Openvpn client on opensolaris configuration help

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
morten44
OpenVpn Newbie
Posts: 1
Joined: Tue Nov 02, 2010 6:59 pm

Openvpn client on opensolaris configuration help

Post by morten44 » Tue Nov 02, 2010 7:25 pm

First I install tun and tap from blastwave and then openvpn.

orten@opensolaris.2009.06:~# /opt/csw/sbin/openvpn --help
OpenVPN 2.0.9 i386-pc-solaris2.8 [SSL] [LZO] built on Aug 9 2007

I have these files on my system.

find / -name 'openvpn*' -print
/opt/csw/share/man/man8/openvpn.8
/opt/csw/sbin/openvpn
/tmp/openvpn-linux-fulltunnel.conf
/export/home/morten/openvpn.net.txt
/export/home/morten/Downloads/openvpn-linux-fulltunnel.conf
/export/home/morten/Downloads/openvpn-linux-extern.conf
/export/home/morten/openvpn.net.txt~
/var/log/openvpn-rwth.log
/etc/init.d/openvpn
/etc/csw/openvpn
/etc/csw/openvpn/openvpn-linux-fulltunnel.conf
/etc/csw/openvpn/openvpn.conf.CSW
morten@opensolaris.2009.06:~# /etc/init.d/openvpn start


does not work

I have this configuration file:

cat /tmp/openvpn-linux-fulltunnel.conf
# Client implies tls-client and pull
client
# use a tap device
dev tap
# The RWTH OpenVPN server name + IP
remote 134.130.5.228 1194
remote openvpn.rz.rwth-aachen.de 1194
# persist connection parameters
persist-key
persist-tun
# Use compression
comp-lzo
# Path to the CA, adjust as required
ca /etc/openvpn/ca-rwth.pem
# Logging parameters, increase verb to 4 in case of problems
verb 0
mute 10
log /var/log/openvpn-rwth.log
# Use username/password authentication
auth-user-pass
# Misc settings, see openvpn manual
nobind
daemon
morten@opensolaris.2009.06:~$

===
tap and tun is already installed together with openvpn. I did use the same configuration file on a debian linux, and that works, I get a prompt for username and password, types it, and job done,

It does not work on opensolaris;

uname -a
SunOS opensolaris.2009.06 5.11 snv_111b i86pc i386 i86pc Solaris

Please help.

openvpn [ --config file ]


find / -name 'openvpn' -print
/opt/csw/sbin/openvpn
/etc/init.d/openvpn
/etc/csw/openvpn
morten@opensolaris.2009.06:~# /opt/csw/sbin/openvpn --config /etc/csw/openvpn/openvpn-linux-fulltunnel.conf
Enter Auth Username:myusername
Enter Auth Password:mypassword
morten@opensolaris.2009.06:~#

It still does not work.


less /var/log/openvpn-rwth.log

Tue Nov 2 13:15:08 2010 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Tue Nov 2 13:15:08 2010 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue Nov 2 13:15:08 2010 Cannot load CA certificate file /etc/openvpn/ca-rwth.pem (SSL_CTX_load_verify_locations): error:02001002:system library:fopen:No such file or directory: error:2006D080:BIO routines:BIO_new_file:no such file: error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib
/var/log/openvpn-rwth.log (END)

ca-rwth.pem I got from here:

https://pki.pca.dfn.de/rwth-ca/pub/cacert/chain.txt

chain.txt is renames as ca-rwth.pem and stored here:

find / -name 'ca-rwth.pem' -print
/tmp/ca-rwth.pem
/export/home/morten/Downloads/ca-rwth.pem
morten@opensolaris.2009.06:/tmp# cp ca-rwth.pem /etc/op
openssl/ opt/

so here is the problem, should I create the directory and save it there, or is it under solaris expected to be in a different directory?

find / -name 'openvpn' -print
/opt/csw/sbin/openvpn
/etc/init.d/openvpn
/etc/csw/openvpn

Is what I got.

cp ca-rwth.pem /etc/csw/openvpn/
easy-rsa/ openvpn.conf.CSW openvpn-linux-fulltunnel.conf
morten@opensolaris.2009.06:/tmp# cp ca-rwth.pem /etc/csw/openvpn/
morten@opensolaris.2009.06:/tmp# # I try again
morten@opensolaris.2009.06:/tmp# /opt/csw/sbin/openvpn --config /etc/csw/openvpn/openvpn-linux-fulltunnel.conf
Enter Auth Username:xxxxxx
Enter Auth Password:yyyyyy
morten@opensolaris.2009.06:/tmp# # same problem no difference
morten@opensolaris.2009.06:/tmp# less /var/log/openvpn-rwth.log


Tue Nov 2 20:20:08 2010 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Tue Nov 2 20:20:08 2010 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue Nov 2 20:20:08 2010 Cannot load CA certificate file /etc/openvpn/ca-rwth.pem (SSL_CTX_load_verify_locations): error:02001002:system library:fopen:No such file or directory: error:2006D080:BIO routines:BIO_new_file:no such file: error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib
/var/log/openvpn-rwth.log (END)

/etc/openvpn/ca-rwth.pem is obiously the wrong path on my system,

find / -name 'ca-rwth.pem' -print
/tmp/ca-rwth.pem
/export/home/morten/Downloads/ca-rwth.pem
/etc/csw/openvpn/ca-rwth.pem

I feel the default place, esp if the reported directory is nonexistent,

Question:
can I safely create it ? Do I need special configuration files for opensolaris?
Top
User avatar
krzee
Forum Team
Posts: 728
Joined: Fri Aug 29, 2008 5:42 pm

Re: Openvpn client on opensolaris configuration help

Post by krzee » Wed Nov 03, 2010 5:23 am

there is no default location
either move the file to where your config says it is, or change the config option to know where it is
Top
Post Reply

Return to “Configuration”