Openvpn - Help

    Diese Seite verwendet Cookies. Durch die Nutzung unserer Seite erklären Sie sich damit einverstanden, dass wir Cookies setzen. Weitere Informationen

    • Openvpn - Help

      Hi

      I tried to configure my "openvpnvti.conf" without success.
      Does someone could help me?

      my provider is VyprVPN.

      Here is my conf file:

      ####### VTI-Team Image For VU+ STB #######
      ####### Please edit OpenVPN config #######



      ####### Sample config OpenVPN Client (Linux)########
      port 1194 #LISTEN PORT default 1194
      remote us2.vpn.goldenfrog.com #SERVER IP OR URL
      proto udp #OPENVPN PROTOCOL
      dev tun
      tls-client
      ns-cert-type server
      tun-mtu 1500
      tun-mtu-extra 32
      ca /etc/openvpn/ca.vyprvpn.com.crt #(file downloaded from vyprvpn website)
      auth-user-pass /etc/openvpn/key.pem #(file with: 1st line=login, 2nd line=pass)
      #cert /etc/openvpn/client.crt
      #key /etc/openvpn/client.key
      comp-lzo
      float
      pull

      My error message is: Openvpn 2.1 requier '--script-security 2' or higher to call user-defined scripts or executables.

      My version is VTI 4.1 with open vpn installed from the plugin section.

      Thank you for your help,
      EG

      Dieser Beitrag wurde bereits 1 mal editiert, zuletzt von evilgouky ()

    • Message "script-security" is only a warning VPN should work even this message is shown.

      Please start openvpn and then execute this at telnet prompt

      Quellcode

      1. ifconfig


      Please post output of above command


      You can start/stop openvpn with this commands at telnet prompt

      Quellcode

      1. /etc/init.d/openvpn start
      2. /etc/init.d/openvpn stop
    • Hi,

      Here is my log :

      root@bm750:~# /etc/init.d/openvpn start
      Starting openvpn: FAILED-> openvpnvti.
      root@bm750:~# ifconfig
      eth0 Link encap:Ethernet HWaddr 00:1D:EC:02:18:77
      inet addr:10.10.11.253 Bcast:0.0.0.0 Mask:255.255.248.0
      UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
      RX packets:84712 errors:0 dropped:7932 overruns:0 frame:0
      TX packets:20862 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:10147415 (9.6 MiB) TX bytes:19207106 (18.3 MiB)
      Interrupt:16

      lo Link encap:Local Loopback
      inet addr:127.0.0.1 Mask:255.0.0.0
      UP LOOPBACK RUNNING MTU:16436 Metric:1
      RX packets:254 errors:0 dropped:0 overruns:0 frame:0
      TX packets:254 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:15610 (15.2 KiB) TX bytes:15610 (15.2 KiB)


      As you can see the "/etc/init.d/openvpn start" failed.
      I can start openvpn in telnet like that: openvpn /etc/openvpn/openvpnvti.conf.

      FYI

      root@bm750:~# openvpn /etc/openvpn/openvpnvti.conf
      Mon Mar 26 13:17:27 2012 OpenVPN 2.1_rc20 mipsel-oe-linux [SSL] [LZO2] [EPOLL] b
      uilt on Dec 13 2011
      Mon Mar 26 13:17:27 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or hig
      her to call user-defined scripts or executables
      Mon Mar 26 13:17:27 2012 LZO compression initialized
      Mon Mar 26 13:17:27 2012 UDPv4 link local (bound): [undef]:1194
      Mon Mar 26 13:17:27 2012 UDPv4 link remote: 216.168.3.16:1194
      Mon Mar 26 13:18:27 2012 TLS Error: TLS key negotiation failed to occur within 6
      0 seconds (check your network connectivity)
      Mon Mar 26 13:18:27 2012 TLS Error: TLS handshake failed
      Mon Mar 26 13:18:27 2012 SIGUSR1[soft,tls-error] received, process restarting


      Thank you

      Dieser Beitrag wurde bereits 1 mal editiert, zuletzt von evilgouky ()

    • Hm,

      your last log shows a failure in connection.

      1. Is the port 1194 correct for you vpn service ?
      2. is the port for outgoing services open at your internet router ?
      3. is tun device correct ? try tap/tap0 instead
      4. is time/date correct at Vu+ STB at starting openvpn (this is important)
    • RE: Openvpn - Help

      Original von evilgouky
      My error message is: Openvpn 2.1 requier '--script-security 2' or higher to call user-defined scripts or executables.
      EG


      This is no error message, this is just an hint. You can ignore it.

      Try launching the server as this:

      cd /etc/openvpn
      openvpn ---config openvpnvti.conf

      Then watch the onscreen logging. If the client tries to connect, you can see it and also diagnose what the issue use. If there is no output after the server says it listening for incoming connections, then your router/client is misconfigured.
      checking for long long... yes<br>
      checking for long double... yes<br>
      +++ Divide By Cucumber Error. Stopping. +++<br><br>
    • Thank you for your help, but I think that the port 1194 is closed and I don't have access to the router.

      Hi, the port 1194 is now opened but I have this message :

      Wed Mar 28 11:09:19 2012 AUTH: Received AUTH_FAILED control message
      Wed Mar 28 11:09:19 2012 SIGTERM[soft,auth-failure] received, process exiting


      Solved, my vpn account is only for PPTP/L2TP, the OpenVPN protocol is a paid option.

      Thank you for your help...

      Dieser Beitrag wurde bereits 2 mal editiert, zuletzt von evilgouky ()

    • Problems with configuring hidemyass vpn

      Hello,
      for hours I have been trying to configure openvpn. I have found some manuals how to configure it, but I don´t know what I am doing worng.
      I have installed Blackhole 2.09 in the moment, if you tell me it is be easier with VTI I will change.
      The provider hideyass gave me an .ovpn - File. The first lines seem to be the same as in .config - Files I found on the internet.
      But below there is more, and I am not sure if this has to be out of the file in another ca and cert-File.

      Can you please tell me also the structure I need to have? /ect/openvpn, and inside this the "keys" folder? or does something have to be in /usr or /ibin or /usr/script or something?

      Here the data from the file I got from the provider. I would change the name to .config and have in the same folder the password.config with the username and password. Is this ok?

      client
      auth-user-pass password.config
      ping 5
      dev tun
      resolv-retry infinite
      nobind
      ;user nobody
      ;group nobody
      persist-key
      persist-tun
      ;http-proxy-retry # retry on connection failures
      ;http-proxy [proxy server] [proxy port #]
      ;mute-replay-warnings
      ns-cert-type server
      verb 3
      ;mute 20
      route-metric 1

      proto tcp
      ping-exit 90
      #show-net-up
      #dhcp-renew
      #dhcp-release
      #route-delay 0 120
      #hand-window 180

      <ca>
      -----BEGIN CERTIFICATE-----
      xxx
      -----END CERTIFICATE-----
      </ca>
      <cert>
      -----BEGIN CERTIFICATE-----
      xxx
      -----END CERTIFICATE-----
      </cert>
      <key>
      -----BEGIN RSA PRIVATE KEY-----
      xxx
      -----END RSA PRIVATE KEY-----
      </key>
      remote 5.134.112.2 443


      Do I need to cut the clusters out and copy them in other file that is in /etc/openvpn/keys ?
      Thanks in advance!

      Dieser Beitrag wurde bereits 2 mal editiert, zuletzt von HarriSat () aus folgendem Grund: changed to English

    • hoschi78 schrieb:

      Du solltest dir neue Keys besorgen, nachdem du deinen private hier gepostet hast, das Internet vergisst nie.



      Ich glaub die hab ich von der Intenetseite vom Provider ohne mich eingeloggt zu haben. In den Anleitungen die ich runtergeladen hatte waren auch keys in dem Ordner openvpn/keys.

      Also brauch ich einen eigenen? Kannst du das genauer erklären? Ohne mein Passwort und Username würde es doch eh nicht klappen, oder? Klappt es bei mir vielleicht deshalb nicht, weil der key von jemand anderem ist? Welche Files brauch ich dann (nur für mich)? ca und crt?

      Dieser Beitrag wurde bereits 1 mal editiert, zuletzt von HarriSat ()

    • also das was ich oben geposted hatte bekommt jeder öffentlilch unter

      support.hidemyass.com/entries/…hone-etc-Where-can-I-get-

      also denke ich nicht dass ich etwas privates geposted habe! Dort gibts auch einen Link zu Keys...
      scheinbar funktionieren die dann eh nicht ohne passwort und user login.

      Kann mir jemand helfen? Wie muss ich das ovpn-File verändern? muss der teil mit dem certificate usw. raus?
    • muss das mal ausm Keller holen dieses Thema.

      Hat jemand das schonmal mit premiumize gemacht?
      Wenn Ja ,kann mir jemand helfen..OpenVPN files habe ich von premiumize seite.
    • Hi I trying to configure a openvpn of CyberGhost too, in a image VTI, but without positive results, every time says me connection FAILED, please edit file “openvpnvti.conf”!

      Someone knows how to edit this file,please.

      The support of CyberGhost says, change the name of the file what we give you openvpn.ovpn to CyberGhost.conf, but when I install openvpn in VU+ etc/openvpn, I found a file called openvpnvti.conf and I think this one is the correct to edit, with this name not the CyberGhost.conf! I was trying with all 3 file’s but no positive results!

      Here is the manual from CyberGhost
      213271089-Sat-Receiver-How-to-Set-Up-Enigma2-and-VU-Solo-with-CyberGhost-via-OpenVPN
    • Show us your configuration-file.
      Manche Leute führen sich auf, als ob sie ihren Kopf nur haben, um ihre Ohren voneinander zu trennen (Hank Williams)
    • This is the file of Cyberghost, what they give me , I just was changed line 4 at the end ( bold letters) and name of the file openvpn.ovpn to Cyberghost.conf, how they explain in manual.

      Spoiler anzeigen
      client
      remote 98-2-ch.cg-dialup.net 443
      dev tun
      proto tcp
      auth-user-pass /etc/openvpn/pas.key


      resolv-retry infinite
      redirect-gateway def1
      persist-key
      persist-tun
      nobind
      cipher AES-256-CBC
      ncp-disable
      auth SHA256
      ping 5
      ping-exit 60
      ping-timer-rem
      script-security 2
      remote-cert-tls server
      route-delay 5
      verb 4


      ca ca.crt

      cert client.crt

      key client.key

      and this is the original file called openvpnvti.conf, I found in the openvpn folder in vu+ etc/openvpn , after installing the openvpn plugin.

      ####### VTI-Team Image For VU+ STB #######
      ####### Please edit OpenVPN config #######



      ####### Sample config OpenVPN Client (Linux)########
      #port 1194 #LISTEN PORT default 1194
      #remote XXX.XXX.XXX.XXX #SERVER IP OR URL
      #proto udp #OPENVPN PROTOCOL
      #dev tap
      #tls-client
      #ns-cert-type server
      #tun-mtu 1500
      #tun-mtu-extra 32
      #ca /etc/openvpn/ca.crt
      #cert /etc/openvpn/client.crt
      #key /etc/openvpn/client.key
      #comp-lzo
      #float
      #pull


      ####### Sample config OpenVPN Server (Linux)########
      #port 1194 #LISTEN PORT default 1194
      #mode server
      #proto udp #OPENVPN PROTOCOL
      #dev tap0
      #server-bridge XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX #StartIP Subnetmask EndIP
      #client-to-client
      #tls-server
      #ca /etc/openvpn/ca.crt
      #dh /etc/openvpn/dh1024.pem
      #cert /etc/openvpn/server.crt
      #key /etc/openvpn/server.key
      #comp-lzo
      #push "route-gateway XXX.XXX.XXX.XXX" #IP OpenVPN Server
      #push "route XXX.XXX.XXX.0 XXX.XXX.XXX.0" IP Network Subnetmask
      #tun-mtu 1500
      #tun-mtu-extra 32
      #float
      #keepalive 15 60
      #ping-timer-rem
      #persist-key
      #persist-tun
      #push "ping 10"
      #push "ping-restart 60"
      #push "ping-timer-rem"


      I think they want to say to put the file of Cyberghost , Cyberghost.conf instead of the openvpnvti.conf, or they should both stay?
    • delete "ncp-disable" in the configuration-file
      Manche Leute führen sich auf, als ob sie ihren Kopf nur haben, um ihre Ohren voneinander zu trennen (Hank Williams)