Login or Register to Ask a Question and Join Our Community


IP Networking

OPENVPN on FREEBSD

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums IP Networking OPENVPN on FREEBSD
# 1  
Old 11-06-2009
OPENVPN on FREEBSD
Hello gurus ,

I have a vmware machine on xp wich holds a FREBSD 8.0 BETA2 i386

my xp ip is 192.168.0.12
my freebsd le0 ( ext iface, vmware bridged ) is 192.168.0.105 ( can ping google; etc...)
my freebsd le2 (int iface, vmware local only) is 192.168.141.5
my freebsd le1 is disabled as i wanted to ;

on the external lan we have another ( real machine ) freebsd 7.2-RELEASE i386

I have installed on both bds`s openvpn "openvpn-2.0.6_9"

I want to put the vpn server on the virtual bsd ( 0.105) and the client on the real bsd ( 0.2)
They are installed ( the packages) and i have already configured openvpn.conf 4 each machine , one to be server(..0.105) and the other to be the client (..0.2),
I can start the server (/usr/local/etc/rc.d/openvpn start )
ps ax | grep vpn - gives me :
1116 ?? Ss 0:00.54 /usr/local/sbin/openvpn --cd /usr/local/etc/openvpn --daemon openvpn --config /usr/local/etc/openvpn/openvpn.conf --writepid /var/

and the openvpn.conf on the server has the uncommented lines :
Code:
port 1194
proto tcp
;proto udp  - i put it so u dont ask about it 
[SIZE=2]
;dev tap - same 
dev tun
[SIZE=2]ca "/var/openvpn/keys/ca.crt"
cert "/var/openvpn/keys/server.crt"
key "/var/openvpn/keys/server.key" # This file should be kept secret
[SIZE=2]dh "/var/openvpn/keys/dh1024.pem"
[SIZE=2]server 192.168.7.0 255.255.255.0
[SIZE=2]ifconfig-pool-persist ipp.txt
[SIZE=2]client-to-client
[SIZE=2]keepalive 10 120
[SIZE=2]comp-lzo
[SIZE=2]persist-key
persist-tun
[SIZE=2]status openvpn-status.log
[SIZE=2]verb 3

and the ifconfig gives me :
Code:
[SIZE=2]
[SIZE=2]le0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8<VLAN_MTU>
        ether 00:0c:29:4a:4f:fa
        inet 192.168.0.105 netmask 0xffffff00 broadcast 192.168.0.255
        media: Ethernet autoselect
        status: active
le1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8<VLAN_MTU>
        ether 00:0c:29:4a:4f:04
        media: Ethernet autoselect
le2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8<VLAN_MTU>
        ether 00:0c:29:4a:4f:0e
        inet 192.168.141.5 netmask 0xffffff00 broadcast 192.168.141.255
        media: Ethernet autoselect
        status: active
plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=3<RXCSUM,TXCSUM>
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
        inet6 ::1 prefixlen 128
        inet 127.0.0.1 netmask 0xff000000
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
        inet 192.168.7.1 --> 192.168.7.2 netmask 0xffffffff
        Opened by PID 1102

and the client hat the following uncommented openvpn.conf lines :
Code:
client
;dev tap
dev tun
proto tcp
;proto udp
remote 192.168.0.105 1194
nobind
user nobody
group nobody
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
comp-lzo
verb 3

I must tell you that i copied directly the files generated (ca.crt, cert.crt and client.key ) from the server

For any doubts if "telnet 192.168.0.105 1194" from the client (0.2) i get :
[SIZE=2]
Code:
[SIZE=2]
Trying 192.168.0.105...
Connected to 192.168.0.105.
Escape character is '^]'.
@:úâãòK@:úâãòK


meaning i am connected to the soket Smilie

Ok now . When i try from 192.168.0.2 ( client ) to :
# /usr/local/etc/rc.d/openvpn start
Starting openvpn.

Nothing happends and if i try again , nothing , i belive it is something with the authentification as the server listens but you are the gurus
Last edited by pludi; 11-06-2009 at 01:42 PM.. Reason: Removed profanity
Login or Register to Ask a Question

Previous Thread | Next Thread

8 More Discussions You Might Find Interesting

1. Cybersecurity

Openvpn nat and iptables

good day good people hi first to tell that firewall and vpn is working as expected, but I notice something strange. I have host system 11.11.11.11(local ip) firewall is blocking everything except port to vpn. I have vpn on virtualized system 22.22.22.22 (CentOS both host and virtual). ... (0 Replies)
Discussion started by: end
0 Replies

2. Solaris

OpenVPN and NAT

Hi. I am attempting to set up an OpenVPN server on my Solaris 11 box by following all the Linux guides. Thus far I have a working VPN that I can connect to and ssh onto my VPN server over which is great but not what I require long term. I would like to route all VPN client requests for addresses... (0 Replies)
Discussion started by: nickb1976
0 Replies

3. UNIX for Dummies Questions & Answers

iptables for openvpn

Hey all, I'm trying to get openvpn working on DD-WRT router. I can make a connection inside my lan, but outside the connection is yellow. I think yellow means it is close to making a connection, but it never completes the connection. So I believe there is a problem with my iptables since it... (0 Replies)
Discussion started by: sdnix
0 Replies

4. UNIX for Dummies Questions & Answers

How do I install a OpenVPN in CentOS?

Hi, I have looked at different tutorials across the net on how to install a OpenVPN in Linux CentOS but I can't understand any of the instructions given. So I typed myself some step-by-step instructions that I do understand. This is the type of simplified instructions I do... (1 Reply)
Discussion started by: TheCorporation
1 Replies

5. Programming

Application crashes in FreeBSD 7.1 while working ok in FreeBSD 6.3

Hello there, My mulithreaded application (which is too large to represent the source code here) is crashing after installing FreeBSD 7.1-RELEASE/amd64. It worked properly on others machines (Dual Cores with 4GB of RAM - FreeBSD 6.2-RELEASE/i386). The current machine has 2x Core 2 Duo... (1 Reply)
Discussion started by: Seenquev
1 Replies

6. Shell Programming and Scripting

Help with a bash script for openvpn

I've got a openvpn server and I'm searching a way to permit that a certain certificate is operative only if the connection comes from from a certain ip. Others certificates must have not this limitation because they are for road warriors and we don't know where they can come from. So the idea is... (0 Replies)
Discussion started by: eXadecimal
0 Replies

7. UNIX for Advanced & Expert Users

OpenVPN 2.09 ns-cert-type ???

--ns-cert-type client|server Require that peer certificate was signed with an explicit nsCertType designation of "client" or "server". This is a useful security option for clients, to ensure that the host they connect with is a designated server. See the easy-rsa/build-key-server script for... (0 Replies)
Discussion started by: kungpow
0 Replies

8. Cybersecurity

RV082 with OpenVPN and/or isakmpd

Has anyone gotten either isakmpd or OpenVPN working with a Linksys RV082? Would you be willing to share a conf file? Thanks! (0 Replies)
Discussion started by: vertigo23
0 Replies
Login or Register to Ask a Question