OpenVPN problems
-
With a latest build and gitsync, I am getting the following error for my OpenVPNs. They are failing to connect.
Jun 6 07:44:55 openvpn[49428]: Use –help for more information.
Jun 6 07:44:55 openvpn[49428]: Options error: –client-connect requires --mode serverI don't know if it is related to the last couple of commits:
Import OpenVPN cisco style radius attributes applying policy to logge...I found an old post from 2010 for version 2.0 Dev builds, but doing what it suggest to get it going is not working. Please let me know if there is something I can do to correct the issue.
-
i can't connect with my client either,
from the client side:
Wed Jun 06 12:19:00 2012 AUTH: Received control message: AUTH_FAILED Wed Jun 06 12:19:00 2012 SIGTERM[soft,auth-failure] received, process exitingboth my roadwarrior and my p2p wont connect
-
same issue here.
-
What shows up in the actual openvpn server config in /var/etc/openvpn?
And are these clients or servers in each of these cases?
-
Client for me
getting same message
Jun 6 07:44:55 openvpn[49428]: Use –help for more information.
Jun 6 07:44:55 openvpn[49428]: Options error: –client-connect requires --mode server -
It is a client for me as well.
Here is the config on client1.conf …. client2 is exactly the same only with different IPs.
dev ovpnc1 dev-type tun tun-ipv6 dev-node /dev/tun1 writepid /var/run/openvpn_client1.pid #user nobody #group nobody script-security 3 daemon keepalive 10 60 ping-timer-rem persist-tun persist-key proto udp cipher AES-256-CBC up /usr/local/sbin/ovpn-linkup down /usr/local/sbin/ovpn-linkdown client-connect /usr/local/sbin/openvpn.attributes.sh client-disconnect /usr/local/sbin/openvpn.attributes.sh local xx.xx.xx.xx lport 0 management /var/etc/openvpn/client1.sock unix remote yy.yy.yy.yy 1194 ifconfig zz.zz.zz.zz zz.zz.zz.aa route cc.cc.cc.cc 255.255.255.0 secret /var/etc/openvpn/client1.secret comp-lzo -
dev ovpnc2
dev-type tun
tun-ipv6
dev-node /dev/tun2
writepid /var/run/openvpn_client2.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp
cipher AES-128-CBC
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
client-connect /usr/local/sbin/openvpn.attributes.sh
client-disconnect /usr/local/sbin/openvpn.attributes.sh
local 4.3.2.1
engine padlock
tls-client
client
lport 0
management /var/etc/openvpn/client2.sock unix
remote 1.2.3.4 1234
ca /var/etc/openvpn/client2.ca
cert /var/etc/openvpn/client2.cert
key /var/etc/openvpn/client2.key
tls-auth /var/etc/openvpn/client2.tls-auth 1
comp-lzo
resolv-retry infinite
verb 5
tun-mtu 1500
keysize 128
persist-key
fragment 1389
mssfix 1389 -
Ok I got it with comment theses 2 lines from the conf files
#client-connect /usr/local/sbin/openvpn.attributes.sh
#client-disconnect /usr/local/sbin/openvpn.attributes.sh -
theses line are only for server config.
-
ok that's probably from the radius acl import that happened yesterday.
-
Commented the lines out myself and the VPN connects. Was there a commit that put those in there?
-
commit 1492e02 does this.
-
https://github.com/bsdperimeter/pfsense/commit/5b4ee05e58777606c988c099139adb25633b50c3
-
Fix commited, gitsync and it should be ok
-
seem to work after reboot thx!
-
Thanks for fixing that. :-D
-
Thanks Jim!
