Fixing common configuration mistakes
When setting up an OpenVPN configuration, there are a few common mistakes that are easily made. These configuration mistakes can be roughly divided up into four categories:
- Certificate (PKI) errors and mismatches
- Option mismatches, such as
tap, ciphers, and compression
- Insufficient privileges to run OpenVPN
- Routing mistakes
In this section, we will go through the first three of these categories. Routing mistakes will be discussed later in this chapter.
Wrong CA certificate in the client configuration
The client configuration file will almost always contain three lines like this:
ca ca.crt cert client.crt key client.key
These certificate and private key files were created in Chapter 3, PKIs and Certificates ...