FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
1,490 views 2 comments
by anonymous
Hi guys. Im trying to configure openvpn. Here is my config #Client1

dev tun

remote x.x.x.x 1194

ca "C:\\Program Files\\OpenVPN\\easy-rsa\\pki\\ca.crt"

cert "C:\\Program Files\\OpenVPN\\easy-rsa\\pki\\issued\\Client1.crt"

key "C:\\Program Files\\OpenVPN\\easy-rsa\\pki\\private\\Client1.key"

keepalive 10 120

persist-key

persist-tun

cipher AES-256-GCM

comp-lzo

verb 7

Error says: 2023-04-11 09:00:51 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.

2023-04-11 09:00:51 NOTE: debug verbosity (--verb 7) is enabled but this build lacks debug support.

2023-04-11 09:00:51 us=906000 Note: '--allow-compression' is not set to 'no', disabling data channel offload.

Options error: On Windows, --ifconfig is required when --dev tun is used

Use --help for more information.

Do you know how to solve this?

2 Answers

0 votes
by anonymous
Now ive got this error 09:37:42 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#
0 votes
by anonymous

Hello,

Your posted config file is missing protocol option, either proto udp or proto tcp. The error you are referring to is actually just a warning and should not influence connection.

I had issues establishing the tunnel, when certificate files were given in the format you are using, pasting them in the file worked. Below is a working configuration file for windows client with certificates and server's IP removed and corresponding configuration from server side.

Windows client file:

client
dev tun
proto udp
remote x.x.x.x 1194
resolv-retry infinite
nobind
persist-key
persist-tun
comp-lzo
<ca>
-----BEGIN CERTIFICATE-----
<paste your CA here>
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
<paste your client's certificate here>
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
<paste your client's key here>
-----END PRIVATE KEY-----
</key>
cipher AES-256-GCM
verb 5

Router's configuration:

Best regards,

by anonymous
Now i can connect to m openvpn but it dont change my address
by anonymous

Could you elaborate on what do you mean by "it dont change my address"?

Also, could you provide a topology of your intended network, as server configuration options, such as Virtual network IP address, netmask and Push option are only for illustrative purposes and will probably differ in your case.

Best regards,