OpenVPN Problème de connexion

Support
,
1

Bonjour,
Je teste Yunohost sur le cloud OVH,.

J’essaie la mise en place d’openVPN

Installation pas de problème ainsi que pour l’accès aux apps.

Après avoir téléchargé les certificats et placés dans le dossier config :
ca.crt
domaine.conf
domaine.ovpn

Je lance le programme en local, mais je n’arrive pas à me connecter avec le OpenVPN, détail du message qui tourne en boucle :

Mon Aug 03 17:05:15 2015 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mon Aug 03 17:05:15 2015 TLS Error: TLS handshake failed
Mon Aug 03 17:05:15 2015 SIGUSR1[soft,tls-error] received, process restarting
Mon Aug 03 17:05:15 2015 MANAGEMENT: >STATE:1438614315,RECONNECTING,tls-error,
Mon Aug 03 17:05:15 2015 Restart pause, 2 second(s)
Mon Aug 03 17:05:17 2015 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Mon Aug 03 17:05:17 2015 Socket Buffers: R=[8192->8192] S=[8192->8192]
Mon Aug 03 17:05:17 2015 MANAGEMENT: >STATE:1438614317,RESOLVE,
Mon Aug 03 17:05:17 2015 UDPv4 link local: [undef]
Mon Aug 03 17:05:17 2015 UDPv4 link remote: [AF_INET]149.202.168.155:1194
Mon Aug 03 17:05:17 2015 MANAGEMENT: >STATE:1438614317,WAIT,

2

I have similar problem.
Any solution ?

3

Bonjour/Hello,

Avez vous installé votre propre certificat suivant cette procédure: https://yunohost.org/#/certificate_fr?
Did you install your own certificat using this tutorial: https://yunohost.org/#/certificate_en?

J’ai un problème similaire à cause de mon porpre certificat, le package openOVN officiel ne fonction qu’avec les certificats autosignés générés à l’installation.
I had this kind of problem because of my own certificat, the official openVPN package work only with the autosigned certificats generated during the installation.

4

Non j’ai utilisé les certificats fournis par openvpn après l’installation
No. I used the certificates provided by openvpn after installation

However i don’t know if there is a link between openvpn certificate and the domain certificate

5

Hi @tuxmouraille and @remydev

I have used my own certificate. Is there any solution to use openVPN with own certificate ?

6

Hello all,
Did you backup the Yunohost self signed certificats?
The path: /etc/yunohost/certs//
this all files: ca.pem crt.pem dh.pem key.pem.

I did like this:
in /etc/yunohost/certs//yunohost_self_signed/
backed files: ca.pem crt.pem dh.pem key.pem openssl.cnf

Then I can modified the path in this file: /etc/openvpn/yunohost.conf
like this:
ca /etc/yunohost/certs//yunohost_self_signed/ca.pem
cert /etc/yunohost/certs//yunohost_self_signed/crt.pem
key /etc/yunohost/certs//yunohost_self_signed/key.pem
dh /etc/yunohost/certs//yunohost_self_signed/dh.pem

Now, I have no more time to learn how to use my own certifiicates.

7

I just tried again,
Ever same problem on a Debian

Aug 12 18:06:22 remy-samasung ovpn-test854587854.nohost.me[10393]: OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec 1 2014
Aug 12 18:06:28 remy-samasung ovpn-test854587854.nohost.me[10393]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Aug 12 18:06:28 remy-samasung ovpn-test854587854.nohost.me[10393]: failed to find GID for group openvpn
Aug 12 18:06:28 remy-samasung ovpn-test854587854.nohost.me[10393]: Exiting due to fatal error

The systeme ask me the username and the password, but I don’t have any error message in my terminal

I don’t use my own certificate, but I just put the 3 config file in /etc/openvpn
and then run sudo service openvpn restart

8

What’s your Debian version?
uname -a
cat /etc/os-release

Did you try to reinstall it? How did you install it?

Can you reinstall it from the command line and copy here the output?

9

I think this time a have a good installation

on a debian 8 and OVH cloud

sudo su root
'#desactivation des backport /etc/apt/source.liste
apt-get update
apt-get install git -y
git clone GitHub - YunoHost/install_script: YunoHost installation scripts /tmp/install_script
export SUDO_FORCE_REMOVE=yes
cd /tmp/install_script
./install_yunohostv2

But it’s faille with OpenVpn

root@yuno1:/tmp/install_script# uname -a
Linux yuno1 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt9-3~deb8u1 (2015-04-24) x86_64 GNU/Linux

root@yuno1:/tmp/install_script# cat /etc/os-release
PRETTY_NAME=“Debian GNU/Linux 8 (jessie)”
NAME=“Debian GNU/Linux”
VERSION_ID=“8”
VERSION=“8 (jessie)”
ID=debian
HOME_URL=“http://www.debian.org/
SUPPORT_URL=“Debian -- User Support
BUG_REPORT_URL=“https://bugs.debian.org/

All the output installation :

root@yuno1:/tmp/install_script# ./install_yunohostv2
======== Get path of current script =======
Running from /tmp/install_script
======== Check rights ========
======== YunoHost Installation ========
======== Check dependencies ========
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following extra packages will be installed:
python-dnspython
The following NEW packages will be installed:
python-dnspython python-xmpp
0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
Need to get 366 kB of archives.
After this operation, 5,105 kB of additional disk space will be used.
Get:1 Index of /debian/ jessie/main python-dnspython all 1.12.0-1 [101 kB]
Get:2 Index of /debian/ jessie/main python-xmpp all 0.4.1-cvs20080505.4 [265 kB]
Fetched 366 kB in 0s (2,827 kB/s)
Selecting previously unselected package python-dnspython.
(Reading database … 32540 files and directories currently installed.)
Preparing to unpack …/python-dnspython_1.12.0-1_all.deb …
Unpacking python-dnspython (1.12.0-1) …
Selecting previously unselected package python-xmpp.
Preparing to unpack …/python-xmpp_0.4.1-cvs20080505.4_all.deb …
Unpacking python-xmpp (0.4.1-cvs20080505.4) …
Setting up python-dnspython (1.12.0-1) …
Setting up python-xmpp (0.4.1-cvs20080505.4) …
======== Checking domain ========
======== Adding repositories ========
OK
======== Install ========