I'm trying to get openvpn working on DD-WRT router.
I can make a connection inside my lan, but outside the connection is yellow. I think yellow means it is close to making a connection, but it never completes the connection. So I believe there is a problem with my iptables since it works inside my lan.
My openvpn server conf looks like this:
Code:
dev tun
ifconfig 10.1.0.1 10.1.0.2
script-security 2
up ./openvpn.up
push "route 192.168.10.0 255.255.255.0"
secret static.key
comp-lzo
persist-tun
persist-key
verb 3
log-append /opt/var/log/openvpn/openvpn.log
My client conf:
Code:
remote x.x.x.x
dev tun
ifconfig 10.1.0.2 10.1.0.1
script-security 2
comp-lzo
secret static.key
Fri Aug 15 12:34:03 2014 OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2] [PKCS11] built on Dec 15 2011
Fri Aug 15 12:34:03 2014 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Fri Aug 15 12:34:03 2014 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Fri Aug 15 12:34:03 2014 LZO compression initialized
Fri Aug 15 12:34:03 2014 TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{784EE124-9618-4E92-9B06-169556C07A08}.tap
Fri Aug 15 12:34:03 2014 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.1.0.2/255.255.255.252 on interface {784EE124-9618-4E92-9B06-169556C07A08} [DHCP-serv: 10.1.0.1, lease-time: 31536000]
Fri Aug 15 12:34:03 2014 UDPv4 link local (bound): [undef]:1194
Fri Aug 15 12:34:03 2014 UDPv4 link remote: x.x.x.x:1194
Do you guys see any issues? I know the static key method is not very secure but I just wanted to get something easy and quick working, before I make it more secure.
Here is my server log, doesn't seem to create any new entries when I attempt to connect.
Code:
Fri Aug 15 12:46:57 2014 OpenVPN 2.2.0 mipsel-linux [SSL] [LZO2] [EPOLL] [eurephia] built on Feb 16 2012
2 Fri Aug 15 12:46:57 2014 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVP N 2.0-beta16 and earlier used 5000 as the default port.
3 Fri Aug 15 12:46:57 2014 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
4 Fri Aug 15 12:46:57 2014 Static Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
5 Fri Aug 15 12:46:57 2014 Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
6 Fri Aug 15 12:46:57 2014 Static Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
7 Fri Aug 15 12:46:57 2014 Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
8 Fri Aug 15 12:46:57 2014 LZO compression initialized
9 Fri Aug 15 12:46:57 2014 Socket Buffers: R=[114688->131072] S=[114688->131072]
10 Fri Aug 15 12:46:57 2014 TUN/TAP device tun0 opened
11 Fri Aug 15 12:46:57 2014 TUN/TAP TX queue length set to 100
12 Fri Aug 15 12:46:57 2014 /sbin/ifconfig tun0 10.1.0.1 pointopoint 10.1.0.2 mtu 1500
13 Fri Aug 15 12:46:57 2014 ./openvpn.up tun0 1500 1545 10.1.0.1 10.1.0.2 init
14 Fri Aug 15 12:46:57 2014 Data Channel MTU parms [ L:1545 D:1450 EF:45 EB:135 ET:0 EL:0 AF:3/1 ]
15 Fri Aug 15 12:46:57 2014 Local Options hash (VER=V4): '2b90ef6a'
16 Fri Aug 15 12:46:57 2014 Expected Remote Options hash (VER=V4): 'cc1583e3'
17 Fri Aug 15 12:46:57 2014 UDPv4 link local (bound): [undef]:1194
18 Fri Aug 15 12:46:57 2014 UDPv4 link remote: [undef]
good day good people
hi
first to tell that firewall and vpn is working as expected, but I notice something strange.
I have host system 11.11.11.11(local ip) firewall is blocking everything except port to vpn.
I have vpn on virtualized system 22.22.22.22 (CentOS both host and virtual). ... (0 Replies)
Hi.
I am attempting to set up an OpenVPN server on my Solaris 11 box by following all the Linux guides. Thus far I have a working VPN that I can connect to and ssh onto my VPN server over which is great but not what I require long term.
I would like to route all VPN client requests for addresses... (0 Replies)
Hi,
I have looked at different tutorials across the net on how to install a OpenVPN in Linux CentOS but I can't understand any of the instructions given.
So I typed myself some step-by-step instructions that I do understand. This is the type of simplified instructions I do... (1 Reply)
Hello gurus ,
I have a vmware machine on xp wich holds a FREBSD 8.0 BETA2 i386
my xp ip is 192.168.0.12
my freebsd le0 ( ext iface, vmware bridged ) is 192.168.0.105 ( can ping google; etc...)
my freebsd le2 (int iface, vmware local only) is 192.168.141.5
my freebsd le1 is disabled as... (0 Replies)
Hi all!
We have a setup of three computers;
Machine A (eth0) -> Machine B (eth0, hso0, tun0) -> Machine C (eth0, tun0)
hso0 is the packet interface of a 3G modem, it behaves like a normal network interface.
Machine B and C are connected in a VPN using openVPN (TCP). Machine A is a... (2 Replies)
I've got a openvpn server and I'm searching a way to permit that a certain certificate is operative only if the connection comes from from a certain ip. Others certificates must have not this limitation because they are for road warriors and we don't know where they can come from.
So the idea is... (0 Replies)
--ns-cert-type client|server
Require that peer certificate was signed with an explicit nsCertType designation of "client" or "server".
This is a useful security option for clients, to ensure that the host they connect with is a designated server.
See the easy-rsa/build-key-server script for... (0 Replies)