You are not logged in.

Dear visitor, welcome to Vu+ Support Forum. If this is your first visit here, please read the Help. It explains in detail how this page works. To use all features of this page, you should consider registering. Please use the registration form, to register here or read more information about the registration process. If you are already registered, please login here.

evilgouky

Beginner

  • "evilgouky" is male
  • "evilgouky" started this thread

Posts: 3

Date of registration: Mar 26th 2012

  • Send private message

1

Monday, March 26th 2012, 12:35pm

[Solved] Openvpn - Help

Hi

I tried to configure my "openvpnvti.conf" without success.
Does someone could help me?

my provider is VyprVPN.

Here is my conf file:

####### VTI-Team Image For VU+ STB #######
####### Please edit OpenVPN config #######



####### Sample config OpenVPN Client (Linux)########
port 1194 #LISTEN PORT default 1194
remote us2.vpn.goldenfrog.com #SERVER IP OR URL
proto udp #OPENVPN PROTOCOL
dev tun
tls-client
ns-cert-type server
tun-mtu 1500
tun-mtu-extra 32
ca /etc/openvpn/ca.vyprvpn.com.crt #(file downloaded from vyprvpn website)
auth-user-pass /etc/openvpn/key.pem #(file with: 1st line=login, 2nd line=pass)
#cert /etc/openvpn/client.crt
#key /etc/openvpn/client.key
comp-lzo
float
pull

My error message is: Openvpn 2.1 requier '--script-security 2' or higher to call user-defined scripts or executables.

My version is VTI 4.1 with open vpn installed from the plugin section.

Thank you for your help,
EG

This post has been edited 1 times, last edit by "evilgouky" (Mar 28th 2012, 3:21pm)


plnick

Vu+ Admin

Posts: 17,852

Date of registration: Dec 28th 2009

wcf.user.option.userOption118: VTi

wcf.user.option.userOption119: In Farbe und bunt

  • Send private message

2

Monday, March 26th 2012, 12:41pm

Message "script-security" is only a warning VPN should work even this message is shown.

Please start openvpn and then execute this at telnet prompt

Source code

1
ifconfig


Please post output of above command


You can start/stop openvpn with this commands at telnet prompt

Source code

1
2
/etc/init.d/openvpn start
/etc/init.d/openvpn stop

evilgouky

Beginner

  • "evilgouky" is male
  • "evilgouky" started this thread

Posts: 3

Date of registration: Mar 26th 2012

  • Send private message

3

Monday, March 26th 2012, 1:02pm

Hi,

Here is my log :

root@bm750:~# /etc/init.d/openvpn start
Starting openvpn: FAILED-> openvpnvti.
root@bm750:~# ifconfig
eth0 Link encap:Ethernet HWaddr 00:1D:EC:02:18:77
inet addr:10.10.11.253 Bcast:0.0.0.0 Mask:255.255.248.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:84712 errors:0 dropped:7932 overruns:0 frame:0
TX packets:20862 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:10147415 (9.6 MiB) TX bytes:19207106 (18.3 MiB)
Interrupt:16

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:254 errors:0 dropped:0 overruns:0 frame:0
TX packets:254 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:15610 (15.2 KiB) TX bytes:15610 (15.2 KiB)


As you can see the "/etc/init.d/openvpn start" failed.
I can start openvpn in telnet like that: openvpn /etc/openvpn/openvpnvti.conf.

FYI

root@bm750:~# openvpn /etc/openvpn/openvpnvti.conf
Mon Mar 26 13:17:27 2012 OpenVPN 2.1_rc20 mipsel-oe-linux [SSL] [LZO2] [EPOLL] b
uilt on Dec 13 2011
Mon Mar 26 13:17:27 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or hig
her to call user-defined scripts or executables
Mon Mar 26 13:17:27 2012 LZO compression initialized
Mon Mar 26 13:17:27 2012 UDPv4 link local (bound): [undef]:1194
Mon Mar 26 13:17:27 2012 UDPv4 link remote: 216.168.3.16:1194
Mon Mar 26 13:18:27 2012 TLS Error: TLS key negotiation failed to occur within 6
0 seconds (check your network connectivity)
Mon Mar 26 13:18:27 2012 TLS Error: TLS handshake failed
Mon Mar 26 13:18:27 2012 SIGUSR1[soft,tls-error] received, process restarting


Thank you

This post has been edited 1 times, last edit by "evilgouky" (Mar 26th 2012, 1:19pm)


plnick

Vu+ Admin

Posts: 17,852

Date of registration: Dec 28th 2009

wcf.user.option.userOption118: VTi

wcf.user.option.userOption119: In Farbe und bunt

  • Send private message

4

Monday, March 26th 2012, 7:04pm

Hm,

your last log shows a failure in connection.

1. Is the port 1194 correct for you vpn service ?
2. is the port for outgoing services open at your internet router ?
3. is tun device correct ? try tap/tap0 instead
4. is time/date correct at Vu+ STB at starting openvpn (this is important)

5

Monday, March 26th 2012, 8:22pm

RE: Openvpn - Help

Quoted

Original von evilgouky
My error message is: Openvpn 2.1 requier '--script-security 2' or higher to call user-defined scripts or executables.
EG


This is no error message, this is just an hint. You can ignore it.

Try launching the server as this:

cd /etc/openvpn
openvpn ---config openvpnvti.conf

Then watch the onscreen logging. If the client tries to connect, you can see it and also diagnose what the issue use. If there is no output after the server says it listening for incoming connections, then your router/client is misconfigured.
checking for long long... yes
checking for long double... yes
+++ Divide By Cucumber Error. Stopping. +++

My Enigma2-Box' Social Live on Twitter/Facebook:
--> [Atmolight-Plugin updates | Box using Dreamtwitter]
--> Follow Atmolight on Facebook [total disarray updates | Box using Facebook Plugin]
--> Follow Atmolight on Google+ [Just testing ...]

evilgouky

Beginner

  • "evilgouky" is male
  • "evilgouky" started this thread

Posts: 3

Date of registration: Mar 26th 2012

  • Send private message

6

Monday, March 26th 2012, 8:53pm

Thank you for your help, but I think that the port 1194 is closed and I don't have access to the router.

Hi, the port 1194 is now opened but I have this message :

Wed Mar 28 11:09:19 2012 AUTH: Received AUTH_FAILED control message
Wed Mar 28 11:09:19 2012 SIGTERM[soft,auth-failure] received, process exiting


Solved, my vpn account is only for PPTP/L2TP, the OpenVPN protocol is a paid option.

Thank you for your help...

This post has been edited 2 times, last edit by "evilgouky" (Mar 28th 2012, 3:21pm)