SOLVED -- Hard-to-find gotcha in OpenVPN
This kept me quite busy for a few hours.
I tried to access a host on the server-side LAN from a host on the client-side LAN thru an OpenVPN tunnel. That failed miserably yielding this error. "MULTI: bad source address from client [192.168.100.249], packet dropped" Now how to configure your OpenVPN server is quite clearly described in this HowTo You need to create a client config dir, and in that dir create a file with an "iroute" statement. That all fits, and hundreds of people get this error message, and all solutions *only* tell to add the configuration changes and create the ccd/client file. However, it is extremely important that this ccd/client file is world readable. I assume this is because the credentials of OpenVPN are lowered to nouser and nogroup. Unfortunately it is stated nowhere, and I only could find it out by setting the verbosity level=9 on the server. Only then I saw that the ccd/client file could not be found. I hope google finds this message :) jlinkels |
All times are GMT -5. The time now is 08:20 PM. |