hi guys, followed a documentation in Digital Ocean on how to install VPN but it's not working when connecting from Win 7.

OpenVPN: 2.3.11

Any ideas guys?

Thanks for any help.

Here's the error:

You posted some lines, but you don't say which are coming from the Windows system, and which is from the Linux system, or tell us if you've opened ports in your firewall, or tell us how you're testing this. Testing it from your internal network (BEHIND your firewall), will typically not work.

That said, if you don't run the OpenVPN client on Windows as ADMINISTRATOR, it won't have permissions to create the TAP/TUN interface needed for OpenVPN to work.

Actually, a proper Windows installation will install OpenVPN (client or server ...) as a "system service" that does have the Administrator-level privilege to create the necessary virtual interfaces, and to conduct the necessary interactions with its counterpart. (Or, it will be installed, necessarily "by an Administrator," as a privileged application that is capable of doing this.

The OP needs to post considerably more detail, including simultaneous log-excerpts from both sides, in order for anyone to seriously be able to help to address the underlying problem.

Also: "OpenVPN is not specific to <Windows|Linux|whatever>, and so, most problems that arise are not specific to <Windows|Linux|whatever>, either." The OP should search any online resource or FAQ for any description that is at-all similar to what he is seeing, whether or not the web-page being Googled says "Windows." Many problems have to do with the interaction between the two peers, irrespective of(!) which OS is hosting either one of them.

I hate to disagree...but..

I have seen a few instances lately, where a fresh Windows 10 machine did *NOT* have the TAP/TUN interface available, and you had to run a command (forget which now), to get it to appear. And while it did *SAY* that OpenVPN was supported...it wouldn't actually let you fill in the boxes with the selections of your choice. Seen that happen on both fresh and upgraded W10 machines. Haven't done it on W7, though, but the OP doesn't state which.

I do know that if you install the stand-alone client from the OpenVPN site, that right-clicking and selecting "Run as administrator", will let you get things going in many cases.
Agree on both counts.

Windows-10 has a slew of security problems ... so they say ... so they say ...

hi guys, thanks for the reply.

I rebuild the openvpn from scratch but still got errors on the client side.

Here's my server.conf

Here's the client.ovpn (client is windows 7)
Error from the client:
server log (from Centos)

Any ideas guys, why it's not working? Anything i'm missing, need your help please. Thank you.

Scenario: Both server and client is on the same internal network for test purposes.

From post #2, the VERY FIRST REPLY
Testing it from your internal network (BEHIND your firewall), will typically not work.

So...you promptly tested this from the internal network, and are SURPRISED it's not working? And again, you don't say whether or not you're running the OpenVPN client on Windows as administrator or not.

There is no problem whatsoever running openvpn on LAN.

1. Do you actually run Openvpn as the service OR do you use the graphical client? The graphical client MUST BE STARTED AS ADMINISTRATOR if you connect from it.
To make this more clear:
- on Windows Openvpn installs a service which is DISABLED BY DEFAULT.
- using the GUI you DON'T command this service, you connect separately so you MUST run the gui as administrator to make sure you can change interface options on the vpn device. This is required for tap devices, i am not sure about tun, but just to make sure you should run it as administrator.
- i'd recommend testing the connection in the gui then if you need permanent connection, just enable the service which will initiate connections automatically for every .ovpn file found in the openvpn directory (or openvpn/config, i dont remember exactly). This does not need any further user interaction and will not provide any graphical notifications.
2. openvpn version server side? Put verb 4 on the server log and restart it to see more details.

1 members found this post helpful.

First of all, please accept my apology. I miss that one.

Okay so I think I need to do some port forwarding on this one, wow this is a security risk if ever something got misconfigured.

I will have to check the firewalls, but for Windows I set the firewall to allow OpenVPN program.

On Linux side, I know the port 1194 is listening but I will have to double check whether it's open in the firewall.

I run the OpenVPN in Windows as Administrator but to no avail.

Thanks.

"Port forwarding"?? Why? You open port 1194 for UDP only...NOT TCP. OpenVPN is quite secure....opening ANY port, for ANY service can be a security risk, if it's misconfigured.

PC with OpenVPN (acting like a server) is behind a firewall, how the PC on the internet will be able to connect to the server if I will not do a port forwarding?

Yes it's UDP, then I will have to set on the firewall to open UDP traffic for port 1194.

I (incorrectly) assumed the OpenVPN server was also running on the firewall. If it isn't, then yes, you will have to forward.
Right.

I would suggest making this work over LAN first because if it doesnt work there, it will certainly not over the net...

1 members found this post helpful.

...except for the fact that IT WILL NOT WORK OVER LAN, because the network configuration will conflict, along with gateways and several other things.

All the machines are using the same subnet. How do you think they would be able to distinguish local from remote hosts? *IF* you were even able to shoehorn this in somehow, by doing a HUGE amount of port-forwarding, it would only work for a few services, but would be a nightmare to support.