1 |
Hi Thelma, |
2 |
|
3 |
I think you need |
4 |
tls-server |
5 |
And |
6 |
tls-client |
7 |
In your respective configs below. |
8 |
|
9 |
Reference: |
10 |
https://askubuntu.com/questions/594868/openvpn-hmac-authentication-failure-no-matter-what-i-do |
11 |
|
12 |
And |
13 |
https://openvpn.net/community-resources/reference-manual-for-openvpn-2-4/ |
14 |
Grep for tls-server. |
15 |
|
16 |
|
17 |
On 22 February 2020 11:08:02 PM NZDT, thelma@×××××××××××.com wrote: |
18 |
>When I try to start openVPN on a client I see this error on a server: |
19 |
> |
20 |
>Sat Feb 22 02:32:10 2020 Authenticate/Decrypt packet error: packet HMAC |
21 |
>authentication failed |
22 |
>Sat Feb 22 02:32:10 2020 TLS Error: incoming packet authentication |
23 |
>failed from [AF_INET] |
24 |
> |
25 |
>cat server.conf |
26 |
>proto udp |
27 |
>port 9000 |
28 |
>dev tun |
29 |
>mode server |
30 |
>ca /etc/openvpn/cert/ca.crt |
31 |
>cert /etc/openvpn/cert/clinic_atom.crt |
32 |
>key /etc/openvpn/cert/clinic_atom.key |
33 |
>dh /etc/openvpn/cert/dh.pem |
34 |
>topology subnet |
35 |
>server 192.168.141.0 255.255.255.0 |
36 |
>client-to-client |
37 |
>ifconfig-pool-persist ipp.txt |
38 |
>client-config-dir ccd |
39 |
>keepalive 10 120 |
40 |
>tls-auth vpn_clinic.key 0 |
41 |
>tun-mtu 1500 |
42 |
>tun-mtu-extra 32 |
43 |
>mssfix 1200 |
44 |
>duplicate-cn |
45 |
>comp-lzo |
46 |
>max-clients 100 |
47 |
>persist-key |
48 |
>persist-tun |
49 |
>status openvpn-status.log |
50 |
>log /var/log/openvpn.log |
51 |
>log-append /var/log/openvpn.log |
52 |
>verb 3 |
53 |
> |
54 |
>On client-config: |
55 |
>clinic_atom.conf |
56 |
>client |
57 |
>dev tun |
58 |
>proto udp |
59 |
>port 9070 |
60 |
>topology subnet |
61 |
>remote xxx.xx.xx.xx 9070 # static IP |
62 |
>resolv-retry infinite |
63 |
>tun-mtu 1500 |
64 |
>tun-mtu-extra 32 |
65 |
>mssfix 1200 |
66 |
>persist-key |
67 |
>persist-tun |
68 |
>remote-cert-tls server |
69 |
>ca "/etc/openvpn/clinic_atom/ca.crt" |
70 |
>cert "/etc/openvpn/clinic_atom/syscon7.crt" |
71 |
>key "/etc/openvpn/clinic_atom/syscon7.key" |
72 |
>tls-auth "/etc/openvpn/clinic_atom/ta.key" 1 |
73 |
>comp-lzo |
74 |
>log /var/log/openvpn.log |
75 |
>log-append /var/log/openvpn.log |
76 |
>verb 3 |
77 |
> |
78 |
>-- |
79 |
>Thelma |
80 |
|
81 |
-- |
82 |
Kind regards, |
83 |
|
84 |
Roger |