1 |
On 02/25/10 22:17, Xavier Parizet wrote: |
2 |
[snip] |
3 |
>> topology subnet |
4 |
>> remote 208.38.31.237 9000 |
5 |
>> resolv-retry infinite |
6 |
>> nobind |
7 |
> ^^^^^^ |
8 |
> you should remove this line to avoid connection refused messages from |
9 |
>the server. As you are in udp, client should bind on udp source port to |
10 |
>get messages from the server. |
11 |
|
12 |
I remove this one from client.conf |
13 |
|
14 |
> |
15 |
>> tun-mtu 1500 |
16 |
>> tun-mtu-extra 32 |
17 |
>> mssfix 1200 |
18 |
>> persist-key |
19 |
>> persist-tun |
20 |
>> remote-cert-tls server |
21 |
>> ca "/etc/openvpn/client_clinic2/ca.crt" |
22 |
>> cert "/etc/openvpn/client_clinic2/syscon9.crt" |
23 |
>> key "/etc/openvpn/client_clinic2/syscon9.key" |
24 |
>> tls-auth "/etc/openvpn/client_clinic2/vpn_my.key" 1 |
25 |
>> comp-lzo |
26 |
>> log /var/log/openvpn.log |
27 |
>> log-append /var/log/openvpn.log |
28 |
>> verb 3 |
29 |
>> |
30 |
>> |
31 |
>> log file from client: |
32 |
>> |
33 |
>> cat /var/log/openvpn.log |
34 |
>> [SNIP] |
35 |
>> |
36 |
>> Whey sever log is always showing this message: [ECONNREFUSED]: |
37 |
>> Connection refused (code=111 |
38 |
> |
39 |
>From what i can see, please try to add full path to the ccd directory in |
40 |
>client-config-dir directive on the server path. Also check permissions |
41 |
>on that directory. On which user are you running openvpn on the server ? |
42 |
>On the client ? |
43 |
> |
44 |
>Can you increase verbosity and see if there is no open fails on the |
45 |
>server ? If it works, you should have the following line in server logs: |
46 |
>OPTIONS IMPORT: reading client specific options from: [path to ccd]/syscon9 |
47 |
>MULTI: Learn: [192.168.139.15] -> syscon9/[ip source:port source] |
48 |
> |
49 |
>-- |
50 |
> Xavier Parizet |
51 |
>YaGB : http://gentooist.com |
52 |
>GPG : C7DC B10E FC21 63BE |
53 |
>B453 D239 F6E6 DF65 1569 91BF |
54 |
> |
55 |
|
56 |
I added full path to the server for ccd: |
57 |
/etc/openvpn/ccd |
58 |
|
59 |
Now I'm getting consistent IP: 192.168.139.2 every-time I restart openvpn.client_clinic2 |
60 |
but I'm not getting what I requested in ccd/syscon9: |
61 |
ifconfig-push 192.168.139.15 255.255.255.0 |
62 |
|
63 |
The client runs openvpn as user root, |
64 |
the server runs openvpn as user openvpn. |
65 |
|
66 |
-- |
67 |
Joseph |