openvpn 접속이 안됩니다.

안녕하십니까? 오늘과내일의 홍석범입니다.

로그를 보시면 원인을 알 수 있습니다.

Mon Jan 08 12:13:33 2007 us=271142 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Mon Jan 08 12:13:33 2007 us=271460 Cannot load certificate file server.crt: error:02001002:system library:fopen:No such file or directory: error:20074002:BIO routines:FILE_CTRL:system lib: error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib
==> 위 로그의 의미를 보시면 인증서 파일이 없다는 것을 알 수 있습니다.
서버쪽의 config 파일에서

ca key/ca.crt
cert key/server1.crt
key key/server1.key

와 같이 지정하였을 때 각각의  파일이 존재하는지 확인해 보시기 바랍니다.

감사합니다.

차진수 님의 글

강사님 말씀대로 다시 한번 설치를 해보니 로그온 화면 까지는 나왔는데, 인증이 안됩니다.

서버에 데몬이 안올라옵니다. 시작은 이렇게 하였구요.==> ./openvpn --config server.conf --auth-user-pass-verify /usr/local/sbin/auth-pam.pl via-file --tmp-dir /tmp --daemon"

클라이언트 로그는 아래와 같습니다.

===============================================================

Mon Jan 08 12:13:24 2007 us=684003 Current Parameter Settings:
Mon Jan 08 12:13:24 2007 us=684067   config = 'client.ovpn'
Mon Jan 08 12:13:24 2007 us=684078   mode = 0
Mon Jan 08 12:13:24 2007 us=684089   show_ciphers = DISABLED
Mon Jan 08 12:13:24 2007 us=684099   show_digests = DISABLED
Mon Jan 08 12:13:24 2007 us=684110   show_engines = DISABLED
Mon Jan 08 12:13:24 2007 us=684121   genkey = DISABLED
Mon Jan 08 12:13:24 2007 us=684131   key_pass_file = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=684141   show_tls_ciphers = DISABLED
Mon Jan 08 12:13:24 2007 us=684151   proto = 0
Mon Jan 08 12:13:24 2007 us=684161   local = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=684173   remote_list[0] = {'61.249.113.226', 1194}
Mon Jan 08 12:13:24 2007 us=684184   remote_random = DISABLED
Mon Jan 08 12:13:24 2007 us=684195   local_port = 1194
Mon Jan 08 12:13:24 2007 us=684206   remote_port = 1194
Mon Jan 08 12:13:24 2007 us=684218   remote_float = DISABLED
Mon Jan 08 12:13:24 2007 us=684229   ipchange = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=684240   bind_local = DISABLED
Mon Jan 08 12:13:24 2007 us=684250   dev = 'tap0'
Mon Jan 08 12:13:24 2007 us=684260   dev_type = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=684271   dev_node = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=684281   tun_ipv6 = DISABLED
Mon Jan 08 12:13:24 2007 us=684292   ifconfig_local = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=684303   ifconfig_remote_netmask = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=684313   ifconfig_noexec = DISABLED
Mon Jan 08 12:13:24 2007 us=684323   ifconfig_nowarn = DISABLED
Mon Jan 08 12:13:24 2007 us=684334   shaper = 0
Mon Jan 08 12:13:24 2007 us=684344   tun_mtu = 1500
Mon Jan 08 12:13:24 2007 us=684355   tun_mtu_defined = ENABLED
Mon Jan 08 12:13:24 2007 us=684365   link_mtu = 1500
Mon Jan 08 12:13:24 2007 us=684376   link_mtu_defined = DISABLED
Mon Jan 08 12:13:24 2007 us=684386   tun_mtu_extra = 32
Mon Jan 08 12:13:24 2007 us=684397   tun_mtu_extra_defined = ENABLED
Mon Jan 08 12:13:24 2007 us=684408   fragment = 0
Mon Jan 08 12:13:24 2007 us=684419   mtu_discover_type = -1
Mon Jan 08 12:13:24 2007 us=684429   mtu_test = 0
Mon Jan 08 12:13:24 2007 us=684439   mlock = DISABLED
Mon Jan 08 12:13:24 2007 us=684449   keepalive_ping = 0
Mon Jan 08 12:13:24 2007 us=684459   keepalive_timeout = 0
Mon Jan 08 12:13:24 2007 us=684469   inactivity_timeout = 0
Mon Jan 08 12:13:24 2007 us=684480   ping_send_timeout = 0
Mon Jan 08 12:13:24 2007 us=684490   ping_rec_timeout = 120
Mon Jan 08 12:13:24 2007 us=684502   ping_rec_timeout_action = 2
Mon Jan 08 12:13:24 2007 us=684512   ping_timer_remote = DISABLED
Mon Jan 08 12:13:24 2007 us=684523   remap_sigusr1 = 0
Mon Jan 08 12:13:24 2007 us=684534   explicit_exit_notification = 0
Mon Jan 08 12:13:24 2007 us=684544   persist_tun = ENABLED
Mon Jan 08 12:13:24 2007 us=684554   persist_local_ip = DISABLED
Mon Jan 08 12:13:24 2007 us=684565   persist_remote_ip = DISABLED
Mon Jan 08 12:13:24 2007 us=684576   persist_key = ENABLED
Mon Jan 08 12:13:24 2007 us=684586   mssfix = 1450
Mon Jan 08 12:13:24 2007 us=684597   resolve_retry_seconds = 1000000000
Mon Jan 08 12:13:24 2007 us=684607   connect_retry_seconds = 5
Mon Jan 08 12:13:24 2007 us=684618   username = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=684629   groupname = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=684639   chroot_dir = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=684650   cd_dir = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=684660   writepid = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=684671   up_script = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=684681   down_script = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=684692   down_pre = DISABLED
Mon Jan 08 12:13:24 2007 us=684702   up_restart = DISABLED
Mon Jan 08 12:13:24 2007 us=684713   up_delay = DISABLED
Mon Jan 08 12:13:24 2007 us=684726   daemon = DISABLED
Mon Jan 08 12:13:24 2007 us=684737   inetd = 0
Mon Jan 08 12:13:24 2007 us=684747   log = DISABLED
Mon Jan 08 12:13:24 2007 us=684758   suppress_timestamps = DISABLED
Mon Jan 08 12:13:24 2007 us=684768   nice = 0
Mon Jan 08 12:13:24 2007 us=684778   verbosity = 4
Mon Jan 08 12:13:24 2007 us=866594   mute = 0
Mon Jan 08 12:13:24 2007 us=866620   gremlin = 0
Mon Jan 08 12:13:24 2007 us=866632   status_file = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=866642   status_file_version = 1
Mon Jan 08 12:13:24 2007 us=866653   status_file_update_freq = 60
Mon Jan 08 12:13:24 2007 us=866663   occ = ENABLED
Mon Jan 08 12:13:24 2007 us=866673   rcvbuf = 0
Mon Jan 08 12:13:24 2007 us=866682   sndbuf = 0
Mon Jan 08 12:13:24 2007 us=866693   socks_proxy_server = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=866712   socks_proxy_port = 0
Mon Jan 08 12:13:24 2007 us=866723   socks_proxy_retry = DISABLED
Mon Jan 08 12:13:24 2007 us=866732   fast_io = DISABLED
Mon Jan 08 12:13:24 2007 us=866742   comp_lzo = ENABLED
Mon Jan 08 12:13:24 2007 us=866752   comp_lzo_adaptive = ENABLED
Mon Jan 08 12:13:24 2007 us=866762   route_script = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=866773   route_default_gateway = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=866783   route_noexec = DISABLED
Mon Jan 08 12:13:24 2007 us=867678   route_delay = 0
Mon Jan 08 12:13:24 2007 us=867693   route_delay_window = 30
Mon Jan 08 12:13:24 2007 us=867703   route_delay_defined = ENABLED
Mon Jan 08 12:13:24 2007 us=867714   management_addr = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=867724   management_port = 0
Mon Jan 08 12:13:24 2007 us=867735   management_user_pass = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=867746   management_log_history_cache = 250
Mon Jan 08 12:13:24 2007 us=867757   management_echo_buffer_size = 100
Mon Jan 08 12:13:24 2007 us=867768   management_query_passwords = DISABLED
Mon Jan 08 12:13:24 2007 us=867779   management_hold = DISABLED
Mon Jan 08 12:13:24 2007 us=867790   shared_secret_file = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=867800   key_direction = 0
Mon Jan 08 12:13:24 2007 us=867810   ciphername_defined = ENABLED
Mon Jan 08 12:13:24 2007 us=867820   ciphername = 'BF-CBC'
Mon Jan 08 12:13:24 2007 us=867830   authname_defined = ENABLED
Mon Jan 08 12:13:24 2007 us=878341   authname = 'SHA1'
Mon Jan 08 12:13:24 2007 us=878364   keysize = 0
Mon Jan 08 12:13:24 2007 us=878375   engine = DISABLED
Mon Jan 08 12:13:24 2007 us=878385   replay = ENABLED
Mon Jan 08 12:13:24 2007 us=878396   mute_replay_warnings = DISABLED
Mon Jan 08 12:13:24 2007 us=878406   replay_window = 64
Mon Jan 08 12:13:24 2007 us=878416   replay_time = 15
Mon Jan 08 12:13:24 2007 us=878427   packet_id_file = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=878436   use_iv = ENABLED
Mon Jan 08 12:13:24 2007 us=878446   test_crypto = DISABLED
Mon Jan 08 12:13:24 2007 us=878456   tls_server = DISABLED
Mon Jan 08 12:13:24 2007 us=878466   tls_client = ENABLED
Mon Jan 08 12:13:24 2007 us=878475   key_method = 2
Mon Jan 08 12:13:24 2007 us=878486   ca_file = 'my-ca.crt'
Mon Jan 08 12:13:24 2007 us=878496   dh_file = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=878506   cert_file = 'server.crt'
Mon Jan 08 12:13:24 2007 us=894748   priv_key_file = 'server.key'
Mon Jan 08 12:13:24 2007 us=894770   pkcs12_file = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=894780   cryptoapi_cert = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=894791   cipher_list = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=894801   tls_verify = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=894812   tls_remote = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=894821   crl_file = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=894831   ns_cert_type = 0
Mon Jan 08 12:13:24 2007 us=894841   tls_timeout = 2
Mon Jan 08 12:13:24 2007 us=894850   renegotiate_bytes = 0
Mon Jan 08 12:13:24 2007 us=894860   renegotiate_packets = 0
Mon Jan 08 12:13:24 2007 us=894870   renegotiate_seconds = 3600
Mon Jan 08 12:13:24 2007 us=894881   handshake_window = 60
Mon Jan 08 12:13:24 2007 us=894890   transition_window = 3600
Mon Jan 08 12:13:24 2007 us=894900   single_session = DISABLED
Mon Jan 08 12:13:24 2007 us=894910   tls_exit = DISABLED
Mon Jan 08 12:13:24 2007 us=913091   tls_auth_file = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=913128   server_network = 0.0.0.0
Mon Jan 08 12:13:24 2007 us=913140   server_netmask = 0.0.0.0
Mon Jan 08 12:13:24 2007 us=913151   server_bridge_ip = 0.0.0.0
Mon Jan 08 12:13:24 2007 us=913163   server_bridge_netmask = 0.0.0.0
Mon Jan 08 12:13:24 2007 us=913175   server_bridge_pool_start = 0.0.0.0
Mon Jan 08 12:13:24 2007 us=913187   server_bridge_pool_end = 0.0.0.0
Mon Jan 08 12:13:24 2007 us=913199   ifconfig_pool_defined = DISABLED
Mon Jan 08 12:13:24 2007 us=913210   ifconfig_pool_start = 0.0.0.0
Mon Jan 08 12:13:24 2007 us=913221   ifconfig_pool_end = 0.0.0.0
Mon Jan 08 12:13:24 2007 us=913232   ifconfig_pool_netmask = 0.0.0.0
Mon Jan 08 12:13:24 2007 us=913244   ifconfig_pool_persist_filename = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=913256   ifconfig_pool_persist_refresh_freq = 600
Mon Jan 08 12:13:24 2007 us=913266   ifconfig_pool_linear = DISABLED
Mon Jan 08 12:13:24 2007 us=913277   n_bcast_buf = 256
Mon Jan 08 12:13:24 2007 us=930402   tcp_queue_limit = 64
Mon Jan 08 12:13:24 2007 us=930425   real_hash_size = 256
Mon Jan 08 12:13:24 2007 us=930435   virtual_hash_size = 256
Mon Jan 08 12:13:24 2007 us=930446   client_connect_script = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=930457   learn_address_script = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=930468   client_disconnect_script = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=930479   client_config_dir = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=930489   ccd_exclusive = DISABLED
Mon Jan 08 12:13:24 2007 us=930499   tmp_dir = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=930509   push_ifconfig_defined = DISABLED
Mon Jan 08 12:13:24 2007 us=930523   push_ifconfig_local = 0.0.0.0
Mon Jan 08 12:13:24 2007 us=930535   push_ifconfig_remote_netmask = 0.0.0.0
Mon Jan 08 12:13:24 2007 us=930546   enable_c2c = DISABLED
Mon Jan 08 12:13:24 2007 us=930556   duplicate_cn = DISABLED
Mon Jan 08 12:13:24 2007 us=930566   cf_max = 0
Mon Jan 08 12:13:24 2007 us=945688   cf_per = 0
Mon Jan 08 12:13:24 2007 us=945710   max_clients = 1024
Mon Jan 08 12:13:24 2007 us=945721   max_routes_per_client = 256
Mon Jan 08 12:13:24 2007 us=945732   client_cert_not_required = DISABLED
Mon Jan 08 12:13:24 2007 us=945743   username_as_common_name = DISABLED
Mon Jan 08 12:13:24 2007 us=945755   auth_user_pass_verify_script = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=945767   auth_user_pass_verify_script_via_file = DISABLED
Mon Jan 08 12:13:24 2007 us=945778   client = ENABLED
Mon Jan 08 12:13:24 2007 us=945787   pull = ENABLED
Mon Jan 08 12:13:24 2007 us=945797   auth_user_pass_file = 'stdin'
Mon Jan 08 12:13:24 2007 us=945811   show_net_up = DISABLED
Mon Jan 08 12:13:24 2007 us=945821   route_method = 0
Mon Jan 08 12:13:24 2007 us=945832   ip_win32_defined = DISABLED
Mon Jan 08 12:13:24 2007 us=945842   ip_win32_type = 3
Mon Jan 08 12:13:24 2007 us=945852   dhcp_masq_offset = 0
Mon Jan 08 12:13:24 2007 us=963399   dhcp_lease_time = 31536000
Mon Jan 08 12:13:24 2007 us=963422   tap_sleep = 0
Mon Jan 08 12:13:24 2007 us=963433   dhcp_options = DISABLED
Mon Jan 08 12:13:24 2007 us=963443   dhcp_renew = DISABLED
Mon Jan 08 12:13:24 2007 us=963453   dhcp_pre_release = DISABLED
Mon Jan 08 12:13:24 2007 us=963463   dhcp_release = DISABLED
Mon Jan 08 12:13:24 2007 us=963472   domain = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=963482   netbios_scope = '[UNDEF]'
Mon Jan 08 12:13:24 2007 us=963492   netbios_node_type = 0
Mon Jan 08 12:13:24 2007 us=963502   disable_nbt = DISABLED
Mon Jan 08 12:13:24 2007 us=963523 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct  1 2006
Mon Jan 08 12:13:33 2007 us=271114 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Mon Jan 08 12:13:33 2007 us=271142 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Mon Jan 08 12:13:33 2007 us=271460 Cannot load certificate file server.crt: error:02001002:system library:fopen:No such file or directory: error:20074002:BIO routines:FILE_CTRL:system lib: error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib
Mon Jan 08 12:13:33 2007 us=271475 Exiting