OpenVPN unrecognized option

calvin.quint

If I connect to the OpenVPN server from the same network it goes through just fine. If I try to connect from outside the network I get

[root@centos-server ~]# openvpn client.ovpn
Options error: Unrecognized option or missing or extra parameter(s) in client.ovpn:3: data-ciphers (2.4.10)

[root@centos-server ~]# openvpn client.ovpn --help                              Options error: I'm trying to parse "client.ovpn" as an --option parameter but I don't see a leading '--'
Use --help for more information

calvin.quint

@calvin-quint said in OpenVPN unrecognized option:

If I connect to the OpenVPN server from the same network it goes through just fine. If I try to connect from outside the network I get

[root@centos-server ~]# openvpn client.ovpn
Options error: Unrecognized option or missing or extra parameter(s) in client.ovpn:3: data-ciphers (2.4.10)

[root@centos-server ~]# openvpn client.ovpn --help                              Options error: I'm trying to parse "client.ovpn" as an --option parameter but I don't see a leading '--'
Use --help for more information

dev ovpns1
verb 1
dev-type tun
dev-node /dev/tun1
writepid /var/run/openvpn_server1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto tcp4-server
cipher AES-256-CBC
auth SHA512
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
local 10.1.0.1
engine cryptodev
tls-server
server 10.1.2.0 255.255.255.0
client-config-dir /var/etc/openvpn-csc/server1
tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'pfsense' 1"
lport 443
management /var/etc/openvpn/server1.sock unix
push "route 10.1.0.0 255.255.255.192"
push "dhcp-option DNS 10.1.0.1"
client-to-client
duplicate-cn
ca /var/etc/openvpn/server1.ca
cert /var/etc/openvpn/server1.cert
key /var/etc/openvpn/server1.key
dh /etc/dh-parameters.2048
tls-crypt /var/etc/openvpn/server1.tls-crypt
ncp-ciphers AES-256-CBC
persist-remote-ip
float
topology subnet

bingo600

@calvin-quint said in OpenVPN unrecognized option:

server 10.1.2.0 255.255.255.0

That server ip is prob bot reachable from outside , is it the Server defs you have shown ?

johnpoz

^ yeah 10.x.x.x is rfc1918 - its not going to be reachable from anything on the internet.

Even if you port forward to your pfsense 10.x IP on whatever doing nat in front of you. You would need to make sure your client config points to your actual public IP.

You can set with the other in the client export package.

calvin.quint

@johnpoz

I put that in there for this forum. On my config it has a 73.X.X.X

calvin.quint

@bingo600

bingo600

@calvin-quint

I noticed the centos mentioned a 2.4.xx client

Did you export that ovpn config via the client-export ?

If yes , did you try to enable "Legacy Client" ?

johnpoz

If your trying to use ovpn file with openvpn on centos.. That is not the way you do it ;) So yeah your going to have problems..

Something like this would be more like it
openvpn --config client.ovpn