I use the cert created on the openvpn page in efw, so I
dont use the pkcs12 me.p12, or ns-cert-type server
lines, but this works for me:
client
float
dev tap
proto udp
port 1194
remote xx.xx.xx.xx
resolv-retry infinite
nobind
persist-key
persist-tun
ca lasvegas.cer
auth-user-pass
pull
comp-lzo
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Pradeep Raghavan
Sent: Sunday, March 23, 2008 12:55 PM
To: [email protected]
Subject: Re: [Efw-user] Road warrior configuration on
2.2Beta3
Hi,
thanks for the help, somehow the issue got solved.I removed
the "ns-cert-type client" from the server configuration by
editing the template file.But, stepped into another problem.
The server is configured to lease ip-addresses from the pool
"192.168.1.40-192.168.1.60" and for some reason the client
configured to get ip-address from the vpn server assigns
itself "192.168.1.10", and the tap interface at the client
side does not come up.The client configuration is as below
Client conf
tls-client
client
dev tap
proto udp
remote xx.xx.xx.xx 1194
#remote 192.168.1.123 1194
resolv-retry infinite
nobind
persist-key
persist-tun
keepalive 10 120
pkcs12 me.p12
ns-cert-type server
comp-lzo
verb 5
Wondering what configuration is causing the client to get
192.168.1.10 as the ipaddress. Any help would be highly
appreciated.
cheers...
./pradeep
On Sat, Mar 22, 2008 at 11:12 AM, Pradeep Raghavan
<[EMAIL PROTECTED]> wrote:
hi,
thanks for the quick reply. l tried connecting to the VPN
server (Endian 2.2beta3) and ends up with a different error.
I get a different error this time. I have selected the
"Authentication Type to be X.509 certificate."
"Error Message"
"TLS Error: TLS object -> incoming plaintext read error
TLS Error: TLS handshake failed
Re-using SSL/TLS context
LZO compression initialized
TLS_ERROR: BIO read tls_read_plaintext error:
error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no
certificate returned"
Any help would be highly appreciated.
cheers...
./pradeep
On Thu, Mar 20, 2008 at 4:09 PM, André Pohl
<[EMAIL PROTECTED]> wrote:
Hi there,
my client Configuration is different, but works :-)
#OpenVPN Server conf
#don´t touch this lines
tls-client
client
dev tap
proto udp
cipher BF-CBC
comp-lzo
verb 3
ns-cert-type server
#Login-Typ Certificate + PSK
#comment it out, if you don´t wan two-way authentication
#auth-user-pass
# remote Gateway
remote tgjansen.no-ip.info 1194
# name and typo of the user-cert
pkcs12 example-cert.p12
Hope, this will help
------------------------------------------------------------
-------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Efw-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/efw-user
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Efw-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/efw-user
