Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 8 replies
  • Subscribers 1 subscriber
  • Views 9168 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Centos Linux based vpn client

tom11011
Hi Group.

I downloaded the files for Remote Access from the Sophos UTM for linux.  This package includes the config certs and keys.

What are your recommendations for a gui client for ssl vpn?  Running Centos 7 with Gnome 3 desktop.

Thanks.
Tom


This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to tom11011
    Hi group, just about there but getting a connection error.  

    Here is my client error log if anyone can point me in the right direction.

    [root@localhost username@209.***.xx.1]# openvpn --config username@209.***.xx.1.ovpn
    Thu Oct 16 16:42:10 2014 DEPRECATED OPTION: --tls-remote, please update your configuration
    Thu Oct 16 16:42:10 2014 OpenVPN 2.3.2 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Feb 14 2014
    Enter Auth Username:username
    Enter Auth Password:
    Thu Oct 16 16:42:14 2014 Socket Buffers: R=[87380->131072] S=[16384->131072]
    Thu Oct 16 16:42:14 2014 Attempting to establish TCP connection with [AF_INET]209.***.xx.1:443 [nonblock]
    Thu Oct 16 16:42:15 2014 TCP connection established with [AF_INET]209.***.xx.1:443
    Thu Oct 16 16:42:15 2014 TCPv4_CLIENT link local: [undef]
    Thu Oct 16 16:42:15 2014 TCPv4_CLIENT link remote: [AF_INET]209.***.xx.1:443
    Thu Oct 16 16:42:15 2014 TLS: Initial packet from [AF_INET]209.***.xx.1:443, sid=95bb8e2d 23bfef21
    Thu Oct 16 16:42:15 2014 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    Thu Oct 16 16:42:16 2014 VERIFY OK: depth=1, C=us, L=***, O=***, CN=*** VPN CA, emailAddress=cfsupport@yyyy.com
    Thu Oct 16 16:42:16 2014 VERIFY ERROR: depth=0, error=certificate signature failure: C=us, L=***, O=***, CN=PRDFWCLEP01, emailAddress=cfsupport@yyyy.com
    Thu Oct 16 16:42:16 2014 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
    Thu Oct 16 16:42:16 2014 TLS Error: TLS object -> incoming plaintext read error
    Thu Oct 16 16:42:16 2014 TLS Error: TLS handshake failed
    Thu Oct 16 16:42:16 2014 Fatal TLS error (check_tls_errors_co), restarting
    Thu Oct 16 16:42:16 2014 SIGUSR1[soft,tls-error] received, process restarting
    Thu Oct 16 16:42:16 2014 Restart pause, 5 second(s)
    ^CThu Oct 16 16:42:18 2014 SIGINT[hard,init_instance] received, process exiting
    [root@localhost username@209.***.xx.1]#
Unfiltered HTML