Posted: Mon Sep 21, 2009 18:05 Post subject: openvpn was working...
I've been running dd-wrt for years and I have had OpenVPN working for a long time using a static key.
This weekend I upgraded my firmware and decided it was time to also upgrade to a certificate-based OpenVPN solution. When I first tried to get it working, everything was fine until I got an error that said that my certificate was not yet valid. I searched these forums and saw that a lot of people had that issue because the certs were created in GMT and that if they set their timezone to UTC that it would work. So I did that, and I was able to successfully connect.
However, now (and nothing has changed) I am no longer able to connect to my openvpn system. I've tried the timezone in UTC and in the correct time (UTC -7) and neither works. I get the same error when I look at the logs (I replaced my remote IP with xxx.xxx.xxx.xxx):
I haven't seen any reference to tls-auth in any of the tutorials. What key do I reference with it?
Here is my server conf:
mode server
server-bridge 192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.199
proto udp
port 443
dev tap0
keepalive 15 120
daemon
verb 5
comp-lzo
client-to-client
duplicate-cn
tls-server
dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem
and this is my client conf:
client
dev tap
proto udp
remote xxx.xxx.xxx.xxx
port 443
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert kevin.crt
key kevin.key
ns-cert-type server
comp-lzo
keepalive 10 120
verb 3