Hello guys,
I have been trying to configure my OpenVPN for 2 days. I can't solve it. I really don't know what I'm doing wrong.
When I want to connect to OpenVPN server I'm getting some issue like:
pf.conf
rc.conf
ifconfig
client vpn
Can someone explain to me what's wrong? I would be really grateful.
I have been trying to configure my OpenVPN for 2 days. I can't solve it. I really don't know what I'm doing wrong.
Code:
local 91.121.78.120
port 1194
proto udp
dev tun
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
# Allow clients to "see" each other.
client-to-client
keepalive 10 120
comp-lzo
max-clients 16
user nobody
group nobody
persist-key
persist-tun
cipher AES-256-CBC
ca /usr/local/etc/openvpn/easy-rsa/keys/ca.crt
cert /usr/local/etc/openvpn/easy-rsa/keys/server.crt
key /usr/local/etc/openvpn/easy-rsa/keys/server.key
dh /usr/local/etc/openvpn/easy-rsa/keys/dh2048.pem
tls-auth /usr/local/etc/openvpn/easy-rsa/ta.key 0
status /usr/local/etc/openvpn/openvpn-status.log
verb 4
mute 20
mute-replay-warnings
# Uncomment the following if you're running a local DNS cache (such as unbound),
# and want to instruct your clients to use it. In that case, don't forget to
# update Unbound configuration too, to accept requests on the 10.8.0.0/24
# network.
#push "dhcp-option DNS 10.8.0.1"
push "redirect-gateway"
push "redirect-gateway def1 bypass-dhcp"
When I want to connect to OpenVPN server I'm getting some issue like:
Code:
[bryn1u@bryn1u openvpn]$ openvpn --config client.ovpn
Fri Nov 3 18:15:58 2017 OpenVPN 2.4.4 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 26 2017
Fri Nov 3 18:15:58 2017 library versions: OpenSSL 1.1.0f-fips 25 May 2017, LZO 2.08
Fri Nov 3 18:15:58 2017 WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
Fri Nov 3 18:15:58 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]91.121.78.120:1194
Fri Nov 3 18:15:58 2017 UDP link local (bound): [AF_INET][undef]:1194
Fri Nov 3 18:15:58 2017 UDP link remote: [AF_INET]91.121.78.120:1194
pf.conf
Code:
# The ext_if name is probably different on your system...
ext_if = "em0"
vpn_if = "tun0"
vpn_net = "10.8.0.0/24"
nat on ! $vpn_if from $vpn_net to any -> ($ext_if)
rc.conf
Code:
ifconfig_em0="inet 91.121.78.120 netmask 255.255.255.0 broadcast 91.121.78.255"
defaultrouter="91.121.78.254"
openvpn_enable="YES"
openvpn_configfile="/usr/local/etc/openvpn/openvpn.conf"
Code:
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC>
ether 00:25:90:55:fb:de
hwaddr 00:25:90:55:fb:de
inet 91.121.78.120 netmask 0xffffff00 broadcast 91.121.78.255
inet6 fe80::225:90ff:fe55:fbde%em0 prefixlen 64 scopeid 0x1
inet6 2001:41d0:1:8378:: prefixlen 64
nd6 options=8063<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL,NO_RADR,DEFAULTIF>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
groups: lo
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
options=80000<LINKSTATE>
inet 10.8.0.1 --> 10.8.0.2 netmask 0xffffffff
nd6 options=b<PERFORMNUD,ACCEPT_RTADV,IFDISABLED>
groups: tun
Opened by PID 64735
pflog0: flags=141<UP,RUNNING,PROMISC> metric 0 mtu 33160
groups: pflog
client vpn
Code:
[bryn1u@bryn1u openvpn]$ cat client.ovpn
dev tun
remote 91.121.78.120 1194
client
tls-client
verify-x509-name server name
ns-cert-type server
#tls-auth ta.key 1
ca ca.crt
cert bryn1u.crt
key bryn1u.key
cipher AES-256-CBC
comp-lzo
ping-timer-rem
resolv-retry infinite
persist-tun
persist-key
verb 1
ping 15
ping-restart 30
Last edited by a moderator: