OpenVPN Support Forum

Posted: **Sun Oct 27, 2019 3:40 pm**

Hello there I added a new user to my server and the .ovpn file seems to have so missing things which I cant understand. I got a same config with other Keys ofc. and the same parameters for another machine and it works fine.. Here are the parameters.

Code: Select all

client
dev tun
proto udp
remote 207.180.225.35 1194
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
auth SHA512
cipher AES-256-CBC
ignore-unknown-option block-outside-dns
block-outside-dns
tls-crypt
verb 3
<ca>
-----BEGIN CERTIFICATE-----
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
#******************************************************************************************
-----END PRIVATE KEY-----
</key>
<tls-crypt>
-----BEGIN OpenVPN Static key V1-----
#*********************************************
#*********************************************
#*********************************************
#*********************************************
#*********************************************
#*********************************************
#*********************************************
#*********************************************
#*********************************************
#*********************************************
#*********************************************
#*********************************************
#*********************************************
#*********************************************
#*********************************************
#*********************************************
-----END OpenVPN Static key V1-----
</tls-crypt>

The Error Message is:

Code: Select all

Sun Oct 27 16:37:34 2019 Unrecognized option or missing parameter(s) in /home/vpnOrdner/upper.ovpn:13: block-outside-dns (2.3.9)
Options error: Unrecognized option or missing parameter(s) in /home/vpnOrdner/upper.ovpn:18: tls-crypt (2.3.9)
Use --help for more information.

The client machine runs debian (openPli) and the server runs on debian 10

WHAT I TRIED:

I just deleted the line with "block-outside-dns" but it didnt fix the error with tls-crypt.

Would be great if you can help me!

Posted: **Sun Oct 27, 2019 7:35 pm**

Do not install openvpn 2.3.9 ... Ever.

Posted: **Mon Oct 28, 2019 7:00 am**

TinCanTech wrote: ↑
Sun Oct 27, 2019 7:35 pm
Do not install openvpn 2.3.9 ... Ever.

Why?? Its the standart version in opkg for debian... What do you mean and where can I get another version?

Posted: **Mon Oct 28, 2019 3:22 pm**

What version of debian ?

Posted: **Mon Oct 28, 2019 7:22 pm**

He's running OpenPli, a software for STB boxes.

You have to find a way to update OpenVPN for OpenPli (good luck with that

), you already know where to find their forum...

Posted: **Mon Oct 28, 2019 8:21 pm**

Probably better to compile the source then.
https://community.openvpn.net/openvpn/w ... uildsystem

Posted: **Wed Oct 30, 2019 9:15 am**

TinCanTech wrote: ↑
Mon Oct 28, 2019 8:21 pm
Probably better to compile the source then.
https://community.openvpn.net/openvpn/w ... uildsystem

Thats not even possible I guess on their machines I am a little pissed of. Also Is there a big issue with openvpn version 2.3.9 besides the fact that this version is very old?

Posted: **Wed Oct 30, 2019 1:00 pm**

Turbo wrote: ↑
Wed Oct 30, 2019 9:15 am

TinCanTech wrote: ↑
Mon Oct 28, 2019 8:21 pm
Probably better to compile the source then.
https://community.openvpn.net/openvpn/w ... uildsystem
Thats not even possible

OpenVPN go to great lengths to make sure that this is possible.

Turbo wrote: ↑
Wed Oct 30, 2019 9:15 am
Also Is there a big issue with openvpn version 2.3.9 besides the fact that this version is very old?

It obviously does not support --tls-crypt

Posted: **Wed Oct 30, 2019 6:01 pm**

You so lucky

https://forums.openpli.org/topic/71972- ... om-source/

OpenVPN Support Forum

Missing Parameter tls-crypt

Missing Parameter tls-crypt

Re: Missing Parameter tls-crypt

Re: Missing Parameter tls-crypt

Re: Missing Parameter tls-crypt

Re: Missing Parameter tls-crypt

Re: Missing Parameter tls-crypt

Re: Missing Parameter tls-crypt

Re: Missing Parameter tls-crypt

Re: Missing Parameter tls-crypt