Impossible to make openVPN workedWindows 7 client fails to connect to Debian OpenVPN serverRoute internet...

How can the DM most effectively choose 1 out of an odd number of players to be targeted by an attack or effect?

What are these boxed doors outside store fronts in New York?

What is GPS' 19 year rollover and does it present a cybersecurity issue?

How do we improve the relationship with a client software team that performs poorly and is becoming less collaborative?

How to use Pandas to get the count of every combination inclusive

How can bays and straits be determined in a procedurally generated map?

How is the relation "the smallest element is the same" reflexive?

Why did the Germans forbid the possession of pet pigeons in Rostov-on-Don in 1941?

What Brexit solution does the DUP want?

Extreme, but not acceptable situation and I can't start the work tomorrow morning

"which" command doesn't work / path of Safari?

Is there a familial term for apples and pears?

Is Social Media Science Fiction?

Should I join an office cleaning event for free?

How does one intimidate enemies without having the capacity for violence?

Is there really no realistic way for a skeleton monster to move around without magic?

Prevent a directory in /tmp from being deleted

Why is this code 6.5x slower with optimizations enabled?

Can a German sentence have two subjects?

Why CLRS example on residual networks does not follows its formula?

Download, install and reboot computer at night if needed

Why Is Death Allowed In the Matrix?

How is it possible for user's password to be changed after storage was encrypted? (on OS X, Android)

Draw simple lines in Inkscape



Impossible to make openVPN worked


Windows 7 client fails to connect to Debian OpenVPN serverRoute internet traffic from openvpn tun0 to eth0openvpn tls 1.2Openvpn TLS 1.2 cipher suitesCA certificate expired on openvpnOpenVpn not working with Asus DSL-AC68UCan't ping specific IP via OpenVPNOpenVPN on CentOS failing TLS handshakeHow to auto renew OpenVPN client certificates using easyRSAOpenVPN - Performance issues - Different bandwith on different client systems but same server - Windows & Linux






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}







0















Good morning,



I am trying to configure the minimal requirement for a VPN.
The server is a clean installation of centos 7 (I can try with others if it is simpler)
I have followed the instruction of this site https://www.cyberciti.biz/faq/centos-7-0-set-up-openvpn-server-in-5-minutes/
I also tried the manual way https://www.digitalocean.com/community/tutorials/how-to-set-up-and-configure-an-openvpn-server-on-centos-7



But when I try the connection with tunnelblick on mac I can only access site by their IP (so DNS problem), I added a PHP script on my server to have my public IP but it is still my old public IP that is used and not the new one.
It seems the VPN is not used at all



Also after a certain time tunnelblick show in console "



2019-04-05 19:14:50 Tunnelblick[59941] currentIPInfo(Name): IP address info could not be fetched within 34.3 seconds; the error was 'Error Domain=NSURLErrorDomain Code=-1001 "The request timed out." UserInfo={NSUnderlyingError=0x600001f05530 {Error Domain=kCFErrorDomainCFNetwork Code=-1001 "The request timed out." UserInfo={NSErrorFailingURLStringKey=https://tunnelblick.net/ipinfo, NSErrorFailingURLKey=https://tunnelblick.net/ipinfo, _kCFStreamErrorCodeKey=-2102, _kCFStreamErrorDomainKey=4, NSLocalizedDescription=The request timed out.}}, NSErrorFailingURLStringKey=https://tunnelblick.net/ipinfo, NSErrorFailingURLKey=https://tunnelblick.net/ipinfo, _kCFStreamErrorDomainKey=4, _kCFStreamErrorCodeKey=-2102, NSLocalizedDescription=The request timed out.}'; the response was '(null)'
2019-04-05 19:15:25 Tunnelblick[59941] currentIPInfo(Address): IP address info could not be fetched within 35.0 seconds; the error was 'Error Domain=NSURLErrorDomain Code=-1001 "The request timed out." UserInfo={NSUnderlyingError=0x600001fc76f0 {Error Domain=kCFErrorDomainCFNetwork Code=-1001 "The request timed out." UserInfo={NSErrorFailingURLStringKey=https://205.233.73.116/ipinfo, NSErrorFailingURLKey=https://205.233.73.116/ipinfo, _kCFStreamErrorCodeKey=-2102, _kCFStreamErrorDomainKey=4, NSLocalizedDescription=The request timed out.}}, NSErrorFailingURLStringKey=https://205.233.73.116/ipinfo, NSErrorFailingURLKey=https://205.233.73.116/ipinfo, _kCFStreamErrorDomainKey=4, _kCFStreamErrorCodeKey=-2102, NSLocalizedDescription=The request timed out.}'; the response was '(null)'
2019-04-05 19:15:25 Tunnelblick[59941] An error occured fetching IP address information after connecting


I also tried with my android and with linux mint inside virtualbox with



openvpn --config cclient.ovpn 
Options error: Unrecognized option or missing parameter(s) in cclient.ovpn:21: tls-crypt (2.3.10)
Use --help for more information.


but line 21 is in middle of the encrypt key



and tls-crypt tag is present but after.



<tls-crypt>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
f3856bf6762970d83c25eccd966400dc
d6ec43b27660930701d6ebd6efbaa3da
...


this is the totality of the ovpn (don't care about security for the moment)



client
proto udp
remote 193.148.68.62 1194
dev tun
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
verify-x509-name server_BJMqmYrUxDaMZl3k name
auth SHA256
auth-nocache
cipher AES-128-GCM
tls-client
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
verb 3
<ca>
-----BEGIN CERTIFICATE-----
MIIBwjCCAWegAwIBAgIJAKCDTh1DURAlMAoGCCqGSM49BAMCMB4xHDAaBgNVBAMM
E2NuXzJaUDlSVFphUGh4NWliNlQwHhcNMTkwNDA1MTU1MjM0WhcNMjkwNDAyMTU1
MjM0WjAeMRwwGgYDVQQDDBNjbl8yWlA5UlRaYVBoeDVpYjZUMFkwEwYHKoZIzj0C
AQYIKoZIzj0DAQcDQgAEynRBDBwK1u00mhLN2jUTGVSHGwVfDaXCbIL/XZBazfvf
79LUoTwGYUKp4ka/Jx/BDF7EKNteWPLziPoBZ/vV06OBjTCBijAdBgNVHQ4EFgQU
4ivwFfTgbZnpzRKkHmGa3VRy+NwwTgYDVR0jBEcwRYAU4ivwFfTgbZnpzRKkHmGa
3VRy+NyhIqQgMB4xHDAaBgNVBAMME2NuXzJaUDlSVFphUGh4NWliNlSCCQCgg04d
Q1EQJTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNJADBG
AiEAtM0HNJRX3xvofmlPwD7rntRj2obwLoY+8td02rDCAbwCIQCxuO1vNOQOrSyy
LshRURfmIyWfsDqamYfn3APUUAvttQ==
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
MIIBzTCCAXOgAwIBAgIQDcXZ3dwQ3NvBLD/hEJAjlDAKBggqhkjOPQQDAjAeMRww
GgYDVQQDDBNjbl8yWlA5UlRaYVBoeDVpYjZUMB4XDTE5MDQwNTE1NTQwMloXDTIy
MDMyMDE1NTQwMlowETEPMA0GA1UEAwwGY2xpZW50MFkwEwYHKoZIzj0CAQYIKoZI
zj0DAQcDQgAEGbEMBPaSe/l0e7+UzQDW0PIUNTUu5bZqo9pIG/26/Xa38o2Ck+wk
UdcOj8Z9ggbPwHu+x8s1ppTTyxn+ZsNw1aOBnzCBnDAJBgNVHRMEAjAAMB0GA1Ud
DgQWBBSEY73UYBhDTZ54fwnMIFDwAJJWSjBOBgNVHSMERzBFgBTiK/AV9OBtmenN
EqQeYZrdVHL43KEipCAwHjEcMBoGA1UEAwwTY25fMlpQOVJUWmFQaHg1aWI2VIIJ
AKCDTh1DURAlMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggq
hkjOPQQDAgNIADBFAiEA2F1KHsgrhu2foCz7D476A7NEAJ94KAAZ3E+do6hgHysC
IAZBnrKqN+9C60CoJyYA/JCmms/Ed8Q9Fipj4wrvQHLQ
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgys2e5X2A2rx7O4Tp
1vIw+CG37h/e3iclvKn7ggtea2GhRANCAAQZsQwE9pJ7+XR7v5TNANbQ8hQ1NS7l
tmqj2kgb/br9drfyjYKT7CRR1w6Pxn2CBs/Ae77HyzWmlNPLGf5mw3DV
-----END PRIVATE KEY-----
</key>
<tls-crypt>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
f3856bf6762970d83c25eccd966400dc
d6ec43b27660930701d6ebd6efbaa3da
dee8e380cf94855e0f2ce1e9f832c4f6
613c6c51e97904b1e93182b2753bdcb8
c7f6573e74e8ce5640c329438b73241b
494a3935443f03717fd68dfe9c0d2bb5
755e9309b5e12a62452599bfaaef60ef
50f91463958edd07e4014c8503c8ed8f
da1ad0b1d42cdc169c3fbc1703b1662c
9ac3d32aa36254e73659d2f73ff44400
8e0a1692d808f7607111bf5becf32a91
5f2b44906b24a55939de881cb2406c25
80714f5aed426e1790950079f466afa2
7e61c35d2f6939479fab9e714813bb4c
00a71ce2954ff7bf8a0194622d0f21c6
4a00adf365708a59683468060ff23056
-----END OpenVPN Static key V1-----
</tls-crypt>


so I don't really understand why it doesn't work. I have not installed firewall (firewalld is not installed) on my server an tun is activated.



if you have an idea to unblock the connection on linux mint or osx it will be helpfull.
thank you










share|improve this question





























    0















    Good morning,



    I am trying to configure the minimal requirement for a VPN.
    The server is a clean installation of centos 7 (I can try with others if it is simpler)
    I have followed the instruction of this site https://www.cyberciti.biz/faq/centos-7-0-set-up-openvpn-server-in-5-minutes/
    I also tried the manual way https://www.digitalocean.com/community/tutorials/how-to-set-up-and-configure-an-openvpn-server-on-centos-7



    But when I try the connection with tunnelblick on mac I can only access site by their IP (so DNS problem), I added a PHP script on my server to have my public IP but it is still my old public IP that is used and not the new one.
    It seems the VPN is not used at all



    Also after a certain time tunnelblick show in console "



    2019-04-05 19:14:50 Tunnelblick[59941] currentIPInfo(Name): IP address info could not be fetched within 34.3 seconds; the error was 'Error Domain=NSURLErrorDomain Code=-1001 "The request timed out." UserInfo={NSUnderlyingError=0x600001f05530 {Error Domain=kCFErrorDomainCFNetwork Code=-1001 "The request timed out." UserInfo={NSErrorFailingURLStringKey=https://tunnelblick.net/ipinfo, NSErrorFailingURLKey=https://tunnelblick.net/ipinfo, _kCFStreamErrorCodeKey=-2102, _kCFStreamErrorDomainKey=4, NSLocalizedDescription=The request timed out.}}, NSErrorFailingURLStringKey=https://tunnelblick.net/ipinfo, NSErrorFailingURLKey=https://tunnelblick.net/ipinfo, _kCFStreamErrorDomainKey=4, _kCFStreamErrorCodeKey=-2102, NSLocalizedDescription=The request timed out.}'; the response was '(null)'
    2019-04-05 19:15:25 Tunnelblick[59941] currentIPInfo(Address): IP address info could not be fetched within 35.0 seconds; the error was 'Error Domain=NSURLErrorDomain Code=-1001 "The request timed out." UserInfo={NSUnderlyingError=0x600001fc76f0 {Error Domain=kCFErrorDomainCFNetwork Code=-1001 "The request timed out." UserInfo={NSErrorFailingURLStringKey=https://205.233.73.116/ipinfo, NSErrorFailingURLKey=https://205.233.73.116/ipinfo, _kCFStreamErrorCodeKey=-2102, _kCFStreamErrorDomainKey=4, NSLocalizedDescription=The request timed out.}}, NSErrorFailingURLStringKey=https://205.233.73.116/ipinfo, NSErrorFailingURLKey=https://205.233.73.116/ipinfo, _kCFStreamErrorDomainKey=4, _kCFStreamErrorCodeKey=-2102, NSLocalizedDescription=The request timed out.}'; the response was '(null)'
    2019-04-05 19:15:25 Tunnelblick[59941] An error occured fetching IP address information after connecting


    I also tried with my android and with linux mint inside virtualbox with



    openvpn --config cclient.ovpn 
    Options error: Unrecognized option or missing parameter(s) in cclient.ovpn:21: tls-crypt (2.3.10)
    Use --help for more information.


    but line 21 is in middle of the encrypt key



    and tls-crypt tag is present but after.



    <tls-crypt>
    #
    # 2048 bit OpenVPN static key
    #
    -----BEGIN OpenVPN Static key V1-----
    f3856bf6762970d83c25eccd966400dc
    d6ec43b27660930701d6ebd6efbaa3da
    ...


    this is the totality of the ovpn (don't care about security for the moment)



    client
    proto udp
    remote 193.148.68.62 1194
    dev tun
    resolv-retry infinite
    nobind
    persist-key
    persist-tun
    remote-cert-tls server
    verify-x509-name server_BJMqmYrUxDaMZl3k name
    auth SHA256
    auth-nocache
    cipher AES-128-GCM
    tls-client
    tls-version-min 1.2
    tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
    verb 3
    <ca>
    -----BEGIN CERTIFICATE-----
    MIIBwjCCAWegAwIBAgIJAKCDTh1DURAlMAoGCCqGSM49BAMCMB4xHDAaBgNVBAMM
    E2NuXzJaUDlSVFphUGh4NWliNlQwHhcNMTkwNDA1MTU1MjM0WhcNMjkwNDAyMTU1
    MjM0WjAeMRwwGgYDVQQDDBNjbl8yWlA5UlRaYVBoeDVpYjZUMFkwEwYHKoZIzj0C
    AQYIKoZIzj0DAQcDQgAEynRBDBwK1u00mhLN2jUTGVSHGwVfDaXCbIL/XZBazfvf
    79LUoTwGYUKp4ka/Jx/BDF7EKNteWPLziPoBZ/vV06OBjTCBijAdBgNVHQ4EFgQU
    4ivwFfTgbZnpzRKkHmGa3VRy+NwwTgYDVR0jBEcwRYAU4ivwFfTgbZnpzRKkHmGa
    3VRy+NyhIqQgMB4xHDAaBgNVBAMME2NuXzJaUDlSVFphUGh4NWliNlSCCQCgg04d
    Q1EQJTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNJADBG
    AiEAtM0HNJRX3xvofmlPwD7rntRj2obwLoY+8td02rDCAbwCIQCxuO1vNOQOrSyy
    LshRURfmIyWfsDqamYfn3APUUAvttQ==
    -----END CERTIFICATE-----
    </ca>
    <cert>
    -----BEGIN CERTIFICATE-----
    MIIBzTCCAXOgAwIBAgIQDcXZ3dwQ3NvBLD/hEJAjlDAKBggqhkjOPQQDAjAeMRww
    GgYDVQQDDBNjbl8yWlA5UlRaYVBoeDVpYjZUMB4XDTE5MDQwNTE1NTQwMloXDTIy
    MDMyMDE1NTQwMlowETEPMA0GA1UEAwwGY2xpZW50MFkwEwYHKoZIzj0CAQYIKoZI
    zj0DAQcDQgAEGbEMBPaSe/l0e7+UzQDW0PIUNTUu5bZqo9pIG/26/Xa38o2Ck+wk
    UdcOj8Z9ggbPwHu+x8s1ppTTyxn+ZsNw1aOBnzCBnDAJBgNVHRMEAjAAMB0GA1Ud
    DgQWBBSEY73UYBhDTZ54fwnMIFDwAJJWSjBOBgNVHSMERzBFgBTiK/AV9OBtmenN
    EqQeYZrdVHL43KEipCAwHjEcMBoGA1UEAwwTY25fMlpQOVJUWmFQaHg1aWI2VIIJ
    AKCDTh1DURAlMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggq
    hkjOPQQDAgNIADBFAiEA2F1KHsgrhu2foCz7D476A7NEAJ94KAAZ3E+do6hgHysC
    IAZBnrKqN+9C60CoJyYA/JCmms/Ed8Q9Fipj4wrvQHLQ
    -----END CERTIFICATE-----
    </cert>
    <key>
    -----BEGIN PRIVATE KEY-----
    MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgys2e5X2A2rx7O4Tp
    1vIw+CG37h/e3iclvKn7ggtea2GhRANCAAQZsQwE9pJ7+XR7v5TNANbQ8hQ1NS7l
    tmqj2kgb/br9drfyjYKT7CRR1w6Pxn2CBs/Ae77HyzWmlNPLGf5mw3DV
    -----END PRIVATE KEY-----
    </key>
    <tls-crypt>
    #
    # 2048 bit OpenVPN static key
    #
    -----BEGIN OpenVPN Static key V1-----
    f3856bf6762970d83c25eccd966400dc
    d6ec43b27660930701d6ebd6efbaa3da
    dee8e380cf94855e0f2ce1e9f832c4f6
    613c6c51e97904b1e93182b2753bdcb8
    c7f6573e74e8ce5640c329438b73241b
    494a3935443f03717fd68dfe9c0d2bb5
    755e9309b5e12a62452599bfaaef60ef
    50f91463958edd07e4014c8503c8ed8f
    da1ad0b1d42cdc169c3fbc1703b1662c
    9ac3d32aa36254e73659d2f73ff44400
    8e0a1692d808f7607111bf5becf32a91
    5f2b44906b24a55939de881cb2406c25
    80714f5aed426e1790950079f466afa2
    7e61c35d2f6939479fab9e714813bb4c
    00a71ce2954ff7bf8a0194622d0f21c6
    4a00adf365708a59683468060ff23056
    -----END OpenVPN Static key V1-----
    </tls-crypt>


    so I don't really understand why it doesn't work. I have not installed firewall (firewalld is not installed) on my server an tun is activated.



    if you have an idea to unblock the connection on linux mint or osx it will be helpfull.
    thank you










    share|improve this question

























      0












      0








      0








      Good morning,



      I am trying to configure the minimal requirement for a VPN.
      The server is a clean installation of centos 7 (I can try with others if it is simpler)
      I have followed the instruction of this site https://www.cyberciti.biz/faq/centos-7-0-set-up-openvpn-server-in-5-minutes/
      I also tried the manual way https://www.digitalocean.com/community/tutorials/how-to-set-up-and-configure-an-openvpn-server-on-centos-7



      But when I try the connection with tunnelblick on mac I can only access site by their IP (so DNS problem), I added a PHP script on my server to have my public IP but it is still my old public IP that is used and not the new one.
      It seems the VPN is not used at all



      Also after a certain time tunnelblick show in console "



      2019-04-05 19:14:50 Tunnelblick[59941] currentIPInfo(Name): IP address info could not be fetched within 34.3 seconds; the error was 'Error Domain=NSURLErrorDomain Code=-1001 "The request timed out." UserInfo={NSUnderlyingError=0x600001f05530 {Error Domain=kCFErrorDomainCFNetwork Code=-1001 "The request timed out." UserInfo={NSErrorFailingURLStringKey=https://tunnelblick.net/ipinfo, NSErrorFailingURLKey=https://tunnelblick.net/ipinfo, _kCFStreamErrorCodeKey=-2102, _kCFStreamErrorDomainKey=4, NSLocalizedDescription=The request timed out.}}, NSErrorFailingURLStringKey=https://tunnelblick.net/ipinfo, NSErrorFailingURLKey=https://tunnelblick.net/ipinfo, _kCFStreamErrorDomainKey=4, _kCFStreamErrorCodeKey=-2102, NSLocalizedDescription=The request timed out.}'; the response was '(null)'
      2019-04-05 19:15:25 Tunnelblick[59941] currentIPInfo(Address): IP address info could not be fetched within 35.0 seconds; the error was 'Error Domain=NSURLErrorDomain Code=-1001 "The request timed out." UserInfo={NSUnderlyingError=0x600001fc76f0 {Error Domain=kCFErrorDomainCFNetwork Code=-1001 "The request timed out." UserInfo={NSErrorFailingURLStringKey=https://205.233.73.116/ipinfo, NSErrorFailingURLKey=https://205.233.73.116/ipinfo, _kCFStreamErrorCodeKey=-2102, _kCFStreamErrorDomainKey=4, NSLocalizedDescription=The request timed out.}}, NSErrorFailingURLStringKey=https://205.233.73.116/ipinfo, NSErrorFailingURLKey=https://205.233.73.116/ipinfo, _kCFStreamErrorDomainKey=4, _kCFStreamErrorCodeKey=-2102, NSLocalizedDescription=The request timed out.}'; the response was '(null)'
      2019-04-05 19:15:25 Tunnelblick[59941] An error occured fetching IP address information after connecting


      I also tried with my android and with linux mint inside virtualbox with



      openvpn --config cclient.ovpn 
      Options error: Unrecognized option or missing parameter(s) in cclient.ovpn:21: tls-crypt (2.3.10)
      Use --help for more information.


      but line 21 is in middle of the encrypt key



      and tls-crypt tag is present but after.



      <tls-crypt>
      #
      # 2048 bit OpenVPN static key
      #
      -----BEGIN OpenVPN Static key V1-----
      f3856bf6762970d83c25eccd966400dc
      d6ec43b27660930701d6ebd6efbaa3da
      ...


      this is the totality of the ovpn (don't care about security for the moment)



      client
      proto udp
      remote 193.148.68.62 1194
      dev tun
      resolv-retry infinite
      nobind
      persist-key
      persist-tun
      remote-cert-tls server
      verify-x509-name server_BJMqmYrUxDaMZl3k name
      auth SHA256
      auth-nocache
      cipher AES-128-GCM
      tls-client
      tls-version-min 1.2
      tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
      verb 3
      <ca>
      -----BEGIN CERTIFICATE-----
      MIIBwjCCAWegAwIBAgIJAKCDTh1DURAlMAoGCCqGSM49BAMCMB4xHDAaBgNVBAMM
      E2NuXzJaUDlSVFphUGh4NWliNlQwHhcNMTkwNDA1MTU1MjM0WhcNMjkwNDAyMTU1
      MjM0WjAeMRwwGgYDVQQDDBNjbl8yWlA5UlRaYVBoeDVpYjZUMFkwEwYHKoZIzj0C
      AQYIKoZIzj0DAQcDQgAEynRBDBwK1u00mhLN2jUTGVSHGwVfDaXCbIL/XZBazfvf
      79LUoTwGYUKp4ka/Jx/BDF7EKNteWPLziPoBZ/vV06OBjTCBijAdBgNVHQ4EFgQU
      4ivwFfTgbZnpzRKkHmGa3VRy+NwwTgYDVR0jBEcwRYAU4ivwFfTgbZnpzRKkHmGa
      3VRy+NyhIqQgMB4xHDAaBgNVBAMME2NuXzJaUDlSVFphUGh4NWliNlSCCQCgg04d
      Q1EQJTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNJADBG
      AiEAtM0HNJRX3xvofmlPwD7rntRj2obwLoY+8td02rDCAbwCIQCxuO1vNOQOrSyy
      LshRURfmIyWfsDqamYfn3APUUAvttQ==
      -----END CERTIFICATE-----
      </ca>
      <cert>
      -----BEGIN CERTIFICATE-----
      MIIBzTCCAXOgAwIBAgIQDcXZ3dwQ3NvBLD/hEJAjlDAKBggqhkjOPQQDAjAeMRww
      GgYDVQQDDBNjbl8yWlA5UlRaYVBoeDVpYjZUMB4XDTE5MDQwNTE1NTQwMloXDTIy
      MDMyMDE1NTQwMlowETEPMA0GA1UEAwwGY2xpZW50MFkwEwYHKoZIzj0CAQYIKoZI
      zj0DAQcDQgAEGbEMBPaSe/l0e7+UzQDW0PIUNTUu5bZqo9pIG/26/Xa38o2Ck+wk
      UdcOj8Z9ggbPwHu+x8s1ppTTyxn+ZsNw1aOBnzCBnDAJBgNVHRMEAjAAMB0GA1Ud
      DgQWBBSEY73UYBhDTZ54fwnMIFDwAJJWSjBOBgNVHSMERzBFgBTiK/AV9OBtmenN
      EqQeYZrdVHL43KEipCAwHjEcMBoGA1UEAwwTY25fMlpQOVJUWmFQaHg1aWI2VIIJ
      AKCDTh1DURAlMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggq
      hkjOPQQDAgNIADBFAiEA2F1KHsgrhu2foCz7D476A7NEAJ94KAAZ3E+do6hgHysC
      IAZBnrKqN+9C60CoJyYA/JCmms/Ed8Q9Fipj4wrvQHLQ
      -----END CERTIFICATE-----
      </cert>
      <key>
      -----BEGIN PRIVATE KEY-----
      MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgys2e5X2A2rx7O4Tp
      1vIw+CG37h/e3iclvKn7ggtea2GhRANCAAQZsQwE9pJ7+XR7v5TNANbQ8hQ1NS7l
      tmqj2kgb/br9drfyjYKT7CRR1w6Pxn2CBs/Ae77HyzWmlNPLGf5mw3DV
      -----END PRIVATE KEY-----
      </key>
      <tls-crypt>
      #
      # 2048 bit OpenVPN static key
      #
      -----BEGIN OpenVPN Static key V1-----
      f3856bf6762970d83c25eccd966400dc
      d6ec43b27660930701d6ebd6efbaa3da
      dee8e380cf94855e0f2ce1e9f832c4f6
      613c6c51e97904b1e93182b2753bdcb8
      c7f6573e74e8ce5640c329438b73241b
      494a3935443f03717fd68dfe9c0d2bb5
      755e9309b5e12a62452599bfaaef60ef
      50f91463958edd07e4014c8503c8ed8f
      da1ad0b1d42cdc169c3fbc1703b1662c
      9ac3d32aa36254e73659d2f73ff44400
      8e0a1692d808f7607111bf5becf32a91
      5f2b44906b24a55939de881cb2406c25
      80714f5aed426e1790950079f466afa2
      7e61c35d2f6939479fab9e714813bb4c
      00a71ce2954ff7bf8a0194622d0f21c6
      4a00adf365708a59683468060ff23056
      -----END OpenVPN Static key V1-----
      </tls-crypt>


      so I don't really understand why it doesn't work. I have not installed firewall (firewalld is not installed) on my server an tun is activated.



      if you have an idea to unblock the connection on linux mint or osx it will be helpfull.
      thank you










      share|improve this question














      Good morning,



      I am trying to configure the minimal requirement for a VPN.
      The server is a clean installation of centos 7 (I can try with others if it is simpler)
      I have followed the instruction of this site https://www.cyberciti.biz/faq/centos-7-0-set-up-openvpn-server-in-5-minutes/
      I also tried the manual way https://www.digitalocean.com/community/tutorials/how-to-set-up-and-configure-an-openvpn-server-on-centos-7



      But when I try the connection with tunnelblick on mac I can only access site by their IP (so DNS problem), I added a PHP script on my server to have my public IP but it is still my old public IP that is used and not the new one.
      It seems the VPN is not used at all



      Also after a certain time tunnelblick show in console "



      2019-04-05 19:14:50 Tunnelblick[59941] currentIPInfo(Name): IP address info could not be fetched within 34.3 seconds; the error was 'Error Domain=NSURLErrorDomain Code=-1001 "The request timed out." UserInfo={NSUnderlyingError=0x600001f05530 {Error Domain=kCFErrorDomainCFNetwork Code=-1001 "The request timed out." UserInfo={NSErrorFailingURLStringKey=https://tunnelblick.net/ipinfo, NSErrorFailingURLKey=https://tunnelblick.net/ipinfo, _kCFStreamErrorCodeKey=-2102, _kCFStreamErrorDomainKey=4, NSLocalizedDescription=The request timed out.}}, NSErrorFailingURLStringKey=https://tunnelblick.net/ipinfo, NSErrorFailingURLKey=https://tunnelblick.net/ipinfo, _kCFStreamErrorDomainKey=4, _kCFStreamErrorCodeKey=-2102, NSLocalizedDescription=The request timed out.}'; the response was '(null)'
      2019-04-05 19:15:25 Tunnelblick[59941] currentIPInfo(Address): IP address info could not be fetched within 35.0 seconds; the error was 'Error Domain=NSURLErrorDomain Code=-1001 "The request timed out." UserInfo={NSUnderlyingError=0x600001fc76f0 {Error Domain=kCFErrorDomainCFNetwork Code=-1001 "The request timed out." UserInfo={NSErrorFailingURLStringKey=https://205.233.73.116/ipinfo, NSErrorFailingURLKey=https://205.233.73.116/ipinfo, _kCFStreamErrorCodeKey=-2102, _kCFStreamErrorDomainKey=4, NSLocalizedDescription=The request timed out.}}, NSErrorFailingURLStringKey=https://205.233.73.116/ipinfo, NSErrorFailingURLKey=https://205.233.73.116/ipinfo, _kCFStreamErrorDomainKey=4, _kCFStreamErrorCodeKey=-2102, NSLocalizedDescription=The request timed out.}'; the response was '(null)'
      2019-04-05 19:15:25 Tunnelblick[59941] An error occured fetching IP address information after connecting


      I also tried with my android and with linux mint inside virtualbox with



      openvpn --config cclient.ovpn 
      Options error: Unrecognized option or missing parameter(s) in cclient.ovpn:21: tls-crypt (2.3.10)
      Use --help for more information.


      but line 21 is in middle of the encrypt key



      and tls-crypt tag is present but after.



      <tls-crypt>
      #
      # 2048 bit OpenVPN static key
      #
      -----BEGIN OpenVPN Static key V1-----
      f3856bf6762970d83c25eccd966400dc
      d6ec43b27660930701d6ebd6efbaa3da
      ...


      this is the totality of the ovpn (don't care about security for the moment)



      client
      proto udp
      remote 193.148.68.62 1194
      dev tun
      resolv-retry infinite
      nobind
      persist-key
      persist-tun
      remote-cert-tls server
      verify-x509-name server_BJMqmYrUxDaMZl3k name
      auth SHA256
      auth-nocache
      cipher AES-128-GCM
      tls-client
      tls-version-min 1.2
      tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
      verb 3
      <ca>
      -----BEGIN CERTIFICATE-----
      MIIBwjCCAWegAwIBAgIJAKCDTh1DURAlMAoGCCqGSM49BAMCMB4xHDAaBgNVBAMM
      E2NuXzJaUDlSVFphUGh4NWliNlQwHhcNMTkwNDA1MTU1MjM0WhcNMjkwNDAyMTU1
      MjM0WjAeMRwwGgYDVQQDDBNjbl8yWlA5UlRaYVBoeDVpYjZUMFkwEwYHKoZIzj0C
      AQYIKoZIzj0DAQcDQgAEynRBDBwK1u00mhLN2jUTGVSHGwVfDaXCbIL/XZBazfvf
      79LUoTwGYUKp4ka/Jx/BDF7EKNteWPLziPoBZ/vV06OBjTCBijAdBgNVHQ4EFgQU
      4ivwFfTgbZnpzRKkHmGa3VRy+NwwTgYDVR0jBEcwRYAU4ivwFfTgbZnpzRKkHmGa
      3VRy+NyhIqQgMB4xHDAaBgNVBAMME2NuXzJaUDlSVFphUGh4NWliNlSCCQCgg04d
      Q1EQJTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNJADBG
      AiEAtM0HNJRX3xvofmlPwD7rntRj2obwLoY+8td02rDCAbwCIQCxuO1vNOQOrSyy
      LshRURfmIyWfsDqamYfn3APUUAvttQ==
      -----END CERTIFICATE-----
      </ca>
      <cert>
      -----BEGIN CERTIFICATE-----
      MIIBzTCCAXOgAwIBAgIQDcXZ3dwQ3NvBLD/hEJAjlDAKBggqhkjOPQQDAjAeMRww
      GgYDVQQDDBNjbl8yWlA5UlRaYVBoeDVpYjZUMB4XDTE5MDQwNTE1NTQwMloXDTIy
      MDMyMDE1NTQwMlowETEPMA0GA1UEAwwGY2xpZW50MFkwEwYHKoZIzj0CAQYIKoZI
      zj0DAQcDQgAEGbEMBPaSe/l0e7+UzQDW0PIUNTUu5bZqo9pIG/26/Xa38o2Ck+wk
      UdcOj8Z9ggbPwHu+x8s1ppTTyxn+ZsNw1aOBnzCBnDAJBgNVHRMEAjAAMB0GA1Ud
      DgQWBBSEY73UYBhDTZ54fwnMIFDwAJJWSjBOBgNVHSMERzBFgBTiK/AV9OBtmenN
      EqQeYZrdVHL43KEipCAwHjEcMBoGA1UEAwwTY25fMlpQOVJUWmFQaHg1aWI2VIIJ
      AKCDTh1DURAlMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAKBggq
      hkjOPQQDAgNIADBFAiEA2F1KHsgrhu2foCz7D476A7NEAJ94KAAZ3E+do6hgHysC
      IAZBnrKqN+9C60CoJyYA/JCmms/Ed8Q9Fipj4wrvQHLQ
      -----END CERTIFICATE-----
      </cert>
      <key>
      -----BEGIN PRIVATE KEY-----
      MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgys2e5X2A2rx7O4Tp
      1vIw+CG37h/e3iclvKn7ggtea2GhRANCAAQZsQwE9pJ7+XR7v5TNANbQ8hQ1NS7l
      tmqj2kgb/br9drfyjYKT7CRR1w6Pxn2CBs/Ae77HyzWmlNPLGf5mw3DV
      -----END PRIVATE KEY-----
      </key>
      <tls-crypt>
      #
      # 2048 bit OpenVPN static key
      #
      -----BEGIN OpenVPN Static key V1-----
      f3856bf6762970d83c25eccd966400dc
      d6ec43b27660930701d6ebd6efbaa3da
      dee8e380cf94855e0f2ce1e9f832c4f6
      613c6c51e97904b1e93182b2753bdcb8
      c7f6573e74e8ce5640c329438b73241b
      494a3935443f03717fd68dfe9c0d2bb5
      755e9309b5e12a62452599bfaaef60ef
      50f91463958edd07e4014c8503c8ed8f
      da1ad0b1d42cdc169c3fbc1703b1662c
      9ac3d32aa36254e73659d2f73ff44400
      8e0a1692d808f7607111bf5becf32a91
      5f2b44906b24a55939de881cb2406c25
      80714f5aed426e1790950079f466afa2
      7e61c35d2f6939479fab9e714813bb4c
      00a71ce2954ff7bf8a0194622d0f21c6
      4a00adf365708a59683468060ff23056
      -----END OpenVPN Static key V1-----
      </tls-crypt>


      so I don't really understand why it doesn't work. I have not installed firewall (firewalld is not installed) on my server an tun is activated.



      if you have an idea to unblock the connection on linux mint or osx it will be helpfull.
      thank you







      openvpn tunnelblick






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked 2 days ago









      bormatbormat

      1214




      1214






















          0






          active

          oldest

          votes












          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "3"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1421995%2fimpossible-to-make-openvpn-worked%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          0






          active

          oldest

          votes








          0






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes
















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Super User!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1421995%2fimpossible-to-make-openvpn-worked%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          Why not use the yoke to control yaw, as well as pitch and roll? Announcing the arrival of...

          Couldn't open a raw socket. Error: Permission denied (13) (nmap)Is it possible to run networking commands...

          VNC viewer RFB protocol error: bad desktop size 0x0I Cannot Type the Key 'd' (lowercase) in VNC Viewer...