Closed andreiglingeanu closed 6 years ago
Hi,
On Tue, Mar 13, 2018 at 12:01:01AM +0000, Andrei Glingeanu wrote:
For some kind of a reason, the Python script gets back with an error about wrong arguments:
/usr/bin/openvpn2: error: unrecognized arguments: --resolv-retry infinite --tun-mtu-extra 32 --tls-client
openvpn 3 does not understand all possible options that openvpn 2.x has -> go to your config file, and remove those named arguments.
--tls-client needs to be just "--client"
gert -- now what should I write here...
Gert Doering - Munich, Germany gert@greenie.muc.de
First of all, this should have been filed against the openvpn3-linux project. The openvpn2 wrapper is specific to the OpenVPN3 Linux client. This openvpn3 project is just the OpenVPN 3 Core Library.
That said, @cron2 is right. OpenVPN 3 doesn't support all options openvpn2 support, hence the error you get. But it doesn't mean some options shouldn't be just silently ignored. The openvpn2 wrapper ignores options which doesn't make a real difference on the connection. Options which are required to be set on both sides (like --fragment
) cannot be used, the VPN connection will most likely not be functional at all.
In this case, I have a feeling --tun-mtu-extra
can be ignored. --resolv-retry
might be supported in the Core Library (need to double check), but it defaults to the infinite
by default in both OpenVPN 2 and OpenVPN 3, so in your case it's safe to ignore it too.
Now the tls-client
option should just be ignored. OpenVPN 3 requires this type of client, so this should be the default behaviour. I'll improve that.
Thank you very much for helping! This indeed helped, I'll adjust my configuration file to make it compatible with OpenVPN 3.
Is there anything I can further do in order to help? I feel like my problem already has a solution.
If you're up to provide patches, that is the quickest way to see results :slightly_smiling_face: ... But please send them to openvpn-devel@lists.sourceforge.net for review, even though if it is a non-critical and not somehow security sensitive, I'm not too strict about it currently. The project is still fairly fresh, and I want things to move forward reasonably quick.
Most of the Python stuff falls into the "non-critical" part, unless you touch anything related to key/certificate handling, the PKCS#11 stuff, username/password handling etc. Option parsing is a grey area though, so if you want to be safe - mailing list is always the safest bet. But I can review patches coming via GitHub before they're sent to the mailing list though.
Since this issue isn't strictly OpenVPN 3 Core related, but openvpn3-linux, I'll close this ticket now. We can pick up the discussion there again whenever needed.
Thanks for a very thorough clarification, very much appreciated! I can probably come up back with a possible patch for that once get more into it & gain a deeper understanding, thanks again.
Hello,
I'm trying to start a tunnel via the
openvpn2
wrapper script to a OpenVPN 2 to server. The command I'm running is that one (it works with the classicopenvpn
binary):For some kind of a reason, the Python script gets back with an error about wrong arguments:
I've tried to dissect the Python script in order to find the source of the problem but I didn't found anything mentioning such args there.
Any help is highly appreciated, thanks!