Hello compdoc,
Tried the way you have mentioned (on EFW 2.2 Beta3)but still no success.Btw,
the ca certificate what I get to download from efw is in "pem" format and
not cer format.
regards.
./pradeep
On Sun, Mar 23, 2008 at 11:27 PM, compdoc <[EMAIL PROTECTED]> wrote:
> I use the cert created on the openvpn page in efw, so I don't use the
> 'pkcs12 me.p12', or 'ns-cert-type server' lines, but this works for me:
>
>
>
> client
>
> float
>
> dev tap
>
> proto udp
>
> port 1194
>
> remote xx.xx.xx.xx
>
> resolv-retry infinite
>
> nobind
>
> persist-key
>
> persist-tun
>
> ca lasvegas.cer
>
> auth-user-pass
>
> pull
>
> comp-lzo
>
>
>
>
>
>
>
> *From:* [EMAIL PROTECTED] [mailto:
> [EMAIL PROTECTED] *On Behalf Of *Pradeep Raghavan
> *Sent:* Sunday, March 23, 2008 12:55 PM
> *To:* [email protected]
> *Subject:* Re: [Efw-user] Road warrior configuration on 2.2Beta3
>
>
>
> Hi,
>
> thanks for the help, somehow the issue got solved.I removed the
> "ns-cert-type client" from the server configuration by editing the template
> file.But, stepped into another problem.
> The server is configured to lease ip-addresses from the pool "
> 192.168.1.40-192.168.1.60" and for some reason the client configured to
> get ip-address from the vpn server assigns itself *"192.168.1.10", *and
> the tap interface at the client side does not come up.The client
> configuration is as below
>
> *Client conf
>
> tls-client
> client
> dev tap
> proto udp
> remote xx.xx.xx.xx 1194
> #remote 192.168.1.123 1194
> resolv-retry infinite
> nobind
> persist-key
> persist-tun
> keepalive 10 120
> pkcs12 me.p12
> ns-cert-type server
> comp-lzo
> verb 5
>
> *Wondering what configuration is causing the client to get *192.168.1.10*
> as the ipaddress. Any help would be highly appreciated.
>
>
> cheers...
> ./pradeep
>
> On Sat, Mar 22, 2008 at 11:12 AM, Pradeep Raghavan <[EMAIL PROTECTED]>
> wrote:
>
> hi,
>
> thanks for the quick reply. l tried connecting to the VPN server (Endian
> 2.2beta3) and ends up with a different error. I get a different error this
> time. I have selected the "Authentication Type to be X.509 certificate."
>
> *"Error Message"*
>
>
>
> "TLS Error: TLS object -> incoming plaintext read error
>
> TLS Error: TLS handshake failed
>
> Re-using SSL/TLS context
>
> LZO compression initialized
> TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL
> routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned"
>
>
>
>
> Any help would be highly appreciated.
>
>
> cheers...
>
> ./pradeep
>
> On Thu, Mar 20, 2008 at 4:09 PM, André Pohl <[EMAIL PROTECTED]> wrote:
>
> Hi there,
>
> my client Configuration is different, but works :-)
>
> #OpenVPN Server conf
> #don´t touch this lines
> tls-client
>
> client
> dev tap
> proto udp
>
> cipher BF-CBC
> comp-lzo
> verb 3
> ns-cert-type server
>
> #Login-Typ Certificate + PSK
> #comment it out, if you don´t wan two-way authentication
> #auth-user-pass
>
> # remote Gateway
> remote tgjansen.no-ip.info 1194
>
> # name and typo of the user-cert
> pkcs12 example-cert.p12
>
> Hope, this will help
>
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2008.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> _______________________________________________
> Efw-user mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/efw-user
>
>
>
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2008.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> _______________________________________________
> Efw-user mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/efw-user
>
>
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Efw-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/efw-user
