Community discussions

MUM Europe 2020
 
User avatar
mandrade
Member Candidate
Member Candidate
Topic Author
Posts: 106
Joined: Fri Sep 08, 2006 12:35 pm
Location: Brazil
Contact:

OpenVPN X Windows Client....

Tue Aug 26, 2008 6:03 pm

Hi,

I made configs to OpenVPN in my ROS exactly as http://wiki.mikrotik.com/wiki/OpenVPN , with Linux Client it works FINE, but with windows client o have this error :
Tue Aug 26 11:57:16 2008 OpenVPN 2.1_rc9 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Jul 31 2008
Tue Aug 26 11:57:16 2008 Sorry, 'Auth' password cannot be read from a file
Tue Aug 26 11:57:16 2008 Exiting
Any idea how to slove this????


PPLLLEEEAAASSSEEEE HEEELLLPPPPP

BR

Mauricio
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 5960
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: OpenVPN X Windows Client....

Wed Aug 27, 2008 8:00 am

Tue Aug 26 11:57:16 2008 Sorry, 'Auth' password cannot be read from a file
It explains everything.

On windows you are not allowed to read authentication data from file like in linux. Remove line auth-user-pass auth.cfg from ovpn configuration file.
 
User avatar
mandrade
Member Candidate
Member Candidate
Topic Author
Posts: 106
Joined: Fri Sep 08, 2006 12:35 pm
Location: Brazil
Contact:

Re: OpenVPN X Windows Client....

Wed Aug 27, 2008 5:01 pm

Tue Aug 26 11:57:16 2008 Sorry, 'Auth' password cannot be read from a file
It explains everything.

On windows you are not allowed to read authentication data from file like in linux. Remove line auth-user-pass auth.cfg from ovpn configuration file.

Ok, but if i remove, how to send user/password do ROS OVPN server????

BR
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 5960
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: OpenVPN X Windows Client....

Thu Aug 28, 2008 8:18 am

Actually this feature is disabled by default (according to ovpn changelog).
You would have to rebuild OpenVPN on Windows with the --enable-password-save option.

Look at building from source section.
http://openvpn.net/index.php/documentat ... ml?start=1
 
wsgtrsys
newbie
Posts: 36
Joined: Sat Dec 25, 2004 2:22 pm

Re: OpenVPN X Windows Client....

Thu Aug 28, 2008 9:40 am

routeros's openvpn server work fine with openvpn 2.0,but can't support "openvpn 2.1 client",when i connect to ovpn server,log is:
Thu Aug 28 14:38:35 2008 us=468000 OpenVPN 2.1_rc9 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Jul 31 2008
Thu Aug 28 14:38:38 2008 us=375000 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Thu Aug 28 14:38:38 2008 us=390000 Control Channel MTU parms [ L:1591 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Aug 28 14:38:38 2008 us=390000 Data Channel MTU parms [ L:1591 D:1450 EF:59 EB:4 ET:32 EL:0 ]
Thu Aug 28 14:38:38 2008 us=390000 Local Options String: 'V4,dev-type tap,link-mtu 1591,tun-mtu 1532,proto TCPv4_CLIENT,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Thu Aug 28 14:38:38 2008 us=390000 Expected Remote Options String: 'V4,dev-type tap,link-mtu 1591,tun-mtu 1532,proto TCPv4_SERVER,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Thu Aug 28 14:38:38 2008 us=390000 Local Options hash (VER=V4): 'b60e7885'
Thu Aug 28 14:38:38 2008 us=390000 Expected Remote Options hash (VER=V4): 'fbeb66e6'
Thu Aug 28 14:38:38 2008 us=390000 Attempting to establish TCP connection with 192.168.0.1:1194
Thu Aug 28 14:38:38 2008 us=390000 TCP connection established with 192.168.0.1:1194
Thu Aug 28 14:38:38 2008 us=390000 Socket Buffers: R=[0->0] S=[0->0]
Thu Aug 28 14:38:38 2008 us=390000 TCPv4_CLIENT link local: [undef]
Thu Aug 28 14:38:38 2008 us=390000 TCPv4_CLIENT link remote: 192.168.0.1:1194
Thu Aug 28 14:38:38 2008 us=406000 TLS: Initial packet from 192.168.0.1:1194, sid=7b767639 0b351900
Thu Aug 28 14:38:38 2008 us=406000 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Thu Aug 28 14:38:38 2008 us=671000 VERIFY ERROR: could not extract Common Name from X509 subject string ('/C=CA/ST=NA/L=CHO/O=OpenVPN-GTR/emailAddress=webmaster@test.com') -- note that the Common Name length is limited to 64 characters
Thu Aug 28 14:38:38 2008 us=671000 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Thu Aug 28 14:38:38 2008 us=671000 TLS Error: TLS object -> incoming plaintext read error
Thu Aug 28 14:38:38 2008 us=671000 TLS Error: TLS handshake failed
Thu Aug 28 14:38:38 2008 us=671000 Fatal TLS error (check_tls_errors_co), restarting
Thu Aug 28 14:38:38 2008 us=671000 TCP/UDP: Closing socket
Thu Aug 28 14:38:38 2008 us=671000 SIGUSR1[soft,tls-error] received, process restarting
Thu Aug 28 14:38:38 2008 us=671000 Restart pause, 5 second(s)
Thu Aug 28 14:38:43 2008 us=671000 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Thu Aug 28 14:38:43 2008 us=671000 Control Channel MTU parms [ L:1591 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Aug 28 14:38:43 2008 us=671000 Data Channel MTU parms [ L:1591 D:1450 EF:59 EB:4 ET:32 EL:0 ]
Thu Aug 28 14:38:43 2008 us=671000 Local Options String: 'V4,dev-type tap,link-mtu 1591,tun-mtu 1532,proto TCPv4_CLIENT,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Thu Aug 28 14:38:43 2008 us=671000 Expected Remote Options String: 'V4,dev-type tap,link-mtu 1591,tun-mtu 1532,proto TCPv4_SERVER,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Thu Aug 28 14:38:43 2008 us=671000 Local Options hash (VER=V4): 'b60e7885'
Thu Aug 28 14:38:43 2008 us=671000 Expected Remote Options hash (VER=V4): 'fbeb66e6'
Thu Aug 28 14:38:43 2008 us=671000 Attempting to establish TCP connection with 192.168.0.1:1194
Thu Aug 28 14:38:43 2008 us=671000 TCP/UDP: Closing socket
Thu Aug 28 14:38:43 2008 us=671000 SIGTERM[hard,init_instance] received, process exiting
 
User avatar
mandrade
Member Candidate
Member Candidate
Topic Author
Posts: 106
Joined: Fri Sep 08, 2006 12:35 pm
Location: Brazil
Contact:

Re: OpenVPN X Windows Client....

Fri Aug 29, 2008 4:12 pm

Actually this feature is disabled by default (according to ovpn changelog).
You would have to rebuild OpenVPN on Windows with the --enable-password-save option.

Look at building from source section.
http://openvpn.net/index.php/documentat ... ml?start=1
follwing the instructions i only get this error while compile openvpn.. :(
$ make -f makefile.w32
gcc -g -O2 -Wall -Wno-unused-function -Wno-unused-variable -mno-cygwin -I/c/src/openssl-0.9.7k/include -I/c/src/lzo-1.08/include -c cryptoapi.c -o cryptoapi.o
In file included from C:/msys/1.0/mingw/bin/../lib/gcc/mingw32/3.4.5/../../../../include/openssl/crypto.h:131,
from C:/msys/1.0/mingw/bin/../lib/gcc/mingw32/3.4.5/../../../../include/openssl/comp.h:5,
from C:/msys/1.0/mingw/bin/../lib/gcc/mingw32/3.4.5/../../../../include/openssl/ssl.h:176,
from cryptoapi.c:35:
C:/msys/1.0/mingw/bin/../lib/gcc/mingw32/3.4.5/../../../../include/openssl/ossl_typ.h:176: error: syntax error before numeric constant
cryptoapi.c: In function `SSL_CTX_use_CryptoAPI_certificate':
cryptoapi.c:368: warning: passing arg 2 of `d2i_X509' from incompatible pointer type
make: *** [cryptoapi.o] Error 1

any idea how to slove??? or where can i get a precompiled version with the right opetions???

BR
 
User avatar
Alessio Garavano
Member
Member
Posts: 304
Joined: Sat May 29, 2004 12:49 am
Location: Corrientes, Argentina
Contact:

Re: OpenVPN X Windows Client....

Fri Feb 06, 2009 10:09 pm

Yes, i need this too and compilling i have the same problem, any solution?
Alessio Garavano
http://www.isparg.com.ar

Who is online

Users browsing this forum: rebel2234 and 57 guests