Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    OpenVPN problems

    2.1 Snapshot Feedback and Problems - RETIRED
    4
    17
    5974
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      podilarius last edited by

      With a latest build and gitsync, I am getting the following error for my OpenVPNs. They are failing to connect.

      Jun 6 07:44:55 openvpn[49428]: Use –help for more information.
      Jun 6 07:44:55 openvpn[49428]: Options error: –client-connect requires --mode server

      I don't know if it is related to the last couple of commits:
      Import OpenVPN cisco style radius attributes applying policy to logge...

      I found an old post from 2010 for version 2.0 Dev builds, but doing what it suggest to get it going is not working.  Please let me know if there is something I can do to correct the issue.

      1 Reply Last reply Reply Quote 0
      • C
        Cino last edited by

        i can't connect with my client either,

        from the client side:

        
        Wed Jun 06 12:19:00 2012 AUTH: Received control message: AUTH_FAILED
        Wed Jun 06 12:19:00 2012 SIGTERM[soft,auth-failure] received, process exiting
        
        

        both my roadwarrior and my p2p wont connect

        1 Reply Last reply Reply Quote 0
        • M
          mikesamo last edited by

          same issue here.

          1 Reply Last reply Reply Quote 0
          • jimp
            jimp Rebel Alliance Developer Netgate last edited by

            What shows up in the actual openvpn server config in /var/etc/openvpn?

            And are these clients or servers in each of these cases?

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • M
              mikesamo last edited by

              Client for me

              getting same message

              Jun 6 07:44:55  openvpn[49428]: Use –help for more information.
              Jun 6 07:44:55  openvpn[49428]: Options error: –client-connect requires --mode server

              1 Reply Last reply Reply Quote 0
              • P
                podilarius last edited by

                It is a client for me as well.

                Here is the config on client1.conf …. client2 is exactly the same only with different IPs.

                dev ovpnc1
                dev-type tun
                tun-ipv6
                dev-node /dev/tun1
                writepid /var/run/openvpn_client1.pid
                #user nobody
                #group nobody
                script-security 3
                daemon
                keepalive 10 60
                ping-timer-rem
                persist-tun
                persist-key
                proto udp
                cipher AES-256-CBC
                up /usr/local/sbin/ovpn-linkup
                down /usr/local/sbin/ovpn-linkdown
                client-connect /usr/local/sbin/openvpn.attributes.sh
                client-disconnect /usr/local/sbin/openvpn.attributes.sh
                local xx.xx.xx.xx
                lport 0
                management /var/etc/openvpn/client1.sock unix
                remote yy.yy.yy.yy 1194
                ifconfig zz.zz.zz.zz zz.zz.zz.aa
                route cc.cc.cc.cc 255.255.255.0
                secret /var/etc/openvpn/client1.secret 
                comp-lzo
                
                1 Reply Last reply Reply Quote 0
                • M
                  mikesamo last edited by

                  dev ovpnc2
                  dev-type tun
                  tun-ipv6
                  dev-node /dev/tun2
                  writepid /var/run/openvpn_client2.pid
                  #user nobody
                  #group nobody
                  script-security 3
                  daemon
                  keepalive 10 60
                  ping-timer-rem
                  persist-tun
                  persist-key
                  proto udp
                  cipher AES-128-CBC
                  up /usr/local/sbin/ovpn-linkup
                  down /usr/local/sbin/ovpn-linkdown
                  client-connect /usr/local/sbin/openvpn.attributes.sh
                  client-disconnect /usr/local/sbin/openvpn.attributes.sh
                  local 4.3.2.1
                  engine padlock
                  tls-client
                  client
                  lport 0
                  management /var/etc/openvpn/client2.sock unix
                  remote 1.2.3.4 1234
                  ca /var/etc/openvpn/client2.ca
                  cert /var/etc/openvpn/client2.cert
                  key /var/etc/openvpn/client2.key
                  tls-auth /var/etc/openvpn/client2.tls-auth 1
                  comp-lzo
                  resolv-retry infinite
                  verb 5
                  tun-mtu 1500
                  keysize 128
                  persist-key
                  fragment 1389
                  mssfix 1389

                  1 Reply Last reply Reply Quote 0
                  • M
                    mikesamo last edited by

                    Ok I got it with comment theses 2 lines from the conf files

                    #client-connect /usr/local/sbin/openvpn.attributes.sh
                    #client-disconnect /usr/local/sbin/openvpn.attributes.sh

                    1 Reply Last reply Reply Quote 0
                    • M
                      mikesamo last edited by

                      theses line are only for server config.

                      1 Reply Last reply Reply Quote 0
                      • jimp
                        jimp Rebel Alliance Developer Netgate last edited by

                        ok that's probably from the radius acl import that happened yesterday.

                        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                        Need help fast? Netgate Global Support!

                        Do not Chat/PM for help!

                        1 Reply Last reply Reply Quote 0
                        • P
                          podilarius last edited by

                          Commented the lines out myself and the VPN connects. Was there a commit that put those in there?

                          1 Reply Last reply Reply Quote 0
                          • P
                            podilarius last edited by

                            commit 1492e02 does this.

                            1 Reply Last reply Reply Quote 0
                            • M
                              mikesamo last edited by

                              https://github.com/bsdperimeter/pfsense/commit/5b4ee05e58777606c988c099139adb25633b50c3

                              1 Reply Last reply Reply Quote 0
                              • jimp
                                jimp Rebel Alliance Developer Netgate last edited by

                                Fix commited, gitsync and it should be ok

                                Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                                Need help fast? Netgate Global Support!

                                Do not Chat/PM for help!

                                1 Reply Last reply Reply Quote 0
                                • M
                                  mikesamo last edited by

                                  seem to work after reboot thx!

                                  1 Reply Last reply Reply Quote 0
                                  • P
                                    podilarius last edited by

                                    Thanks for fixing that. :-D

                                    1 Reply Last reply Reply Quote 0
                                    • C
                                      Cino last edited by

                                      Thanks Jim!

                                      1 Reply Last reply Reply Quote 0
                                      • First post
                                        Last post