[操作疑難] Please help with setting up OpenVPN in DD WRT Router

I have set up the OpenVPN in DD WRT router but I have huge difficulty in making connection remotely using OpenVPN client in windows 10.  I have done tons of research on the web in getting all the keys and certs into the client's config folder but it still does not work and it says connection problem.  Any one who can provide a complete guideline to set up the server and the client for OpenVPN.  Thanks

Post the log from both the server and client pls.

TOP

回覆 2# alanh999

This is the log


    Sun Jul 30 14:10:43 2017 WARNING: cannot stat file 'ta.key': The system cannot find the file specified.   (errno=2)
Options error: --tls-auth fails with 'ta.key': No such file or directory
Options error: Please correct these errors.
Use --help for more information.


Please help

TOP

回覆  alanh999

This is the log


    Sun Jul 30 14:10:43 2017 WARNING: cannot stat file 'ta.key':  ...
anthonywkho 發表於 30/7/2017 14:12



    Take reference from the "Copying the Server and Client Files to Their Appropriate Directories" section on the below webpage.
https://community.openvpn.net/openvpn/wiki/Easy_Windows_Guide

The error messages which you posted suggest that the ovpn client cannot find the key file in the default directory.

TOP

回覆 4# alanh999

Thanks but on the server side, that is a DD WRT router (flashed from Netgear) and I don't seem to find server.ovpn file.  I did copy server.crt  server.key and dh2048.pem files to the appropriate places in the router.  

So I don't know what is missing,  I also have ta.key file in the client config folder as well.

Thanks

TOP

TOP

以我既經驗,set OpenVPN係NAS/Router到要export個setting file, 再係個file內打入你屋企個IP地址及DNS地址後,再用email或cloud傳去client side (e.g. ios/Android/Windows/MAC), 係Windows/Mac/電話內安裝OpenVPN程式及import你個VPN setting, 之後輸入login ID及password就應該可成功!

P.S. 如用NAS內既VPN Server, 你要set好port forward就OK

TOP

回覆 7# antonyhk


    un Jul 30 20:03:14 2017 OpenVPN 2.4.3 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Jun 20 2017
Sun Jul 30 20:03:14 2017 Windows version 6.2 (Windows 8 or greater) 64bit
Sun Jul 30 20:03:14 2017 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.10
Sun Jul 30 20:03:14 2017 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25341
Sun Jul 30 20:03:14 2017 Need hold release from management interface, waiting...
Sun Jul 30 20:03:14 2017 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25341
Sun Jul 30 20:03:14 2017 MANAGEMENT: CMD 'state on'
Sun Jul 30 20:03:14 2017 MANAGEMENT: CMD 'log all on'
Sun Jul 30 20:03:14 2017 MANAGEMENT: CMD 'echo all on'
Sun Jul 30 20:03:14 2017 MANAGEMENT: CMD 'hold off'
Sun Jul 30 20:03:15 2017 MANAGEMENT: CMD 'hold release'
Sun Jul 30 20:03:15 2017 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Jul 30 20:03:15 2017 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Jul 30 20:03:15 2017 MANAGEMENT: >STATE:1501416195,RESOLVE,,,,,,
Sun Jul 30 20:03:15 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]xx.xx.xx.xx:1194
Sun Jul 30 20:03:15 2017 Socket Buffers: R=[65536->65536] S=[65536->65536]
Sun Jul 30 20:03:15 2017 UDP link local: (not bound)
Sun Jul 30 20:03:15 2017 UDP link remote: [AF_INETxx.xx.xx.xx:1194
Sun Jul 30 20:03:15 2017 MANAGEMENT: >STATE:1501416195,WAIT,,,,,,
Sun Jul 30 20:04:15 2017 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sun Jul 30 20:04:15 2017 TLS Error: TLS handshake failed
Sun Jul 30 20:04:15 2017 SIGUSR1[soft,tls-error] received, process restarting
Sun Jul 30 20:04:15 2017 MANAGEMENT: >STATE:1501416255,RECONNECTING,tls-error,,,,,
Sun Jul 30 20:04:15 2017 Restart pause, 5 second(s)


Another log error,  any help anyone can offer please?

TOP

回覆  antonyhk


    un Jul 30 20:03:14 2017 OpenVPN 2.4.3 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] ...
anthonywkho 發表於 30/7/2017 20:10


Consider the possibilities listed on the webpage below.

https://openvpn.net/index.php/op ... k-connectivity.html

TOP

Thanks but i know how to check some but not the others,   any other advice? thanks

TOP