Re: [Openvpn-users] Unable to establish VPN

Wed, 15 Apr 2015 07:34:22 -0700 

> On Apr 15, 2015, at 09:34, Jan Just Keijser <janj...@nikhef.nl> wrote:
> it's the line
>  SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
> 
> which is "interesting" here: make sure you use the same set of tls-ciphers on 
> both ends. What's in your server and client config ? If nothing is specified 
> then it should "just work” .

  Right.  That’s the line I was noting as well, of course.  I followed the 
“openvpn --show-ciphers” advice, and see the same on both.  I also tried a 
couple ciphers in both the client and server config files, with no change.  But 
the above was with neither file specifying a cipher specifically, thus 
defaulting to BF-CBC.

> Better yet, post your entire (sanitized) server config so we can take a look 
> at it. That will help greatly in troubleshooting the issue.

 Can do.  Hash comments and most of the semi-colon comments removed, my main 
server-side network obscured, this is the server-side config.  Thanks for your 
help…


                                                         - Chris

————

;local a.b.c.d

port 1194
proto tcp
;proto udp

;dev tap
dev tun

ca cert/distal-ca.crt
cert cert/distalvpn.crt
key private/distalvpn.key  # This file should be kept secret

dh cert/dh2048.pem

server 10.8.0.0 255.255.255.0

ifconfig-pool-persist ipp.txt

;push "route 192.168.10.0 255.255.255.0"
;push "route 192.168.20.0 255.255.255.0"
push "route AA.BB.CC.0 255.255.255.0"

keepalive 10 120

;tls-auth ta.key 0 # This file is secret

;cipher BF-CBC        # Blowfish (default)
;cipher AES-128-CBC   # AES
;cipher DES-EDE3-CBC  # Triple-DES

comp-lzo

user nobody
group nobody

persist-key
persist-tun

status openvpn-status.log





------------------------------------------------------------------------------
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Reply via email to