Topic: openvpn on 6.01

[jamesli]

Still not working, same situation as above. As you can see, my network setup is the same as the How-to's default. I had keep my setting as the same as the How-to. Any ideas?

[rmarshall]

jamesli, you don't say what router your using. I also do this with a server only sme and a linksys router. I had to go into the router setup and configure a static route of the ip address my vpn was using and point it back at my server as the gateway. ex. destination ip 192.168.100.0 nm 255.255.255.0 default gateway (your sme server ip).

[jamesli]

Interesting point. I am using a Netgear router, it give me some on and off PPTP problems which is the reason I try to use OpenVPN as an alternative. I had a linksys router in my toolbox as well. If you can tell me how to setup the static route in the linksys, maybe I will try the linksys to see if it makes any difference.

[rmarshall]

My linksys befsr11 has a static route tab under the advanced tab. The info I listed in my previous post goes in just as I listed it execpt for the interface which I have as lan. That's about it except you must also forward the udp or tcp openvpn port through your router to your server, see the forwarding tab.

[jamesli]

You are right on, rmarshall. Now my Netgear and Linksys are both working with OpenVPN. Thanks so much for your help. Even though I don't quiet understand the logic behind this, but I am a happy man now.  

[thedude]

just curious, but what kind of speed can I expect out of a vpn? I've setup hardware vpn's before (ipsec) and the speed wasn't all that quick.

I have this setup and working (routed). The server is on a t1, and clients will connect via dsl, wireless, and dialup. Right now I'm connected to the box via dialup and it's pretty slow.

Is this what I can expect?

Just wondering because I will have to answer the client's questions

[p-jones]

I have followed the howto right down to dotted i's and crossed t's (so I believe) TWICE and each time when I start the openvpn service I get the following
message:
 
Starting openvpn: Enter Auth Username:
sh: ./openvpn.up: /bin/sh: bad interpreter: Permission denied
                                                           [ FAILED ]

Any suggestions as to were I have gone wrong would be appreciated.
Peter

[Knuddi]

Please try the chmod *.pl and *.sh with 755 rather than 700

# chmod 755 *.pl
# chmod 755 *.sh

[p-jones]

Sorry - Didnt help
[root@server1 openvpn]# chmod 755 *.pl
[root@server1 openvpn]# chmod 755 *.sh
[root@server1 openvpn]# service openvpn start
Starting openvpn: Enter Auth Username:
SIOCDELRT: No such process
SIOCADDRT: File exists
                                                           [ FAILED ]

[Knuddi]

This looks as if the server.conf file is different than what I has indicated in the howto?

Could it be that you have swapped content of the client and server config file?

[p-jones]

Attached is my server.conf. It does contain my proper domain name. My SME Server IP (internal) is 192.168.1.10.

I have opened 1194-UDP.

My external NIC has my public IP obtained via Half-Bridging my DSL Router (DHCP Spoofed)

Have added another network 192.168.100.0 as per your example

Have done both CHMOD's s suggested.

/var/log/openvpn contains no entries. likewise openvpn-status.log

Have checked everything MANY times now !

Am using Tony Keanes enhanced SME distro

-----------------------------------------
port 1194
dev tap

tls-server

dh dh1024.pem
ca ca.crt
cert server.crt
key server.key

auth-user-pass-verify ./validate.sh via-env
client-disconnect ./logoff.sh

up ./openvpn.up

mode server
duplicate-cn
ifconfig 192.168.100.1 255.255.255.0

ifconfig-pool 192.168.100.100 192.168.100.200 255.255.255.0 # IP range for openvpn client

mtu-test
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
ping 10
ping-restart 120

push "ping 10"
push "ping-restart 60"

push "dhcp-option DOMAIN my.domain.com"             # push the DNS domain suffix
push "dhcp-option DNS 192.168.1.10"                   # push DNS entries to openvpn client
push "route 192.168.1.0 255.255.255.0 192.168.100.1" # add route to to protected network

comp-lzo
status-version 2
status openvpn-status.log
verb 3

[p-jones]

I will also take this opportunity to thank you enormously for your other works as well. They have been enormously useful. Your efforts are very much appreciated.

Best Rgds
Peter

[Knuddi]

Peter,

Try to comment out the following lines to start the elimination work

auth-user-pass-verify ./validate.sh via-env
client-disconnect ./logoff.sh
up ./openvpn.up

From you post it seems as the first line is the problem. Which version of OpenVPN do you use?

[p-jones]

Same result.  2.0_rc6

[p-jones]

Success:

Well I am a real dipstick....On reading through the openvpn script in init.d I found this

# The init script does the following:
#
# - Starts an openvpn process for each .conf file it finds in
#   /etc/openvpn.

On looking through the files in /etc/openvpn I had also copied the client.conf accross. I WAS VAGUELY AWARE OF THIS, I just thought it to be a redundant file that could be cleaned up at the end.

On removing this file, and restarting the server, it all burst into life.

Thanks for the help. Hope my dipstick actions have at least added one more line to the knowledge base....

Rgds
Peter