OpenVPN unrecognized option


  • If I connect to the OpenVPN server from the same network it goes through just fine. If I try to connect from outside the network I get

    [root@centos-server ~]# openvpn client.ovpn
    Options error: Unrecognized option or missing or extra parameter(s) in client.ovpn:3: data-ciphers (2.4.10)
    
    [root@centos-server ~]# openvpn client.ovpn --help                              Options error: I'm trying to parse "client.ovpn" as an --option parameter but I don't see a leading '--'
    Use --help for more information
    

  • @calvin-quint said in OpenVPN unrecognized option:

    If I connect to the OpenVPN server from the same network it goes through just fine. If I try to connect from outside the network I get

    [root@centos-server ~]# openvpn client.ovpn
    Options error: Unrecognized option or missing or extra parameter(s) in client.ovpn:3: data-ciphers (2.4.10)
    
    [root@centos-server ~]# openvpn client.ovpn --help                              Options error: I'm trying to parse "client.ovpn" as an --option parameter but I don't see a leading '--'
    Use --help for more information
    
    dev ovpns1
    verb 1
    dev-type tun
    dev-node /dev/tun1
    writepid /var/run/openvpn_server1.pid
    #user nobody
    #group nobody
    script-security 3
    daemon
    keepalive 10 60
    ping-timer-rem
    persist-tun
    persist-key
    proto tcp4-server
    cipher AES-256-CBC
    auth SHA512
    up /usr/local/sbin/ovpn-linkup
    down /usr/local/sbin/ovpn-linkdown
    local 10.1.0.1
    engine cryptodev
    tls-server
    server 10.1.2.0 255.255.255.0
    client-config-dir /var/etc/openvpn-csc/server1
    tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'pfsense' 1"
    lport 443
    management /var/etc/openvpn/server1.sock unix
    push "route 10.1.0.0 255.255.255.192"
    push "dhcp-option DNS 10.1.0.1"
    client-to-client
    duplicate-cn
    ca /var/etc/openvpn/server1.ca
    cert /var/etc/openvpn/server1.cert
    key /var/etc/openvpn/server1.key
    dh /etc/dh-parameters.2048
    tls-crypt /var/etc/openvpn/server1.tls-crypt
    ncp-ciphers AES-256-CBC
    persist-remote-ip
    float
    topology subnet
    

  • @calvin-quint said in OpenVPN unrecognized option:

    server 10.1.2.0 255.255.255.0

    That server ip is prob bot reachable from outside , is it the Server defs you have shown ?

  • LAYER 8 Global Moderator

    ^ yeah 10.x.x.x is rfc1918 - its not going to be reachable from anything on the internet.

    Even if you port forward to your pfsense 10.x IP on whatever doing nat in front of you. You would need to make sure your client config points to your actual public IP.

    You can set with the other in the client export package.

    here.png


  • @johnpoz

    I put that in there for this forum. On my config it has a 73.X.X.X



  • @calvin-quint

    I noticed the centos mentioned a 2.4.xx client

    Did you export that ovpn config via the client-export ?

    If yes , did you try to enable "Legacy Client" ?

    7789ea1c-cb51-44d9-98b3-0dcfba950218-image.png

  • LAYER 8 Global Moderator

    If your trying to use ovpn file with openvpn on centos.. That is not the way you do it ;) So yeah your going to have problems..

    Something like this would be more like it
    openvpn --config client.ovpn