OpenVPN does not work?

Zheng, Jeff jeff.zheng at intel.com
Sun Jan 16 23:42:04 PST 2011


Hi Daniel,

Still failed. I don't see openvpn process running and dmesg shows:
[17531.921069] tun0: Disabled Privacy Extensions
[19095.569811] vpn0: Disabled Privacy Extensions

On server side, the output is:
Mon Jan 17 15:32:10 2011 MULTI: multi_create_instance called
Mon Jan 17 15:32:10 2011 10.239.50.16:53894 Re-using SSL/TLS context
Mon Jan 17 15:32:10 2011 10.239.50.16:53894 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Mon Jan 17 15:32:10 2011 10.239.50.16:53894 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Mon Jan 17 15:32:10 2011 10.239.50.16:53894 Local Options hash (VER=V4): '239669a8'
Mon Jan 17 15:32:10 2011 10.239.50.16:53894 Expected Remote Options hash (VER=V4): '3514370b'
Mon Jan 17 15:32:10 2011 10.239.50.16:53894 TLS: Initial packet from 10.239.50.16:53894, sid=d6c7937e c4d39132
Mon Jan 17 15:32:10 2011 10.239.50.16:53894 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=Fort-Funston_CA/emailAddress=me at myhost.mydomain
Mon Jan 17 15:32:10 2011 10.239.50.16:53894 VERIFY OK: depth=0, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=client1/emailAddress=me at myhost.mydomain
Mon Jan 17 15:32:10 2011 10.239.50.16:53894 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jan 17 15:32:10 2011 10.239.50.16:53894 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jan 17 15:32:10 2011 10.239.50.16:53894 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jan 17 15:32:10 2011 10.239.50.16:53894 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jan 17 15:32:10 2011 10.239.50.16:53894 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mon Jan 17 15:32:10 2011 10.239.50.16:53894 [client1] Peer Connection Initiated with 10.239.50.16:53894
Mon Jan 17 15:32:10 2011 client1/10.239.50.16:53894 MULTI: Learn: 10.8.0.6 -> client1/10.239.50.16:53894
Mon Jan 17 15:32:10 2011 client1/10.239.50.16:53894 MULTI: primary virtual IP for client1/10.239.50.16:53894: 10.8.0.6
Mon Jan 17 15:32:12 2011 client1/10.239.50.16:53894 PUSH: Received control message: 'PUSH_REQUEST'
Mon Jan 17 15:32:12 2011 client1/10.239.50.16:53894 SENT CONTROL [client1]: 'PUSH_REPLY,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Mon Jan 17 15:32:14 2011 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)

Bests
Jeff

> -----Original Message-----
> From: Daniel Wagner [mailto:wagi at monom.org]
> Sent: Monday, January 17, 2011 3:28 PM
> To: Zheng, Jeff
> Cc: connman at connman.net
> Subject: Re: OpenVPN does not work?
> 
> Hi Jeff,
> 
> On Mon, Jan 17, 2011 at 03:11:40PM +0800, Zheng, Jeff wrote:
> > Here is client configure file:
> > client
> > dev tun
> > proto udp
> > remote image-build.sh.intel.com 1194
> > resolv-retry infinite
> > nobind
> > persist-key
> > persist-tun
> > ca /root/.openvpn/ca.crt
> > cert /root/.openvpn/client1.crt
> > key /root/.openvpn/client1.key
> > ns-cert-type server
> > verb 3
> 
> ns-cert-type might be the missing one. Could you try to add the attached patch
> and edit openvpn-connect to do somthing like
> 
> path = manager.ConnectProvider(({ "Type": "openvpn",
>                                         "Name": sys.argv[2],
>                                         "Host": sys.argv[3],
>                                         "VPN.Domain": sys.argv[4],
>                                         "OpenVPN.CACert":
> sys.argv[5],
>                                         "OpenVPN.Cert": sys.argv[6],
>                                         "OpenVPN.Key": sys.argv[7]
> 					"OpenVPN.NsCertType": "server"}))
> 
> cheers,
> daniel



More information about the connman mailing list