1. #1
    Stijneman's Avatar
    Registered
    28/07/02
    Location
    Sint-Pieters-Leeuw
    Posts
    2,368
    iTrader
    1 (100%)
    Mentioned
    0 Post(s)
    Reputation
    5/5

    VPN root certificate

    Hello,

    Ik probeer gebruik te maken van de VPN van m'n school, hier kreeg ik een ca.crt certificate bij, dat ik toegevoegd heb bij de x.509 Anchors in Keychain Acces. Ik heb het certificaat gevalideerd en krijg nu int groen "this certificate is valid".
    Als ik dan bij Internet connect een L2TP connectie start en alles typ, klik ik bij Machine authentification op "Certificate" en hier krijg ik dan de volgende 'error'

    Code:
    No machine certificates found
    
    Certificate authentication cannot be used because your keychain does not contain any suitable certificates. Use Keychain Access to import the appropriate certificates into your keychain. If you do not have the certificates required for authentication, contact your network administrator.
    Hoe zeg ik aan internet connect wat hij moet gebruiken ? ik kan m'n certificate niet gebruiken ? het is nochtans een geldig certificaat...

    Iemand raad?
    Outdated signature
    no votes  

  2. #2

    Registered
    20/10/02
    Location
    blankenberge
    Posts
    1,137
    iTrader
    5 (100%)
    Mentioned
    0 Post(s)
    Reputation
    0/0
    met de ingebouwde vpn client van mac os x lukte het mij ook niet.

    http://helpdesk.ugent.be/vpn/macosX.php

    via deze weg wel
    EIGHT: (L) u mobman
    Het gras is altijd groener aan de overkant, want daar hebben ze kunstgras!
    no votes  

  3. #3
    Stijneman's Avatar
    Registered
    28/07/02
    Location
    Sint-Pieters-Leeuw
    Posts
    2,368
    iTrader
    1 (100%)
    Mentioned
    0 Post(s)
    Reputation
    5/5
    Quote Originally Posted by mobman View Post
    This quote is hidden because you are ignoring this member. Show
    met de ingebouwde vpn client van mac os x lukte het mij ook niet.

    http://helpdesk.ugent.be/vpn/macosX.php

    via deze weg wel
    Onze server gebruikt niet PPTP laat L2TP en als ik die error niet zou krijgen bij machine certificate zou het werken...
    Outdated signature
    no votes  

  4. #4
    dJeez's Avatar
    Registered
    17/07/02
    Location
    Sol System
    Posts
    10,064
    iTrader
    1 (100%)
    Mentioned
    0 Post(s)
    Reputation
    1/78
    Ik heb er wel geen ervaring mee (met PPTP wel), maar misschien kan je het volgende doen (op het einde van het document) :
    http://www.securepoint.de/dokumente/...r-MacOSX-e.pdf
    PSN: dJeezBE - Delicious bookmarks
    Disclaimer: I am currently suffering from severe CSD (Compulsive Sarcasm Disorder). - L'onion fait la farce - Facile largire de alieno
    Pastafarian by choice
    no votes  

  5. #5
    tinbie's Avatar
    Registered
    16/12/04
    Location
    Patershol
    Posts
    7,542
    iTrader
    217 (95%)
    Mentioned
    2 Post(s)
    Reputation
    0/5
    ik heb anders nog een vpn client van cisco (dat is toch wat ze ons op school wijsmaken) voor mac, als ge die wilt.. pm me maar
    no votes  

  6. #6
    Stijneman's Avatar
    Registered
    28/07/02
    Location
    Sint-Pieters-Leeuw
    Posts
    2,368
    iTrader
    1 (100%)
    Mentioned
    0 Post(s)
    Reputation
    5/5
    Quote Originally Posted by dJeez View Post
    This quote is hidden because you are ignoring this member. Show
    Ik heb er wel geen ervaring mee (met PPTP wel), maar misschien kan je het volgende doen (op het einde van het document) :
    http://www.securepoint.de/dokumente/...r-MacOSX-e.pdf
    Die had ik al geprobeerd en ik kreeg nog altijd die machine error
    Outdated signature
    no votes  

  7. #7
    Therif's Avatar
    Registered
    13/01/06
    Location
    Vilvoorde
    Posts
    2,020
    iTrader
    8 (100%)
    Mentioned
    0 Post(s)
    Reputation
    0/0
    - TunnelBlick Downloaden
    - Start Tunnelblick niet op
    - maak een map aan in ~/Library/openvpn en steek daar de files in dat je hebt gekregen ("ca.crt", "client.down", "client.ovpn", "client.up")
    - Start Tunnelblick op
    Boven rechts komt er een icoontje(naast spotlight).
    klik en druk op Details...
    Dan Edit Configuration
    kopieer dit erin
    Code:
    ##############################################
    # Sample client-side OpenVPN 2.0 config file #
    # for connecting to multi-client server.     #
    #                                            #
    # This configuration can be used by multiple #
    # clients, however each client should have   #
    # its own cert and key files.                #
    #                                            #
    # On Windows, you might want to rename this  #
    # file so it has a .ovpn extension           #
    ##############################################
    
    # Specify that we are a client and that we
    # will be pulling certain config file directives
    # from the server.
    client
    
    # Use the same setting as you are using on
    # the server.
    # On most systems, the VPN will not function
    # unless you partially or fully disable
    # the firewall for the TUN/TAP interface.
    ;dev tap
    dev tun
    
    # Windows needs the TAP-Win32 adapter name
    # from the Network Connections panel
    # if you have more than one.  On XP SP2,
    # you may need to disable the firewall
    # for the TAP adapter.
    ;dev-node MyTap
    
    # Are we connecting to a TCP or
    # UDP server?  Use the same setting as
    # on the server.
    ;proto tcp
    proto udp
    
    # The hostname/IP and port of the server.
    # You can have multiple remote entries
    # to load balance between the servers.
    remote iwt2.ehb.be 1194
    ;remote my-server-2 1194
    
    # Choose a random host from the remote
    # list for load-balancing.  Otherwise
    # try hosts in the order specified.
    ;remote-random
    
    # Keep trying indefinitely to resolve the
    # host name of the OpenVPN server.  Very useful
    # on machines which are not permanently connected
    # to the internet such as laptops.
    resolv-retry infinite
    
    # Most clients don't need to bind to
    # a specific local port number.
    nobind
    
    # Downgrade privileges after initialization (non-Windows only)
    ;user nobody
    ;group nobody
    
    # Try to preserve some state across restarts.
    persist-key
    persist-tun
    
    # If you are connecting through an
    # HTTP proxy to reach the actual OpenVPN
    # server, put the proxy server/IP and
    # port number here.  See the man page
    # if your proxy server requires
    # authentication.
    ;http-proxy-retry # retry on connection failures
    ;http-proxy [proxy server] [proxy port #]
    
    # Wireless networks often produce a lot
    # of duplicate packets.  Set this flag
    # to silence duplicate packet warnings.
    ;mute-replay-warnings
    
    # SSL/TLS parms.
    # See the server config file for more
    # description.  It's best to use
    # a separate .crt/.key file pair
    # for each client.  A single ca
    # file can be used for all clients.
    #<USERNAME> VERANDEREN MET JE SHORTNAME
    ca "/Users/<username>/Library/openvpn/ca.crt"
    
    # Verify server certificate by checking
    # that the certicate has the nsCertType
    # field set to "server".  This is an
    # important precaution to protect against
    # a potential attack discussed here:
    #  http://openvpn.net/howto.html#mitm
    #
    # To use this feature, you will need to generate
    # your server certificates with the nsCertType
    # field set to "server".  The build-key-server
    # script in the easy-rsa folder will do this.
    ;ns-cert-type server
    
    # If a tls-auth key is used on the server
    # then every client must also have the key.
    ;tls-auth ta.key 1
    
    # Select a cryptographic cipher.
    # If the cipher option is used on the server
    # then you must also specify it here.
    ;cipher x
    
    # Enable compression on the VPN link.
    # Don't enable this unless it is also
    # enabled in the server config file.
    comp-lzo
    
    # Set log file verbosity.
    verb 3
    
    # Silence repeating messages
    ;mute 20
    auth-user-pass
    ns-cert-type server
    Connect
    om te verbinden op uw profiel
    klik op finder=> apple+K
    smb://192.168.123.248/homes (best op + klikken dat em bij uw favoriete blijft
    Last edited by Therif; 29-09-2007 at 22:41.
    And that's why you always leave a note!
    LoL Summoner's name: Rifton
    no votes  

  8. #8
    Stijneman's Avatar
    Registered
    28/07/02
    Location
    Sint-Pieters-Leeuw
    Posts
    2,368
    iTrader
    1 (100%)
    Mentioned
    0 Post(s)
    Reputation
    5/5
    thx moest wel "therif" veranderen in mijn accountname
    Outdated signature
    no votes  

  9. #9
    shiftyke's Avatar
    Registered
    11/09/03
    Location
    Rupelmonde
    Posts
    21,113
    iTrader
    0
    Mentioned
    0 Post(s)
    Reputation
    3/227
    Welke school zit je, kheb hetzelfde probleem.?
    LASTfm ~ Discogs TURN IT UP! A little louder
    no votes  

  10. #10
    tinbie's Avatar
    Registered
    16/12/04
    Location
    Patershol
    Posts
    7,542
    iTrader
    217 (95%)
    Mentioned
    2 Post(s)
    Reputation
    0/5
    hier ook probleem, kan er ook niet op school = pih
    no votes  

  11. #11
    Therif's Avatar
    Registered
    13/01/06
    Location
    Vilvoorde
    Posts
    2,020
    iTrader
    8 (100%)
    Mentioned
    0 Post(s)
    Reputation
    0/0
    dees is specifiek voor Erasmus Hogeschool Brussel IWT departement. Voor uw eigen school moet je echter gaan vragen hoe het werkt bij de ICT dienst sorry had het erbij moeten typen
    And that's why you always leave a note!
    LoL Summoner's name: Rifton
    no votes  

  12. #12
    Stijneman's Avatar
    Registered
    28/07/02
    Location
    Sint-Pieters-Leeuw
    Posts
    2,368
    iTrader
    1 (100%)
    Mentioned
    0 Post(s)
    Reputation
    5/5
    voor een eigen school zal je een andere configuratie hebben he ;-)
    Outdated signature
    no votes  

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Log in

Log in