Discussion stats
  • 0 replies
  • 556 views
  • 0 kudos
  • 1 in conversation
Announcements

Top Contributors
Reply
Highlighted
Follower

R7900 connecting to client1 has failed. WARNING: No server certificate verification method has been

Hi, trying to set up VPN & have followed the instructions but still can’t connect.

connecting to client1 has failed. 

complete client1.log:

Sun Mar 25 13:42:17 2018 us=419850 Current Parameter Settings:
config = 'client1.ovpn'
mode = 0
show_ciphers = DISABLED
show_digests = DISABLED
show_engines = DISABLED
genkey = DISABLED
key_pass_file = '[UNDEF]'
show_tls_ciphers = DISABLED
connect_retry_max = 0
Sun Mar 25 13:42:17 2018 us=419850 Connection profiles [0]:
proto = udp
local = '[UNDEF]'
local_port = '[UNDEF]'
remote = '209.60.96.11'
remote_port = '12974'
remote_float = DISABLED
bind_defined = DISABLED
bind_local = DISABLED
bind_ipv6_only = DISABLED
connect_retry_seconds = 5
connect_timeout = 120
socks_proxy_server = '[UNDEF]'
socks_proxy_port = '[UNDEF]'
tun_mtu = 1500
tun_mtu_defined = ENABLED
link_mtu = 1500
link_mtu_defined = DISABLED
tun_mtu_extra = 32
tun_mtu_extra_defined = ENABLED
mtu_discover_type = -1
fragment = 0
mssfix = 1450
explicit_exit_notification = 0
Sun Mar 25 13:42:17 2018 us=419850 Connection profiles END
remote_random = DISABLED
ipchange = '[UNDEF]'
dev = 'tap'
dev_type = '[UNDEF]'
dev_node = 'NETGEAR-VPN'
lladdr = '[UNDEF]'
topology = 1
ifconfig_local = '[UNDEF]'
ifconfig_remote_netmask = '[UNDEF]'
ifconfig_noexec = DISABLED
ifconfig_nowarn = DISABLED
ifconfig_ipv6_local = '[UNDEF]'
ifconfig_ipv6_netbits = 0
ifconfig_ipv6_remote = '[UNDEF]'
shaper = 0
mtu_test = 0
mlock = DISABLED
keepalive_ping = 0
keepalive_timeout = 0
inactivity_timeout = 0
ping_send_timeout = 0
ping_rec_timeout = 0
ping_rec_timeout_action = 0
ping_timer_remote = DISABLED
remap_sigusr1 = 0
persist_tun = ENABLED
persist_local_ip = DISABLED
persist_remote_ip = DISABLED
persist_key = ENABLED
passtos = DISABLED
resolve_retry_seconds = 1000000000
resolve_in_advance = DISABLED
username = '[UNDEF]'
groupname = '[UNDEF]'
chroot_dir = '[UNDEF]'
cd_dir = '[UNDEF]'
writepid = '[UNDEF]'
up_script = '[UNDEF]'
down_script = '[UNDEF]'
down_pre = DISABLED
up_restart = DISABLED
up_delay = DISABLED
daemon = DISABLED
inetd = 0
log = ENABLED
suppress_timestamps = DISABLED
machine_readable_output = DISABLED
nice = 0
verbosity = 5
mute = 0
gremlin = 0
status_file = '[UNDEF]'
status_file_version = 1
status_file_update_freq = 60
occ = ENABLED
rcvbuf = 0
sndbuf = 0
sockflags = 0
fast_io = DISABLED
comp.alg = 2
comp.flags = 1
route_script = '[UNDEF]'
route_default_gateway = '[UNDEF]'
route_default_metric = 0
route_noexec = DISABLED
route_delay = 5
route_delay_window = 30
route_delay_defined = ENABLED
route_nopull = DISABLED
route_gateway_via_dhcp = DISABLED
allow_pull_fqdn = DISABLED
management_addr = '127.0.0.1'
management_port = '25340'
management_user_pass = 'stdin'
management_log_history_cache = 250
management_echo_buffer_size = 100
management_write_peer_info_file = '[UNDEF]'
management_client_user = '[UNDEF]'
management_client_group = '[UNDEF]'
management_flags = 6
shared_secret_file = '[UNDEF]'
key_direction = not set
ciphername = 'AES-128-CBC'
ncp_enabled = ENABLED
ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
authname = 'SHA1'
prng_hash = 'SHA1'
prng_nonce_secret_len = 16
keysize = 0
engine = DISABLED
replay = ENABLED
mute_replay_warnings = DISABLED
replay_window = 64
replay_time = 15
packet_id_file = '[UNDEF]'
use_iv = ENABLED
test_crypto = DISABLED
tls_server = DISABLED
tls_client = ENABLED
key_method = 2
ca_file = 'ca.crt'
ca_path = '[UNDEF]'
dh_file = '[UNDEF]'
cert_file = 'client.crt'
extra_certs_file = '[UNDEF]'
priv_key_file = 'client.key'
pkcs12_file = '[UNDEF]'
cryptoapi_cert = '[UNDEF]'
cipher_list = '[UNDEF]'
tls_cert_profile = '[UNDEF]'
tls_verify = '[UNDEF]'
tls_export_cert = '[UNDEF]'
verify_x509_type = 0
verify_x509_name = '[UNDEF]'
crl_file = '[UNDEF]'
ns_cert_type = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_eku = '[UNDEF]'
ssl_flags = 0
tls_timeout = 2
renegotiate_bytes = -1
renegotiate_packets = 0
renegotiate_seconds = 3600
handshake_window = 60
transition_window = 3600
single_session = DISABLED
push_peer_info = DISABLED
tls_exit = DISABLED
tls_auth_file = '[UNDEF]'
tls_crypt_file = '[UNDEF]'
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
Sun Mar 25 13:42:17 2018 us=435481   pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_pin_cache_period = -1
pkcs11_id = '[UNDEF]'
pkcs11_id_management = DISABLED
server_network = 0.0.0.0
server_netmask = 0.0.0.0
server_network_ipv6 = ::
server_netbits_ipv6 = 0
server_bridge_ip = 0.0.0.0
server_bridge_netmask = 0.0.0.0
server_bridge_pool_start = 0.0.0.0
server_bridge_pool_end = 0.0.0.0
ifconfig_pool_defined = DISABLED
ifconfig_pool_start = 0.0.0.0
ifconfig_pool_end = 0.0.0.0
ifconfig_pool_netmask = 0.0.0.0
ifconfig_pool_persist_filename = '[UNDEF]'
ifconfig_pool_persist_refresh_freq = 600
ifconfig_ipv6_pool_defined = DISABLED
ifconfig_ipv6_pool_base = ::
ifconfig_ipv6_pool_netbits = 0
n_bcast_buf = 256
tcp_queue_limit = 64
real_hash_size = 256
virtual_hash_size = 256
client_connect_script = '[UNDEF]'
learn_address_script = '[UNDEF]'
client_disconnect_script = '[UNDEF]'
client_config_dir = '[UNDEF]'
ccd_exclusive = DISABLED
tmp_dir = 'C:\Users\nguye\AppData\Local\Temp\'
push_ifconfig_defined = DISABLED
push_ifconfig_local = 0.0.0.0
push_ifconfig_remote_netmask = 0.0.0.0
push_ifconfig_ipv6_defined = DISABLED
push_ifconfig_ipv6_local = ::/0
push_ifconfig_ipv6_remote = ::
enable_c2c = DISABLED
duplicate_cn = DISABLED
cf_max = 0
cf_per = 0
max_clients = 1024
max_routes_per_client = 256
auth_user_pass_verify_script = '[UNDEF]'
auth_user_pass_verify_script_via_file = DISABLED
auth_token_generate = DISABLED
auth_token_lifetime = 0
client = ENABLED
pull = ENABLED
auth_user_pass_file = '[UNDEF]'
show_net_up = DISABLED
route_method = 0
block_outside_dns = DISABLED
ip_win32_defined = DISABLED
ip_win32_type = 3
dhcp_masq_offset = 0
dhcp_lease_time = 31536000
tap_sleep = 0
dhcp_options = DISABLED
dhcp_renew = DISABLED
dhcp_pre_release = DISABLED
domain = '[UNDEF]'
netbios_scope = '[UNDEF]'
netbios_node_type = 0
disable_nbt = DISABLED
Sun Mar 25 13:42:17 2018 us=435481 OpenVPN 2.4.5 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Mar  1 2018
Sun Mar 25 13:42:17 2018 us=435481 Windows version 6.2 (Windows 8 or greater) 64bit
Sun Mar 25 13:42:17 2018 us=435481 library versions: OpenSSL 1.1.0f  25 May 2017, LZO 2.10
Enter Management Password:
Sun Mar 25 13:42:17 2018 us=435481 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Sun Mar 25 13:42:17 2018 us=435481 Need hold release from management interface, waiting...
Sun Mar 25 13:42:17 2018 us=914762 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Sun Mar 25 13:42:18 2018 us=36545 MANAGEMENT: CMD 'state on'
Sun Mar 25 13:42:18 2018 us=36545 MANAGEMENT: CMD 'log all on'
Sun Mar 25 13:42:18 2018 us=236432 MANAGEMENT: CMD 'echo all on'
Sun Mar 25 13:42:18 2018 us=236432 MANAGEMENT: CMD 'bytecount 5'
Sun Mar 25 13:42:18 2018 us=236432 MANAGEMENT: CMD 'hold off'
Sun Mar 25 13:42:18 2018 us=236432 MANAGEMENT: CMD 'hold release'
Sun Mar 25 13:42:18 2018 us=236432 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Sun Mar 25 13:42:18 2018 us=236432 OpenSSL: error:140AB18ESmiley FrustratedSL routinesSmiley FrustratedSL_CTX_use_certificate:ca md too weak
Sun Mar 25 13:42:18 2018 us=252035 MANAGEMENT: Client disconnected
Sun Mar 25 13:42:18 2018 us=252035 Cannot load certificate file client.crt
Sun Mar 25 13:42:18 2018 us=252035 Exiting due to fatal error

 

Model: R7900|Nighthawk X6 AC3000 Tri-Band WiFi Router
Message 1 of 1