On 02/25/10 22:17, Xavier Parizet wrote:
[snip]
topology subnet
remote 208.38.31.237 9000
resolv-retry infinite
nobind
^^^^^^
you should remove this line to avoid connection refused messages from
the server. As you are in udp, client should bind on udp source port to
get messages from the server.
I remove this one from client.conf
tun-mtu 1500
tun-mtu-extra 32
mssfix 1200
persist-key
persist-tun
remote-cert-tls server
ca "/etc/openvpn/client_clinic2/ca.crt"
cert "/etc/openvpn/client_clinic2/syscon9.crt"
key "/etc/openvpn/client_clinic2/syscon9.key"
tls-auth "/etc/openvpn/client_clinic2/vpn_my.key" 1
comp-lzo
log /var/log/openvpn.log
log-append /var/log/openvpn.log
verb 3
log file from client:
cat /var/log/openvpn.log
[SNIP]
Whey sever log is always showing this message: [ECONNREFUSED]:
Connection refused (code=111
From what i can see, please try to add full path to the ccd directory in
client-config-dir directive on the server path. Also check permissions
on that directory. On which user are you running openvpn on the server ?
On the client ?
Can you increase verbosity and see if there is no open fails on the
server ? If it works, you should have the following line in server logs:
OPTIONS IMPORT: reading client specific options from: [path to ccd]/syscon9
MULTI: Learn: [192.168.139.15] -> syscon9/[ip source:port source]
--
Xavier Parizet
YaGB : http://gentooist.com
GPG : C7DC B10E FC21 63BE
B453 D239 F6E6 DF65 1569 91BF
I added full path to the server for ccd:
/etc/openvpn/ccd
Now I'm getting consistent IP: 192.168.139.2 every-time I restart
openvpn.client_clinic2
but I'm not getting what I requested in ccd/syscon9:
ifconfig-push 192.168.139.15 255.255.255.0
The client runs openvpn as user root,
the server runs openvpn as user openvpn.
--
Joseph
