{"id":2519,"date":"2017-08-12T17:24:42","date_gmt":"2017-08-12T15:24:42","guid":{"rendered":"https:\/\/blog.mi.hdm-stuttgart.de\/?p=2519"},"modified":"2023-08-06T21:50:37","modified_gmt":"2023-08-06T19:50:37","slug":"how-to-fix-your-hdm-vpn-config-for-openvpn-2-4-3","status":"publish","type":"post","link":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/2017\/08\/12\/how-to-fix-your-hdm-vpn-config-for-openvpn-2-4-3\/","title":{"rendered":"How to fix your HdM VPN config for OpenVPN 2.4.3"},"content":{"rendered":"

<\/p>\n

The latest OpenVPN 2.4.3<\/a> release shipped with some technically minor changes which however might break your HdM VPN setup in Linux (should also apply to MS Windows and Mac OS) due to compatibility issues in terms of the OpenVPN config params currently in use. In case this problem affects you, here’s how to fix it (instructions assume Linux, but can be adopted for Windows and Mac).<\/p>\n

<\/p>\n

As for Linux, the OpenVPN 2.4.3 release has not yet made it’s way into the official repositories of the most popular distros like Ubuntu<\/a>, which still adheres to OpenVPN 2.3.10 (16.04 LTS). However, the latest release is already available via the download page or the package managers of rolling release distros like Arch Linux.
\nBefore we start, please check you OpenVPN version as follows:<\/p>\n

$ openvpn --version<\/pre>\n
If you have installed a version prior to 2.4.3, you’re off the hook and can head your own path. If not, then you should probably keep reading.
\nIt is assumed that you followed the instructions<\/a> and already have created and downloaded your certificate as well as the auto-generated VPN config file. For example, given that you put everything into the \/home\/foobar\/hdm-vpn\/<\/code> folder, you can now initiate the VPN connection as decribed in the docs:<\/p>\n
$ cd \/home\/foobar\/hdm-vpn; sudo openvpn --config .\/HdM_Nobelstr.ovpn<\/pre>\n
If everything goes “well”, you should now see an error message similar to this one:<\/p>\n
$ cd \/home\/foobar\/hdm-vpn; sudo openvpn --config .\/HdM_Nobelstr.ovpn \nOptions error: Unrecognized option or missing or extra parameter(s) in .\/HdM_Nobelstr.ovpn:50: tls-remote (2.4.3)<\/pre>\n
The culprit causing that issue hides in the HdM_Nobelstr.ovpn<\/em> config file and is quickly identified:<\/p>\n
$ cat HdM_Nobelstr.ovpn | grep tls-remote\ntls-remote \"\/C=DE\/ST=Baden-Wuerttemberg\/O=Hochschule_der_Medien\/OU=RZ\/CN=VPN-GW_Nobelstr\/emailAddress=wlan@hdm-stuttgart.de\"<\/pre>\n
Asking Google about the error message reveals that the tls-remote <\/em>option has been removed since – have a guess – OpenVPN 2.4.3. This can also be looked up from the change log<\/a>. Further investigation yielded that this option has been replaced by a new option called verify-x509-name. <\/em>So the next step is to open the HdM_Nobelstr.ovpn config file and give that a try:<\/p>\n
#tls-remote \"\/C=DE\/ST=Baden-Wuerttemberg\/O=Hochschule_der_Medien\/OU=RZ\/CN=VPN-GW_Nobelstr\/emailAddress=wlan@hdm-stuttgart.de\"\nverify-x509-name \"C=DE\/ST=Baden-Wuerttemberg\/O=Hochschule_der_Medien\/OU=RZ\/CN=VPN-GW_Nobelstr\/emailAddress=wlan@hdm-stuttgart.de\"<\/pre>\n
So that’s it? Sorry, we’re not quite there. If you restart your VPN connection as shown above, there’s a new error entering the stage:<\/p>\n
VERIFY X509NAME ERROR: C=DE, ST=Baden-Wuerttemberg, O=Hochschule der Medien, OU=RZ, CN=VPN-GW Nobelstr, emailAddress=wlan@hdm-stuttgart.de, must be \/C=DE\/ST=Baden-Wuerttemberg\/O=Hochschule_der_Medien\/OU=RZ\/CN=VPN-GW_Nobelstr\/emailAddress=wlan@hdm-stuttgart.de<\/pre>\n
What goes wrong here is that the config format doesn’t match the format used in your certificate. You can easily fix that by throwing out the underscores and replacing the slashes with commas in the entry you added to HdM_Nobelstr.ovpn in the previous step:<\/p>\n
#tls-remote \"\/C=DE\/ST=Baden-Wuerttemberg\/O=Hochschule_der_Medien\/OU=RZ\/CN=VPN-GW_Nobelstr\/emailAddress=wlan@hdm-stuttgart.de\"\nverify-x509-name \"C=DE, ST=Baden-Wuerttemberg, O=Hochschule der Medien, OU=RZ, CN=VPN-GW Nobelstr\/emailAddress=wlan@hdm-stuttgart.de\"<\/pre>\n
Try to establish your VPN connection again and you should finally succeed:<\/p>\n
$ cd \/home\/foobar\/hdm-vpn; sudo openvpn --config .\/HdM_Nobelstr.ovpn\n.\n.\nVERIFY X509NAME OK: C=DE, ST=Baden-Wuerttemberg, O=Hochschule der Medien, OU=RZ, CN=VPN-GW Nobelstr, emailAddress=wlan@hdm-stuttgart.de\n.\n.\nInitialization Sequence Completed<\/pre>\n
I hope this helped and you’re again back on track with your HdM VPN connection. \ud83d\ude42<\/p>\n
Cheers!<\/p>\n","protected":false},"excerpt":{"rendered":"
The latest OpenVPN 2.4.3 release shipped with some technically minor changes which however might break your config for the HdM VPN in Linux (possibily also applies to MS Windows and Mac OS) due to compatibility issues in terms of the OpenVPN config params. In case this problem affects you, here’s how to fix it.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1,657],"tags":[8,113,112],"ppma_author":[694],"class_list":["post-2519","post","type-post","status-publish","format-standard","hentry","category-allgemein","category-teaching-and-learning","tag-hdm","tag-openvpn","tag-vpn"],"aioseo_notices":[],"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":4290,"url":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/2018\/09\/10\/web-server-with-user-registration-and-guestbook-with-image-upload\/","url_meta":{"origin":2519,"position":0},"title":"Web server with user registration and guestbook with image upload","author":"ok043","date":"10. September 2018","format":false,"excerpt":"Overview The users access the website where they have the option to the view the guest book, register or log in. To register the user has to provide a username, an email address and a secure password (more than 8 characters, upper and lowercase characters, numbers and special characters). Then\u2026","rel":"","context":"In "Cloud Technologies"","block_context":{"text":"Cloud Technologies","link":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/category\/scalable-systems\/cloud-technologies\/"},"img":{"alt_text":"Project architecture","src":"https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2018\/09\/cloudcraft1-1024x576.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2018\/09\/cloudcraft1-1024x576.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2018\/09\/cloudcraft1-1024x576.png?resize=525%2C300&ssl=1 1.5x"},"classes":[]},{"id":476,"url":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/2016\/03\/10\/intel-nuc-and-the-quest-for-the-holy-boot-target\/","url_meta":{"origin":2519,"position":1},"title":"Intel NUC and the quest for the holy boot target","author":"Patrick Kleindienst","date":"10. March 2016","format":false,"excerpt":"Do you already have found time to recover from fighting the demons which made it hard\u00a0to get a Docker cluster up and running on Raspberry Pis? Hopefully - because the\u00a0next crusade lies ahead of us! So let's dive into the\u00a0next adventure, \u00a0watching our heroes - three greenhorn students\u00a0- on their\u00a0search\u2026","rel":"","context":"In "System Designs"","block_context":{"text":"System Designs","link":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/category\/system-designs\/"},"img":{"alt_text":"","src":"https:\/\/upload.wikimedia.org\/wikipedia\/commons\/6\/60\/Intel_NUC_Haswell_(case_rear_panel).jpg","width":350,"height":200,"srcset":"https:\/\/upload.wikimedia.org\/wikipedia\/commons\/6\/60\/Intel_NUC_Haswell_(case_rear_panel).jpg 1x, https:\/\/upload.wikimedia.org\/wikipedia\/commons\/6\/60\/Intel_NUC_Haswell_(case_rear_panel).jpg 1.5x, https:\/\/upload.wikimedia.org\/wikipedia\/commons\/6\/60\/Intel_NUC_Haswell_(case_rear_panel).jpg 2x, https:\/\/upload.wikimedia.org\/wikipedia\/commons\/6\/60\/Intel_NUC_Haswell_(case_rear_panel).jpg 3x, https:\/\/upload.wikimedia.org\/wikipedia\/commons\/6\/60\/Intel_NUC_Haswell_(case_rear_panel).jpg 4x"},"classes":[]},{"id":7154,"url":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/2019\/08\/31\/setting-up-a-ci-cd-pipeline-in-gitlab\/","url_meta":{"origin":2519,"position":2},"title":"Setting up a CI\/CD pipeline in Gitlab","author":"nr037","date":"31. August 2019","format":false,"excerpt":"Introduction For all my university software projects, I use the HdM Gitlab instance for version control. But Gitlab offers much more such as easy and good ways to operate a pipeline. In this article, I will show how we can use the CI\/CD functionality in a university project to perform\u2026","rel":"","context":"In "Cloud Technologies"","block_context":{"text":"Cloud Technologies","link":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/category\/scalable-systems\/cloud-technologies\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2019\/08\/Screenshot-2019-08-26-at-09.53.13.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2019\/08\/Screenshot-2019-08-26-at-09.53.13.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2019\/08\/Screenshot-2019-08-26-at-09.53.13.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2019\/08\/Screenshot-2019-08-26-at-09.53.13.png?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2019\/08\/Screenshot-2019-08-26-at-09.53.13.png?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2019\/08\/Screenshot-2019-08-26-at-09.53.13.png?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":10392,"url":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/2020\/02\/29\/attempts-at-automating-the-build-process-of-a-net-wpf-application-with-gitlabs-ci-cd-pipeline\/","url_meta":{"origin":2519,"position":3},"title":"Attempts at automating the build process of a .NET WPF application with GitLab’s CI\/CD pipeline","author":"Felix Messner","date":"29. February 2020","format":false,"excerpt":"(Originally written for System Engineering and Management in 02\/2020) Introduction In the System Engineering course of WS1920, I took the opportunity to look into automating the build process of a Windows desktop application. Specifically, the application in question is built in C#, targeting .NET Framework 4.0 and using Windows Presentation\u2026","rel":"","context":"In "Allgemein"","block_context":{"text":"Allgemein","link":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/category\/allgemein\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2020\/08\/windows_runner_Tree.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2020\/08\/windows_runner_Tree.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2020\/08\/windows_runner_Tree.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2020\/08\/windows_runner_Tree.jpg?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":27,"url":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/2015\/12\/17\/27\/","url_meta":{"origin":2519,"position":4},"title":"Docker- dive into its foundations","author":"Benjamin Binder","date":"17. December 2015","format":false,"excerpt":"Docker has gained a lot of attention over the past several years.\u00a0But not only because of its cool logo or it being\u00a0the top buzzword of managers, but also because of its useful features.\u00a0We talked about Docker quite a bit without really\u00a0understanding why it's so\u00a0great to use. So we decided to\u2026","rel":"","context":"In "Databases"","block_context":{"text":"Databases","link":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/category\/scalable-systems\/databases\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1829,"url":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/2017\/03\/01\/game-project-build-system\/","url_meta":{"origin":2519,"position":5},"title":"Choosing the correct build system for your game project","author":"Marvin Pohl","date":"1. March 2017","format":false,"excerpt":"In this blog entry we take a look at Travis CI, Jenkins, Gitlab CI and Buildbot and evaluate their benefits and downsides when trying to build a content heavy project with it (e.g. games). Requirements To identify our requirements we first take a look at our typical project structure and\u2026","rel":"","context":"In "DevOps"","block_context":{"text":"DevOps","link":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/category\/scalable-systems\/devops\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2023\/08\/logo.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2023\/08\/logo.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blog.mi.hdm-stuttgart.de\/wp-content\/uploads\/2023\/08\/logo.png?resize=525%2C300&ssl=1 1.5x"},"classes":[]}],"jetpack_sharing_enabled":true,"authors":[{"term_id":694,"user_id":4,"is_guest":0,"slug":"pk070","display_name":"Patrick Kleindienst","avatar_url":"https:\/\/secure.gravatar.com\/avatar\/d0135b87f4c61a26c5a66f7a2ed6c5c65e24a27662ff67c06a36af82b702336f?s=96&d=mm&r=g","0":null,"1":"","2":"","3":"","4":"","5":"","6":"","7":"","8":""}],"_links":{"self":[{"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/posts\/2519","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/comments?post=2519"}],"version-history":[{"count":19,"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/posts\/2519\/revisions"}],"predecessor-version":[{"id":24720,"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/posts\/2519\/revisions\/24720"}],"wp:attachment":[{"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/media?parent=2519"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/categories?post=2519"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/tags?post=2519"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/blog.mi.hdm-stuttgart.de\/index.php\/wp-json\/wp\/v2\/ppma_author?post=2519"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}