From: Jan J. K. <ja...@ni...> - 2008-09-03 08:20:32
|
Hi Chantal, Chantal Rosmuller wrote: > On Tuesday 02 September 2008 23:18:51 Jan Just Keijser wrote: > >> Chantal Rosmuller wrote: >> >>> I have a problem with a vista vpn client: >>> >>> I Installed openvpn for windows version 2.1_rc9 >>> >>> I copied key and certicates to C:/program Files/Openvpn >>> >>> It can connect to the vpn server but it cannot add a route : >>> >>> windows route add command failed returned error 1 >>> >>> The solution for this is starting openvpn as administrator which I did, >>> but then openvpn didn't find the certificate anymore!!! How is that >>> possible? >>> >>> The computer is in a windows domain, I tried installing the windos >>> openvpn client on my vista laptop which is not in the domain and when I >>> started the gui as administrator it worked. >>> >> this is interesting information... you're not the first person to run >> into this problem on either Vista or 2003... >> your description suggests that the local administrator cannot read files >> owned by a domain user. Can you verify this? can you make sure that the >> config files and keys are accessible to the local administrator (I >> assume here that Vista has a similar features as 2000/XP in Explorer for >> this) ? Can you run a command shell as administrator and then try to >> 'type' the certificate or key file? >> >> > Unfortunately I do not have access to this computer now so I cannot start the > shell, I did however change the permissions of the certificate. Administrator > group already had all permissions and I added the everyone group and gave > them all permissions. > > I forgot to mention that I ran into a similar problem on my laptop that has > vista but is not in a domain. On the laptop the administrator could not find > the vpn config file. I solved it by starteing a text editor as administrator > and create the config file like that. > hmmmm interesting... I don't have Vista (yet) and from what it looks like I 'll try to stay away from it as long as I can ;-) It seems like a permissions problem where the local administrator cannot read files which are written by a local user (domain or not - thanks for pointing out that it is NOT related to domain). Is the OpenVPN GUI application running as administrator? What happens if you start openvpn on the command line (e.g. on your Vista laptop) ? as yourself ? as administrator? Another interesting experiment for your laptop is - create a config file as non-admin user (i.e. copy the working one created as admin over to a local non-admin user) - open a command window as administrator - try starting openvpn from the command line openvpn --config <path-to-non-admin-owned-config-file> - make sure openvpn is set to 'run as administrator' - open a command window as "normal" user - try starting openvpn from the command line again. I am very curious which of these work and which don't ... cheers/groetjes, JJK |