Bonjour à tous!
J'ai suivi le tuto openVPN debian 7 du site et je n'arrive pas a me connecter au serveur.
Voici le log du serveur quand j'essai de me connecter:
Sat Feb 15 18:04:17 2014 OpenVPN 2.2.1 x86_64-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2$
Sat Feb 15 18:04:17 2014 WARNING: --keepalive option is missing from server config
Sat Feb 15 18:04:17 2014 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sat Feb 15 18:04:17 2014 Diffie-Hellman initialized with 1024 bit key
Sat Feb 15 18:04:17 2014 Control Channel Authentication: using '/etc/openvpn/easy-rsa/keys/ta.key' as a OpenVPN static key file
Sat Feb 15 18:04:17 2014 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Feb 15 18:04:17 2014 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Feb 15 18:04:17 2014 TLS-Auth MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
Sat Feb 15 18:04:17 2014 Socket Buffers: R=[87380->131072] S=[16384->131072]
Sat Feb 15 18:04:17 2014 ROUTE default_gateway=94.23.40.254
Sat Feb 15 18:04:17 2014 TUN/TAP device tun0 opened
Sat Feb 15 18:04:17 2014 TUN/TAP TX queue length set to 100
Sat Feb 15 18:04:17 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Sat Feb 15 18:04:17 2014 /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
Sat Feb 15 18:04:17 2014 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2
Sat Feb 15 18:04:17 2014 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Feb 15 18:04:17 2014 GID set to nogroup
Sat Feb 15 18:04:17 2014 UID set to nobody
Sat Feb 15 18:04:17 2014 Listening for incoming TCP connection on [undef]
Sat Feb 15 18:04:17 2014 TCPv4_SERVER link local (bound): [undef]
Sat Feb 15 18:04:17 2014 TCPv4_SERVER link remote: [undef]
Sat Feb 15 18:04:17 2014 MULTI: multi_init called, r=256 v=256
Sat Feb 15 18:04:17 2014 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Sat Feb 15 18:04:17 2014 MULTI: TCP INIT maxclients=1024 maxevents=1028
Sat Feb 15 18:04:17 2014 Initialization Sequence Completed
Sat Feb 15 18:04:23 2014 MULTI: multi_create_instance called
Sat Feb 15 18:04:23 2014 Re-using SSL/TLS context
Sat Feb 15 18:04:23 2014 LZO compression initialized
Sat Feb 15 18:04:23 2014 Control Channel MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
Sat Feb 15 18:04:23 2014 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Feb 15 18:04:23 2014 Local Options hash (VER=V4): '9915e4a2'
Sat Feb 15 18:04:23 2014 Expected Remote Options hash (VER=V4): '2f2c6498'
Sat Feb 15 18:04:23 2014 TCP connection established with [AF_INET]88.163.68.80:20039
Sat Feb 15 18:04:23 2014 TCPv4_SERVER link local: [undef]
Sat Feb 15 18:04:23 2014 TCPv4_SERVER link remote: [AF_INET]88.163.68.80:20039
Sat Feb 15 18:04:23 2014 88.163.68.80:20039 TLS: Initial packet from [AF_INET]88.163.68.80:20039, sid=06646bb3 f99c465e
Sat Feb 15 18:04:24 2014 88.163.68.80:20039 CRL: cannot read: /etc/openvpn/crl.pem: No such file or directory (errno=2)
Sat Feb 15 18:04:24 2014 88.163.68.80:20039 Exiting
Sat Feb 15 18:04:24 2014 88.163.68.80:20039 /sbin/route del -net 10.8.0.0 netmask 255.255.255.0
SIOCDELRT: Operation not permitted
Sat Feb 15 18:04:24 2014 88.163.68.80:20039 ERROR: Linux route delete command failed: external program exited with error status: 7
Sat Feb 15 18:04:24 2014 88.163.68.80:20039 Closing TUN/TAP interface
Sat Feb 15 18:04:24 2014 88.163.68.80:20039 /sbin/ifconfig tun0 0.0.0.0
SIOCSIFADDR: Operation not permitted
SIOCSIFFLAGS: Operation not permitted
Sat Feb 15 18:04:24 2014 88.163.68.80:20039 Linux ip addr del failed: external program exited with error status: 255
le log du client:
Sat Feb 15 18:19:21 2014 us=833135 OpenVPN 2.3.2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Aug 22 2013
Enter Management Password:
Sat Feb 15 18:19:21 2014 us=848735 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Sat Feb 15 18:19:21 2014 us=848735 Need hold release from management interface, waiting...
Sat Feb 15 18:19:22 2014 us=332336 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Sat Feb 15 18:19:22 2014 us=441536 MANAGEMENT: CMD 'state on'
Sat Feb 15 18:19:22 2014 us=441536 MANAGEMENT: CMD 'log all on'
Sat Feb 15 18:19:22 2014 us=503936 MANAGEMENT: CMD 'hold off'
Sat Feb 15 18:19:22 2014 us=503936 MANAGEMENT: CMD 'hold release'
Sat Feb 15 18:19:22 2014 us=503936 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sat Feb 15 18:19:22 2014 us=706736 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Sat Feb 15 18:19:22 2014 us=706736 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Feb 15 18:19:22 2014 us=706736 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Feb 15 18:19:22 2014 us=706736 LZO compression initialized
Sat Feb 15 18:19:22 2014 us=706736 Control Channel MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
Sat Feb 15 18:19:22 2014 us=706736 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sat Feb 15 18:19:22 2014 us=706736 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Feb 15 18:19:22 2014 us=706736 Local Options String: 'V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'
Sat Feb 15 18:19:22 2014 us=706736 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'
Sat Feb 15 18:19:22 2014 us=706736 Local Options hash (VER=V4): '2f2c6498'
Sat Feb 15 18:19:22 2014 us=706736 Expected Remote Options hash (VER=V4): '9915e4a2'
Sat Feb 15 18:19:22 2014 us=706736 Attempting to establish TCP connection with [AF_INET]94.23.40.8:8876
Sat Feb 15 18:19:22 2014 us=706736 MANAGEMENT: >STATE:1392484762,TCP_CONNECT,,,
Sat Feb 15 18:19:23 2014 us=814338 TCP: connect to [AF_INET]94.23.40.8:8876 failed, will try again in 5 seconds: Connection refused (WSAECONNREFUSED)
Sat Feb 15 18:19:28 2014 us=884347 MANAGEMENT: >STATE:1392484768,TCP_CONNECT,,,
Sat Feb 15 18:19:29 2014 us=960749 TCP: connect to [AF_INET]94.23.40.8:8876 failed, will try again in 5 seconds: Connection refused (WSAECONNREFUSED)
Sat Feb 15 18:19:31 2014 us=988753 SIGTERM[hard,init_instance] received, process exiting
Sat Feb 15 18:19:31 2014 us=988753 MANAGEMENT: >STATE:1392484771,EXITING,init_instance
la config client windows 7 x64:
client
dev tun
proto tcp
remote 94.23.40.8 8876
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert fabrice.crt
key fabrice.key
tls-auth ta.key 1
cipher AES-256-CBC
comp-lzo
verb 5
la config serveur:
mode server
dev tun
proto tcp
port 8876
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/ks369005.kimsufi.com.crt
key /etc/openvpn/easy-rsa/keys/ks369005.kimsufi.com.key
dh /etc/openvpn/easy-rsa/keys/dh1024.pem
tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0 # ajout pour multiple client
crl-verify /etc/openvpn/crl.pem # ajout pour révocation
cipher AES-256-CBC # ajout pour un meilleur cryptage
user nobody
group nogroup
server 10.8.0.0 255.255.255.0
persist-key
persist-tun
status /var/log/openvpn-status.log
verb 3
client-to-client
push "redirect-gateway def1"
#set the dns servers
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
log-append /var/log/openvpn
comp-lzo
Est ce que le problème pourrait venir de ça: CRL: cannot read: /etc/openvpn/crl.pem: No such file or directory (errno=2) ?
Merci d'avance pour votre aide!