1

I set up an openVPN server and it is functional from android devices and linux desktops. However I have a client that is able to connect using the my.ovpn I provided from an android device but when he tries to use the mywindows.ovpn from a Windows10 system he gets the following error.

Options error: --up script fails with
'/etc/openvpn/update-resolv-conf': No such process (errno=3)
Options error: Please correct this error.
Use --help for more information

The only difference between the my.ovpn file and the mywindows.ovpn file are that the lines 

user nobody
group nogroup

are uncommented in my.ovpn while they are commented in the mywindows.ovpn like so:

#user nobody
#group nogroup

Is there any other change that I am forgetting to implement in the *.ovpn files or do I have to set up extra configurations on the server side.

UPDATE

Here is a copy of contents in mywindows.ovpn

client

;dev tap
dev tun

;dev-node MyTap

;proto tcp
proto udp

remote myserver.com 1194
;remote my-server-2 1194

;remote-random

resolv-retry infinite

nobind

#user nobody
#group nogroup

persist-key
persist-tun

;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]

;mute-replay-warnings

#ca ca.crt
#cert client.crt
#key client.key

remote-cert-tls server

;tls-auth ta.key 1

cipher AES-128-CBC
auth SHA256

key-direction 1

comp-lzo

verb 3

;mute 20

# script-security 2
# up /etc/openvpn/update-resolv-conf
# down /etc/openvpn/update-resolv-conf

<ca>
-----BEGIN CERTIFICATE-----
xxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END CERTIFICATE-----
</ca>
<cert>
...
-----BEGIN CERTIFICATE-----
xxxxxxxxxxxxxxxxxxxxxxxxx
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
xxxxxxxxxxxxxxxxxxxxxxxxx
-----END PRIVATE KEY-----
</key>
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END OpenVPN Static key V1-----
</tls-auth>
natral
  • 61
  • 2
  • 8
  • 1
    if the Windows client config has a line referencing `/etc/openvpn/update-resolv-conf'` that will need to be removed. There is no file like that on Windows. – Zoredache Oct 02 '18 at 16:20
  • @Zoredache I checked and there are 2 lines but they are commented out `# up /etc/openvpn/update-resolv-conf` and `# down /etc/openvpn/update-resolv-conf` – natral Oct 02 '18 at 16:25
  • Can you post the contents of `mywindows.ovpn`? Make sure to obfuscate any hostnames and/or ip addresses. – sippybear Oct 02 '18 at 18:41
  • @sippybear updated my question to include contents of `mywindows.ovpn` – natral Oct 02 '18 at 19:44

1 Answers1

0

Try this:

client
dev tun
proto udp

remote myserver.com 1194
;remote my-server-2 1194

resolv-retry infinite
nobind

persist-key
persist-tun

ca [inline]
cert [inline]
key [inline]
tls-auth [inline] 1
remote-cert-tls server
cipher AES-128-CBC
auth SHA256
comp-lzo

verb 3

<ca>
-----BEGIN CERTIFICATE-----
xxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
...
xxxxxxxxxxxxxxxxxxxxxxxxx
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
xxxxxxxxxxxxxxxxxxxxxxxxx
-----END PRIVATE KEY-----
</key>
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END OpenVPN Static key V1-----
</tls-auth>

Mostly just cleaned out the extraneous settings and explicitly state that the certificates are inline. Also, make sure your user isn't trying to use the Android config with the Windows client (move it if it's in the same folder just for sanity's sake).

sippybear
  • 2,997
  • 1
  • 12
  • 12