[Solved] Openvpn - Help

    • [Solved] Openvpn - Help

      Hi

      I tried to configure my "openvpnvti.conf" without success.
      Does someone could help me?

      my provider is VyprVPN.

      Here is my conf file:

      ####### VTI-Team Image For VU+ STB #######
      ####### Please edit OpenVPN config #######



      ####### Sample config OpenVPN Client (Linux)########
      port 1194 #LISTEN PORT default 1194
      remote us2.vpn.goldenfrog.com #SERVER IP OR URL
      proto udp #OPENVPN PROTOCOL
      dev tun
      tls-client
      ns-cert-type server
      tun-mtu 1500
      tun-mtu-extra 32
      ca /etc/openvpn/ca.vyprvpn.com.crt #(file downloaded from vyprvpn website)
      auth-user-pass /etc/openvpn/key.pem #(file with: 1st line=login, 2nd line=pass)
      #cert /etc/openvpn/client.crt
      #key /etc/openvpn/client.key
      comp-lzo
      float
      pull

      My error message is: Openvpn 2.1 requier '--script-security 2' or higher to call user-defined scripts or executables.

      My version is VTI 4.1 with open vpn installed from the plugin section.

      Thank you for your help,
      EG

      Post was edited 1 time, last by evilgouky ().

    • Message "script-security" is only a warning VPN should work even this message is shown.

      Please start openvpn and then execute this at telnet prompt

      Source Code

      1. ifconfig


      Please post output of above command


      You can start/stop openvpn with this commands at telnet prompt

      Source Code

      1. /etc/init.d/openvpn start
      2. /etc/init.d/openvpn stop
    • Hi,

      Here is my log :

      root@bm750:~# /etc/init.d/openvpn start
      Starting openvpn: FAILED-> openvpnvti.
      root@bm750:~# ifconfig
      eth0 Link encap:Ethernet HWaddr 00:1D:EC:02:18:77
      inet addr:10.10.11.253 Bcast:0.0.0.0 Mask:255.255.248.0
      UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
      RX packets:84712 errors:0 dropped:7932 overruns:0 frame:0
      TX packets:20862 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:10147415 (9.6 MiB) TX bytes:19207106 (18.3 MiB)
      Interrupt:16

      lo Link encap:Local Loopback
      inet addr:127.0.0.1 Mask:255.0.0.0
      UP LOOPBACK RUNNING MTU:16436 Metric:1
      RX packets:254 errors:0 dropped:0 overruns:0 frame:0
      TX packets:254 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:15610 (15.2 KiB) TX bytes:15610 (15.2 KiB)


      As you can see the "/etc/init.d/openvpn start" failed.
      I can start openvpn in telnet like that: openvpn /etc/openvpn/openvpnvti.conf.

      FYI

      root@bm750:~# openvpn /etc/openvpn/openvpnvti.conf
      Mon Mar 26 13:17:27 2012 OpenVPN 2.1_rc20 mipsel-oe-linux [SSL] [LZO2] [EPOLL] b
      uilt on Dec 13 2011
      Mon Mar 26 13:17:27 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or hig
      her to call user-defined scripts or executables
      Mon Mar 26 13:17:27 2012 LZO compression initialized
      Mon Mar 26 13:17:27 2012 UDPv4 link local (bound): [undef]:1194
      Mon Mar 26 13:17:27 2012 UDPv4 link remote: 216.168.3.16:1194
      Mon Mar 26 13:18:27 2012 TLS Error: TLS key negotiation failed to occur within 6
      0 seconds (check your network connectivity)
      Mon Mar 26 13:18:27 2012 TLS Error: TLS handshake failed
      Mon Mar 26 13:18:27 2012 SIGUSR1[soft,tls-error] received, process restarting


      Thank you

      Post was edited 1 time, last by evilgouky ().

    • RE: Openvpn - Help

      Original von evilgouky
      My error message is: Openvpn 2.1 requier '--script-security 2' or higher to call user-defined scripts or executables.
      EG


      This is no error message, this is just an hint. You can ignore it.

      Try launching the server as this:

      cd /etc/openvpn
      openvpn ---config openvpnvti.conf

      Then watch the onscreen logging. If the client tries to connect, you can see it and also diagnose what the issue use. If there is no output after the server says it listening for incoming connections, then your router/client is misconfigured.
      checking for long long... yes
      checking for long double... yes
      +++ Divide By Cucumber Error. Stopping. +++

      My Enigma2-Box' Social Live on Twitter/Facebook:
      --> [Atmolight-Plugin updates | Box using Dreamtwitter]
      --> Follow Atmolight on Facebook [total disarray updates | Box using Facebook Plugin]
      --> Follow Atmolight on Google+ [Just testing ...]
    • Thank you for your help, but I think that the port 1194 is closed and I don't have access to the router.

      Hi, the port 1194 is now opened but I have this message :

      Wed Mar 28 11:09:19 2012 AUTH: Received AUTH_FAILED control message
      Wed Mar 28 11:09:19 2012 SIGTERM[soft,auth-failure] received, process exiting


      Solved, my vpn account is only for PPTP/L2TP, the OpenVPN protocol is a paid option.

      Thank you for your help...

      Post was edited 2 times, last by evilgouky ().

    • Problems with configuring hidemyass vpn

      Hello,
      for hours I have been trying to configure openvpn. I have found some manuals how to configure it, but I don´t know what I am doing worng.
      I have installed Blackhole 2.09 in the moment, if you tell me it is be easier with VTI I will change.
      The provider hideyass gave me an .ovpn - File. The first lines seem to be the same as in .config - Files I found on the internet.
      But below there is more, and I am not sure if this has to be out of the file in another ca and cert-File.

      Can you please tell me also the structure I need to have? /ect/openvpn, and inside this the "keys" folder? or does something have to be in /usr or /ibin or /usr/script or something?

      Here the data from the file I got from the provider. I would change the name to .config and have in the same folder the password.config with the username and password. Is this ok?

      client
      auth-user-pass password.config
      ping 5
      dev tun
      resolv-retry infinite
      nobind
      ;user nobody
      ;group nobody
      persist-key
      persist-tun
      ;http-proxy-retry # retry on connection failures
      ;http-proxy [proxy server] [proxy port #]
      ;mute-replay-warnings
      ns-cert-type server
      verb 3
      ;mute 20
      route-metric 1

      proto tcp
      ping-exit 90
      #show-net-up
      #dhcp-renew
      #dhcp-release
      #route-delay 0 120
      #hand-window 180

      <ca>
      -----BEGIN CERTIFICATE-----
      xxx
      -----END CERTIFICATE-----
      </ca>
      <cert>
      -----BEGIN CERTIFICATE-----
      xxx
      -----END CERTIFICATE-----
      </cert>
      <key>
      -----BEGIN RSA PRIVATE KEY-----
      xxx
      -----END RSA PRIVATE KEY-----
      </key>
      remote 5.134.112.2 443


      Do I need to cut the clusters out and copy them in other file that is in /etc/openvpn/keys ?
      Thanks in advance!

      Post was edited 2 times, last by HarriSat: changed to English ().

    • hoschi78 wrote:

      Du solltest dir neue Keys besorgen, nachdem du deinen private hier gepostet hast, das Internet vergisst nie.



      Ich glaub die hab ich von der Intenetseite vom Provider ohne mich eingeloggt zu haben. In den Anleitungen die ich runtergeladen hatte waren auch keys in dem Ordner openvpn/keys.

      Also brauch ich einen eigenen? Kannst du das genauer erklären? Ohne mein Passwort und Username würde es doch eh nicht klappen, oder? Klappt es bei mir vielleicht deshalb nicht, weil der key von jemand anderem ist? Welche Files brauch ich dann (nur für mich)? ca und crt?

      Post was edited 1 time, last by HarriSat ().

    • also das was ich oben geposted hatte bekommt jeder öffentlilch unter

      support.hidemyass.com/entries/…hone-etc-Where-can-I-get-

      also denke ich nicht dass ich etwas privates geposted habe! Dort gibts auch einen Link zu Keys...
      scheinbar funktionieren die dann eh nicht ohne passwort und user login.

      Kann mir jemand helfen? Wie muss ich das ovpn-File verändern? muss der teil mit dem certificate usw. raus?
    • Hat jemand erfolgreich openvpn über die vu+duo2 am laufen? Habe mir gerade einen Router bestellt der DD WRT-tauglich ist, da soll das wohl einfacher sein.