Dear Per,
I checked in the '/etc/init.d/openvpn':
"
.....
.....
DAEMON="OpenVPN"
openvpn=/usr/sbin/openvpn
confdir=/etc/openvpn
piddir=/var/run/openvpn
.....
.....
".
So it means my openvpn read the 'server.conf' which resides in '/etc/openvpn/server.conf'.
I've removed the 'dev tun' and 'dev-node MyTap' in my '/etc/openvpn/server.conf', but my openvpn still can not start:
"
mysussy:/etc/openvpn # cat server.conf
local 219.83.114.179
port 1194
proto tcp
ca /usr/share/openvpn/easy-rsa/2.0/keys/ca.crt
cert /usr/share/openvpn/easy-rsa/2.0/keys/toka-site.crt
key /usr/share/openvpn/easy-rsa/2.0/keys/toka-site.key # This file should be kept secret
dh /usr/share/openvpn/easy-rsa/2.0/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
client-to-client
keepalive 10 120
ns-cert-type server
mysussy:/etc/openvpn #
".
Here is my '/var/log/messages/', I saw once my openvpn failed to start:
"
mysussy:/etc/openvpn # tail -n 30 /var/log/messages
Oct 30 09:03:34 mysussy openvpn[10361]: Cannot open file key file 'static.key': No such file or directory (errno=2)
Oct 30 09:03:34 mysussy openvpn[10361]: Exiting
Oct 30 09:03:35 mysussy openvpn[10365]: OpenVPN 2.0.9 i586-suse-linux [SSL] [LZO] [EPOLL] built on Jun 7 2008
Oct 30 09:03:35 mysussy openvpn[10365]: IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Oct 30 09:03:35 mysussy openvpn[10365]: Cannot open file key file 'static.key': No such file or directory (errno=2)
Oct 30 09:03:35 mysussy openvpn[10365]: Exiting
Oct 30 09:03:35 mysussy openvpn[10369]: OpenVPN 2.0.9 i586-suse-linux [SSL] [LZO] [EPOLL] built on Jun 7 2008
Oct 30 09:03:35 mysussy openvpn[10369]: IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Oct 30 09:03:35 mysussy openvpn[10369]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Oct 30 09:03:35 mysussy openvpn[10369]: Cannot load certificate file home.crt: error:02001002:system library:fopen:No such file or directory: error:20074002:BIO routines:FILE_CTRL:system lib: error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib
Oct 30 09:03:35 mysussy openvpn[10369]: Exiting
Oct 30 09:03:35 mysussy openvpn[10374]: OpenVPN 2.0.9 i586-suse-linux [SSL] [LZO] [EPOLL] built on Jun 7 2008
Oct 30 09:03:35 mysussy openvpn[10374]: IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Oct 30 09:03:35 mysussy openvpn[10374]: Cannot open dh1024.pem for DH parameters: error:02001002:system library:fopen:No such file or directory: error:2006D080:BIO routines:BIO_new_file:no such file
Oct 30 09:03:35 mysussy openvpn[10374]: Exiting
Oct 30 09:03:38 mysussy kernel: printk: 2 messages suppressed.
Oct 30 09:03:38 mysussy kernel: martian source 192.168.30.32 from 192.168.30.32, on dev eth0
Oct 30 09:03:38 mysussy kernel: ll header: ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
Oct 30 09:03:42 mysussy kernel: printk: 2 messages suppressed.
Oct 30 09:03:42 mysussy kernel: martian source 192.168.30.32 from 192.168.30.32, on dev eth0
Oct 30 09:03:42 mysussy kernel: ll header: ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
Oct 30 09:03:48 mysussy kernel: printk: 3 messages suppressed.
Oct 30 09:03:48 mysussy kernel: martian source 192.168.30.32 from 192.168.30.32, on dev eth0
Oct 30 09:03:48 mysussy kernel: ll header: ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
Oct 30 09:03:53 mysussy kernel: printk: 2 messages suppressed.
Oct 30 09:03:53 mysussy kernel: martian source 192.168.30.32 from 192.168.30.32, on dev eth0
Oct 30 09:03:53 mysussy kernel: ll header: ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
Oct 30 09:03:58 mysussy kernel: printk: 2 messages suppressed.
Oct 30 09:03:58 mysussy kernel: martian source 192.168.30.32 from 192.168.30.32, on dev eth0
Oct 30 09:03:58 mysussy kernel: ll header: ff:ff:ff:ff:ff:ff:00:0e:0c:3e:9e:86:08:06
mysussy:/etc/openvpn #
"
Please keep telling me. I'm stucked now. Thank you very much in advance.
--- On Tue, 10/28/08, Per Jessen
From: Per Jessen
Subject: Re: [opensuse] Building VPN network with OpenVPN and OpenSuSE11 To: opensuse@opensuse.org Date: Tuesday, October 28, 2008, 9:01 AM Patrik Hasibuan wrote: This is the test: " mysussy:/usr/share/openvpn/easy-rsa/2.0/keys # openvpn --config /etc/openvpn/server.conf Tue Oct 28 16:31:45 2008 OpenVPN 2.0.9 i586-suse-linux [SSL] [LZO] [EPOLL] built on Jun 7 2008 Tue Oct 28 16:31:45 2008 Note: Cannot open TUN/TAP dev MyTap: No such file or directory (errno=2) Tue Oct 28 16:31:45 2008 Note: Attempting fallback to kernel 2.2 TUN/TAP interface Tue Oct 28 16:31:45 2008 Cannot open TUN/TAP dev MyTap: No such file or directory (errno=2) Tue Oct 28 16:31:45 2008 Exiting mysussy:/usr/share/openvpn/easy-rsa/2.0/keys # ".
It seems to be clearly complaining about "MyTap".
This is my "server.conf": mysussy:/usr/share/openvpn/easy-rsa/2.0/keys # cat /etc/openvpn/server.conf local 219.83.114.179 port 1194 proto tcp dev tun dev-node MyTap
My VPN server config does not have a "dev-node" entry, I'm not sure what the default is.
/Per
-- /Per Jessen, Zürich
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org