Hi all,
I am trying to install OpenVPN2.0 onto a CentOS v5.3 server.
The package is installed, and I have followed the guides on
OpenVPN and
here.
I have customized my vars, server.conf, and built the appropriate server, DH and client keys.
(I have an existing server at a different office running OpenVPN, but I did not set this up originally - though I am using it to assist in guiding me).
My problem is that, I start the OpenVPN service. Do a "netstat -an | grep 1194" to confirm it's up and listening, then attempt to connect from a client.
The client gets so far then ends with:
"Fri Jul 03 09:28:17 2009 us=421000 Attempting to establish TCP connection with my.server.ip:1194
Fri Jul 03 09:28:18 2009 us=484000 TCP: connect to my.server.ip:1194 failed, will try again in 5 seconds: Connection refused (WSAECONNREFUSED)
Fri Jul 03 09:28:23 2009 us=484000 SIGTERM[hard,init_instance] received, process exiting"
I find the OpenVPN service on the server has shut itself down at this point.
The openvpn.log reads:
"Fri Jul 3 09:25:33 2009 us=237238 TCPv4_SERVER link local: [undef]
Fri Jul 3 09:25:33 2009 us=237250 TCPv4_SERVER link remote: my.source.ip:54571
WRFri Jul 3 09:25:33 2009 us=237578 my.source.ip:54571 TLS: Initial packet from my.source.ip:54571, sid=6e8932c7 62f5f72c
WRWRRWWWWRWRWRWWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRRRRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRFri Jul 3 09:25:34 2009 us=195624 my.source.ip:54571 CRL: cannot
read: /etc/openvpn/keys/01.pem: Permission denied (errno=13)
Fri Jul 3 09:25:34 2009 us=195637 my.source.ip:54571 Exiting"
The permissions on the keys folder:
drwx------ 2 root root 4096 Jul 3 08:51 keys
The permissions on the 01.pem file:
-rw-r--r-- 1 root root 3.7K Jul 3 08:49 01.pem
If I chmod 777 the 01.pem file, the same error occurs.
If I move 01.pem to /etc/openvpn (and alter the server.conf accordingly) it fails again, with the following error in openvpn.log:
"Fri Jul 3 10:01:36 2009 us=603780 TCPv4_SERVER link local: [undef]
Fri Jul 3 10:01:36 2009 us=603792 TCPv4_SERVER link remote: my.source.ip:40500
WRFri Jul 3 10:01:36 2009 us=604210 my.source.ip:40500 TLS: Initial packet from my.source.ip:40500, sid=2f9980e1 6a6d578b
WRWRRWWWWRWRWRWWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRRRRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRFri Jul 3 10:01:37 2009 us=621867 my.source.ip:40500 CRL: cannot
read CRL from file /etc/openvpn/01.pem
Fri Jul 3 10:01:37 2009 us=621890 my.source.ip:40500 Exiting
"
I don't really know what this 01.pem file does, or what the problem is with it. If anyone could help me out here, I would be so, so grateful!
Thanks for reading!
Elliot