Can't connect to OpenVPN since upgrade to 1.10.4-1
Hi
I hope it's ok to post this here, since I didn't find any info about the following problem.
I just performed an Arch Linux system upgrade after which my work VPN connection stopped working, but it still works for my colleagues, so it is unlikely to be a server issue. The only OpenVPN related package that was upgraded was networkmanager-openvpn from 1.10.2-3 to 1.10.4-1.
This is the error message when trying to connect:
Mai 08 23:24:14 thinkpad nm-openvpn[13491]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mai 08 23:24:14 thinkpad nm-openvpn[13491]: TCP/UDP: Preserving recently used remote address: [AF_INET]***.***.***.***:20083
Mai 08 23:24:14 thinkpad nm-openvpn[13491]: Attempting to establish TCP connection with [AF_INET]***.***.***.***:20083
Mai 08 23:24:14 thinkpad nm-openvpn[13491]: TCP connection established with [AF_INET]***.***.***.***:20083
Mai 08 23:24:14 thinkpad nm-openvpn[13491]: TCPv4_CLIENT link local: (not bound)
Mai 08 23:24:14 thinkpad nm-openvpn[13491]: TCPv4_CLIENT link remote: [AF_INET]***.***.***.***:20083
Mai 08 23:24:15 thinkpad nm-openvpn[13491]: [***.***.***.***] Peer Connection Initiated with [AF_INET]***.***.***.***:20083
Mai 08 23:24:15 thinkpad nm-openvpn[13491]: AUTH: Received control message: AUTH_FAILED,Data channel cipher negotiation failed (no shared cipher)
Mai 08 23:24:15 thinkpad nm-openvpn[13491]: SIGUSR1[soft,auth-failure] received, process restarting
and my OpenVPN configuration looks like this:
client
remote '***.***.***.***' 20083 tcp
cert '/home/paul/.cert/nm-openvpn/work-vpn-cert.pem'
key '/home/paul/.cert/nm-openvpn/work-vpn-key.pem'
ca '/home/paul/.cert/nm-openvpn/work-vpn-ca.pem'
cipher AES-256-CBC
tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
dev tun
proto udp
remote-cert-tls server
tls-auth '/home/paul/.cert/nm-openvpn/work-vpn-tls-auth.pem' 1
route '***.***.***.***' '255.255.255.255' '0.0.0.0'
route '***.***.***.***' '255.255.255.255' '0.0.0.0'
nobind
auth-nocache
script-security 2
persist-key
persist-tun
user nm-openvpn
group nm-openvpn
I would be thankful for any pointer.