I have a vmware machine on xp wich holds a FREBSD 8.0 BETA2 i386
my xp ip is 192.168.0.12
my freebsd le0 ( ext iface, vmware bridged ) is 192.168.0.105 ( can ping google; etc...)
my freebsd le2 (int iface, vmware local only) is 192.168.141.5
my freebsd le1 is disabled as i wanted to ;
on the external lan we have another ( real machine ) freebsd 7.2-RELEASE i386
I have installed on both bds`s openvpn "openvpn-2.0.6_9"
I want to put the vpn server on the virtual bsd ( 0.105) and the client on the real bsd ( 0.2)
They are installed ( the packages) and i have already configured openvpn.conf 4 each machine , one to be server(..0.105) and the other to be the client (..0.2),
I can start the server (/usr/local/etc/rc.d/openvpn start )
ps ax | grep vpn - gives me :
1116 ?? Ss 0:00.54 /usr/local/sbin/openvpn --cd /usr/local/etc/openvpn --daemon openvpn --config /usr/local/etc/openvpn/openvpn.conf --writepid /var/
and the openvpn.conf on the server has the uncommented lines :
Code:
port 1194
proto tcp
;proto udp - i put it so u dont ask about it
[SIZE=2]
;dev tap - same
dev tun
[SIZE=2]ca "/var/openvpn/keys/ca.crt"
cert "/var/openvpn/keys/server.crt"
key "/var/openvpn/keys/server.key" # This file should be kept secret
[SIZE=2]dh "/var/openvpn/keys/dh1024.pem"
[SIZE=2]server 192.168.7.0 255.255.255.0
[SIZE=2]ifconfig-pool-persist ipp.txt
[SIZE=2]client-to-client
[SIZE=2]keepalive 10 120
[SIZE=2]comp-lzo
[SIZE=2]persist-key
persist-tun
[SIZE=2]status openvpn-status.log
[SIZE=2]verb 3
and the ifconfig gives me :
Code:
[SIZE=2]
[SIZE=2]le0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 00:0c:29:4a:4f:fa
inet 192.168.0.105 netmask 0xffffff00 broadcast 192.168.0.255
media: Ethernet autoselect
status: active
le1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 00:0c:29:4a:4f:04
media: Ethernet autoselect
le2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 00:0c:29:4a:4f:0e
inet 192.168.141.5 netmask 0xffffff00 broadcast 192.168.141.255
media: Ethernet autoselect
status: active
plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=3<RXCSUM,TXCSUM>
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
inet6 ::1 prefixlen 128
inet 127.0.0.1 netmask 0xff000000
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
inet 192.168.7.1 --> 192.168.7.2 netmask 0xffffffff
Opened by PID 1102
and the client hat the following uncommented openvpn.conf lines :
Code:
client
;dev tap
dev tun
proto tcp
;proto udp
remote 192.168.0.105 1194
nobind
user nobody
group nobody
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
comp-lzo
verb 3
I must tell you that i copied directly the files generated (ca.crt, cert.crt and client.key ) from the server
For any doubts if "telnet 192.168.0.105 1194" from the client (0.2) i get :
[SIZE=2]
Code:
[SIZE=2]
Trying 192.168.0.105...
Connected to 192.168.0.105.
Escape character is '^]'.
@:úâãòK@:úâãòK
meaning i am connected to the soket
Ok now . When i try from 192.168.0.2 ( client ) to :
# /usr/local/etc/rc.d/openvpn start
Starting openvpn.
Nothing happends and if i try again , nothing , i belive it is something with the authentification as the server listens but you are the gurus
Last edited by pludi; 11-06-2009 at 01:42 PM..
Reason: Removed profanity
good day good people
hi
first to tell that firewall and vpn is working as expected, but I notice something strange.
I have host system 11.11.11.11(local ip) firewall is blocking everything except port to vpn.
I have vpn on virtualized system 22.22.22.22 (CentOS both host and virtual). ... (0 Replies)
Hi.
I am attempting to set up an OpenVPN server on my Solaris 11 box by following all the Linux guides. Thus far I have a working VPN that I can connect to and ssh onto my VPN server over which is great but not what I require long term.
I would like to route all VPN client requests for addresses... (0 Replies)
Hey all,
I'm trying to get openvpn working on DD-WRT router.
I can make a connection inside my lan, but outside the connection is yellow. I think yellow means it is close to making a connection, but it never completes the connection. So I believe there is a problem with my iptables since it... (0 Replies)
Hi,
I have looked at different tutorials across the net on how to install a OpenVPN in Linux CentOS but I can't understand any of the instructions given.
So I typed myself some step-by-step instructions that I do understand. This is the type of simplified instructions I do... (1 Reply)
Hello there,
My mulithreaded application (which is too large to represent the source code here) is crashing after installing FreeBSD 7.1-RELEASE/amd64.
It worked properly on others machines (Dual Cores with 4GB of RAM - FreeBSD 6.2-RELEASE/i386).
The current machine has 2x Core 2 Duo... (1 Reply)
I've got a openvpn server and I'm searching a way to permit that a certain certificate is operative only if the connection comes from from a certain ip. Others certificates must have not this limitation because they are for road warriors and we don't know where they can come from.
So the idea is... (0 Replies)
--ns-cert-type client|server
Require that peer certificate was signed with an explicit nsCertType designation of "client" or "server".
This is a useful security option for clients, to ensure that the host they connect with is a designated server.
See the easy-rsa/build-key-server script for... (0 Replies)