Mailinglist Archive: opensuse (2114 mails)
| < Previous | Next > |
Re: [opensuse] Building VPN network with OpenVPN and OpenSuSE11
- From: Patrik Hasibuan <patrikhasibuan@xxxxxxxxx>
- Date: Mon, 27 Oct 2008 23:45:28 -0700 (PDT)
- Message-id: <810678.30582.qm@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
Dear Jonathan,
Thank you very much for your respond.
I've followed your thread but it does not make anychange.
The file of 'dh1024.pem' exists, here also the '/var/log/messages':
"
mysussy:/usr/share/openvpn/easy-rsa/2.0/keys # ls -l
total 44
-rw-r--r-- 1 root root 3953 Oct 28 11:41 01.pem
-rw-r--r-- 1 root root 1273 Oct 28 11:39 ca.crt
-rw------- 1 root root 891 Oct 28 11:39 ca.key
-rw-r--r-- 1 root root 245 Oct 28 11:42 dh1024.pem
-rw-r--r-- 1 root root 116 Oct 28 11:41 index.txt
-rw-r--r-- 1 root root 21 Oct 28 11:41 index.txt.attr
-rw-r--r-- 1 root root 0 Oct 28 11:36 index.txt.old
-rw-r--r-- 1 root root 3 Oct 28 11:41 serial
-rw-r--r-- 1 root root 3 Oct 28 11:36 serial.old
-rw-r--r-- 1 root root 3953 Oct 28 11:41 toka-site.crt
-rw-r--r-- 1 root root 777 Oct 28 11:40 toka-site.csr
-rw------- 1 root root 887 Oct 28 11:40 toka-site.key
mysussy:/usr/share/openvpn/easy-rsa/2.0/keys # chmod 644 ./dh1024.pem
mysussy:/usr/share/openvpn/easy-rsa/2.0/keys # rcopenvpn start
Starting OpenVPN failed
mysussy:/usr/share/openvpn/easy-rsa/2.0/keys # tail -n 30 /var/log/messages
Oct 28 14:30:53 mysussy kernel: printk: 2 messages suppressed.
Oct 28 14:30:54 mysussy openvpn[8502]: IMPORTANT: OpenVPN's default port number
is now 1194, based on an official port number assignment by IANA. OpenVPN
2.0-beta16 and earlier used 5000 as the default port.
Oct 28 14:30:54 mysussy openvpn[8502]: Cannot open file key file 'static.key':
No such file or directory (errno=2)
Oct 28 14:30:54 mysussy kernel: martian source 192.168.30.32 from
192.168.30.32, on dev eth0
Oct 28 14:30:54 mysussy openvpn[8502]: Exiting
Oct 28 14:30:54 mysussy kernel: ll header:
ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
Oct 28 14:30:54 mysussy openvpn[8506]: OpenVPN 2.0.9 i586-suse-linux [SSL]
[LZO] [EPOLL] built on Jun 7 2008
Oct 28 14:30:54 mysussy openvpn[8506]: IMPORTANT: OpenVPN's default port number
is now 1194, based on an official port number assignment by IANA. OpenVPN
2.0-beta16 and earlier used 5000 as the default port.
Oct 28 14:30:54 mysussy openvpn[8506]: WARNING: No server certificate
verification method has been enabled. See http://openvpn.net/howto.html#mitm
for more info.
Oct 28 14:30:54 mysussy openvpn[8506]: Cannot load certificate file home.crt:
error:02001002:system library:fopen:No such file or directory:
error:20074002:BIO routines:FILE_CTRL:system lib: error:140AD002:SSL
routines:SSL_CTX_use_certificate_file:system lib
Oct 28 14:30:54 mysussy openvpn[8506]: Exiting
Oct 28 14:30:54 mysussy openvpn[8508]: OpenVPN 2.0.9 i586-suse-linux [SSL]
[LZO] [EPOLL] built on Jun 7 2008
Oct 28 14:30:54 mysussy openvpn[8508]: IMPORTANT: OpenVPN's default port number
is now 1194, based on an official port number assignment by IANA. OpenVPN
2.0-beta16 and earlier used 5000 as the default port.
Oct 28 14:30:54 mysussy openvpn[8508]: Cannot open dh1024.pem for DH
parameters: error:02001002:system library:fopen:No such file or directory:
error:2006D080:BIO routines:BIO_new_file:no such file
Oct 28 14:30:54 mysussy openvpn[8508]: Exiting
Oct 28 14:30:57 mysussy kernel: printk: 2 messages suppressed.
Oct 28 14:30:57 mysussy kernel: martian source 192.168.30.32 from
192.168.30.32, on dev eth0
Oct 28 14:30:57 mysussy kernel: ll header:
ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
Oct 28 14:31:02 mysussy kernel: printk: 2 messages suppressed.
Oct 28 14:31:02 mysussy kernel: martian source 192.168.30.32 from
192.168.30.32, on dev eth0
Oct 28 14:31:02 mysussy kernel: ll header:
ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
Oct 28 14:31:08 mysussy kernel: printk: 3 messages suppressed.
Oct 28 14:31:08 mysussy kernel: martian source 192.168.30.32 from
192.168.30.32, on dev eth0
Oct 28 14:31:08 mysussy kernel: ll header:
ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
Oct 28 14:31:13 mysussy kernel: printk: 2 messages suppressed.
Oct 28 14:31:13 mysussy kernel: martian source 192.168.30.32 from
192.168.30.32, on dev eth0
Oct 28 14:31:13 mysussy kernel: ll header:
ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
Oct 28 14:31:17 mysussy kernel: printk: 2 messages suppressed.
Oct 28 14:31:17 mysussy kernel: martian source 192.168.30.32 from
192.168.30.32, on dev eth0
Oct 28 14:31:17 mysussy kernel: ll header:
ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
mysussy:/usr/share/openvpn/easy-rsa/2.0/keys #
".
--- On Tue, 10/28/08, Jonathan Ervine <jervine@xxxxxxxxxx> wrote:
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
Thank you very much for your respond.
I've followed your thread but it does not make anychange.
The file of 'dh1024.pem' exists, here also the '/var/log/messages':
"
mysussy:/usr/share/openvpn/easy-rsa/2.0/keys # ls -l
total 44
-rw-r--r-- 1 root root 3953 Oct 28 11:41 01.pem
-rw-r--r-- 1 root root 1273 Oct 28 11:39 ca.crt
-rw------- 1 root root 891 Oct 28 11:39 ca.key
-rw-r--r-- 1 root root 245 Oct 28 11:42 dh1024.pem
-rw-r--r-- 1 root root 116 Oct 28 11:41 index.txt
-rw-r--r-- 1 root root 21 Oct 28 11:41 index.txt.attr
-rw-r--r-- 1 root root 0 Oct 28 11:36 index.txt.old
-rw-r--r-- 1 root root 3 Oct 28 11:41 serial
-rw-r--r-- 1 root root 3 Oct 28 11:36 serial.old
-rw-r--r-- 1 root root 3953 Oct 28 11:41 toka-site.crt
-rw-r--r-- 1 root root 777 Oct 28 11:40 toka-site.csr
-rw------- 1 root root 887 Oct 28 11:40 toka-site.key
mysussy:/usr/share/openvpn/easy-rsa/2.0/keys # chmod 644 ./dh1024.pem
mysussy:/usr/share/openvpn/easy-rsa/2.0/keys # rcopenvpn start
Starting OpenVPN failed
mysussy:/usr/share/openvpn/easy-rsa/2.0/keys # tail -n 30 /var/log/messages
Oct 28 14:30:53 mysussy kernel: printk: 2 messages suppressed.
Oct 28 14:30:54 mysussy openvpn[8502]: IMPORTANT: OpenVPN's default port number
is now 1194, based on an official port number assignment by IANA. OpenVPN
2.0-beta16 and earlier used 5000 as the default port.
Oct 28 14:30:54 mysussy openvpn[8502]: Cannot open file key file 'static.key':
No such file or directory (errno=2)
Oct 28 14:30:54 mysussy kernel: martian source 192.168.30.32 from
192.168.30.32, on dev eth0
Oct 28 14:30:54 mysussy openvpn[8502]: Exiting
Oct 28 14:30:54 mysussy kernel: ll header:
ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
Oct 28 14:30:54 mysussy openvpn[8506]: OpenVPN 2.0.9 i586-suse-linux [SSL]
[LZO] [EPOLL] built on Jun 7 2008
Oct 28 14:30:54 mysussy openvpn[8506]: IMPORTANT: OpenVPN's default port number
is now 1194, based on an official port number assignment by IANA. OpenVPN
2.0-beta16 and earlier used 5000 as the default port.
Oct 28 14:30:54 mysussy openvpn[8506]: WARNING: No server certificate
verification method has been enabled. See http://openvpn.net/howto.html#mitm
for more info.
Oct 28 14:30:54 mysussy openvpn[8506]: Cannot load certificate file home.crt:
error:02001002:system library:fopen:No such file or directory:
error:20074002:BIO routines:FILE_CTRL:system lib: error:140AD002:SSL
routines:SSL_CTX_use_certificate_file:system lib
Oct 28 14:30:54 mysussy openvpn[8506]: Exiting
Oct 28 14:30:54 mysussy openvpn[8508]: OpenVPN 2.0.9 i586-suse-linux [SSL]
[LZO] [EPOLL] built on Jun 7 2008
Oct 28 14:30:54 mysussy openvpn[8508]: IMPORTANT: OpenVPN's default port number
is now 1194, based on an official port number assignment by IANA. OpenVPN
2.0-beta16 and earlier used 5000 as the default port.
Oct 28 14:30:54 mysussy openvpn[8508]: Cannot open dh1024.pem for DH
parameters: error:02001002:system library:fopen:No such file or directory:
error:2006D080:BIO routines:BIO_new_file:no such file
Oct 28 14:30:54 mysussy openvpn[8508]: Exiting
Oct 28 14:30:57 mysussy kernel: printk: 2 messages suppressed.
Oct 28 14:30:57 mysussy kernel: martian source 192.168.30.32 from
192.168.30.32, on dev eth0
Oct 28 14:30:57 mysussy kernel: ll header:
ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
Oct 28 14:31:02 mysussy kernel: printk: 2 messages suppressed.
Oct 28 14:31:02 mysussy kernel: martian source 192.168.30.32 from
192.168.30.32, on dev eth0
Oct 28 14:31:02 mysussy kernel: ll header:
ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
Oct 28 14:31:08 mysussy kernel: printk: 3 messages suppressed.
Oct 28 14:31:08 mysussy kernel: martian source 192.168.30.32 from
192.168.30.32, on dev eth0
Oct 28 14:31:08 mysussy kernel: ll header:
ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
Oct 28 14:31:13 mysussy kernel: printk: 2 messages suppressed.
Oct 28 14:31:13 mysussy kernel: martian source 192.168.30.32 from
192.168.30.32, on dev eth0
Oct 28 14:31:13 mysussy kernel: ll header:
ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
Oct 28 14:31:17 mysussy kernel: printk: 2 messages suppressed.
Oct 28 14:31:17 mysussy kernel: martian source 192.168.30.32 from
192.168.30.32, on dev eth0
Oct 28 14:31:17 mysussy kernel: ll header:
ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
mysussy:/usr/share/openvpn/easy-rsa/2.0/keys #
".
--- On Tue, 10/28/08, Jonathan Ervine <jervine@xxxxxxxxxx> wrote:
From: Jonathan Ervine <jervine@xxxxxxxxxx>
Subject: Re: [opensuse] Building VPN network with OpenVPN and OpenSuSE11
To: opensuse@xxxxxxxxxxxx
Date: Tuesday, October 28, 2008, 6:07 AM
On Tuesday 28 October 2008 11:23:27 Patrik Hasibuan wrote:
Dear Jessen,'/var/log/messages':
Firstly, thank you very much for your help.
This is the error messages in
Oct 28 11:14:58 mysussy openvpn[10195]: Cannot openlibrary:fopen:No such
dh1024.pem for DH parameters: error:02001002:system
file or directory: error:2006D080:BIOroutines:BIO_new_file:no such file ".
# This file should be kept secret
dh /usr/share/openvpn/easy-rsa/keys/dh1024.pem
The openvpn daemon cannot open the the dh1024.pem file. Can
you verify that
this file exists where the conf file reports it to be, and
also check the
permissions of the file. If it exists, then temporarily
change the
permissions to 644 on the file and try again.
Jon
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |