Able to connect to VPN for file access and web browsing, no problems at all.
No Server Certificate Method Has Been Enabled Verification Method HasHowever, the OpenVPN log shows WARNING: No server certificate verification method has been enabled.
Also, how do I resolve subnet issue: WARNING: potential route subnet conflict between local LAN 192.168.1.0255.255.255.0 and remote VPN 192.168.1.0255.255.255.0 (OpenVPN log - IPs etc removed). Jan 21 17:29:02: OpenVPN 2.2.2 Win32-MSVC SSL LZO2 PKCS11 built on Jan 4 2012. Jan 21 17:29:28: IMPORTANT: OpenVPNs default port number is now 1194, based on an official port number assignment by IANA. Jan 21 17:29:28: WARNING: No server certificate verification method has been enabled. Jan 21 17:29:28: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts. Jan 21 17:29:29: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this. Jan 21 17:29:29: SnakeOilCA Peer Connection Initiated with xx.xx.xx.xx:1194. Jan 21 17:29:31: TAP-WIN32 device xxxxxxxxxx opened:.Global65963BF4-6A50-45C7-A0E2-510CCDAB42D1.tap. No Server Certificate Method Has Been Enabled Driver To SetJan 21 17:29:31: Notified TAP-Win32 driver to set a DHCP IPnetmask of 10.8.0.6255.255.255.252 on interface 65963BF4-6A50-45C7-A0E2-510CCDAB42D1 DHCP-serv: 10.8.0.5, lease-time: 31536000. Jan 21 17:29:31: Successful ARP Flush on interface 65541 65963BF4-6A50-45C7-A0E2-510CCDAB42D1. Jan 21 17:29:36: WARNING: potential route subnet conflict between local LAN 192.168.1.0255.255.255.0 and remote VPN 192.168.1.0255.255.255.0. It means you dont have the Require Server nsCertType option turned on (under the Options tab when editing your connection). ![]() As for the subnet conflict, please see the following support article. While it was originally written for the Mac version, it also applies for Windows users. Is it safe to assume that Viscosity still checks that the server certificate is signed with the CA-certificate even though that error occurs in the logs. Yes this is correct. CertType has been depricated, for more information please take a look at the remote-cert-tls command.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |