openvpn

deano · 26 Mar 2011 at 12:03

Hi,

i'ce installed a new server and installed and configured openvpn on it this was all up and running. Then i've copied over the users and server crt's from the old server so I dont have to recreate all the users stuff and so they cna still connect now i've done this openvpn will not start

the only error is

[ 8135.726814] tun0: Disabled Privacy Extensions

any ideas

deano · 26 Mar 2011 at 12:44

that error is on the server.

the clients (windows) worked before installing a new server. (does other stuff like mail dhcp dns etc etc)

copied over the all the certs from the old server to the new server as in

dh1024.pem extip my-ca.crt my-crl.pem server.conf server.crt server.key ta.key

and also copied over all the configs in /usr/local/CA

this contains all the client certs.

openvpn service just wont start on the server

I though it would be as easy as coping over the certs and config

deano · 26 Mar 2011 at 12:58

thanks,

my server.conf is

port 5000
proto tcp
dev tun
keepalive 10 60
comp-lzo
verb 4

ca /etc/openvpn/my-ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key # This file is secret
dh /etc/openvpn/dh1024.pem
tls-auth /etc/openvpn/ta.key 0 # This file is secret
crl-verify /etc/openvpn/my-crl.pem

user nobody
group nobody
persist-key
persist-tun

status /var/log/openvpn-status.log

server 192.168.255.0 255.255.255.0
push "ip-win32 dynamic"
push "route 192.168.0.0 255.255.255.0"
push "dhcp-option DNS 192.168.0.2"

and all the files are in there.

i'll try as you have suggested with starting it rather than from init.d ta.

yep google is a waste of time for that error I'd have thought some one would have had similar issues before.

thanks

deano · 26 Mar 2011 at 13:05

sorted

using :-

openvpn /etc/openvpnserver.conf

produced

Sat Mar 26 12:59:29 2011 us=101028 failed to find GID for group nobody

in it's output.

now all working

deano · 26 Mar 2011 at 13:08

there is nothing in openvpn-status-log as no clients are connected

in messages i get

Mar 26 12:59:29 server kernel: [11728.108872] tun0: Disabled Privacy Extensions
Mar 26 13:02:07 server kernel: [11893.418471] tun0: Disabled Privacy Extensions
Mar 26 13:03:22 server kernel: [11971.426445] tun0: Disabled Privacy Extensions
Mar 26 13:07:38 server kernel: [12231.202091] tun0: Disabled Privacy Extensions

something still wrong but not sure what

deano · 26 Mar 2011 at 13:22

got a client connected and get this in openvpn-status-log

OpenVPN CLIENT LIST
Updated,Sat Mar 26 13:21:50 2011
Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
Diana_Bailey,94.5.212.13:49159,29435,51946,Sat Mar 26 13:18:56 2011
ROUTING TABLE
Virtual Address,Common Name,Real Address,Last Ref
192.168.255.6,User_Name,94.5.212.13:49159,Sat Mar 26 13:21:40 2011
GLOBAL STATS
Max bcast/mcast queue length,0
END