September 5, 201312 yr trying to reinstall after getting my unraid stable again but getting this error running installplg openvpn_server.plg file /boot/packages/lzo-2.03-i486-1.txz: downloading from http://slackware.cs.utah.edu/pub/slackware/slackware-13.37/slackware/l/lzo-2.03-i486-1.txz ... wget: error while loading shared libraries: libssl.so.0: cannot open shared object file: No such file or directory bad download, deleting Warning: unlink(/boot/packages/lzo-2.03-i486-1.txz): No such file or directory in /usr/local/sbin/installplg on line 70 thoughts? I had the simalure kind of errors, check these 2 messages: http://lime-technology.com/forum/index.php?topic=28557.msg261464#msg261464 http://lime-technology.com/forum/index.php?topic=28557.msg261449#msg261449 Yours -Rexl
September 5, 201312 yr Author what happen if you only install openvpn_server plugin ? rename all .plg except this one to example .plg.old move /boot/packages to different name reinstall this plugin //peter
September 5, 201312 yr I can connect to the server but I cannot access any internet sites. I am using "redirect-gateway def1" as I want to route all traffic through openvpn. I'm not sure where or what to troubleshoot. Here's my openvpnserver and client ovpn files: openvpnserver.ovpn server 10.8.0.0 255.255.255.0 dev tun port 1194 proto udp dh /mnt/cache/server/dh2048.pem ca /mnt/cache/server/ca.crt cert /mnt/cache/server/server.crt key /mnt/cache/server/server.key push "redirect-gateway def1" ifconfig-pool-persist /mnt/cache/server/ipp.txt push "dhcp-option DNS 8.8.8.8" tls-server verb 3 tls-auth /mnt/cache/server/ta.key 0 persist-key persist-tun keepalive 10 120 user nobody group users comp-lzo push "resolv-retry infinite" status /var/log/openvpnserver-status.log 5 log-append /var/log/openvpnserver.log status-version 2 client.ovpn remote vpn.mydnsroute.com client dev tun proto udp port 1194 resolv-retry infinite tls-client nobind persist-key persist-tun ca ca.crt cert Phone.crt key Phone.key tls-auth ta.key 1 remote-cert-tls server comp-lzo verb 3 route-delay 2
September 5, 201312 yr I can connect to the server but I cannot access any internet sites. I am using "redirect-gateway def1" as I want to route all traffic through openvpn. I'm not sure where or what to troubleshoot. Here's my openvpnserver and client ovpn files: openvpnserver.ovpn server 10.8.0.0 255.255.255.0 dev tun port 1194 proto udp dh /mnt/cache/server/dh2048.pem ca /mnt/cache/server/ca.crt cert /mnt/cache/server/server.crt key /mnt/cache/server/server.key push "redirect-gateway def1" ifconfig-pool-persist /mnt/cache/server/ipp.txt push "dhcp-option DNS 8.8.8.8" tls-server verb 3 tls-auth /mnt/cache/server/ta.key 0 persist-key persist-tun keepalive 10 120 user nobody group users comp-lzo push "resolv-retry infinite" status /var/log/openvpnserver-status.log 5 log-append /var/log/openvpnserver.log status-version 2 client.ovpn remote vpn.mydnsroute.com client dev tun proto udp port 1194 resolv-retry infinite tls-client nobind persist-key persist-tun ca ca.crt cert Phone.crt key Phone.key tls-auth ta.key 1 remote-cert-tls server comp-lzo verb 3 route-delay 2 as your client file says phone.crt, have you tried it on a pc as well? Your files are near identical to mine, on Windows there is an issue with defining the vpn connection as private rather than public. not sure if the same exists with the iphone tbh. if you can try on a pc then post the connection log unless Peter can spot something in your setup files
September 5, 201312 yr SAB use a older version of openSSL, so I'm not surprised, latest Openvpn server link openssl-1.0.0.cnf to openssl.cnf in easy-rsa / 2.0 folder. This was one if the issue we have before, that is solved now. But we might shall try to remove the link in this folder and in the plugin, and see if everyone can run it anyway, this file whichopensslcnf in easy-rsa / 2.0 folder shall take care of what version of openssl you are running. but since some have issue we did the "linking" Maybe we shall remove this again and see how it works?? , but then we might get some issue that was highlighted for some days ago ? Maybe it's time to sync all plugin that use openSSL to use same version. Can you re install openvpn server and see if SAB is OK? //Peter I updated SAB to use the same openssl file as OpenVPN, both now work without conflict.
September 5, 201312 yr as your client file says phone.crt, have you tried it on a pc as well? Your files are near identical to mine, on Windows there is an issue with defining the vpn connection as private rather than public. not sure if the same exists with the iphone tbh. if you can try on a pc then post the connection log unless Peter can spot something in your setup files I'm trying to connect with my Android phone. I have an openvpn server already set up on my Windows machine that is working (except for the router port forwarding which now points to my unRaid server) but I was hoping to run it on my unRaid server. The config files between setups are nearly identical.
September 5, 201312 yr Are you using openvpn connect or openvpn for android? Can you post the connection log from your phone? # It's a good idea to reduce the OpenVPN # daemon's privileges after initialization. # # You can uncomment this out on # non-Windows systems. user nobody group nobody
September 5, 201312 yr Are you using openvpn connect or openvpn for android? Can you post the connection log from your phone? I am using openvpn connect. I can see the log but I can't find any way to save or email it.
September 5, 201312 yr Alright, here's the log file from OpenVPN for Android: Network Status: CONNECTED CDMA - EvDo rev. A to mobile P:Initializing Google Breakpad! P:OpenVPN 2.3.2+dspatch4 android-14-armeabi-v7a [sSL (OpenSSL)] [LZO] [sNAPPY] [EPOLL] [MH] [iPv6] built on Aug 20 2013 P:WARNING: file '/storage/sdcard0/VPN/Phone.key' is group or others accessible P:WARNING: file '/storage/sdcard0/VPN/ta.key' is group or others accessible P:Control Channel Authentication: using '/storage/sdcard0/VPN/ta.key' as a OpenVPN static key file P:Protecting socket fd 4 P:UDP link local (bound): [AF_INET][undef]:1194 P:UDP link remote: [AF_INET]96.xxx.xxx.xxx:1194 P:[server] Peer Connection Initiated with [AF_INET]96.xxx.xxx.xxx:1194 P:Options error: option 'resolv-retry' cannot be used in this context ([PUSH-OPTIONS]) P:OpenVPN ROUTE6: OpenVPN needs a gateway parameter for a --route-ipv6 option and no default was specified by either --route-ipv6-gateway or --ifconfig-ipv6 options P:OpenVPN ROUTE: failed to parse/resolve route for host/network: ::/0 P:do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Opening tun interface: Local IPv4: 10.8.0.6/30 IPv6: null MTU: 1500 DNS Server: 8.8.8.8, Domain: null Routes: 96.xxx.xxx.xxx/32, 0.0.0.0/1, 128.0.0.0/1, 0.0.0.0/0, 192.168.1.0/24, 10.8.0.1/32 Routes IPv6: P:Initialization Sequence Completed
September 5, 201312 yr yes it seems sab kills the openvpn, how did you get sab to use the proper ssl??
September 5, 201312 yr I did not test how it operates but it seems like serviio conflict gone. I can add client and start openvpn without any problem. But as i say before i did not try to connect for now. Thanks for your work.
September 6, 201312 yr I got it working after installing iptables and issuing the following command: iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
September 6, 201312 yr yes it seems sab kills the openvpn, how did you get sab to use the proper ssl?? use notepad ++ to edit the sab.plg file ctrl + h to find/replace replace openssl-0.9.8r-i486-3.txz with openssl-1.0.1e-i486-1.txz (1 instance) - dont replace the second instance, use the below replace http://slackware.cs.utah.edu/pub/slackware/slackware-13.37/slackware/n/openssl-0.9.8r-i486-3.txz with http://slackware.cs.utah.edu/pub/slackware/slackware-current/slackware/n/openssl-1.0.1e-i486-1.txz (1 instance) replace dd6ef02ebfe3e54fc54c03a52f736197 with 3ef010a9da36b042d6724ebf00061192 if youre not comfortable with doing it, pm me and i will put the modified one on dropbox for you to download. It works on my system but i dont know what other plugins you use. once i work out how to use github i will try to get influencer to accept it. EDIT: if you update the plg via the GUI you will have to edit the above again
September 6, 201312 yr I got it working after installing iptables and issuing the following command: iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE interesting, i might have to pick contact you once i get my nexus 7 then as im a bit lost with android
September 7, 201312 yr got it all running but still getting an error. I am getting the following error Fri Sep 6 21:52:10 2013 Authenticate/Decrypt packet error: packet HMAC authentication failed Fri Sep 6 21:52:10 2013 TLS Error: incoming packet authentication failed from [AF_INET]MYIP I guess it's blocking it. I am using the open VPN windows client.
September 7, 201312 yr got it all running but still getting an error. I am getting the following error Fri Sep 6 21:52:10 2013 Authenticate/Decrypt packet error: packet HMAC authentication failed Fri Sep 6 21:52:10 2013 TLS Error: incoming packet authentication failed from [AF_INET]MYIP I guess it's blocking it. I am using the open VPN windows client. Have you redone the 3 green ticks again on the left hand side? And then redo the client file again. Seems TLS is not authenticating between server and client.
September 7, 201312 yr still getting the same error Fri Sep 6 22:09:28 2013 Authenticate/Decrypt packet error: packet HMAC authentication failed Fri Sep 6 22:09:28 2013 TLS Error: incoming packet authentication failed from should I delete all the folders and start over?
September 7, 201312 yr Seems the cert on the server and the client arent matching. Yes I would delete the user data folders completely and start with the original plg and upgrade to .25 and stary again
September 7, 201312 yr Which windows client are you using? The official Openvpn client or the openvpn community one?
September 7, 201312 yr all working now, changed to the community client and working good now, I guess the other client I was using didn't work with the new updated plugin
September 7, 201312 yr all working now, changed to the community client and working good now, I guess the other client I was using didn't work with the new updated plugin That was my next suggestion as I can only get the community client to work. Have you got the tap adaptor showing as a public or private network in windows? Need to run a script to change it if not, otherwise will not get internet access
September 7, 201312 yr Hover the mouse over the network icon in the system try (bottom right corner) It will list what networks you are connected to
Archived
This topic is now archived and is closed to further replies.