Linux 2.4.4 Client can't connect to pfSense OpenVPN Server
-
Hey there,
I'm having a strange OPENVpn Server Client connection issue issue.
The pfSense has the latest version installed.A User is using Ubuntu 18.04 and installed the latest OpenVPN Version.
Everytime he's trying to connect to the VPN he gets the following error:Dez 28 20:30:58 PATRICK nm-openvpn[7902]: WARNING: file '/home/patrick/xxx/VPN/pfSense-UDP4-1194-vpn.xxx.dev/pfSense-UDP4-1194-vpn.xxxxxxxx.dev.p12' is group or others accessible Dez 28 20:30:58 PATRICK nm-openvpn[7902]: WARNING: file '/home/patrick/xxx/VPN/pfSense-UDP4-1194-vpn.xxx.dev/pfSense-UDP4-1194-vpn.xxxxxxx.dev-tls.key' is group or others accessible Dez 28 20:30:58 PATRICK nm-openvpn[7902]: OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2019 Dez 28 20:30:58 PATRICK nm-openvpn[7902]: library versions: OpenSSL 1.1.1 11 Sep 2018, LZO 2.08 Dez 28 20:30:59 PATRICK nm-openvpn[7902]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Dez 28 20:30:59 PATRICK nm-openvpn[7902]: TCP/UDP: Preserving recently used remote address: [AF_INET]xxxxxxxxxx:1194 Dez 28 20:30:59 PATRICK nm-openvpn[7902]: UDPv4 link local: (not bound) Dez 28 20:30:59 PATRICK nm-openvpn[7902]: UDPv4 link remote: [AF_INET]xxxxxxxxxx:1194 Dez 28 20:30:59 PATRICK nm-openvpn[7902]: NOTE: chroot will be delayed because of --client, --pull, or --up-delay Dez 28 20:30:59 PATRICK nm-openvpn[7902]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay Dez 28 20:30:59 PATRICK nm-openvpn[7902]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1585', remote='link-mtu 1601' Dez 28 20:30:59 PATRICK nm-openvpn[7902]: WARNING: 'cipher' is used inconsistently, local='cipher BF-CBC', remote='cipher AES-256-CBC' Dez 28 20:30:59 PATRICK nm-openvpn[7902]: WARNING: 'keysize' is used inconsistently, local='keysize 128', remote='keysize 256' Dez 28 20:30:59 PATRICK nm-openvpn[7902]: [vpn.xxxxxx.dev] Peer Connection Initiated with [AF_INET]xxxxxxxxxx:1194 Dez 28 20:31:00 PATRICK nm-openvpn[7902]: Error: pushed cipher not allowed - AES-256-CBC not in BF-CBC or AES-256-GCM:AES-128-GCM Dez 28 20:31:00 PATRICK nm-openvpn[7902]: OPTIONS ERROR: failed to import crypto options Dez 28 20:31:00 PATRICK nm-openvpn[7902]: ERROR: Failed to apply push options Dez 28 20:31:00 PATRICK nm-openvpn[7902]: Failed to open tun/tap interface Dez 28 20:31:00 PATRICK nm-openvpn[7902]: SIGUSR1[soft,process-push-msg-failed] received, process restarting Dez 28 20:31:01 PATRICK sudo[7905]: patrick : TTY=pts/7 ; PWD=/home/patrick ; USER=root ; COMMAND=/bin/journalctl -e Dez 28 20:31:01 PATRICK sudo[7905]: pam_unix(sudo:session): session opened for user root by (uid=0)
This is the Encryption and NCP config:
Thanks ahead for help.
Lukas
-
This post is deleted! -
Let the user get the latest OpenVPN version:
https://community.openvpn.net/openvpn/wiki/OpenvpnSoftwareRepos