It seems that the OpenVPN Client on windows does not support TLS-Auth with a separate key file. So instead, you can paste your key contents in your openvpn client’s config file and use some thing like the following (inline ta.key):
client dev tun proto udp # enter the server's hostname # or IP address here, and port number remote server_ip port_number resolv-retry infinite nobind persist-key persist-tun # Use the full filepaths to your # certificates and keys ca "C:\\yabroad.tblk\\ca.crt" cert "C:\\yabroad.tblk\\client.crt" key "C:\\yabroad.tblk\\client.key" key-direction 1 <tls-auth> # # 2048 bit OpenVPN static key # -----BEGIN OpenVPN Static key V1----- xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx -----END OpenVPN Static key V1----- </tls-auth> ns-cert-type server comp-lzo verb 1
When not using the above but using something like:
tls-auth ta.key 1 # which works for tunnelblick
The server log shows something like:
Thu Apr 18 20:55:26 2013 TLS Error: incoming packet authentication failed from [AF_INET] IP_ADDRESS:60454 Thu Apr 18 20:55:57 2013 Authenticate/Decrypt packet error: packet HMAC authentication failed20 Comments