Posted: Wed Nov 07, 2018 21:26 Post subject: OPEN VPN WITH IPVANISH VPN
Hello, Im trying to configure an open VPN with Ipvanish vpn, But I have an error message, I think this is happend because my local time, But Im not be able to change with ntp.
This is the error code I have,
Dec 31 19:00:15 Central daemon.warn openvpn[850]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Dec 31 19:00:15 Central daemon.err openvpn[850]: VERIFY ERROR: depth=1, error=certificate is not yet valid: C=US, ST=FL, L=Winter Park, O=IPVanish, OU=IPVanish VPN, CN=IPVanish CA, emailAddress=support@ipvanish.com
Dec 31 19:00:15 Central daemon.err openvpn[850]: OpenSSL: error:1416F086:lib(20):func(367):reason(134)
Dec 31 19:00:15 Central daemon.err openvpn[850]: TLS_ERROR: BIO read tls_read_plaintext error
Dec 31 19:00:15 Central daemon.notice openvpn[850]: NOTE: --mute triggered...
Dec 31 19:00:15 Central daemon.notice openvpn[850]: 2 variation(s) on previous 3 message(s) suppressed by --mute
Dec 31 19:00:15 Central daemon.err openvpn[850]: Fatal TLS error (check_tls_errors_co), restarting
Dec 31 19:00:15 Central daemon.notice openvpn[850]: SIGUSR1[soft,tls-error] received, process restarting
Dec 31 19:00:15 Central daemon.notice openvpn[850]: Restart pause, 5 second(s)
Dec 31 19:00:20 Central daemon.warn openvpn[850]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Can someone have experience configuring open vpn and can help me please,
Posted: Thu Nov 08, 2018 4:34 Post subject: Can not established openvpn
Hi, please if you can help me, I solve the ntp issue, but at the end, when I think it will work, I have this issue and the router drop all my network
Nov 7 23:11:24 Central daemon.notice openvpn[1028]: /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 172.21.26.1
Nov 7 23:11:24 Central daemon.notice openvpn[1028]: /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 172.21.26.1
Nov 7 23:11:24 Central daemon.warn openvpn[1028]: WARNING: Failed running command (--route-up): external program exited with error status: 2
Nov 7 23:11:24 Central daemon.notice openvpn[1028]: Initialization Sequence Completed
Nov 7 23:11:28 Central user.debug syslog: ttraff: data collection started
Thanks in advanced
[quote="jxm"]Look at the date and time on your log file entries... Dec 31, 19:00. That is 1st January UTC with a time zone offset of 5 hours..
OpenVPN uses certificates for security, and certificate verification fails if the system time is not reasonably accurate. The second line in the log file tells the story.... the ipvanish certificate is not yet valid.... because the certificate date is years into the future when compared to the date on your router. You will never get OpenVPN to work until you get the time right on the router.
Log on to your router GUI and check the date and time in the right top corner of the window. If it is not correct, go to the Setup tab and delete everything from the the Server/IP Name field in the Time Settings. Save and Apply the settings and reboot your router. It should synchronize its time from the default NTP pool configured in the router defaults, and your VPN client should then work.