OpenVPN to Linux client connection issues

shadowadepts

I am running pfs 1.2.3 and have configured ovpn to communicate with 3 external windows boxes. Works prefectly!  ;D

Now one of those doze boxes have become a linux Ubuntu and I am trying to reuse the client connection cert and key for ubuntu. if that is possible???

client config file

client
dev tun
proto tcp
remote xxx.xx.xx.54 443

resolv-retry infinite
nobind
persist-tun
persist-key
ca /etc/openvpn/shadow/ca.crt
cert /etc/openvpn/shadow/client1.crt
key /etc/openvpn/shadow/client1.key
tls-client
ns-cert-type server
comp-lzo
verb 4
redirect-gateway

I get this error

Mon Oct  4 03:46:26 2010 us=289969 OPTIONS IMPORT: --ifconfig/up options modified
Mon Oct  4 03:46:26 2010 us=289976 OPTIONS IMPORT: route options modified
Mon Oct  4 03:46:26 2010 us=289982 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mon Oct  4 03:46:26 2010 us=289990 Preserving previous TUN/TAP instance: tun4
Mon Oct  4 03:46:26 2010 us=289997 Initialization Sequence Completed
Mon Oct  4 03:46:30 2010 us=298177 Connection reset, restarting [0]
Mon Oct  4 03:46:30 2010 us=298306 TCP/UDP: Closing socket
Mon Oct  4 03:46:30 2010 us=298341 SIGUSR1[soft,connection-reset] received, process restarting
Mon Oct  4 03:46:30 2010 us=298362 Restart pause, 5 second(s)

Can anyone can help point me off in the right direction

jimp

Reusing the same keys and config such should be fine, it doesn't look like anything you are using in that config file is Windows-specific.

It hasn't mattered for me in the past, but you might try making sure that the line endings on the files are in UNIX format on the Ubuntu box.

You might also crank up the verbosity "verb 6" or 7 or more, just to see if it gives anything more helpful than what you have.

shadowadepts

@jimp:

but you might try making sure that the line endings on the files are in UNIX format on the Ubuntu box.

I am unsure what you mean unless you mean to switch '.ovpn' to '.conf'

@jimp:

You might also crank up the verbosity "verb 6" or 7 or more, just to see if it gives anything more helpful than what you have.

I tried to crank the verbosity up aswell and nothing

After further investigation i found this error:```
Tue Oct  5 03:47:34 2010 us=396931 /sbin/route add -net xxx.xx.xx.54 netmask 255.255.255.255 gw 10.8.112.254
SIOCADDRT: File exists
Tue Oct  5 03:47:34 2010 us=397708 ERROR: Linux route add command failed: external program exited with error status: 7

jimp

So it already has a route for that network somehow. Does the local subnet overlap what the remote side should be?

jimp

@shadowadepts:

@jimp:

but you might try making sure that the line endings on the files are in UNIX format on the Ubuntu box.

I am unsure what you mean unless you mean to switch '.ovpn' to '.conf'

I meant DOS (^M\n, or \r\n) vs UNIX (\n) newlines. OpenVPN doesn't generally seem to care though, it tends to read either set.

shadowadepts

@jimp:

So it already has a route for that network somehow. Does the local subnet overlap what the remote side should be?

I hope not! My Server is in the 192.168.x.0/24 network supplying a x.x.50.x ovpn addresses. and the clients reside in the 10.8.x.0/24 network.

@jimp:

I meant DOS (^M\n, or \r\n) vs UNIX (\n) newlines. OpenVPN doesn't generally seem to care though, it tends to read either set.

i didn't actually switch the file extension from '.opvn' to '.config' i created a new config file with sudo gedit /etc/openvpn/x/

If I end up having to create a new vpn tunnel what are the recomended settings or settings period for a linux/ubuntu box

jimp

No specific settings for ubuntu, it should all just work as long as you have the settings match the server (proper keys, protocol, port, compression, cipher, etc)