Tweet
I guess I'm the first one here? Just a coincidence.
I'm a noob, trying to use 2.6.9 client to connect to a Netgear Orbi. It being an old router the implementation of OpenVPN apparently isn't great, but I've gotten past several errors. I now get errors related to the client not being able to find the crt files.
Where are certificates supposed to be stored so the cient can find them? They were downloaded from the VPN page. All files were in the same folder when I imported the profile.
The compression and cipher settings referenced in the logs below are generated by the Orbi server. Do I need to take action? Are there improvements I can make to the client file that are compatible with the server configuration, over which I have no control except the tun/tap ports? I tried to use it with OpenVPN v3 but failed completely. By falling back to v2 I seem to have eliminated some issues, at least.
Thanks in advance for your patience and assistance.
Log:
client file:
I'm a noob, trying to use 2.6.9 client to connect to a Netgear Orbi. It being an old router the implementation of OpenVPN apparently isn't great, but I've gotten past several errors. I now get errors related to the client not being able to find the crt files.
Where are certificates supposed to be stored so the cient can find them? They were downloaded from the VPN page. All files were in the same folder when I imported the profile.
The compression and cipher settings referenced in the logs below are generated by the Orbi server. Do I need to take action? Are there improvements I can make to the client file that are compatible with the server configuration, over which I have no control except the tun/tap ports? I tried to use it with OpenVPN v3 but failed completely. By falling back to v2 I seem to have eliminated some issues, at least.
Thanks in advance for your patience and assistance.
Log:
2024-03-18 23:55:23 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2024-03-18 23:55:23 DEPRECATED OPTION: --cipher set to 'AES-128-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations.
2024-03-18 23:55:23 Note: '--allow-compression' is not set to 'no', disabling data channel offload.Options error: --ca fails with 'ca.crt': The system cannot find the file specified. (errno=2)
Options error: --cert fails with 'client.crt': The system cannot find the file specified. (errno=2)
2024-03-18 23:55:23 WARNING: cannot stat file 'client.key': The system cannot find the file specified. (errno=2)
Options error: --key fails with 'client.key': The system cannot find the file specified. (errno=2)
Options error: Please correct these errors.
2024-03-18 23:55:23 DEPRECATED OPTION: --cipher set to 'AES-128-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations.
2024-03-18 23:55:23 Note: '--allow-compression' is not set to 'no', disabling data channel offload.Options error: --ca fails with 'ca.crt': The system cannot find the file specified. (errno=2)
Options error: --cert fails with 'client.crt': The system cannot find the file specified. (errno=2)
2024-03-18 23:55:23 WARNING: cannot stat file 'client.key': The system cannot find the file specified. (errno=2)
Options error: --key fails with 'client.key': The system cannot find the file specified. (errno=2)
Options error: Please correct these errors.
Code:
client dev tap proto udp sndbuf 393216 rcvbuf 393216 push "sndbuf 393216" push "rcvbuf 393216" dev-node NETGEAR-VPN remote <redacted>.ddns.net 12974 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert client.crt key client.key cipher AES-128-CBC comp-lzo verb 0
Comment