Dear my friend, Jonathan.
Please keep telling me.
Here is where my 'server.conf':
"
mysussy:~ # ls /etc/openvpn/server.conf
/etc/openvpn/server.conf
".
This is the test:
"
mysussy:/usr/share/openvpn/easy-rsa/2.0/keys # openvpn --config /etc/openvpn/server.conf
Tue Oct 28 16:31:45 2008 OpenVPN 2.0.9 i586-suse-linux [SSL] [LZO] [EPOLL] built on Jun 7 2008
Tue Oct 28 16:31:45 2008 Note: Cannot open TUN/TAP dev MyTap: No such file or directory (errno=2)
Tue Oct 28 16:31:45 2008 Note: Attempting fallback to kernel 2.2 TUN/TAP interface
Tue Oct 28 16:31:45 2008 Cannot open TUN/TAP dev MyTap: No such file or directory (errno=2)
Tue Oct 28 16:31:45 2008 Exiting
mysussy:/usr/share/openvpn/easy-rsa/2.0/keys #
".
This is my "server.conf":
mysussy:/usr/share/openvpn/easy-rsa/2.0/keys # cat /etc/openvpn/server.conf
local 219.83.114.179
port 1194
proto tcp
dev tun
dev-node MyTap
ca /usr/share/openvpn/easy-rsa/2.0/keys/ca.crt
cert /usr/share/openvpn/easy-rsa/2.0/keys/toka-site.crt
key /usr/share/openvpn/easy-rsa/2.0/keys/toka-site.key # This file should be kept secret
dh /usr/share/openvpn/easy-rsa/2.0/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
client-to-client
keepalive 10 120
ns-cert-type server
mysussy:/usr/share/openvpn/easy-rsa/2.0/keys #
--- On Tue, 10/28/08, Jonathan Ervine
From: Jonathan Ervine
Subject: Re: [opensuse] Building VPN network with OpenVPN and OpenSuSE11 To: opensuse@opensuse.org Date: Tuesday, October 28, 2008, 7:03 AM On Tuesday 28 October 2008 14:45:28 Patrik Hasibuan wrote: Dear Jonathan,
Thank you very much for your respond.
No problem.
I've followed your thread but it does not make anychange.
The file of 'dh1024.pem' exists, here also the '/var/log/messages': " mysussy:/usr/share/openvpn/easy-rsa/2.0/keys # ls -l total 44 -rw-r--r-- 1 root root 3953 Oct 28 11:41 01.pem -rw-r--r-- 1 root root 1273 Oct 28 11:39 ca.crt -rw------- 1 root root 891 Oct 28 11:39 ca.key -rw-r--r-- 1 root root 245 Oct 28 11:42 dh1024.pem -rw-r--r-- 1 root root 116 Oct 28 11:41 index.txt -rw-r--r-- 1 root root 21 Oct 28 11:41 index.txt.attr -rw-r--r-- 1 root root 0 Oct 28 11:36 index.txt.old -rw-r--r-- 1 root root 3 Oct 28 11:41 serial -rw-r--r-- 1 root root 3 Oct 28 11:36 serial.old -rw-r--r-- 1 root root 3953 Oct 28 11:41 toka-site.crt -rw-r--r-- 1 root root 777 Oct 28 11:40 toka-site.csr -rw------- 1 root root 887 Oct 28 11:40 toka-site.key
The above is fine.
Starting OpenVPN
failed mysussy:/usr/share/openvpn/easy-rsa/2.0/keys # tail -n 30 /var/log/messages Oct 28 14:30:53 mysussy kernel: printk: 2 messages suppressed. Oct 28 14:30:54 mysussy openvpn[8502]: IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Oct 28 14:30:54 mysussy openvpn[8502]: Cannot open file key file 'static.key': No such file or directory (errno=2) Oct 28 14:30:54 mysussy kernel: martian source 192.168.30.32 from 192.168.30.32, on dev eth0 Oct 28 14:30:54 mysussy openvpn[8502]: Exiting
Here is a problem. It's looking for a file called static.key
Oct 28 14:30:54 mysussy kernel: ll header: ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06 Oct 28 14:30:54 mysussy openvpn[8506]: OpenVPN 2.0.9 i586-suse-linux [SSL] [LZO] [EPOLL] built on Jun 7 2008 Oct 28 14:30:54 mysussy openvpn[8506]: IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Oct 28 14:30:54 mysussy openvpn[8506]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Oct 28 14:30:54 mysussy openvpn[8506]: Cannot load certificate file home.crt: error:02001002:system library:fopen:No such file or directory: error:20074002:BIO routines:FILE_CTRL:system lib: error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib Oct 28 14:30:54 mysussy openvpn[8506]: Exiting
Here is another problem, it's looking for a file called home.crt
Oct 28 14:30:54 mysussy openvpn[8508]: OpenVPN 2.0.9 i586-suse-linux [SSL] [LZO] [EPOLL] built on Jun 7 2008 Oct 28 14:30:54 mysussy openvpn[8508]: IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Oct 28 14:30:54 mysussy openvpn[8508]: Cannot open dh1024.pem for DH parameters: error:02001002:system library:fopen:No such file or directory: error:2006D080:BIO routines:BIO_new_file:no such file Oct 28 14:30:54 mysussy openvpn[8508]: Exiting
Another problem that it can't open dh1024.pem (even though we've verified and confirmed that this file exists)
I suspect that the openvpn daemon is not using your config file to start up. Where is your server.conf located? As a test, as root try running: openvpn --config <path to your config file>
And see what errors (if any) are produced...
Jon -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org