 14:15:19 2013 us=135000 Current Parameter Settings:
Fri Sep 13 14:15:19 2013 us=135000   config = '123.ovpn'
Fri Sep 13 14:15:19 2013 us=135000   mode = 0
Fri Sep 13 14:15:19 2013 us=135000   show_ciphers = DISABLED
Fri Sep 13 14:15:19 2013 us=135000   show_digests = DISABLED
Fri Sep 13 14:15:19 2013 us=135000   show_engines = DISABLED
Fri Sep 13 14:15:19 2013 us=135000   genkey = DISABLED
Fri Sep 13 14:15:19 2013 us=135000   key_pass_file = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=135000   show_tls_ciphers = DISABLED
Fri Sep 13 14:15:19 2013 us=135000 Connection profiles [default]:
Fri Sep 13 14:15:19 2013 us=135000   proto = udp
Fri Sep 13 14:15:19 2013 us=135000   local = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=135000   local_port = 0
Fri Sep 13 14:15:19 2013 us=135000   remote = '74.91.115.193:1194'
Fri Sep 13 14:15:19 2013 us=135000   remote_port = 1194
Fri Sep 13 14:15:19 2013 us=135000   remote_float = DISABLED
Fri Sep 13 14:15:19 2013 us=135000   bind_defined = DISABLED
Fri Sep 13 14:15:19 2013 us=135000   bind_local = DISABLED
Fri Sep 13 14:15:19 2013 us=135000   connect_retry_seconds = 5
Fri Sep 13 14:15:19 2013 us=135000   connect_timeout = 10
Fri Sep 13 14:15:19 2013 us=135000   connect_retry_max = 0
Fri Sep 13 14:15:19 2013 us=135000   socks_proxy_server = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=135000   socks_proxy_port = 0
Fri Sep 13 14:15:19 2013 us=135000   socks_proxy_retry = DISABLED
Fri Sep 13 14:15:19 2013 us=135000 Connection profiles END
Fri Sep 13 14:15:19 2013 us=135000   remote_random = DISABLED
Fri Sep 13 14:15:19 2013 us=135000   ipchange = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=135000   dev = 'tun'
Fri Sep 13 14:15:19 2013 us=135000   dev_type = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=135000   dev_node = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=135000   lladdr = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=135000   topology = 1
Fri Sep 13 14:15:19 2013 us=135000   tun_ipv6 = DISABLED
Fri Sep 13 14:15:19 2013 us=135000   ifconfig_local = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=135000   ifconfig_remote_netmask = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=135000   ifconfig_noexec = DISABLED
Fri Sep 13 14:15:19 2013 us=135000   ifconfig_nowarn = DISABLED
Fri Sep 13 14:15:19 2013 us=135000   shaper = 0
Fri Sep 13 14:15:19 2013 us=135000   tun_mtu = 1500
Fri Sep 13 14:15:19 2013 us=135000   tun_mtu_defined = ENABLED
Fri Sep 13 14:15:19 2013 us=135000   link_mtu = 1500
Fri Sep 13 14:15:19 2013 us=135000   link_mtu_defined = DISABLED
Fri Sep 13 14:15:19 2013 us=135000   tun_mtu_extra = 0
Fri Sep 13 14:15:19 2013 us=135000   tun_mtu_extra_defined = DISABLED
Fri Sep 13 14:15:19 2013 us=135000   fragment = 0
Fri Sep 13 14:15:19 2013 us=135000   mtu_discover_type = -1
Fri Sep 13 14:15:19 2013 us=135000   mtu_test = 0
Fri Sep 13 14:15:19 2013 us=135000   mlock = DISABLED
Fri Sep 13 14:15:19 2013 us=135000   keepalive_ping = 0
Fri Sep 13 14:15:19 2013 us=135000   keepalive_timeout = 0
Fri Sep 13 14:15:19 2013 us=135000   inactivity_timeout = 0
Fri Sep 13 14:15:19 2013 us=135000   ping_send_timeout = 0
Fri Sep 13 14:15:19 2013 us=135000   ping_rec_timeout = 0
Fri Sep 13 14:15:19 2013 us=135000   ping_rec_timeout_action = 0
Fri Sep 13 14:15:19 2013 us=135000   ping_timer_remote = DISABLED
Fri Sep 13 14:15:19 2013 us=135000   remap_sigusr1 = 0
Fri Sep 13 14:15:19 2013 us=135000   explicit_exit_notification = 0
Fri Sep 13 14:15:19 2013 us=135000   persist_tun = ENABLED
Fri Sep 13 14:15:19 2013 us=135000   persist_local_ip = DISABLED
Fri Sep 13 14:15:19 2013 us=135000   persist_remote_ip = DISABLED
Fri Sep 13 14:15:19 2013 us=135000   persist_key = ENABLED
Fri Sep 13 14:15:19 2013 us=135000   mssfix = 1450
Fri Sep 13 14:15:19 2013 us=135000   resolve_retry_seconds = 1000000000
Fri Sep 13 14:15:19 2013 us=135000   username = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=135000   groupname = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=135000   chroot_dir = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=135000   cd_dir = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=135000   writepid = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=369000   up_script = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=369000   down_script = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=369000   down_pre = DISABLED
Fri Sep 13 14:15:19 2013 us=369000   up_restart = DISABLED
Fri Sep 13 14:15:19 2013 us=369000   up_delay = DISABLED
Fri Sep 13 14:15:19 2013 us=369000   daemon = DISABLED
Fri Sep 13 14:15:19 2013 us=369000   inetd = 0
Fri Sep 13 14:15:19 2013 us=369000   log = DISABLED
Fri Sep 13 14:15:19 2013 us=369000   suppress_timestamps = DISABLED
Fri Sep 13 14:15:19 2013 us=369000   nice = 0
Fri Sep 13 14:15:19 2013 us=369000   verbosity = 6
Fri Sep 13 14:15:19 2013 us=369000   mute = 0
Fri Sep 13 14:15:19 2013 us=369000   gremlin = 0
Fri Sep 13 14:15:19 2013 us=369000   status_file = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=369000   status_file_version = 1
Fri Sep 13 14:15:19 2013 us=369000   status_file_update_freq = 60
Fri Sep 13 14:15:19 2013 us=369000   occ = ENABLED
Fri Sep 13 14:15:19 2013 us=369000   rcvbuf = 0
Fri Sep 13 14:15:19 2013 us=369000   sndbuf = 0
Fri Sep 13 14:15:19 2013 us=385000   sockflags = 0
Fri Sep 13 14:15:19 2013 us=385000   fast_io = DISABLED
Fri Sep 13 14:15:19 2013 us=385000   lzo = 7
Fri Sep 13 14:15:19 2013 us=385000   route_script = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=385000   route_default_gateway = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=385000   route_default_metric = 0
Fri Sep 13 14:15:19 2013 us=385000   route_noexec = DISABLED
Fri Sep 13 14:15:19 2013 us=385000   route_delay = 5
Fri Sep 13 14:15:19 2013 us=385000   route_delay_window = 30
Fri Sep 13 14:15:19 2013 us=385000   route_delay_defined = ENABLED
Fri Sep 13 14:15:19 2013 us=385000   route_nopull = DISABLED
Fri Sep 13 14:15:19 2013 us=385000   route_gateway_via_dhcp = DISABLED
Fri Sep 13 14:15:19 2013 us=385000   max_routes = 100
Fri Sep 13 14:15:19 2013 us=385000   allow_pull_fqdn = DISABLED
Fri Sep 13 14:15:19 2013 us=385000   management_addr = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=385000   management_port = 0
Fri Sep 13 14:15:19 2013 us=385000   management_user_pass = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=385000   management_log_history_cache = 250
Fri Sep 13 14:15:19 2013 us=385000   management_echo_buffer_size = 100
Fri Sep 13 14:15:19 2013 us=385000   management_write_peer_info_file = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=385000   management_client_user = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=385000   management_client_group = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=385000   management_flags = 0
Fri Sep 13 14:15:19 2013 us=385000   shared_secret_file = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=385000   key_direction = 0
Fri Sep 13 14:15:19 2013 us=385000   ciphername_defined = ENABLED
Fri Sep 13 14:15:19 2013 us=385000   ciphername = 'BF-CBC'
Fri Sep 13 14:15:19 2013 us=385000   authname_defined = ENABLED
Fri Sep 13 14:15:19 2013 us=385000   authname = 'SHA1'
Fri Sep 13 14:15:19 2013 us=385000   prng_hash = 'SHA1'
Fri Sep 13 14:15:19 2013 us=385000   prng_nonce_secret_len = 16
Fri Sep 13 14:15:19 2013 us=385000   keysize = 0
Fri Sep 13 14:15:19 2013 us=400000   engine = DISABLED
Fri Sep 13 14:15:19 2013 us=400000   replay = ENABLED
Fri Sep 13 14:15:19 2013 us=400000   mute_replay_warnings = DISABLED
Fri Sep 13 14:15:19 2013 us=400000   replay_window = 64
Fri Sep 13 14:15:19 2013 us=400000   replay_time = 15
Fri Sep 13 14:15:19 2013 us=400000   packet_id_file = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=400000   use_iv = ENABLED
Fri Sep 13 14:15:19 2013 us=400000   test_crypto = DISABLED
Fri Sep 13 14:15:19 2013 us=400000   tls_server = DISABLED
Fri Sep 13 14:15:19 2013 us=400000   tls_client = ENABLED
Fri Sep 13 14:15:19 2013 us=400000   key_method = 2
Fri Sep 13 14:15:19 2013 us=400000   ca_file = 'C:\Program Files (x86)\OpenVPN\config\ca.crt'
Fri Sep 13 14:15:19 2013 us=400000   ca_path = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=400000   dh_file = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=400000   cert_file = 'C:\Program Files (x86)\OpenVPN\config\123.crt'
Fri Sep 13 14:15:19 2013 us=400000   priv_key_file = 'C:\Program Files (x86)\OpenVPN\config\123.key'
Fri Sep 13 14:15:19 2013 us=416000   pkcs12_file = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=416000   cryptoapi_cert = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=416000   cipher_list = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=416000   tls_verify = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=416000   tls_remote = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=416000   crl_file = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=416000   ns_cert_type = 64
Fri Sep 13 14:15:19 2013 us=416000   remote_cert_ku[i] = 0
Fri Sep 13 14:15:19 2013 us=416000   remote_cert_ku[i] = 0
Fri Sep 13 14:15:19 2013 us=416000   remote_cert_ku[i] = 0
Fri Sep 13 14:15:19 2013 us=416000   remote_cert_ku[i] = 0
Fri Sep 13 14:15:19 2013 us=416000   remote_cert_ku[i] = 0
Fri Sep 13 14:15:19 2013 us=416000   remote_cert_ku[i] = 0
Fri Sep 13 14:15:19 2013 us=416000   remote_cert_ku[i] = 0
Fri Sep 13 14:15:19 2013 us=416000   remote_cert_ku[i] = 0
Fri Sep 13 14:15:19 2013 us=416000   remote_cert_ku[i] = 0
Fri Sep 13 14:15:19 2013 us=416000   remote_cert_ku[i] = 0
Fri Sep 13 14:15:19 2013 us=416000   remote_cert_ku[i] = 0
Fri Sep 13 14:15:19 2013 us=416000   remote_cert_ku[i] = 0
Fri Sep 13 14:15:19 2013 us=416000   remote_cert_ku[i] = 0
Fri Sep 13 14:15:19 2013 us=416000   remote_cert_ku[i] = 0
Fri Sep 13 14:15:19 2013 us=416000   remote_cert_ku[i] = 0
Fri Sep 13 14:15:19 2013 us=416000   remote_cert_ku[i] = 0
Fri Sep 13 14:15:19 2013 us=416000   remote_cert_eku = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=416000   tls_timeout = 2
Fri Sep 13 14:15:19 2013 us=416000   renegotiate_bytes = 0
Fri Sep 13 14:15:19 2013 us=416000   renegotiate_packets = 0
Fri Sep 13 14:15:19 2013 us=416000   renegotiate_seconds = 3600
Fri Sep 13 14:15:19 2013 us=416000   handshake_window = 60
Fri Sep 13 14:15:19 2013 us=416000   transition_window = 3600
Fri Sep 13 14:15:19 2013 us=416000   single_session = DISABLED
Fri Sep 13 14:15:19 2013 us=416000   push_peer_info = DISABLED
Fri Sep 13 14:15:19 2013 us=416000   tls_exit = DISABLED
Fri Sep 13 14:15:19 2013 us=416000   tls_auth_file = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=416000   pkcs11_protected_authentication = DISABLED
Fri Sep 13 14:15:19 2013 us=416000   pkcs11_protected_authentication = DISABLED
Fri Sep 13 14:15:19 2013 us=416000   pkcs11_protected_authentication = DISABLED
Fri Sep 13 14:15:19 2013 us=416000   pkcs11_protected_authentication = DISABLED
Fri Sep 13 14:15:19 2013 us=416000   pkcs11_protected_authentication = DISABLED
Fri Sep 13 14:15:19 2013 us=416000   pkcs11_protected_authentication = DISABLED
Fri Sep 13 14:15:19 2013 us=416000   pkcs11_protected_authentication = DISABLED
Fri Sep 13 14:15:19 2013 us=416000   pkcs11_protected_authentication = DISABLED
Fri Sep 13 14:15:19 2013 us=416000   pkcs11_protected_authentication = DISABLED
Fri Sep 13 14:15:19 2013 us=416000   pkcs11_protected_authentication = DISABLED
Fri Sep 13 14:15:19 2013 us=416000   pkcs11_protected_authentication = DISABLED
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_protected_authentication = DISABLED
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_protected_authentication = DISABLED
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_protected_authentication = DISABLED
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_protected_authentication = DISABLED
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_protected_authentication = DISABLED
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_private_mode = 00000000
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_private_mode = 00000000
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_private_mode = 00000000
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_private_mode = 00000000
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_private_mode = 00000000
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_private_mode = 00000000
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_private_mode = 00000000
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_private_mode = 00000000
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_private_mode = 00000000
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_private_mode = 00000000
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_private_mode = 00000000
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_private_mode = 00000000
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_private_mode = 00000000
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_private_mode = 00000000
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_private_mode = 00000000
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_private_mode = 00000000
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_cert_private = DISABLED
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_cert_private = DISABLED
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_cert_private = DISABLED
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_cert_private = DISABLED
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_cert_private = DISABLED
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_cert_private = DISABLED
Fri Sep 13 14:15:19 2013 us=432000   pkcs11_cert_private = DISABLED
Fri Sep 13 14:15:19 2013 us=447000   pkcs11_cert_private = DISABLED
Fri Sep 13 14:15:19 2013 us=447000   pkcs11_cert_private = DISABLED
Fri Sep 13 14:15:19 2013 us=447000   pkcs11_cert_private = DISABLED
Fri Sep 13 14:15:19 2013 us=447000   pkcs11_cert_private = DISABLED
Fri Sep 13 14:15:19 2013 us=447000   pkcs11_cert_private = DISABLED
Fri Sep 13 14:15:19 2013 us=447000   pkcs11_cert_private = DISABLED
Fri Sep 13 14:15:19 2013 us=447000   pkcs11_cert_private = DISABLED
Fri Sep 13 14:15:19 2013 us=447000   pkcs11_cert_private = DISABLED
Fri Sep 13 14:15:19 2013 us=447000   pkcs11_cert_private = DISABLED
Fri Sep 13 14:15:19 2013 us=447000   pkcs11_pin_cache_period = -1
Fri Sep 13 14:15:19 2013 us=447000   pkcs11_id = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=447000   pkcs11_id_management = DISABLED
Fri Sep 13 14:15:19 2013 us=447000   server_network = 0.0.0.0
Fri Sep 13 14:15:19 2013 us=447000   server_netmask = 0.0.0.0
Fri Sep 13 14:15:19 2013 us=447000   server_bridge_ip = 0.0.0.0
Fri Sep 13 14:15:19 2013 us=447000   server_bridge_netmask = 0.0.0.0
Fri Sep 13 14:15:19 2013 us=447000   server_bridge_pool_start = 0.0.0.0
Fri Sep 13 14:15:19 2013 us=447000   server_bridge_pool_end = 0.0.0.0
Fri Sep 13 14:15:19 2013 us=447000   ifconfig_pool_defined = DISABLED
Fri Sep 13 14:15:19 2013 us=447000   ifconfig_pool_start = 0.0.0.0
Fri Sep 13 14:15:19 2013 us=447000   ifconfig_pool_end = 0.0.0.0
Fri Sep 13 14:15:19 2013 us=447000   ifconfig_pool_netmask = 0.0.0.0
Fri Sep 13 14:15:19 2013 us=447000   ifconfig_pool_persist_filename = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=447000   ifconfig_pool_persist_refresh_freq = 600
Fri Sep 13 14:15:19 2013 us=447000   n_bcast_buf = 256
Fri Sep 13 14:15:19 2013 us=447000   tcp_queue_limit = 64
Fri Sep 13 14:15:19 2013 us=447000   real_hash_size = 256
Fri Sep 13 14:15:19 2013 us=447000   virtual_hash_size = 256
Fri Sep 13 14:15:19 2013 us=447000   client_connect_script = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=447000   learn_address_script = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=447000   client_disconnect_script = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=447000   client_config_dir = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=447000   ccd_exclusive = DISABLED
Fri Sep 13 14:15:19 2013 us=447000   tmp_dir = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=447000   push_ifconfig_defined = DISABLED
Fri Sep 13 14:15:19 2013 us=447000   push_ifconfig_local = 0.0.0.0
Fri Sep 13 14:15:19 2013 us=447000   push_ifconfig_remote_netmask = 0.0.0.0
Fri Sep 13 14:15:19 2013 us=447000   enable_c2c = DISABLED
Fri Sep 13 14:15:19 2013 us=447000   duplicate_cn = DISABLED
Fri Sep 13 14:15:19 2013 us=447000   cf_max = 0
Fri Sep 13 14:15:19 2013 us=447000   cf_per = 0
Fri Sep 13 14:15:19 2013 us=447000   max_clients = 1024
Fri Sep 13 14:15:19 2013 us=447000   max_routes_per_client = 256
Fri Sep 13 14:15:19 2013 us=447000   auth_user_pass_verify_script = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=463000   auth_user_pass_verify_script_via_file = DISABLED
Fri Sep 13 14:15:19 2013 us=463000   ssl_flags = 0
Fri Sep 13 14:15:19 2013 us=463000   client = ENABLED
Fri Sep 13 14:15:19 2013 us=463000   pull = ENABLED
Fri Sep 13 14:15:19 2013 us=463000   auth_user_pass_file = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=463000   show_net_up = DISABLED
Fri Sep 13 14:15:19 2013 us=463000   route_method = 0
Fri Sep 13 14:15:19 2013 us=463000   ip_win32_defined = DISABLED
Fri Sep 13 14:15:19 2013 us=463000   ip_win32_type = 3
Fri Sep 13 14:15:19 2013 us=463000   dhcp_masq_offset = 0
Fri Sep 13 14:15:19 2013 us=463000   dhcp_lease_time = 31536000
Fri Sep 13 14:15:19 2013 us=463000   tap_sleep = 0
Fri Sep 13 14:15:19 2013 us=463000   dhcp_options = DISABLED
Fri Sep 13 14:15:19 2013 us=463000   dhcp_renew = DISABLED
Fri Sep 13 14:15:19 2013 us=463000   dhcp_pre_release = DISABLED
Fri Sep 13 14:15:19 2013 us=463000   dhcp_release = DISABLED
Fri Sep 13 14:15:19 2013 us=463000   domain = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=463000   netbios_scope = '[UNDEF]'
Fri Sep 13 14:15:19 2013 us=463000   netbios_node_type = 0
Fri Sep 13 14:15:19 2013 us=463000   disable_nbt = DISABLED
Fri Sep 13 14:15:19 2013 us=463000 OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Aug 20 2010
Fri Sep 13 14:15:19 2013 us=463000 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Fri Sep 13 14:15:19 2013 us=525000 LZO compression initialized
Fri Sep 13 14:15:19 2013 us=525000 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Fri Sep 13 14:15:19 2013 us=525000 Socket Buffers: R=[8192->8192] S=[8192->8192]
Fri Sep 13 14:15:19 2013 us=525000 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Fri Sep 13 14:15:19 2013 us=525000 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Fri Sep 13 14:15:19 2013 us=525000 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Fri Sep 13 14:15:19 2013 us=525000 Local Options hash (VER=V4): '41690919'
Fri Sep 13 14:15:19 2013 us=525000 Expected Remote Options hash (VER=V4): '530fdded'
Fri Sep 13 14:15:19 2013 us=525000 UDPv4 link local: [undef]
Fri Sep 13 14:15:19 2013 us=525000 UDPv4 link remote: 74.91.115.193:1194
Fri Sep 13 14:15:19 2013 us=525000 UDPv4 WRITE [14] to 74.91.115.193:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
Fri Sep 13 14:15:19 2013 us=525000 UDPv4 READ [0] from [undef]: DATA UNDEF len=-1
Fri Sep 13 14:15:19 2013 us=588000 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Sep 13 14:15:19 2013 us=588000 UDPv4 READ [0] from [undef]: DATA UNDEF len=-1
Fri Sep 13 14:15:21 2013 us=928000 UDPv4 WRITE [14] to 74.91.115.193:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
Fri Sep 13 14:15:21 2013 us=990000 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Sep 13 14:15:21 2013 us=990000 UDPv4 READ [0] from [undef]: DATA UNDEF len=-1
Fri Sep 13 14:15:25 2013 us=516000 UDPv4 WRITE [14] to 74.91.115.193:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
Fri Sep 13 14:15:25 2013 us=578000 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Sep 13 14:15:25 2013 us=578000 UDPv4 READ [0] from [undef]: DATA UNDEF len=-1
server.opvn

Code: Select all

;local 74.91.115.193
port 1194
;proto tcp
proto udp
;dev tap
dev tun
;dev-node MyTap
ca "C:\\Program Files (x86)\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files (x86)\\OpenVPN\config\\server.crt"
key "C:\\Program Files (x86)\\OpenVPN\\config\\server.key"  # This file should be kept secret
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
;server-bridge
;push "route 192.168.10.0 255.255.255.0"
;push "route 192.168.20.0 255.255.255.0"
;client-config-dir ccd
;route 192.168.40.128 255.255.255.248
;client-config-dir ccd
;route 10.9.0.0 255.255.255.252
;learn-address ./script
;push "redirect-gateway def1 bypass-dhcp"
;push "dhcp-option DNS 208.67.222.222"
;push "dhcp-option DNS 208.67.220.220"
;client-to-client
;duplicate-cn
keepalive 10 120
;tls-auth ta.key 0 # This file is secret
;cipher BF-CBC        # Blowfish (default)
;cipher AES-128-CBC   # AES
;cipher DES-EDE3-CBC  # Triple-DES
comp-lzo
;max-clients 100
;user nobody
;group nobody
persist-key
persist-tun
status openvpn-status.log
;log         openvpn.log
;log-append  openvpn.log

verb 3

;mute 20
client.opvm

Code: Select all

client

;dev tap
dev tun
;dev-node MyTap
;proto tcp
proto udp
remote 74.91.115.193:1194
;remote my-server-2 1194
;remote-random
resolv-retry infinite
nobind

;user nobody
;group nobody

persist-key
persist-tun

;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]

;mute-replay-warnings

ca "C:\\Program Files (x86)\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files (x86)\\OpenVPN\\config\\123.crt"
key "C:\\Program Files (x86)\\OpenVPN\\config\\123.key"
ns-cert-type server

;tls-auth ta.key 1
;cipher x
comp-lzo
verb 3
;mute 20
My goal here is to use my servers internet connection as my own.
Top
kraze
OpenVPN User
Posts: 36
Joined: Fri Sep 13, 2013 6:46 pm

Re: Cannot load certificate file help!

Post by kraze » Fri Sep 13, 2013 10:27 pm

Post your configs "without comments" .. (don't bother now :roll: )
My bad, I didn't see that ";" was listed as a comment in those files.
--redirect-gateway [flags]: Automatically execute routing commands to redirect all outgoing IP traffic through the VPN.

flag=Def1

This is the directive that will force your client to use the VPN.
Where exactly do I set this at on my client? Also is this going to allow me to connect? As it stands I can't even connect to the VPN due to the errors I posted above.
Top
kraze
OpenVPN User
Posts: 36
Joined: Fri Sep 13, 2013 6:46 pm

Re: Cannot load certificate file help!

Post by kraze » Fri Sep 13, 2013 11:30 pm

I think you may be misunderstanding what I am saying. I cannot connect to the VPN running on my server. When I go to connect it says..

Code: Select all

Fri Sep 13 16:07:06 2013 OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Aug 20 2010
Fri Sep 13 16:07:06 2013 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Fri Sep 13 16:07:06 2013 LZO compression initialized
Fri Sep 13 16:07:06 2013 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Fri Sep 13 16:07:06 2013 Socket Buffers: R=[8192->8192] S=[8192->8192]
Fri Sep 13 16:07:06 2013 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Fri Sep 13 16:07:06 2013 Local Options hash (VER=V4): '41690919'
Fri Sep 13 16:07:06 2013 Expected Remote Options hash (VER=V4): '530fdded'
Fri Sep 13 16:07:06 2013 UDPv4 link local: [undef]
Fri Sep 13 16:07:06 2013 UDPv4 link remote: 74.91.115.193:1194
Fri Sep 13 16:07:06 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Sep 13 16:07:09 2013 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
The server is not behind any type of firewall and there is no router in the mix on my home connection.
Top
mwandelaar
OpenVPN Super User
Posts: 219
Joined: Mon Nov 23, 2009 8:24 pm

Re: Cannot load certificate file help!

Post by mwandelaar » Sat Sep 14, 2013 6:41 am

It really looks like there's something in between, blocking the packets. These 4 lines:
kraze wrote:

Code: Select all

Fri Sep 13 14:15:19 2013 us=588000 UDPv4 READ [0] from [undef]: DATA UNDEF len=-1
Fri Sep 13 14:15:21 2013 us=928000 UDPv4 WRITE [14] to 74.91.115.193:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
Fri Sep 13 14:15:21 2013 us=990000 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Sep 13 14:15:21 2013 us=990000 UDPv4 READ [0] from [undef]: DATA UNDEF len=-1
means that the client can't connect.
Please review and post both client and server loggings from the same connection. And, if possible, review client and server firewall-settings.
If this all does not work, please check if tcp is working, or another random high port on tcp. This way you can determine the source of the problem.
Top
kraze
OpenVPN User
Posts: 36
Joined: Fri Sep 13, 2013 6:46 pm

Re: Cannot load certificate file help!

Post by kraze » Sat Sep 14, 2013 8:20 am

Here is the client log:
http://pastebin.com/HLGLSqtC

Here is the server log:
http://pastebin.com/MFeFAcq8

The server isn't behind a firewall and Windows firewall isn't running. My client is behind a router but I spent a good few hours today with the router bypassed to see if that was the issue. The same error occurred with or without the router.

I noticed when I enabled TCP and it to a high port it was still trying to run on 1194 and I don't know why. I specified in both client and server configs to run on 65535.

Code: Select all

Sat Sep 14 00:36:20 2013 Attempting to establish TCP connection with 74.91.115.193:1194
Sat Sep 14 00:36:22 2013 TCP: connect to 74.91.115.193:1194 failed, will try again in 5 seconds: Connection refused (WSAECONNREFUSED)
Sat Sep 14 00:36:28 2013 TCP: connect to 74.91.115.193:1194 failed, will try again in 5 seconds: Connection refused (WSAECONNREFUSED)
client.opvn
client
dev tun
proto tcp
remote 74.91.115.193:65535
resolv-retry infinite
nobind
persist-key
persist-tun
ca "C:\\Program Files (x86)\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files (x86)\\OpenVPN\\config\\123.crt"
key "C:\\Program Files (x86)\\OpenVPN\\config\\123.key"
ns-cert-type server
comp-lzo
verb 3
;mute 20
Server.opvm
port 65535
proto tcp
dev tun
ca "C:\\Program Files (x86)\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files (x86)\\OpenVPN\config\\server.crt"
key "C:\\Program Files (x86)\\OpenVPN\\config\\server.key" # This file should be kept secret
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
comp-lzo
status openvpn-status.log
verb 9
Top
kraze
OpenVPN User
Posts: 36
Joined: Fri Sep 13, 2013 6:46 pm

Re: Cannot load certificate file help!

Post by kraze » Sat Sep 14, 2013 5:40 pm

debbie10t wrote:
kraze wrote: client.opvn
client
dev tun
proto tcp
remote 74.91.115.193:65535
remote 74.91.115.193 {space} 65535

No colon .. try that and let us know.
That fixed the port issue but it's still failing to connect with the same error message.
Sat Sep 14 10:19:41 2013 TCP: connect to 74.91.115.193:1194 failed, will try again in 5 seconds: Connection refused (WSAECONNREFUSED)
Sat Sep 14 10:19:47 2013 TCP: connect to 74.91.115.193:1194 failed, will try again in 5 seconds: Connection refused (WSAECONNREFUSED)
Sat Sep 14 10:19:53 2013 TCP: connect to 74.91.115.193:1194 failed, will try again in 5 seconds: Connection refused (WSAECONNREFUSED)
Sat Sep 14 10:19:59 2013 TCP: connect to 74.91.115.193:1194 failed, will try again in 5 seconds: Connection refused (WSAECONNREFUSED)
I don't know of anything on my end that could be blocking it, especially when there is no router in play. The server isn't behind a firewall and I've asked the provider to confirm OpenVPN traffic isn't being blocked.
Top
kraze
OpenVPN User
Posts: 36
Joined: Fri Sep 13, 2013 6:46 pm

Re: Cannot load certificate file help!

Post by kraze » Sat Sep 14, 2013 8:40 pm

debbie10t wrote:
kraze wrote:That fixed the port issue but it's still failing to connect with the same error message.
Sat Sep 14 10:19:41 2013 TCP: connect to 74.91.115.193:1194 failed, will try again in 5 seconds: Connection refused (WSAECONNREFUSED)
Sat Sep 14 10:19:47 2013 TCP: connect to 74.91.115.193:1194 failed, will try again in 5 seconds: Connection refused (WSAECONNREFUSED)
Sat Sep 14 10:19:53 2013 TCP: connect to 74.91.115.193:1194 failed, will try again in 5 seconds: Connection refused (WSAECONNREFUSED)
Sat Sep 14 10:19:59 2013 TCP: connect to 74.91.115.193:1194 failed, will try again in 5 seconds: Connection refused (WSAECONNREFUSED)
I don't know of anything on my end that could be blocking it, especially when there is no router in play. The server isn't behind a firewall and I've asked the provider to confirm OpenVPN traffic isn't being blocked.
Before, your configs showed you were using port 65535

The log above shows you are now using port 1194

Which port are you using ? Make sure your client is trying the right port . . .
Yes, I was trying a few different ports. I was using a high port for TCP and the standard port for UDP. I checked my config file and it seems to be set to the correct port. Is there another way I can confirm my client is using the correct port?
Top
kraze
OpenVPN User
Posts: 36
Joined: Fri Sep 13, 2013 6:46 pm

Re: Cannot load certificate file help!

Post by kraze » Sat Sep 14, 2013 10:40 pm

debbie10t wrote:
kraze wrote:Yes, I was trying a few different ports. I was using a high port for TCP and the standard port for UDP. I checked my config file and it seems to be set to the correct port. Is there another way I can confirm my client is using the correct port?
This is exactly why we ask for your Current configs and Logfiles.

Not only have you been changing ports but you have also changed your protocol UDP/TCP.

I suggest you go back to square one and make sure your configs are actually setup correctly.
Strip out ALL of the stuff you don't need for testing and get the connection working, once you
have a stable connection then you can play with all the other toys.

I would then suggest you post the actual running configs here before you change them again.
Client AND Server . . .

If you still don't have a stable connection, post your logs at verb 3.

I did post my exact configs of what I was running at the time. You're correct I did fiddle with a few settings in the hope that I was able to get it working based on what I found by doing research. Next time take the few extra seconds to read and you'll see you mentioned TCP in your first reply to me and that "mwandelaar" mentioned I try TCP. Also in your first post it was suggested that I use Verb 6 which according to the configs is good for diagnosing connection issues.

While I appreciate your help, your entire assistance in this thread really hasn't been helpful. Your post all seem fairly vague and just about all of them leave a sense of "you're an idiot".

Client.opvm
http://pastebin.com/t4m0wxm1
Server.opvm
http://pastebin.com/w6FqE8JJ

Client log
http://pastebin.com/edrvLAYx
Server log

Code: Select all

Options warning: Bad backslash ('\') usage in server.ovpn:79: remember that backslashes are treated as shell-escapes and if you need to pass backslash characters as part of a Windows filename, you should use double backslashes such as "c:\\openvpn\\static.key"
Top
kraze
OpenVPN User
Posts: 36
Joined: Fri Sep 13, 2013 6:46 pm

Re: Cannot load certificate file help!

Post by kraze » Sun Sep 15, 2013 12:47 am

I wrote a reply back to what you said but in this case I'll admit I was incorrect. I was able to identify my mistake on the server and the server side VPN is now running properly. However, I am still unable to connect with the client.

I grabbed new copies of both the client and server config and edited the directories.

This is now the exact client config I am running.
http://pastebin.com/GpZQv2EF
This is now the exact server config I am running
http://pastebin.com/cgRCF7sx

I've deleted the old log files so new ones could be generated. This is the client log.
http://pastebin.com/H2YZbdyN

This is the server log.
http://pastebin.com/vJuarZF7
Top
kraze
OpenVPN User
Posts: 36
Joined: Fri Sep 13, 2013 6:46 pm

Re: Cannot load certificate file help!

Post by kraze » Sun Sep 15, 2013 1:59 am

I wasn't able to find a tls-auth-key.bat but doing some general research on that it seems it is just the files I generated earlier. The .crt, .key files?
Top
kraze
OpenVPN User
Posts: 36
Joined: Fri Sep 13, 2013 6:46 pm

Re: Cannot load certificate file help!

Post by kraze » Sun Sep 15, 2013 2:21 am

Alright, I did that and it generated the ta.key file. I moved the newly generated ta.key file into the config folder on my server and client and added the correct directory to my client/server.opvn. It seems to still be erroring out with the same error.

Client.opvn
http://pastebin.com/HtMfWEuf
Server.opvn
http://pastebin.com/PWMLsimE

Client log
http://pastebin.com/1x5xXaCZ
Server log
http://pastebin.com/YKHGSvF3
Top
kraze
OpenVPN User
Posts: 36
Joined: Fri Sep 13, 2013 6:46 pm

Re: Cannot load certificate file help!

Post by kraze » Sun Sep 15, 2013 3:11 am

I will regenerate the certificate and report back on that. When I first generated them one of the keys came out blank, so it is possible a similar situation happened again.
Are you sure your network is not interfering in some way ?
Server side, yes. On the client my router could be blocking the connection, even though I opened the port. I'll need to remove that from the equation tomorrow and test. Other than that I am not running any antivirus or any firewalls on my client.
Top
kraze
OpenVPN User
Posts: 36
Joined: Fri Sep 13, 2013 6:46 pm

Re: Cannot load certificate file help!

Post by kraze » Mon Sep 16, 2013 2:00 am

debbie10t wrote:It does not look like your router is blocking anything, as the connection is initiated but failing at the TLS verification.

If, as you say, one of your keys did not generate correctly, that is much more likely to be the problem.
I went ahead and regenerated the files and that did not fix the issue. I started playing around with different variables and tried different things, and I believe I moved us a step closer. It wasn't clear to me but I generated the ta.key on my server and used both for my server/client. I then tried generating one on the server and then a new one on my client. This stopped the error messages I was seeing, but when I go to connect on the client it just hangs with no errors. The server does have some, though.

Server.opvn
http://pastebin.com/40b20Ebh
Client.opvn
http://pastebin.com/6zESE3Rt

Server log
http://pastebin.com/M62f6DC3
Client log
http://pastebin.com/Qxx7qm1K
Top
kraze
OpenVPN User
Posts: 36
Joined: Fri Sep 13, 2013 6:46 pm

Re: Cannot load certificate file help!

Post by kraze » Mon Sep 16, 2013 5:18 pm

I copied the ta.key from the server and placed it on my client and set the verb to six on both. I also removed "ns-cert-type server" as suggested.

Server log
http://pastebin.com/QUCBmC7A
Client log
http://pastebin.com/6HbX9TMf
Top
kraze
OpenVPN User
Posts: 36
Joined: Fri Sep 13, 2013 6:46 pm

Re: Cannot load certificate file help!

Post by kraze » Mon Sep 16, 2013 9:21 pm

I regenerated the server keys without an issue but the client ones are giving me problems. Went through the process normally and it generates a .csr and a .key file for my client but no .crt file. Went through the process a few times with the same results. This is the full command prompt process.

Code: Select all

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.
The system cannot find the path specified.

C:\Users\Kraze>cd "C:\Program Files (x86)\OpenVPN\easy-rsa"

C:\Program Files (x86)\OpenVPN\easy-rsa>init-config

C:\Program Files (x86)\OpenVPN\easy-rsa>copy vars.bat.sample vars.bat
        1 file(s) copied.

C:\Program Files (x86)\OpenVPN\easy-rsa>copy openssl.cnf.sample openssl.cnf
        1 file(s) copied.

C:\Program Files (x86)\OpenVPN\easy-rsa>vars

C:\Program Files (x86)\OpenVPN\easy-rsa>clean-all
The system cannot find the path specified.
        1 file(s) copied.
        1 file(s) copied.

C:\Program Files (x86)\OpenVPN\easy-rsa>build-key test-client
The system cannot find the path specified.
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
.................................................++++++
............++++++
unable to write 'random state'
writing new private key to 'keys\test-client.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [US]:US
State or Province Name (full name) [CA]:CA
Locality Name (eg, city) [SanFrancisco]:SanFrancisco
Organization Name (eg, company) [OpenVPN]:N/A
Organizational Unit Name (eg, section) []:N/A
Common Name (eg, your name or your server's hostname) []:N/A
Email Address [mail@host.domain]:N/A

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:123456
An optional company name []:
Using configuration from openssl.cnf
Loading 'screen' into random state - done
Error opening CA private key keys/ca.key
1248:error:02001002:system library:fopen:No such file or directory:.\crypto\bio\bss_file.c:356:fopen('keys/ca.key','rb')

1248:error:20074002:BIO routines:FILE_CTRL:system lib:.\crypto\bio\bss_file.c:358:
unable to load CA private key
unable to write 'random state'
Could Not Find C:\Program Files (x86)\OpenVPN\easy-rsa\keys\*.old

C:\Program Files (x86)\OpenVPN\easy-rsa>
Top
kraze
OpenVPN User
Posts: 36
Joined: Fri Sep 13, 2013 6:46 pm

Re: Cannot load certificate file help!

Post by kraze » Thu Sep 19, 2013 7:01 pm

After some more in-depth help from debbie10t I was able to get the VPN working properly. MY ultimate goal here was to use the servers internet as my own. According to the post above I just needed to place "push "redirect-gateway def1" in my server.opvn. Is there more to this process or is that it?
Top
kraze
OpenVPN User
Posts: 36
Joined: Fri Sep 13, 2013 6:46 pm

Re: Cannot load certificate file help!

Post by kraze » Thu Sep 19, 2013 8:52 pm

Alright, just so I understand.

I add push "redirect-gateway def1" to my server.opvn and I add pull "redirect-gateway def1" to my client.opvn?
I have been working on this for quite some time:
In mode server-bridge you must specify the default gateway address as parameter #1 otherwise the DEF1 directive is not correctly passed to the client. That is using TAP not TUN.
I am not fully sure what you mean by this, unfortunately. I understand I have to use the name "def1" or whatever I picked above in the second variable but I am unsure on what the second variable is.
Top
kraze
OpenVPN User
Posts: 36
Joined: Fri Sep 13, 2013 6:46 pm

Re: Cannot load certificate file help!

Post by kraze » Thu Sep 19, 2013 9:01 pm

(Duplicate post)
Top
kraze
OpenVPN User
Posts: 36
Joined: Fri Sep 13, 2013 6:46 pm

Re: Cannot load certificate file help!

Post by kraze » Thu Sep 19, 2013 9:26 pm

Alright, client was already listed in there but just to be safe I added "pull" as well. I can connect to the VPN just fine but not everything wants to load on my client. Things like Gmail will load just fine but generic web pages won't.
Top
Locked

Return to “Installation Help”