Ich habe auf meinen Ubuntuserver 18.04 im Heimnetz Openvpn nach dem Ubuntu wiki installiert. Es tauchen jetzt mehr Probleme auf als mir lieb ist. auf dem Server:
~$ systemctl status openvpn@vpn-server.service ● openvpn@vpn-server.service - OpenVPN connection to vpn-server Loaded: loaded (/lib/systemd/system/openvpn@.service; disabled; vendor preset: enabled) Active: activating (auto-restart) (Result: exit-code) since Tue 2020-06-30 12:41:55 CEST; 3s ago Docs: man:openvpn(8) https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage https://community.openvpn.net/openvpn/wiki/HOWTO Process: 13832 ExecStart=/usr/sbin/openvpn --daemon ovpn-vpn-server --status /run/openvpn/vpn-server.status 10 --cd /etc/openvpn --script-security 2 --config /etc/openvpn/vpn-server.conf --w Main PID: 13832 (code=exited, status=1/FAILURE) Jun 30 12:41:55 ipserver systemd[1]: Failed to start OpenVPN connection to vpn-server.
Die sever.conf
sudo cat /etc/openvpn/server.conf ;local a.b.c.d port 1194 ;proto tcp proto udp ;dev tap dev tun ;dev-node MyTap ca ./easy-rsa2/keys/ca.crt cert ./easy-rsa2/keys/server.crt key ./easy-rsa2/keys/server.key # Diese Datei geheim halten. dh ./easy-rsa2/keys/dh2048.pem # Diffie-Hellman-Parameter ;topology subnet server 10.8.0.0 255.255.255.0 ifconfig-pool-persist /var/log/openvpn/ipp.txt ;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100 ;server-bridge ;push "route 192.168.10.0 255.255.255.0" ;push "route 192.168.20.0 255.255.255.0" ;client-config-dir ccd ;route 192.168.40.128 255.255.255.248 ;client-config-dir ccd ;route 10.9.0.0 255.255.255.252 ;learn-address ./script ;push "redirect-gateway def1 bypass-dhcp" ;push "dhcp-option DNS 208.67.222.222" ;push "dhcp-option DNS 208.67.220.220" ;client-to-client ;duplicate-cn keepalive 10 120 tls-auth ta.key 0 # This file is secret cipher AES-256-CBC ;compress lz4-v2 ;push "compress lz4-v2" ;comp-lzo ;max-clients 100 ;user nobody ;group nogroup persist-key persist-tun status /var/log/openvpn/openvpn-status.log ;log /var/log/openvpn/openvpn.log ;log-append /var/log/openvpn/openvpn.log verb 3 ;mute 20 explicit-exit-notify 1
Auf den Client (Xubuntu 18.04).
~$ openvpn /etc/openvpn/client.conf Tue Jun 30 12:37:04 2020 disabling NCP mode (--ncp-disable) because not in P2MP client or server mode Options error: Parameter ca_file can only be specified in TLS-mode, i.e. where --tls-server or --tls-client is also specified. Use --help for more information.
client.conf
$ sudo cat /etc/openvpn/client.conf dev tun proto udp remote ipserver 1194 resolv-retry infinite nobind ;group nogroup persist-key persist-tun ca /etc/openvpn/ca.crt cert /etc/openvpn/client.crt key /etc/openvpn/client.key remote-cert-tls server tls-auth ta.key 1 cipher AES-256-CBC verb 3 # Silence repeating messages ;mute 20
Was fehlt meiner config jetzt noch?