Active Topics
-
Maemo repository (13)
to Community by nieldk - 10 hrs, 44 mins ago -
Error after installing Leste on sdcard (18)
to Maemo 7 / Leste by Maemish - 2 days, 10 hrs ago -
Maemo 20th Anniversary (4)
to Brainstorm by teroyk - 4 days, 5 hrs ago -
Nokia Booklet 3G (RX-75) Drivers (64)
to Alternatives by teroyk - 4 days, 5 hrs ago -
Porting apps to Leste (46)
to Maemo 7 / Leste by teroyk - 6 days, 9 hrs ago - more...
|
2009-12-17
, 18:39
|
|
Posts: 1,208 |
Thanked: 1,028 times |
Joined on Oct 2007
|
#2
|
Use test "Test" function from applet and post the resulting log here.
|
|
2009-12-17
, 19:15
|
|
Posts: 9 |
Thanked: 1 time |
Joined on Dec 2009
|
#3
|
When I click test I just get a white screen with Test Connection above it 
Waited for a couple of minutes, no change, just a white screen (can't click it)
Tried removing them, first installing the main app, then the applet, no change.
Openvpn version: 2.1~rc20-3maemo3 and the Applet 0.5.2-1
Last edited by jkommeren; 2009-12-17 at 19:23.
Waited for a couple of minutes, no change, just a white screen (can't click it)
Tried removing them, first installing the main app, then the applet, no change.
Openvpn version: 2.1~rc20-3maemo3 and the Applet 0.5.2-1
Last edited by jkommeren; 2009-12-17 at 19:23.
|
|
2009-12-17
, 20:30
|
|
Posts: 1,208 |
Thanked: 1,028 times |
Joined on Oct 2007
|
#4
|
For some reason openvpn is not starting at all then. Could you post you configuration file here? You can removed addresses&etc from the file first
|
|
2009-12-18
, 07:00
|
|
Posts: 9 |
Thanked: 1 time |
Joined on Dec 2009
|
#5
|
Here's the content of client.ovpn:
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
dev tap
;dev tun
# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote [my server].dyndns.org 1194
;remote my-server-2 1194
# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Downgrade privileges after initialization (non-Windows only)
;user nobody
;group nobody
# Try to preserve some state across restarts.
persist-key
persist-tun
# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings
# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca ca.crt
cert client4.crt
key client4.key
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
ns-cert-type server
# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher x
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Set log file verbosity.
verb 3
# Silence repeating messages
;mute 20
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
dev tap
;dev tun
# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote [my server].dyndns.org 1194
;remote my-server-2 1194
# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Downgrade privileges after initialization (non-Windows only)
;user nobody
;group nobody
# Try to preserve some state across restarts.
persist-key
persist-tun
# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings
# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca ca.crt
cert client4.crt
key client4.key
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
ns-cert-type server
# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher x
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Set log file verbosity.
verb 3
# Silence repeating messages
;mute 20
 |
|
2009-12-18
, 07:53
|
|
Posts: 415 |
Thanked: 182 times |
Joined on Nov 2007
@ Leeds UK
|
#6
|
When I installed openvpn applet, it wouldn't let me choose anything outside /etc/openvpn.
So I had to sudo gainroot (install rootsh from extras-testing) and cp these manually into /etc/openvpn
To copy files manually: (install rootsh from extras-testing)
Open an X terminal
sudo gainroot
cd /etc/openvpn
cp /media/mmc1/openvpn/* . <-- or whereever your configs are locally
To get log info, (install rootsh from extras-testing)
Open an X terminal
sudo gainroot
cd /etc/openvpn
openvpn --config client.conf
this will output the log to the screen, also you could set "verb 9"
This will give you way to much info for normal running but could be helpful for debugging
P.S. Another thought, is your desktop a windows machine?
It is possible that using a windows ascii formatted file causes issues (Windows uses CR and LF to terminate a line, unix/linux just uses CR - I've seen other programs barf because of this)
P.P.S. I call my config file client.conf not client.ovpn
Can't do any testing at the moment as the place I'm at in Dubai only allows proxy access, and it seems quite locked down for tunnelling :-(
Last edited by deadmalc; 2009-12-18 at 07:58. Reason: Windows formatted file???? (wild guess)
So I had to sudo gainroot (install rootsh from extras-testing) and cp these manually into /etc/openvpn
To copy files manually: (install rootsh from extras-testing)
Open an X terminal
sudo gainroot
cd /etc/openvpn
cp /media/mmc1/openvpn/* . <-- or whereever your configs are locally
To get log info, (install rootsh from extras-testing)
Open an X terminal
sudo gainroot
cd /etc/openvpn
openvpn --config client.conf
this will output the log to the screen, also you could set "verb 9"
This will give you way to much info for normal running but could be helpful for debugging
P.S. Another thought, is your desktop a windows machine?
It is possible that using a windows ascii formatted file causes issues (Windows uses CR and LF to terminate a line, unix/linux just uses CR - I've seen other programs barf because of this)
P.P.S. I call my config file client.conf not client.ovpn
Can't do any testing at the moment as the place I'm at in Dubai only allows proxy access, and it seems quite locked down for tunnelling :-(
__________________
Life on the edge....always waiting to fall
Life on the edge....always waiting to fall
Last edited by deadmalc; 2009-12-18 at 07:58. Reason: Windows formatted file???? (wild guess)
|
|
2009-12-18
, 09:12
|
|
Posts: 9 |
Thanked: 1 time |
Joined on Dec 2009
|
#7
|
Ah it seems we're getting somehwere: when running from the X terminal it gives the following error: Unrecognized option or missing paramters in clien.ovpn:1 : EA
WNA:97,1 (2.1_rc20)
I'll try recreating the config file
Recreated the file as a unicode type and saved it as client1.conf, no dice.
Last edited by jkommeren; 2009-12-18 at 09:20.
WNA:97,1 (2.1_rc20)I'll try recreating the config file
Recreated the file as a unicode type and saved it as client1.conf, no dice.
Last edited by jkommeren; 2009-12-18 at 09:20.
|
|
2009-12-18
, 10:00
|
|
Posts: 1,208 |
Thanked: 1,028 times |
Joined on Oct 2007
|
#8
|
Originally Posted by deadmalc
Again, applet has import function so that you don't need to copy files manually. Of course you can, it has been one of the design principle.
When I installed openvpn applet, it wouldn't let me choose anything outside /etc/openvpn.
So I had to sudo gainroot (install rootsh from extras-testing) and cp these manually into /etc/openvpn
|
|
2009-12-18
, 10:03
|
|
Posts: 415 |
Thanked: 182 times |
Joined on Nov 2007
@ Leeds UK
|
#9
|
Originally Posted by jkommeren
It is saying that line 1 says: EA
Ah it seems we're getting somehwere: when running from the X terminal it gives the following error: Unrecognized option or missing paramters in clien.ovpn:1 : EA
I'll try recreating the config file
Recreated the file as a unicode type and saved it as client1.conf, no dice.
WNA:97,1vi the file and check the first line!
__________________
Life on the edge....always waiting to fall
Life on the edge....always waiting to fall
|
|
2009-12-18
, 10:05
|
|
Posts: 1,208 |
Thanked: 1,028 times |
Joined on Oct 2007
|
#10
|
Originally Posted by jkommeren
What does no dice mean exactly? Same error or something else? Please copy&paste from terminal, so it's absolutely clear what's happening.
Recreated the file as a unicode type and saved it as client1.conf, no dice.
Could make a new configuration file with leafpad for example, type there manually couple of the first parameters (doesn't have to be complete config, can be of course) and compare the error messages?
I've been fiddling alot with my n900 lately, but one thing I cannot get to work: Openvpn
I have installed both the program and the applet via extras-dev, and used the applet to locate the configuration files (Configuration file:client4.ovpn, Key file: client4.key, Cert file: client4.crt, Ca file:ca.crt)
Pressed Import and tried to connect. It says "starting openvpn connection" when I click "connect to: client", but that's it. It keeps saying "no active connections" under OpenVPN
I use the default udp port (1194) and a dyndns.org address for the server which is redirected to the server's ip.
I've tried the configuration and client4.* files on a computer, and they seem fine.
Something I'm missing here? Please help!