$ openvpn --config /home/m3/openvpn/vpn-maschine-client.conf Thu Feb 23 09:04:35 2012 WARNING: Make sure you understand the semantics of --tls-remote before using it (see the man page). Thu Feb 23 09:04:35 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Thu Feb 23 09:04:35 2012 Cannot load certificate file vpn-maschine-client.crt: error:02001002:system library:fopen:No such file or directory: error:20074002:BIO routines:FILE_CTRL:system lib: error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib ~$ openvpn /home/m3/openvpn/vpn-maschine-client.conf Thu Feb 23 09:05:52 2012 WARNING: Make sure you understand the semantics of --tls-remote before using it (see the man page). Thu Feb 23 09:05:52 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Thu Feb 23 09:05:52 2012 Cannot load certificate file vpn-maschine-client.crt: error:02001002:system library:fopen:No such file or directory: error:20074002:BIO routines:FILE_CTRL:system lib: error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX client float dev tap #MTU tun-mtu 1492 #fragment 1300 mssfix #tcp oder udp proto udp #Server IP remote XX.XX.XX.XX 11XX #force authentication #WICHTIG: hier den COMMON Name vom Server Zertifikat nehmen! tls-remote vpn-maschine dh vpn-maschine-dh4096.pem ca vpn-maschine-CA.crt cert vpn-maschine-client.crt key vpn-maschine-client.key auth SHA1 cipher AES-256-CBC nobind comp-lzo persist-key persist-tun verb 0 # Nach dem Verbindungsaufbau wird eine Route zum lokalen Netz vom Server aus aufgebaut # AUSKOMMENTIERT # Beispiel: Subnetz 192.168.2.0/24 #route 192.168.2.0 255.255.255.0 # Default route ueber VPN (wenn du dein INTERNET komplett ueber openvpn routen willst) # AUSKOMMENTIERT route remote_host 255.255.255.255 net_gateway route 0.0.0.0 0.0.0.0 vpn_gateway #Sets new rights after the connection user nobody group nogroup XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX