Re: [m0n0wall] 1.2b2 - OpenVPN Certificates and Keys. How?

From:	Andrew Thrift <andrewt at thrift dot kicks dash ass dot net>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] 1.2b2 - OpenVPN Certificates and Keys. How?
Date:	Mon, 25 Oct 2004 17:34:53 +1300
I used these certificates but still get:

Jan 24 18:45:33 	openvpn[79]: 10.0.50.56:6025 TLS Error: TLS key negotiation 
failed to occur within 60 seconds (check your network connectivity)
Jan 24 18:45:33 	openvpn[79]: 10.0.50.56:6025 TLS Error: TLS handshake failed
Jan 24 18:45:33 	openvpn[79]: 10.0.50.56:6025 TLS Error: TLS handshake failed

in the logs on the server m0n0wall.

and yes I have opened 5000 UDP


Any ideas?





On Mon, 25 Oct 2004 08:21, Andre Maoro wrote:
> Thanks a lot.
> Should open my eyes when looking for answers :)
>
> Andreas Busch schrieb:
> > you can find test certificates in the linux  Source Tarball on
> > http://openvpn.sf.net
> > an howto to generate  own  certificates  is allso published on
> > http://openvpn.sf.net
> >
> > please be carefull with the test certificates the are public and very
> > dangerous for an produktiv employment
> >
> > Andre Maoro schrieb:
> >> Hi!
> >> First of all, great job Manuel! I love m0n0 and the new features in
> >> 1.2b2 are great!
> >> Thank you!
> >>
> >> Now to my question:
> >>
> >> I'm using OpenVPN a whole time now, but now monowall supports it itself,
> >> which is in fact really cool, but I can't get it to run with this SSL
> >> stuff.
> >> I always used the static key method to authenticate my clients, but mono
> >> wants that I use the safe way, but I'm really not familiar with SSL.
> >> I spend this afternoon with reading the readme files an trying around,
> >> but I didn't get it to run.
> >>
> >> Is there anyone who could tell me, what exactly I have to do?
> >> I need to know, which certificates and keys I need either for the
> >> server (mono)
> >> and also for my clients. Some are windows boxes, some of them are
> >> running linux.
> >> I also have a linux box, which is my current OpenVPN server, so I
> >> have all the
> >> tools I need to generate those certificates etc.
> >>
> >> It would be great, if anyone would tell me step-by-step what I have
> >> to do, to generate
> >> the certificates and keys and which of them I have to give to my
> >> clients and where
> >> they have to put them.
> >>
> >> Or is there a way to use the easier method with the static keys? I
> >> know that this
> >> isn't really safe, but it's safe enough for my purpose...
> >>
> >> Thanks in advance and please excuse my english ;)
> >>
> >> Greets,
> >> Andre
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> >> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch