Hi. I Can’t connect to openVPN.
Last connection made was in October 2017.
I’m on Tumbleweed and even if i import the openVPN configuration file i can’t establish connection. On Leap, however, it works like a charm!
is there any problem with recent version of networkmanager or openvpn?
On Wed, 18 Apr 2018 18:06:01 +0000, SpeccyMan wrote:
> Hi. I Can’t connect to openVPN.
> Last connection made was in October 2017.
> I’m on Tumbleweed and even if i import the openVPN configuration file i
> can’t establish connection. On Leap, however, it works like a charm!
>
> is there any problem with recent version of networkmanager or openvpn?
>
> Thanks
Hard to say without more information.
What error messages or log messages do you get when you try to connect?
What server are you trying to connect to - yours, or someone else’s? (If
it’s someone else’s, you might ask them if they’ve made changes you need
to be aware of).
No there were no changes made. I would be aware of them. It’s an internal VPN network.
On Leap it works just fine (no changes made). But on Tumbleweed it used to work ok as well. I’ve made no changes to the connection on Tumbleweed but it suddenly stopped working.
As soon as i press “connect” on networkmanager it disconnects immediately.
On Thu, 19 Apr 2018 17:16:01 +0000, SpeccyMan wrote:
> hendersj;2863017 Wrote:
>> On Wed, 18 Apr 2018 18:06:01 +0000, SpeccyMan wrote:
>>
>> > Hi. I Can’t connect to openVPN.
>> > Last connection made was in October 2017.
>> > I’m on Tumbleweed and even if i import the openVPN configuration file
>> i
>> > can’t establish connection. On Leap, however, it works like a charm!
>> >
>> > is there any problem with recent version of networkmanager or
>> > openvpn?
>> >
>> > Thanks
>>
>> Hard to say without more information.
>>
>> What error messages or log messages do you get when you try to connect?
>>
>> What server are you trying to connect to - yours, or someone else’s?
>> (If it’s someone else’s, you might ask them if they’ve made changes you
>> need to be aware of).
>>
>> Jim
>>
>> –
>> Jim Henderson openSUSE Forums Administrator Forum Use Terms &
>> Conditions at http://tinyurl.com/openSUSE-T-C
>
>
> Hi Jim. Thanks for your reply.
>
> No there were no changes made. I would be aware of them. It’s an
> internal VPN network.
> On Leap it works just fine (no changes made). But on Tumbleweed it used
> to work ok as well. I’ve made no changes to the connection on
> Tumbleweed but it suddenly stopped working.
>
> As soon as i press “connect” on networkmanager it disconnects
> immediately.
>
> Were can i find the log?
I’d probably start with dmesg - I don’t have the client installed on a
Linux box at the moment, but dmesg probably will include some output
related to it since NetworkManager is controlling the connection.
There was a thread in the factory mailing list about dropping vpnc in favor of openvpn. The archives are searchable, use something like ‘opensuse factory vpnc’.
On Thu, 19 Apr 2018 21:36:01 +0000, Knurpht wrote:
> There was a thread in the factory mailing list about dropping vpnc in
> favor of openvpn. The archives are searchable, use something like
> ‘opensuse factory vpnc’.
Hmm, I remember that, but that wouldn’t affect someone who’s already
using openVPN, would it?
On Fri, 04 May 2018 16:56:03 +0000, SpeccyMan wrote:
> Hi all, sorry for taking so long, but “real” life has been hitting me
> pretty hard lately
>
> I’ve been messing around with this everytime i can…
>
> I removed OpenVPN and reinstalled it again. It apparently solved -some-
> of the problems but using *journalctl -xe *i still get this errors:
>
>
> Code:
> --------------------
> Options error: In [CMD-LINE]:1: Error opening configuration file:
> server.conf
> --------------------
>
> and
>
> Code:
> --------------------
> Failed to start OpenVPN tunneling daemon instance using
> /etc/openvpn/server.conf
> --------------------
On Tue, 15 May 2018 12:26:02 +0000, SpeccyMan wrote:
> Upon more tests and research i’m getting this errors:
>
>
> Code:
> --------------------
> -*
> OpenSSL: error:140AB18E:SSL routines:SSL_CTX_use_certificate:ca md too
> weak*-
> -*Cannot load certificate file /home/office/openvpnclient/client.crt
> *-
> --------------------
>
>
> i also found this at the OpenVPN forum
> https://forums.openvpn.net/viewtopic.php?t=23979 Since it’s not a bug,
> does anyone have an idea on how to get around this?
You need to create a stronger certificate - in recent years, several
certificate types have been deprecated as they’ve been found to have
weaknesses.
There are suggestions in the linked thread as to how to make this change.
yes, i’ve tried to set tls-cipher “DEFAULT:@SECLEVEL=0” but so that it would accept older certificates, but i just can’t seem to figure where should i do this change…
On Tue, 15 May 2018 16:16:03 +0000, SpeccyMan wrote:
> yes, i’ve tried to set tls-cipher “DEFAULT:@SECLEVEL=0” but so that it
> would accept older certificates, but i just can’t seem to figure where
> should i do this change…
Have you tried using the suggested easy-rsa scripts to set up the
certificates?
No… I really have no idea how or where to do that.
I know there is supposed to also exist, somewhere, an option to “allow unsecure/old certificates”. This should solve the problem but i’ve searched nm5 from bottom to top and just can’t seem to find it.
I’ve also tried to manually add DEFAULT:@SECLEVEL=0 as suggested in the forum to the ovpn import config file with no luck either. I must be doing something wrong but i was not able to figure out what it is yet.
As i also have few free time, any help is very welcome