Friday, February 15, 2013

Could not load plugin shared object /usr/lib/openvpn/openvpn-auth-ldap.so

When you start openvpn daemon you will get below error message( If your OpenVPN server integrated with LDAP). It's quite interesting error message.

PLUGIN_INIT: could not load plugin shared object /usr/lib/openvpn/openvpn-auth-ldap.so: /usr/lib/openvpn/openvpn-auth-ldap.so: cannot open shared object file: No such file or directory

I have try to locate openvpn-auth-ldap.so library file from VPN server. It was located in
/usr/lib/openvpn/plugin/lib/openvpn-auth-ldap.so
So simply I have created soft link to place where openvpn daemon checking above library by issuing below command.

  • ln -s /usr/lib/openvpn/plugin/lib/openvpn-auth-ldap.so /usr/lib/openvpn/openvpn-auth-ldap.so

Then start the VPN daemon.  
Posted by at No comments:

Tuesday, February 12, 2013

Open VPN Error TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) TLS Error: TLS handshake failed

If you getting error message continuously you should check below things
  1. Client and Server date/time
  2. Client Virus guard or Firewall
  3. Common name of the CA certificate
  4. Routing entry of the server.conf

Client and server date and time should be corrected and same. Then If your client machine having virus guard then you should disable it and should allowed firewall settings for VPN connection.

If you getting error continuously, either your CA certificate common name have space such as “Technical Division” or incorrect routing pushes to client.
Recreate CA certificate and put common name without space. Then try to connect to VPN server. But if you failed then checked the server configuration file.
There you must push the route which does not include the server IP address.
For ex :

My VPN server IP address 192.168.2.30
If you push below route to client then TLS error will generate
push "route 192.168.2.0 255.255.255.0" This is confusing entry which will generate TLS error.
You must push route without except server IP.
Ex: push "route 192.168.2.0 255.255.255.240"
push "route 192.168.2.33 255.255.255.224"
Like wise you should push route accordingly. But remember not to push route which include server IP address.
This solution has resolved TLS handshake failed for me. Server OS is Cent OS 6.3
Posted by at No comments:
Subscribe to: Posts (Atom)