Scenario:
I have a Debian 6 openVPN virtual server and several clients (windows, os x). They all connect fine, however only one client with a certain key/certificate pair can ping the server, all the others fail with no error output in the log.
What I've done:
On the server I created via ./build-key <client-name>
in the easy-rsa tool of openVPN several keys for the clients - all but one do not work when I use them as key/crt in the clients configuration. I cannot see any difference from the working key files to the non-working ones. Some keys were created before that working key was created, some after that.
I used the same above stated command for all keys. I tried with the openssl verify
command and checked the md5 hashsums to find if any of the keys got corrupted while copying to the client but couldn't find any differences. Also the CA and it's name is the same on all clients crt files.
What I need:
Since I couldn't find any related questions, can anyone help me in narrowing down the error? I thoought about creating new keys for new clients, which I already did, but with no success, or else I wouldn't ask here :) Are there any methods I don't know yet how I can check for irregularities in the client key files?
Any help is appreciated! Thanks a lot
(sorry if my english sounds slightly weird, it isn't my first language)
Please see this earlier question from me about the setup: openvpn: connection established, can't ping server tun interface (debian server, windows & os x clients)