Now, this very OPENVPN is giving me a hard time here with.
SERVER SIDE cENTOS 5.2:
V=OpenVPN 2.0.9
============================================================================
port 1194 # (1194 is the default but on some APN networks this is blocked)
proto tcp
dev tun
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
server 172.16.0.0 255.255.255.0
push "dhcp-option DNS 192.168.168.1"
push "dhcp-option DNS 168.210.2.2"
#push "dhcp-option WINS 192.168.1.2"
push "route 192.168.168.0 255.255.255.0"
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
user nobody
group users
persist-key
persist-tun
status openvpn-status.log
verb 3
client-to-client
duplicate-cn # (this means several users can use the same key)
CLIENT SIDE - Win XP:
dev tun
client
ns-cert-type server
port 1194
proto tcp
remote server-ip-address
ca ca.crt
cert server.crt
key server.key
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
dev-node OVPN
cipher AES-256-CBC
comp-lzo
verb 4
mute 10
============================================================================
nobody 12196 0.0 0.2 5820 1996 ? Ss 13:30 0:00 /usr/sbin/openvpn --daemon --writepid /var/run/openvpn/openvpn.pid --config openvpn.conf --cd /etc/openvpn
Dec 11 13:31:46 kkk openvpn[12196]: TCPv4_SERVER link local: [undef]
Dec 11 13:31:46 kkk openvpn[12196]: TCPv4_SERVER link remote: 1.2.3.4:1616
Dec 11 13:31:46 kkk openvpn[12196]: 1.2.3.4:1616 TLS: Initial packet from 1.2.3.4:1616, sid=60b859ab ccd278c7
Dec 11 13:31:46 kkk openvpn[12196]: 1.2.3.4:1616 VERIFY ERROR: depth=0, error=unsupported certificate purpose: /C=KE/ST=NBO/L=NAIROBI/O=IAL/OU=n_x08c/CN=WILSON/emailAddress=lixton@gmail.com
Dec 11 13:31:46 kkk openvpn[12196]: 1.2.3.4:1616 TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
Dec 11 13:31:46 kkk openvpn[12196]: 1.2.3.4:1616 TLS Error: TLS object -> incoming plaintext read error
Dec 11 13:31:46 kkk openvpn[12196]: 1.2.3.4:1616 TLS Error: TLS handshake failed
Dec 11 13:31:46 kkk openvpn[12196]: 1.2.3.4:1616 Fatal TLS error (check_tls_errors_co), restarting
Dec 11 13:31:46 kkk openvpn[12196]: 1.2.3.4:1616 SIGUSR1[soft,tls-error] received, client-instance restarting
Dec 11 13:31:46 kkk openvpn[12196]: TCP/UDP: Closing socket
SERVER SIDE cENTOS 5.2:
port 1194 # (1194 is the default but on some APN networks this is blocked)
proto tcp
dev tun
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
server 172.16.0.0 255.255.255.0
push "dhcp-option DNS 192.168.168.1"
push "dhcp-option DNS 168.210.2.2"
#push "dhcp-option WINS 192.168.1.2"
push "route 192.168.168.0 255.255.255.0"
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
user nobody
group users
persist-key
persist-tun
status openvpn-status.log
verb 3
client-to-client
duplicate-cn # (this means several users can use the same key)
CLIENT SIDE - Win XP:
Vercion= 2.1
dev tun
client
ns-cert-type server
port 1194
proto tcp
remote server-ip-address
ca ca.crt
cert server.crt
key server.key
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
dev-node OVPN
cipher AES-256-CBC
comp-lzo
verb 4
mute 10
--
Wilson