Re: [gentoo-user] OpenVPN - error

Sat, 22 Feb 2020 02:30:50 -0800 

Hi Thelma,

I think you need 
tls-server 
And 
tls-client 
In your respective configs below.

Reference:
https://askubuntu.com/questions/594868/openvpn-hmac-authentication-failure-no-matter-what-i-do

And
https://openvpn.net/community-resources/reference-manual-for-openvpn-2-4/ 
Grep for tls-server.


On 22 February 2020 11:08:02 PM NZDT, the...@sys-concept.com wrote:
>When I try to start openVPN on a client I see this error on a server:
>
>Sat Feb 22 02:32:10 2020 Authenticate/Decrypt packet error: packet HMAC
>authentication failed
>Sat Feb 22 02:32:10 2020 TLS Error: incoming packet authentication
>failed from [AF_INET]
>
>cat server.conf 
>proto udp
>port 9000
>dev tun
>mode server
>ca /etc/openvpn/cert/ca.crt
>cert /etc/openvpn/cert/clinic_atom.crt
>key /etc/openvpn/cert/clinic_atom.key
>dh /etc/openvpn/cert/dh.pem
>topology subnet
>server 192.168.141.0 255.255.255.0 
>client-to-client
>ifconfig-pool-persist ipp.txt
>client-config-dir ccd
>keepalive 10 120
>tls-auth vpn_clinic.key 0
>tun-mtu 1500
>tun-mtu-extra 32
>mssfix 1200
>duplicate-cn
>comp-lzo
>max-clients 100
>persist-key
>persist-tun
>status openvpn-status.log
>log /var/log/openvpn.log
>log-append /var/log/openvpn.log
>verb 3
>
>On client-config:
>clinic_atom.conf 
>client
>dev tun
>proto udp
>port 9070
>topology subnet
>remote xxx.xx.xx.xx 9070 # static IP
>resolv-retry infinite
>tun-mtu 1500
>tun-mtu-extra 32
>mssfix 1200
>persist-key
>persist-tun
>remote-cert-tls server
>ca "/etc/openvpn/clinic_atom/ca.crt"
>cert "/etc/openvpn/clinic_atom/syscon7.crt"
>key "/etc/openvpn/clinic_atom/syscon7.key"
>tls-auth "/etc/openvpn/clinic_atom/ta.key" 1
>comp-lzo
>log /var/log/openvpn.log
>log-append /var/log/openvpn.log 
>verb 3
>
>-- 
>Thelma

--
Kind regards,

Roger

Reply via email to