Related
Join the DigitalOcean Community
Join 1M+ other developers and:
- Get help and share knowledge in Q&A
- Subscribe to topics of interest
- Get courses & tools that help you grow as a developer or small business owner
Ubuntu 14.4 and openvpn as -- Gui not accessible
Question
Question
How can i forward Ports with OpenVPN?
Question
Question
Question
[Help Needed] Setting up OpenVPN on DD-WRT Router
Dears,
I’ve used this script:
https://github.com/Nyr/openvpn-install
To install an OpenVPN server on my DigitalOcean VPS/Droplet
However I had some rough time getting this to work on my DD-WRT Router:
DD-WRT v3.0-r28788 std (01/13/16)
Router: Linksys WRT1200AC
I’m getting error:
TLS Handshake Failed
I just can’t figure out the correct settings and I would really appreciate it if you give me some help or tell me at least where to search
P.S.: My OpenVPN file works perfectly on Tunnelblick on Mac so I’m sure that there’s nothing wrong with my server installation
My OpenVPN file:
client
dev tun
proto udp
sndbuf 0
rcvbuf 0
remote 46.101.222.212 443
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
cipher AES-128-CBC
comp-lzo
setenv opt block-outside-dns
key-direction 1
verb 3
<ca>
-----BEGIN CERTIFICATE-----
[XXXXXXXXX]
-----END CERTIFICATE-----
</ca>
<cert>
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ChangeMe
Validity
Not Before: Dec 7 07:17:46 2016 GMT
Not After : Dec 5 07:17:46 2026 GMT
Subject: CN=client
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:e2:77:66:d0:5b:84:1d:c5:cd:1f:15:db:67:e9:
67:70:18:1f:44:ce:be:e2:27:ae:53:e8:2b:75:7e:
23:48:c5:3d:c2:af:4d:51:cf:c9:2e:99:00:72:85:
e2:2e:d3:0f:56:06:dc:24:3a:85:5f:05:a7:12:ae:
a1:3d:66:14:ab:83:ef:dc:5c:d7:61:59:97:f3:73:
e8:6f:08:36:3d:2f:07:7a:00:bc:ed:4c:1b:f0:fe:
4e:c3:80:91:3d:ae:2f:9f:f4:93:41:09:37:20:18:
83:9c:33:f1:68:22:e7:2c:b2:19:59:c0:a6:ca:ca:
8e:4f:02:8e:16:8f:4c:47:36:ef:56:7b:8f:e4:52:
d2:88:3c:2d:d1:00:7a:ca:ee:e9:b5:59:11:79:5d:
24:d3:e2:a9:fa:88:34:70:1e:b2:92:f0:88:0b:7d:
b1:a3:84:f1:a9:05:c7:cc:9b:29:55:c6:1a:5c:ef:
40:50:65:e0:07:0c:ee:ce:91:00:87:33:39:2a:1f:
3c:fd:29:41:77:14:c3:ea:25:88:b1:84:75:8d:9b:
98:24:f8:ec:60:fa:71:cc:ef:0d:46:f0:be:dd:b4:
82:5e:01:ff:8e:0a:de:ce:aa:50:3a:74:3b:79:12:
41:1c:05:ae:2b:67:a8:83:c0:ae:49:8c:04:c8:c2:
24:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
26:EB:C5:D6:DF:E3:2B:33:D0:70:66:02:7A:84:93:8F:76:2F:95:81
X509v3 Authority Key Identifier:
keyid:BF:F6:38:8F:C6:E1:8F:15:C4:0A:E7:9E:50:49:48:D4:BA:93:39:20
DirName:/CN=ChangeMe
serial:ED:A1:36:6E:60:F6:C9:13
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
Signature Algorithm: sha256WithRSAEncryption
c6:52:64:97:ba:dd:1a:9c:7e:78:0e:12:b8:93:3b:ba:6f:6a:
89:d3:3f:a9:e8:54:80:b4:0d:5a:37:6d:ff:02:82:17:1a:10:
fd:fb:69:e0:a7:67:55:1b:cd:c8:19:61:ec:c7:69:b8:d0:46:
40:29:e5:e6:a6:3a:77:12:75:c5:0d:59:a5:67:02:18:1e:66:
dd:61:01:c7:d2:9b:0d:a3:5e:cd:49:14:2b:c3:79:45:14:23:
78:f4:78:e4:96:70:f7:f2:e5:f8:1a:31:16:9d:04:bb:52:cf:
bc:e4:e2:1c:1c:e6:a2:5f:2d:b1:8d:b9:71:4a:da:08:25:f3:
f3:46:98:8f:28:11:ce:dc:63:9d:d8:4a:43:19:52:6f:bf:fc:
38:e6:31:9c:d7:40:e7:0f:1a:45:75:71:e3:16:0b:81:fe:bb:
00:aa:be:31:dc:45:2c:65:07:00:67:97:6e:ad:7f:a2:80:20:
82:98:59:c4:5b:7b:15:0d:88:60:14:75:e2:ec:5e:1b:c2:d4:
2d:99:d8:04:d2:b3:e5:52:6a:9f:d9:d0:a1:d4:28:e1:29:b5:
8c:3e:ad:b2:04:a7:78:8b:5d:2a:ae:2e:d7:a4:20:c6:e3:3d:
c6:56:33:3c:80:84:ef:83:ff:70:02:7b:ab:95:9c:1b:3a:c3:
fe:fb:0c:41
-----BEGIN CERTIFICATE-----
[XXXXXXXX]
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
[XXXXXXXXXX]
-----END PRIVATE KEY-----
</key>
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
[XXXXXXXX]
-----END OpenVPN Static key V1-----
</tls-auth>
An image which shows my current config:
http://static.msaleh.me/ddwrt.jpg
My error log:
20161212 11:09:16 I OpenVPN 2.3.8 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jan 13 2016
20161212 11:09:16 I library versions: OpenSSL 1.0.2e 3 Dec 2015 LZO 2.09
20161212 11:09:16 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:16
20161212 11:09:16 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20161212 11:09:16 W WARNING: file '/tmp/openvpncl/client.key' is group or others accessible
20161212 11:09:16 W WARNING: file '/tmp/openvpncl/ta.key' is group or others accessible
20161212 11:09:16 I Control Channel Authentication: using '/tmp/openvpncl/ta.key' as a OpenVPN static key file
20161212 11:09:16 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
20161212 11:09:16 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
20161212 11:09:16 Socket Buffers: R=[180224->131072] S=[180224->131072]
20161212 11:09:16 I UDPv4 link local: [undef]
20161212 11:09:16 I UDPv4 link remote: [AF_INET]46.101.222.212:443
20161212 11:09:16 TLS: Initial packet from [AF_INET]46.101.222.212:443 sid=99851032 d5ab07b6
20161212 11:09:16 VERIFY OK: depth=1 CN=ChangeMe
20161212 11:09:16 VERIFY nsCertType ERROR: CN=server require nsCertType=SERVER
20161212 11:09:16 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
20161212 11:09:16 N TLS Error: TLS object -> incoming plaintext read error
20161212 11:09:16 N TLS Error: TLS handshake failed
20161212 11:09:16 I SIGUSR1[soft tls-error] received process restarting
20161212 11:09:16 Restart pause 2 second(s)
20161212 11:09:18 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
20161212 11:09:18 Socket Buffers: R=[180224->131072] S=[180224->131072]
20161212 11:09:18 I UDPv4 link local: [undef]
20161212 11:09:18 I UDPv4 link remote: [AF_INET]46.101.222.212:443
20161212 11:09:20 TLS: Initial packet from [AF_INET]46.101.222.212:443 sid=89e2422e ef2a8c8c
20161212 11:09:20 VERIFY OK: depth=1 CN=ChangeMe
20161212 11:09:20 VERIFY nsCertType ERROR: CN=server require nsCertType=SERVER
20161212 11:09:20 N TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:lib(20):func(144):reason(134)
20161212 11:09:20 N TLS Error: TLS object -> incoming plaintext read error
20161212 11:09:20 N TLS Error: TLS handshake failed
20161212 11:09:20 I SIGUSR1[soft tls-error] received process restarting
20161212 11:09:20 Restart pause 2 second(s)
20161212 11:09:21 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20161212 11:09:21 D MANAGEMENT: CMD 'state'
20161212 11:09:21 MANAGEMENT: Client disconnected
20161212 11:09:21 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20161212 11:09:21 D MANAGEMENT: CMD 'state'
20161212 11:09:21 MANAGEMENT: Client disconnected
20161212 11:09:21 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20161212 11:09:21 D MANAGEMENT: CMD 'state'
20161212 11:09:21 MANAGEMENT: Client disconnected
20161212 11:09:21 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20161212 11:09:21 D MANAGEMENT: CMD 'status 2'
20161212 11:09:21 MANAGEMENT: Client disconnected
20161212 11:09:21 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16
20161212 11:09:21 D MANAGEMENT: CMD 'log 500'
19700101 01:00:00
I’m not really sure if it’s fine to post this question :)
If it’s not then I apologize and please delete it
But really I would appreciate any help
Thanks.
Add a comment
Related
Join the DigitalOcean Community
Join 1M+ other developers and:
- Get help and share knowledge in Q&A
- Subscribe to topics of interest
- Get courses & tools that help you grow as a developer or small business owner
Ubuntu 14.4 and openvpn as -- Gui not accessible
Question
Question
How can i forward Ports with OpenVPN?
Question
Question
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×