hello
i'm french student and i work on openvpn during my trainig period
in fact i've two problem but maybe it's the same...
i would like to use a tunnel with a tun interface in routed mode
i generate my certificate, the authentication is succesfull
the connection is established.
the logs are the following on the server side:
********************************************************************************************************
<client public ip>:33743 [nomade.test.pierre] Peer Connection
Initiated with <client public ip>:33743
nomade.test.pierre/<client public ip>:33743 MULTI: no dynamic or
static remote --ifconfig address is available for
nomade.test.pierre/<client public ip>:33743
nomade.test.pierre/<client public ip>:33743 PUSH: Received control
message: 'PUSH_REQUEST'
nomade.test.pierre/<client public ip>:33743 SENT CONTROL
[nomade.test.pierre]: 'PUSH_REPLY,ifconfig 192.168.1.2
192.168.1.1,route 192.168.1.0 255.255.255.0,ping 10,ping-restart 120'
(status=1)
********************************************************************************************************
and the initialization of the sequence is completed without error on
the client side
but with the following configuration i cannot ping the server from the
client, i've this message on server side:
*********************************************************************************************************
nomade.test.pierre/<client public ip>:33743 MULTI: bad source address
from client [192.168.1.2], packet dropped
*********************************************************************************************************
i don't understand why because the tun interface are ok on the both sides
my configuration for the server is
*********************************************************************************************************
local <server public ip>
port 1194
proto udp
dev tun
mode server
tls-server
tun-mtu 1500
mssfix
persist-key
persist-tun
ca .../cacert.pem
cert .../vpn.pierre.crt
key .../vpn.pierre.key
dh .../dh1024.pem
ifconfig 192.168.1.1 192.168.1.2
route 192.168.1.0 255.255.255.0
push "ifconfig 192.168.1.2 192.168.1.1"
push "route 192.168.1.0 255.255.255.0"
client-to-client
keepalive 10 120
cipher BF-CBC
comp-lzo
max-clients 15
user nobody
group nogroup
chroot .../logs
status ...logs/status_routed.log
log-append ...logs/openvpn_routed.log
verb 4
************************************************************************************************************
and the client:
************************************************************************************************************
client
dev tun
proto udp
remote <server public ip> 1194
resolv-retry infinite
nobind
tls-client
persist-key
persist-tun
ca .../cacert.pem
cert .../nomade1.pierre.crt
key .../nomade1.pierre.key
keepalive 10 60
cipher BF-CBC
comp-lzo
verb 2
mute 5
**************************************************************************************************************
my second problem which maybe is link is that when i try to use ccd
directory, i've this error on server
**************************************************************************************************************
TLS Auth Error: --client-config-dir authentication failed for common
name 'nomade.test.pierre' file='/etc/openvpn/ccd/nomade.test.pierre'
**************************************************************************************************************
but i specify on the client the "pull" directive
and on the server i specify:
***********************************************
chroot /etc/openvpn/ccd # idon't know if necessary
client-config-dir /etc/openvpn/ccd
ccd-exclusive
***********************************************
whitout "push ifconfig..."
i hope i'm clear !
who could help me??
thanks you for your interesting