Dear Jo,
I checked in the '/etc/init.d/openvpn':
"
....
....
DAEMON="OpenVPN"
openvpn=/usr/sbin/openvpn
confdir=/etc/openvpn
piddir=/var/run/openvpn
....
....
".
So it means my openvpn read the 'server.conf' which resides in '/etc/openvpn/server.conf'.
I've removed the dec in my '/etc/openvpn/server.conf':
"
mysussy:/etc/openvpn # cat server.conf
local 219.83.114.179
port 1194
proto tcp
ca /usr/share/openvpn/easy-rsa/2.0/keys/ca.crt
cert /usr/share/openvpn/easy-rsa/2.0/keys/toka-site.crt
key /usr/share/openvpn/easy-rsa/2.0/keys/toka-site.key # This file should be kept secret
dh /usr/share/openvpn/easy-rsa/2.0/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
client-to-client
keepalive 10 120
ns-cert-type server
mysussy:/etc/openvpn #
".
Here is my '/var/log/messages/', I saw after my openvpn failed to start:
"
mysussy:/etc/openvpn # tail -n 30 /var/log/messages
Oct 30 09:03:34 mysussy openvpn[10361]: Cannot open file key file 'static.key': No such file or directory (errno=2)
Oct 30 09:03:34 mysussy openvpn[10361]: Exiting
Oct 30 09:03:35 mysussy openvpn[10365]: OpenVPN 2.0.9 i586-suse-linux [SSL] [LZO] [EPOLL] built on Jun 7 2008
Oct 30 09:03:35 mysussy openvpn[10365]: IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Oct 30 09:03:35 mysussy openvpn[10365]: Cannot open file key file 'static.key': No such file or directory (errno=2)
Oct 30 09:03:35 mysussy openvpn[10365]: Exiting
Oct 30 09:03:35 mysussy openvpn[10369]: OpenVPN 2.0.9 i586-suse-linux [SSL] [LZO] [EPOLL] built on Jun 7 2008
Oct 30 09:03:35 mysussy openvpn[10369]: IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Oct 30 09:03:35 mysussy openvpn[10369]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Oct 30 09:03:35 mysussy openvpn[10369]: Cannot load certificate file home.crt: error:02001002:system library:fopen:No such file or directory: error:20074002:BIO routines:FILE_CTRL:system lib: error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib
Oct 30 09:03:35 mysussy openvpn[10369]: Exiting
Oct 30 09:03:35 mysussy openvpn[10374]: OpenVPN 2.0.9 i586-suse-linux [SSL] [LZO] [EPOLL] built on Jun 7 2008
Oct 30 09:03:35 mysussy openvpn[10374]: IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Oct 30 09:03:35 mysussy openvpn[10374]: Cannot open dh1024.pem for DH parameters: error:02001002:system library:fopen:No such file or directory: error:2006D080:BIO routines:BIO_new_file:no such file
Oct 30 09:03:35 mysussy openvpn[10374]: Exiting
Oct 30 09:03:38 mysussy kernel: printk: 2 messages suppressed.
Oct 30 09:03:38 mysussy kernel: martian source 192.168.30.32 from 192.168.30.32, on dev eth0
Oct 30 09:03:38 mysussy kernel: ll header: ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
Oct 30 09:03:42 mysussy kernel: printk: 2 messages suppressed.
Oct 30 09:03:42 mysussy kernel: martian source 192.168.30.32 from 192.168.30.32, on dev eth0
Oct 30 09:03:42 mysussy kernel: ll header: ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
Oct 30 09:03:48 mysussy kernel: printk: 3 messages suppressed.
Oct 30 09:03:48 mysussy kernel: martian source 192.168.30.32 from 192.168.30.32, on dev eth0
Oct 30 09:03:48 mysussy kernel: ll header: ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
Oct 30 09:03:53 mysussy kernel: printk: 2 messages suppressed.
Oct 30 09:03:53 mysussy kernel: martian source 192.168.30.32 from 192.168.30.32, on dev eth0
Oct 30 09:03:53 mysussy kernel: ll header: ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
Oct 30 09:03:58 mysussy kernel: printk: 2 messages suppressed.
Oct 30 09:03:58 mysussy kernel: martian source 192.168.30.32 from 192.168.30.32, on dev eth0
Oct 30 09:03:58 mysussy kernel: ll header: ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
mysussy:/etc/openvpn #
"
--- On Tue, 10/28/08, Jonathan Ervine
From: Jonathan Ervine
Subject: Re: [opensuse] Building VPN network with OpenVPN and OpenSuSE11 To: opensuse@opensuse.org Date: Tuesday, October 28, 2008, 9:35 AM On Tuesday 28 October 2008 17:28:35 Patrik Hasibuan wrote: How should I tell my openvpn that he should use the 'server.conf' which resides in '/etc/openvpn/server.conf'?
I'd worry about that after getting the openvpn server to start up without errors from the command line when specifying the config file to use.
/etc/openvpn/server.conf local 219.83.114.179 port 1194 proto tcp dev tun dev-node MyTap
My VPN server config does not have a
"dev-node" entry, I'm not sure what
the default is.
Same here - I've always used dev tun, it looks like Patrik is trying to set up a VPN with both tun and tap interfaces.
If you remove the dev-node line from your server.conf file (or simply comment it out), can you then get the openvpn server to start? The config file being used by the openvpn daemon script should be specified in the /etc/init.d/openvpn script file. By default this directory is set to /etc/openvpn - I'd check that there isn't a client.conf (or any other .conf file) in there.
Jon -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org