single client - single server using only a static key
Posted: Sun Dec 21, 2014 11:18 pm
I've created a simple single client/ single server using only a static.key.
The server is a Raspberry Pi configured with simple server.conf:
dev tun
ifconfig 10.0.1.5 10.0.1.25
secret static.key
cipher AES-256-CBC
keepalive 10 120
On my macbook, using TunnelBlick with client.conf:
remote vpnxyz.net
dev tun
ifconfig 10.0.1.25 10.0.1.5
secret static.key
cipher AES-256-CBC
route 10.0.1.0 255.255.255.0
It works. I can connect to my vpn server from anywhere using my MacBook. I'm trying to keep a simple vpn server/client setup with as low overhead has possible so as not to overload the little Pi....
On my iPad, I've installed the OpenVPN app and created a .ovpn as follows:
remote vpnxyz.net
dev tun
ifconfig 10.0.1.25 10.0.1.5
cipher AES-256-CBC
route 10.0.1.0 255.255.255.0
key-direction 1
<ca>
</ca>
<cert>
</cert>
<key>
-----BEGIN OpenVPN Static key V1-----
b31b550dcda594a408659ba85c80ed92
d6face184564490aac8c4ad965a88d2c
5ff45b9ffd9848342a82315c24b34d4d
464271bd515d9a55eaf72845860c2733
f1d318f9b276de993b18e4daebb719d6
7d3f4e0e2843fdfdfdfd8b69f763030c
7cd682df8daa67dc984d24a9f44d56a7
a7a656ae67c537123033f77f0dc89fb2
-----END OpenVPN Static key V1-----
</key>
but when I try to connect I get the following error:
OpenVPN error: PolarSSL:error parsing ca certificate:X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected.
I'm not using a ca.crt or ta.key or client.crt configuration. Just a simple static key. I'm okay with the potential liabilities of a simple solution like this.
Can anybody give me an idea what I've done wrong with my IOS .ovpn configuration file?
Any help would be greatly appreciated.
Thanks,
John
The server is a Raspberry Pi configured with simple server.conf:
dev tun
ifconfig 10.0.1.5 10.0.1.25
secret static.key
cipher AES-256-CBC
keepalive 10 120
On my macbook, using TunnelBlick with client.conf:
remote vpnxyz.net
dev tun
ifconfig 10.0.1.25 10.0.1.5
secret static.key
cipher AES-256-CBC
route 10.0.1.0 255.255.255.0
It works. I can connect to my vpn server from anywhere using my MacBook. I'm trying to keep a simple vpn server/client setup with as low overhead has possible so as not to overload the little Pi....
On my iPad, I've installed the OpenVPN app and created a .ovpn as follows:
remote vpnxyz.net
dev tun
ifconfig 10.0.1.25 10.0.1.5
cipher AES-256-CBC
route 10.0.1.0 255.255.255.0
key-direction 1
<ca>
</ca>
<cert>
</cert>
<key>
-----BEGIN OpenVPN Static key V1-----
b31b550dcda594a408659ba85c80ed92
d6face184564490aac8c4ad965a88d2c
5ff45b9ffd9848342a82315c24b34d4d
464271bd515d9a55eaf72845860c2733
f1d318f9b276de993b18e4daebb719d6
7d3f4e0e2843fdfdfdfd8b69f763030c
7cd682df8daa67dc984d24a9f44d56a7
a7a656ae67c537123033f77f0dc89fb2
-----END OpenVPN Static key V1-----
</key>
but when I try to connect I get the following error:
OpenVPN error: PolarSSL:error parsing ca certificate:X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected.
I'm not using a ca.crt or ta.key or client.crt configuration. Just a simple static key. I'm okay with the potential liabilities of a simple solution like this.
Can anybody give me an idea what I've done wrong with my IOS .ovpn configuration file?
Any help would be greatly appreciated.
Thanks,
John