When I save a cert from any efw, it gets a .cer file name
extension. How’d you get .pem?
Heres my working client.ovpn:
client
float
dev tap
proto udp
port 1194
remote xxx.xxx.xxx.xxx
resolv-retry infinite
nobind
persist-key
persist-tun
ca lasvegas.cer
auth-user-pass
pull
comp-lzo
Name the cert whatever makes sense...
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
toby
Sent: Thursday, November 29, 2007 9:33 AM
To: efw-user@lists.sourceforge.net
Subject: [Efw-user] New efw 2.1.2 installation unable to
OpenVPN
Hello all,
I recently installed Endian 2.1.2 community edition and my
hope is to use it to replace my existing OpenVPN server that
is currently being used as a file server as well. I went
throught the OpenVPN configuration process, downloaded cert
and created client.ovpn configuration file (see below) and I
get the following error message (also, see below) What have
I missed?
client.ovpn (using Windows XP OpenVPN GUI client)
client
dev tun
proto udp
remote 201.x.x.x
resolv-retry infinite
nobind
persist-key
persist-tun
ca cacert.pem
auth-user-pass
comp-lzo
error message (received on client)
Thu Nov 29 10:24:53 2007 OpenVPN 2.0.9 Win32-MinGW [SSL]
[LZO] built on Oct 1 2
006
Enter Auth Username:test
Enter Auth Password:
Thu Nov 29 10:25:02 2007 IMPORTANT: OpenVPN's default port
number is now 1194, b
ased on an official port number assignment by IANA. OpenVPN
2.0-beta16 and earl
ier used 5000 as the default port.
Thu Nov 29 10:25:02 2007 WARNING: No server certificate
verification method has
been enabled. See HYPERLINK
"http://openvpn.net/howto.html#mitm"http://openvpn.net/howto
.html#mitm for more info.
Thu Nov 29 10:25:02 2007 LZO compression initialized
Thu Nov 29 10:25:02 2007 UDPv4 link local: [undef]
Thu Nov 29 10:25:02 2007 UDPv4 link remote: 201.x.x.x:1194
I later added, ns-cert-type server, to server log to resolve
the warning message. Now I connection output looks like the
following:
Thu Nov 29 10:28:03 2007 OpenVPN 2.0.9 Win32-MinGW [SSL]
[LZO] built on Oct 1 2
006
Enter Auth Username:test
Enter Auth Password:
Thu Nov 29 10:28:08 2007 IMPORTANT: OpenVPN's default port
number is now 1194, b
ased on an official port number assignment by IANA. OpenVPN
2.0-beta16 and earl
ier used 5000 as the default port.
Thu Nov 29 10:28:08 2007 LZO compression initialized
Thu Nov 29 10:28:08 2007 UDPv4 link local: [undef]
Thu Nov 29 10:28:08 2007 UDPv4 link remote: 201.x.x.x:1194
Thu Nov 29 10:29:08 2007 TLS Error: TLS key negotiation
failed to occur within 6
0 seconds (check your network connectivity)
Thu Nov 29 10:29:08 2007 TLS Error: TLS handshake failed
Thu Nov 29 10:29:08 2007 SIGUSR1[soft,tls-error] received,
process restarting
Thu Nov 29 10:29:10 2007 IMPORTANT: OpenVPN's default port
number is now 1194, b
ased on an official port number assignment by IANA. OpenVPN
2.0-beta16 and earl
ier used 5000 as the default port.
Thu Nov 29 10:29:10 2007 Re-using SSL/TLS context
Thu Nov 29 10:29:10 2007 LZO compression initialized
Thu Nov 29 10:29:10 2007 UDPv4 link local: [undef]
Thu Nov 29 10:29:10 2007 UDPv4 link remote: 201.x.x.x:1194
Also, my current OpenVPN server works and is on a different
public IP and it is not connected to Endian FW. I want to
replace current OpenVPN server with Endian FW as it provides
more features (content filtering, proxy, etc.)
Thanks,
Toby.
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.503 / Virus Database: 269.16.10/1159 - Release
Date: 11/29/2007 11:10 AM
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.503 / Virus Database: 269.16.10/1159 - Release
Date: 11/29/2007 11:10 AM
-------------------------------------------------------------------------
SF.Net email is sponsored by: The Future of Linux Business White Paper
from Novell. From the desktop to the data center, Linux is going
mainstream. Let it simplify your IT future.
http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4
_______________________________________________
Efw-user mailing list
Efw-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/efw-user
