11-07-2017, 11:30 AM
We are having trouble setting up the VPN from the phone to our Watchguard (via SSL)
syslog shows:
<29>Nov 7 00:00:09 openvpn[1182]: OpenVPN 2.2.1 arm-linux [SSL] [LZO2] [EPOLL] built on Jun 30 2017
<28>Nov 7 00:00:09 openvpn[1182]: WARNING: file '/config/openvpn/auth.txt' is group or others accessible
<28>Nov 7 00:00:09 openvpn[1182]: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
<28>Nov 7 00:00:09 openvpn[1182]: WARNING: file '/config/openvpn/keys/client.key' is group or others accessible
<29>Nov 7 00:00:09 openvpn[1182]: Control Channel MTU parms [ L:1591 D:140 EF:40 EB:0 ET:0 EL:0 ]
<29>Nov 7 00:00:09 openvpn[1182]: Socket Buffers: R=[87380->131072] S=[16384->131072]
<29>Nov 7 00:00:09 openvpn[1182]: Data Channel MTU parms [ L:1591 D:1450 EF:59 EB:4 ET:32 EL:0 ]
<29>Nov 7 00:00:09 openvpn[1182]: Local Options hash (VER=V4): 'b60e7885'
<29>Nov 7 00:00:09 openvpn[1182]: Expected Remote Options hash (VER=V4): 'fbeb66e6'
<29>Nov 7 00:00:09 openvpn[1190]: Attempting to establish TCP connection with (myIP):44344 [nonblock]
<27>Nov 7 00:00:09 openvpn[1190]: TCP: connect to (myIP):44344 failed, will try again in 5 seconds: Network is unreachable
<29>Nov 7 00:00:09 openvpn[1190]: SIGUSR1[soft,init_instance] received, process restarting
<29>Nov 7 00:00:09 openvpn[1190]: Restart pause, 5 second(s)
ive uploaded a OpenVPN.tar file containing the following:
auth.txt
vpn.cnf
keys\ca.crt
keys\client.crt
keys\client.key
my vpn.cnf file shows
dev tap
client
proto tcp
remote-cert-eku "TLS Web Server Authentication"
remote x.x.x.x 44344 (ive removed the correct ip)
remote x.x.x.x 44344
persist-key
persist-tun
verb 3
mute 20
keepalive 10 60
cipher AES-256-CBC
auth SHA1
float 1
reneg-sec 3660
nobind
mute-replay-warnings
auth-user-pass /config/openvpn/auth.txt
ca /config/openvpn/keys/ca.crt
cert /config/openvpn/keys/client.crt
key /config/openvpn/keys/client.key
we have this method working on older phones but am struggling with this model
thanks
syslog shows:
<29>Nov 7 00:00:09 openvpn[1182]: OpenVPN 2.2.1 arm-linux [SSL] [LZO2] [EPOLL] built on Jun 30 2017
<28>Nov 7 00:00:09 openvpn[1182]: WARNING: file '/config/openvpn/auth.txt' is group or others accessible
<28>Nov 7 00:00:09 openvpn[1182]: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
<28>Nov 7 00:00:09 openvpn[1182]: WARNING: file '/config/openvpn/keys/client.key' is group or others accessible
<29>Nov 7 00:00:09 openvpn[1182]: Control Channel MTU parms [ L:1591 D:140 EF:40 EB:0 ET:0 EL:0 ]
<29>Nov 7 00:00:09 openvpn[1182]: Socket Buffers: R=[87380->131072] S=[16384->131072]
<29>Nov 7 00:00:09 openvpn[1182]: Data Channel MTU parms [ L:1591 D:1450 EF:59 EB:4 ET:32 EL:0 ]
<29>Nov 7 00:00:09 openvpn[1182]: Local Options hash (VER=V4): 'b60e7885'
<29>Nov 7 00:00:09 openvpn[1182]: Expected Remote Options hash (VER=V4): 'fbeb66e6'
<29>Nov 7 00:00:09 openvpn[1190]: Attempting to establish TCP connection with (myIP):44344 [nonblock]
<27>Nov 7 00:00:09 openvpn[1190]: TCP: connect to (myIP):44344 failed, will try again in 5 seconds: Network is unreachable
<29>Nov 7 00:00:09 openvpn[1190]: SIGUSR1[soft,init_instance] received, process restarting
<29>Nov 7 00:00:09 openvpn[1190]: Restart pause, 5 second(s)
ive uploaded a OpenVPN.tar file containing the following:
auth.txt
vpn.cnf
keys\ca.crt
keys\client.crt
keys\client.key
my vpn.cnf file shows
dev tap
client
proto tcp
remote-cert-eku "TLS Web Server Authentication"
remote x.x.x.x 44344 (ive removed the correct ip)
remote x.x.x.x 44344
persist-key
persist-tun
verb 3
mute 20
keepalive 10 60
cipher AES-256-CBC
auth SHA1
float 1
reneg-sec 3660
nobind
mute-replay-warnings
auth-user-pass /config/openvpn/auth.txt
ca /config/openvpn/keys/ca.crt
cert /config/openvpn/keys/client.crt
key /config/openvpn/keys/client.key
we have this method working on older phones but am struggling with this model
thanks