Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Linux 2.4.4 Client can't connect to pfSense OpenVPN Server

    OpenVPN
    3
    3
    95
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      LukasN last edited by

      Hey there,

      I'm having a strange OPENVpn Server Client connection issue issue.
      The pfSense has the latest version installed.

      A User is using Ubuntu 18.04 and installed the latest OpenVPN Version.
      Everytime he's trying to connect to the VPN he gets the following error:

      Dez 28 20:30:58 PATRICK nm-openvpn[7902]: WARNING: file '/home/patrick/xxx/VPN/pfSense-UDP4-1194-vpn.xxx.dev/pfSense-UDP4-1194-vpn.xxxxxxxx.dev.p12' is group or others accessible
Dez 28 20:30:58 PATRICK nm-openvpn[7902]: WARNING: file '/home/patrick/xxx/VPN/pfSense-UDP4-1194-vpn.xxx.dev/pfSense-UDP4-1194-vpn.xxxxxxx.dev-tls.key' is group or others accessible
Dez 28 20:30:58 PATRICK nm-openvpn[7902]: OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2019
Dez 28 20:30:58 PATRICK nm-openvpn[7902]: library versions: OpenSSL 1.1.1  11 Sep 2018, LZO 2.08
Dez 28 20:30:59 PATRICK nm-openvpn[7902]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dez 28 20:30:59 PATRICK nm-openvpn[7902]: TCP/UDP: Preserving recently used remote address: [AF_INET]xxxxxxxxxx:1194
Dez 28 20:30:59 PATRICK nm-openvpn[7902]: UDPv4 link local: (not bound)
Dez 28 20:30:59 PATRICK nm-openvpn[7902]: UDPv4 link remote: [AF_INET]xxxxxxxxxx:1194
Dez 28 20:30:59 PATRICK nm-openvpn[7902]: NOTE: chroot will be delayed because of --client, --pull, or --up-delay
Dez 28 20:30:59 PATRICK nm-openvpn[7902]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Dez 28 20:30:59 PATRICK nm-openvpn[7902]: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1585', remote='link-mtu 1601'
Dez 28 20:30:59 PATRICK nm-openvpn[7902]: WARNING: 'cipher' is used inconsistently, local='cipher BF-CBC', remote='cipher AES-256-CBC'
Dez 28 20:30:59 PATRICK nm-openvpn[7902]: WARNING: 'keysize' is used inconsistently, local='keysize 128', remote='keysize 256'
Dez 28 20:30:59 PATRICK nm-openvpn[7902]: [vpn.xxxxxx.dev] Peer Connection Initiated with [AF_INET]xxxxxxxxxx:1194
Dez 28 20:31:00 PATRICK nm-openvpn[7902]: Error: pushed cipher not allowed - AES-256-CBC not in BF-CBC or AES-256-GCM:AES-128-GCM
Dez 28 20:31:00 PATRICK nm-openvpn[7902]: OPTIONS ERROR: failed to import crypto options
Dez 28 20:31:00 PATRICK nm-openvpn[7902]: ERROR: Failed to apply push options
Dez 28 20:31:00 PATRICK nm-openvpn[7902]: Failed to open tun/tap interface
Dez 28 20:31:00 PATRICK nm-openvpn[7902]: SIGUSR1[soft,process-push-msg-failed] received, process restarting
Dez 28 20:31:01 PATRICK sudo[7905]:  patrick : TTY=pts/7 ; PWD=/home/patrick ; USER=root ; COMMAND=/bin/journalctl -e
Dez 28 20:31:01 PATRICK sudo[7905]: pam_unix(sudo:session): session opened for user root by (uid=0)

      This is the Encryption and NCP config:
      02926b5f-a35b-45b9-b51f-35fd4dc41dc9-grafik.png

      Thanks ahead for help.

      Lukas

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @LukasN last edited by

        This post is deleted!
        1 Reply Last reply Reply Quote 0
        • Pippin
          Pippin last edited by

          Let the user get the latest OpenVPN version:
          https://community.openvpn.net/openvpn/wiki/OpenvpnSoftwareRepos

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy