Markus101
18.06.06, 21:18
Hallo Leute,
bau mir einen VPN-Server und bekomme bei dem Client folgende Fehlermeldung:
WNS-2:/etc/openvpn# openvpn --config /etc/openvpn/server.conf
Mon Jun 19 05:18:36 2006 OpenVPN 2.0 i386-pc-linux [SSL] [LZO] [EPOLL] built on Apr 6 2006
Mon Jun 19 05:18:36 2006 WARNING: you are using user/group/chroot without persist-key/persist-tun -- this may cause restarts to fail
Mon Jun 19 05:18:36 2006 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Mon Jun 19 05:18:36 2006 WARNING: file '/etc/openvpn/certificate/chefkey.pem' is group or others accessible
Mon Jun 19 05:18:36 2006 LZO compression initialized
Mon Jun 19 05:18:36 2006 Control Channel MTU parms [ ..........]
Mon Jun 19 05:18:36 2006 TUN/TAP device tun0 opened
Mon Jun 19 05:18:36 2006 /sbin/ifconfig tun0 10.1.0.2 pointopoint 10.1.0.1 mtu 1500
Mon Jun 19 05:18:36 2006 Data Channel MTU parms [ ............... ]
Mon Jun 19 05:18:36 2006 Local Options hash (VER=V4): '82111d75'
Mon Jun 19 05:18:36 2006 Expected Remote Options hash (VER=V4): '........'
Mon Jun 19 05:18:36 2006 GID set to nogroup
Mon Jun 19 05:18:36 2006 UID set to nobody
Mon Jun 19 05:18:36 2006 UDPv4 link local (bound): 192.168.4.2:1194
Mon Jun 19 05:18:36 2006 UDPv4 link remote: 192.168.4.1:1194
Mon Jun 19 05:18:36 2006 TLS: Initial packet from 192.168.4.1:1194, sid=1d5b6663 973777ff
Mon Jun 19 05:18:36 2006 VERIFY ERROR: depth=0, error=self signed certificate: /C=DE/ST=Bavaria/L=......../O=........../CN=......../emailAddress=.......
Mon Jun 19 05:18:36 2006 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Mon Jun 19 05:18:36 2006 TLS Error: TLS object -> incoming plaintext read error
Mon Jun 19 05:18:36 2006 TLS Error: TLS handshake failed
Mon Jun 19 05:18:36 2006 TCP/UDP: Closing socket
Mon Jun 19 05:18:36 2006 Closing TUN/TAP interface
Mon Jun 19 05:18:36 2006 SIGUSR1[soft,tls-error] received, process restarting
Mon Jun 19 05:18:36 2006 Restart pause, 2 second(s)
Mon Jun 19 05:18:38 2006 WARNING: you are using user/group/chroot without persist-key/persist-tun -- this may cause restarts to fail
Mon Jun 19 05:18:38 2006 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Mon Jun 19 05:18:38 2006 WARNING: file '/etc/openvpn/certificate/chefkey.pem' is group or others accessible
Mon Jun 19 05:18:38 2006 LZO compression initialized
Mon Jun 19 05:18:38 2006 Control Channel MTU parms [ ..................... ]
Mon Jun 19 05:18:38 2006 Note: Cannot open TUN/TAP dev /dev/net/tun: Permission denied (errno=13)
Mon Jun 19 05:18:38 2006 Note: Attempting fallback to kernel 2.2 TUN/TAP interface
Mon Jun 19 05:18:38 2006 Cannot allocate TUN/TAP dev dynamically
Mon Jun 19 05:18:38 2006 Exiting
WNS-2:/etc/openvpn#
Config Server:
dev tun
proto udp
port 1194
ifconfig 10.1.0.1 10.1.0.2
tls-server
dh /etc/openvpn/zertifikate/dh2048.pem
ca /etc/openvpn/zertifikate/ca.crt
cert /etc/openvpn/zertifikate/server.crt
key /etc/openvpn/zertifikate/server.key
user nobody
group nogroup
status /etc/openvpn/openvpn-status.log
comp-lzo
verb 3
Config Client
dev tun
remote 192.168.1.1
ifconfig 10.1.0.2 10.1.0.1
tls-client
ca /etc/openvpn/zertifikate/ca.crt
cert /etc/openvpn/zertifikate/client1.crt
key /etc/openvpn/zertifikate/client1.key
port 1194
user nobody
group nogroup
comp-lzo
verb 3
LG
Markus
bau mir einen VPN-Server und bekomme bei dem Client folgende Fehlermeldung:
WNS-2:/etc/openvpn# openvpn --config /etc/openvpn/server.conf
Mon Jun 19 05:18:36 2006 OpenVPN 2.0 i386-pc-linux [SSL] [LZO] [EPOLL] built on Apr 6 2006
Mon Jun 19 05:18:36 2006 WARNING: you are using user/group/chroot without persist-key/persist-tun -- this may cause restarts to fail
Mon Jun 19 05:18:36 2006 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Mon Jun 19 05:18:36 2006 WARNING: file '/etc/openvpn/certificate/chefkey.pem' is group or others accessible
Mon Jun 19 05:18:36 2006 LZO compression initialized
Mon Jun 19 05:18:36 2006 Control Channel MTU parms [ ..........]
Mon Jun 19 05:18:36 2006 TUN/TAP device tun0 opened
Mon Jun 19 05:18:36 2006 /sbin/ifconfig tun0 10.1.0.2 pointopoint 10.1.0.1 mtu 1500
Mon Jun 19 05:18:36 2006 Data Channel MTU parms [ ............... ]
Mon Jun 19 05:18:36 2006 Local Options hash (VER=V4): '82111d75'
Mon Jun 19 05:18:36 2006 Expected Remote Options hash (VER=V4): '........'
Mon Jun 19 05:18:36 2006 GID set to nogroup
Mon Jun 19 05:18:36 2006 UID set to nobody
Mon Jun 19 05:18:36 2006 UDPv4 link local (bound): 192.168.4.2:1194
Mon Jun 19 05:18:36 2006 UDPv4 link remote: 192.168.4.1:1194
Mon Jun 19 05:18:36 2006 TLS: Initial packet from 192.168.4.1:1194, sid=1d5b6663 973777ff
Mon Jun 19 05:18:36 2006 VERIFY ERROR: depth=0, error=self signed certificate: /C=DE/ST=Bavaria/L=......../O=........../CN=......../emailAddress=.......
Mon Jun 19 05:18:36 2006 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Mon Jun 19 05:18:36 2006 TLS Error: TLS object -> incoming plaintext read error
Mon Jun 19 05:18:36 2006 TLS Error: TLS handshake failed
Mon Jun 19 05:18:36 2006 TCP/UDP: Closing socket
Mon Jun 19 05:18:36 2006 Closing TUN/TAP interface
Mon Jun 19 05:18:36 2006 SIGUSR1[soft,tls-error] received, process restarting
Mon Jun 19 05:18:36 2006 Restart pause, 2 second(s)
Mon Jun 19 05:18:38 2006 WARNING: you are using user/group/chroot without persist-key/persist-tun -- this may cause restarts to fail
Mon Jun 19 05:18:38 2006 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Mon Jun 19 05:18:38 2006 WARNING: file '/etc/openvpn/certificate/chefkey.pem' is group or others accessible
Mon Jun 19 05:18:38 2006 LZO compression initialized
Mon Jun 19 05:18:38 2006 Control Channel MTU parms [ ..................... ]
Mon Jun 19 05:18:38 2006 Note: Cannot open TUN/TAP dev /dev/net/tun: Permission denied (errno=13)
Mon Jun 19 05:18:38 2006 Note: Attempting fallback to kernel 2.2 TUN/TAP interface
Mon Jun 19 05:18:38 2006 Cannot allocate TUN/TAP dev dynamically
Mon Jun 19 05:18:38 2006 Exiting
WNS-2:/etc/openvpn#
Config Server:
dev tun
proto udp
port 1194
ifconfig 10.1.0.1 10.1.0.2
tls-server
dh /etc/openvpn/zertifikate/dh2048.pem
ca /etc/openvpn/zertifikate/ca.crt
cert /etc/openvpn/zertifikate/server.crt
key /etc/openvpn/zertifikate/server.key
user nobody
group nogroup
status /etc/openvpn/openvpn-status.log
comp-lzo
verb 3
Config Client
dev tun
remote 192.168.1.1
ifconfig 10.1.0.2 10.1.0.1
tls-client
ca /etc/openvpn/zertifikate/ca.crt
cert /etc/openvpn/zertifikate/client1.crt
key /etc/openvpn/zertifikate/client1.key
port 1194
user nobody
group nogroup
comp-lzo
verb 3
LG
Markus