LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   SOLVED -- Hard-to-find gotcha in OpenVPN (https://www.linuxquestions.org/questions/linux-networking-3/solved-hard-to-find-gotcha-in-openvpn-573421/)

jlinkels 07-30-2007 11:34 AM
SOLVED -- Hard-to-find gotcha in OpenVPN
 
This kept me quite busy for a few hours.

I tried to access a host on the server-side LAN from a host on the client-side LAN thru an OpenVPN tunnel.

That failed miserably yielding this error.

"MULTI: bad source address from client [192.168.100.249], packet dropped"

Now how to configure your OpenVPN server is quite clearly described in this HowTo

You need to create a client config dir, and in that dir create a file with an "iroute" statement.

That all fits, and hundreds of people get this error message, and all solutions *only* tell to add the configuration changes and create the ccd/client file.

However, it is extremely important that this ccd/client file is world readable.

I assume this is because the credentials of OpenVPN are lowered to nouser and nogroup.

Unfortunately it is stated nowhere, and I only could find it out by setting the verbosity level=9 on the server. Only then I saw that the ccd/client file could not be found.

I hope google finds this message :)

jlinkels


All times are GMT -5. The time now is 08:20 PM.