openvpn windows client error

peter_jenp

New Member
Joined
Feb 23, 2021
Messages
23
Reaction score
5
Credits
248
Hello all

First of all sorry for bad English, this is because I cannot write English and that is why I wrote this message in Dutch and translated it to English with google translate

I have an openvpn server running on a debian 9 linux server with the following configuration
Code:
local xxx.xxx.xxx.xxx
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA512
tls-crypt tc.key
topology subnet
# server 44.137.83.65 255.255.255.240
# server-ipv6 fddd:1194:1194:1194::/64

mode server
tls-server
push "topology [topology]"

ifconfig 44.137.83.78 255.255.255.240
ifconfig-pool 44.137.83.65 44.137.83.77 255.255.255.240
push "route-gateway 44.137.83.78"

push "redirect-gateway def1 ipv6 bypass-dhcp"
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 213.186.33.99"
keepalive 10 120
cipher AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
crl-verify crl.pem
explicit-exit-notify

f a linux client wants to connect to this server everything works perfectly. however, as soon as a windows client wants to connect, he gets an error that can be seen in the attached photo. the client configuration (.ovpn file) looks like this

Code:
client
dev tun
proto udp
remote xxx.xxx.xxx.xxx 1194
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
auth SHA512
cipher AES-256-CBC
ignore-unknown-option block-outside-dns
block-outside-dns
verb 3
<ca>
-----BEGIN CERTIFICATE-----

-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----

-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----

-----END PRIVATE KEY-----
</key>
<tls-crypt>
-----BEGIN OpenVPN Static key V1-----

-----END OpenVPN Static key V1-----
</tls-crypt>

does anyone know how I get an error and more importantly how to fix this? greetings: peter
 

Attachments

  • openvpnerror.jpg
    openvpnerror.jpg
    163.4 KB · Views: 277


What does your openvpn server log file say, I would think when there is a connection attempt and it fails it will be logged in your openvpn server log file? What openvpn-server version are you running and what version of Windows is your client?
 
Last edited:
the log of openvpn server (openvpn-status.log) contains the following

Code:
TITLE,OpenVPN 2.4.0 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Oct 14 2018
TIME,Tue Feb 23 19:40:47 2021,1614109247
HEADER,CLIENT_LIST,Common Name,Real Address,Virtual Address,Virtual IPv6 Address,Bytes Received,Bytes Sent,Connected Since,Connected Since (time_t),Username,Client ID,Peer ID
CLIENT_LIST,streamingpc,83.82.140.238:64660,44.137.83.68,,3397,5696,Tue Feb 23 19:37:29 2021,1614109049,UNDEF,5,1
CLIENT_LIST,strato,85.214.160.22:56044,44.137.83.65,,627253,580132,Mon Feb 22 07:53:27 2021,1613980407,UNDEF,2,2
CLIENT_LIST,linux_db,83.82.140.238:42340,44.137.83.66,,591185,543895,Mon Feb 22 10:09:51 2021,1613988591,UNDEF,4,0
HEADER,ROUTING_TABLE,Virtual Address,Common Name,Real Address,Last Ref,Last Ref (time_t)
ROUTING_TABLE,44.137.83.68,streamingpc,83.82.140.238:64660,Tue Feb 23 19:37:30 2021,1614109050
ROUTING_TABLE,44.137.83.66,linux_db,83.82.140.238:42340,Mon Feb 22 10:09:51 2021,1613988591
ROUTING_TABLE,44.137.83.65,strato,85.214.160.22:56044,Mon Feb 22 07:53:28 2021,1613980408
GLOBAL_STATS,Max bcast/mcast queue length,0
END
If I do not respond for the next few hours, that is because it is now evening here and I will immediately go to sleep.
 
Do a tail -f on all the openvpn log files, they should be located here: /var/log/openvpn. Then try to connect from your Windows client and then share the output of the tail -f here. Although I do recommend you create a topic on the openvpn forums since they will most likely be able to help you solve your issue faster since they are focused on openvpn land I can't guarantee you that I will or anyone here will be able to since this forum's focus is on Linux.
 
Last edited:

Members online


Top