Questions tagged as ['openvpn']

I'm looking for advice for this special case.

What I want to achieve: my gateway should dial PPPoe, should establish OVPN connection as client to my OVPN server. Internet users from outside should reach my gateway PPPoe interface and be NAT-ed properly to my LAN

I have raspberry as my main GW for internet for my LAN with more computers.

eth0 - LAN

eth1 - Internet

I'm dialing my internet, so I have ...

I am running openvpn-2.5.3-1.2.x86_64 on OpenSUSE Tumbleweed (20211111).

I am currently unable to log into my openvpn server. The initialization and authorization seem to succeed but then I get the following message repeated indefinitely:

2021-11-15 17:23:46 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2021-11-15 17:23:51 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)

In the server log I see basica ...

When I try connecting to my OpenVPN server , the log on OpenVPN software is a bit confusing .

Fri Nov 19 04:16:29 2021 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Nov 19 04:16:29 2021 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Nov 19 04:16:29 2021 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Nov 19 04:16:2 ...

I'm setting up ufw on debian. I have openvpn and pi hole there. I'm trying to make it so that the pi hole panel can only be accessed through a vpn, but I can't. Prescribed the command: ufw deny from 10.8.0.3 to any port 80. It didn't help. Just lost access to the panel. How do I set it up so that everything works fine? This method is described on the Internet. Something doesn't work for me.

Beforehand, I would like to say that I am not experienced in networking and would like to learn more regarding this.

I have two boards that have to send and receive ethernet packets to each other. Let's call them board 1 and board 2. Board 1 is connected to Ubuntu 1 and Board 2 is connected to Ubuntu 2. Both Ubuntu 1 and 2 are connected to a bigger network. The diagram below shows the topology of ...

I create the following setup using docker containers

• Docker host: physical machine that runs the docker containers
  • openvpn: container that runs openvpn and automatically connects to a VPN.
  • nzbget: container running nzbget, webinterface accessible on port <docker-host-ip>:6789

Facts:

• I can access all the containers using the docker host IP.
• The openvpn connection is successfully establis ...

I have an openvpn 2.4 running very well, but a new requirement comes. I need to create iptables rules for diferent client ip segments for giving they access to a few services in our network.

So I decided to follow this document https://openvpn.net/community-resources/configuring-client-specific-rules-and-access-policies/

I think it works, because the client is getting the appropiate ip but once con ...

I have 2 pfsense firewall setup in my office with 2 ISP, the primary firewall is connected to both ISP-1 AND ISP-2 and the secondary firewall that has OpenVPN setup is only connected to ISP-2. now when I try to use the openvpn client that is connected to the secondary firewall I can't able to ping the Primary firewall and other LAN devices that are connected to it. but when I configure the upstream gat ...

Bridging on Linux using TAP devices

Hello, I have got the following schema:

In order to be able to ping the remote hosts, separatehost1 in my case, I bring up bridge device br0 which combine tap0 + eth2 on server and be to bridge local network (192.168.111.0/24) with remote openvpn client(vpn2) but still no luck, could you please suggest what I am doing wrong

I can ping: vpn1 -> vpn2 vpn2 -> ...

i have openvpn server on vps and i have ubuntu client in my home in vps i can ping all local ip on my home ubuntu client ip is 10.8.0.10 and local network is 192.168.88.0 now i want to access local ip over vps ip like i have in home media server on 192.168.88.102:5111 i want to access it on vps ip with any port i chose like (8.9.8.121:5111) how can i do it ? i hope my question is clear

port 1194
pr ...

Trying to setup OpenVPN to connect android devices back to my home network. Currently I'm able to connect to the VPN but can't transfer any data, IE can't ping, can't hit sites etc. Here's my server config file

port 1234
proto udp
dev tap
dev-node tap-bridge
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\server.crt"
key "C:\\Program Files\\OpenVPN\\config\ ...

I am currently doing a test for our OpenVPN setup through Pfsense, we have 2 Pfsense running on the network,

1. For the default gateway of the LAN Network as Main Firewall.
2. For the OpenVPN Clients as a secondary Firewall.

Based on my Test, I successfully Connect the OpenVPN client to the Pfsense however I can't ping the LAN devices except for the OpenVPN Pfsense LAN interface which is 192.168.0.4. ri ...

I have the following use case for my openvpn server on ubuntu(without access server):

I have a router, which acts as my openvpn client. This router has some devices behind it, which need to be accessed by the openvpn server and some which should not be accessible to the openvpn server. The Openvpn server will have many connections from many clients, with possibly the same subnet behind them.

My firs ...

There is linux box being a hotspot for number of devices. It also runs openvpn client which is supposed to be shared with connected hotspot clients. Openvpn receives PUSH_REPLY dhcp-option DNS x.x.x.x and I want the hotspot clients to use DNS obtained by the openvpn client.

I am looking for some reasonable configuration to make this working but I am not sure where the DNS should be updated upon openv ...

here is my problem: I have an OPENvpn server, with some linux user. (raspberry and custom embedded linux OS with openVPN).

client.conf:

client
proto udp
explicit-exit-notify
remote ################
dev tun
resolv-retry infinite
nobind
#persist-key !!!!!!!!!!
#persist-tun !!!!!!!!!!
remote-cert-tls server
verify-x509-name server_XL98c6RoSdvOVX3E name
auth SHA256
auth-nocache
cipher AES-128-GCM
tls ...

I have the following configuration.

VPS with Windows Server 2019 and with public IP. I have OpenVPN server installed on it and TUN adapter with 10.8.0.1 IP Here my OpenVPN server configuration

port 1194
proto tcp
dev tun
ca "C:\\Program Files\\OpenVPN\\easy-rsa\\pki\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\pki\\issued\\server.crt"
key "C:\\Program Files\\OpenVPN\\easy-rsa\\pki\\private\\se ...

There's lots of howtos out there for this, and I've even (successfully!) followed them in the past to get my VPN setup on my Synology but for some reason, since I reset the box and wiped everything (currently running DSM 6.2.4-25556 Update 2) VPN setup just does not work.

What I do

1. Via the web UI, on a freshly installed Synology, go to Control Panel → Network → Network Interface → Create → Crea ...

I have set up an OPNSense instance and installed an OpenVPN server via it. You can see the client configuration below and it works so far. I get a successful connection via the OpenVPN-Client. The problem is that with foreign clients, the internal DNS does not work. Clients that are already in the domain work without problems and also have access to all network drives with the corresponding name from th ...

I'm trying to setup an OpenVPN server to allow tunnelling to a private network (192.168.0.0/16) but when my VPN client is connected it cannot reach hosts on this network. No firewall is currently setup for the network/all ports are open. The server running OpenVPN is assigned the IP 192.168.0.2 on the private network

server.conf

local 1.2.3.4
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key s ...

I have got this setup with two LANs and OpenVPN infra. I need to share the OpenVPN connection attached to Proxmox server (10.8.0.12) to the Proxmox VMs (192.168.0,1,2,3,...).

I was trying to use linux bridge on Proxmox:

iface vmbr2 inet static
        address 10.8.1.12/24
        bridge-ports none
        bridge-stp off
        bridge-fd 0
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
   ...

I have 1 host machine (Ubuntu Server 20.04.3) and 1 domain (e.g. example.com)

Requirement is to host multiple subdomains from this machine without VMs.

Needed services and corresponding subdomains

• vpn.example.com - OpenVPN server (should not be dockerized)
• site.example.com - Dockerized node site (should be accessible for VPN and LAN users)
• service.example.com - Dockerized web service (should be acc ...

How can I prevent OpenVPN from opening some domains? I closed a site from etc/hosts, but it opens with OpenVPN

I'm using this https://github.com/angristan/openvpn-install

I am trying to use openvpn to install the vpn but very unsuccessful from couple of days. Appreciate your help in this case. openvpn vpnbook-ca198-tcp443.ovpn 2021-10-20 20:32:18 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set. 2021-10-20 20:32:18 DEPRECATED OPTION: --cipher s ...

Within my laptop PC, I set a systemd service that make a OpenVPN connection to my home, and let it automatically start on boot, so that I can access my home server anywhere.

The trouble is that when I'm home already, it still connects to VPN, and confuse the route table of the laptop, therefore I can't access the server when I'm at home.

Is there a way, I can let a systemd service start conditionall ...

I need to allow ssh only through VPN (openvpn) using iptables. All services (ssh, vpn) are located on same machine. My current rules for vpn and ssh:

# set default policy
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

# flush rules
iptables -t nat -F
iptables -t mangle -F
iptables -F
iptables -X

# allow localhost
iptables -A INPUT -i $LO -j ACCEPT
iptables -A OUTPUT -o $L ...

The main purpose - remote access to the local network (video surveillance, smart home).

Input data: mikrotik router and server in the DigitalOcean.

Since mikrotik knows how to work with OpenVPN server only by login and password, I decided to run 2 OpenVPN servers:

1. /etc/openvpn/server-mikrotik.conf:

...
server 10.0.1.0 255.255.255.0
route 192.168.88.0 255.255.255.0 10.0.1.2
route 192.168.1.0 255.255.25 ...

So i have managed to setup an OpenVPN VPS. My public clientside IP is static.

For an abundance of security I'd like to automate a firewall blocking all traffic when the VPN client isn't connected. When client connects, traffic can flow so open up firewall.... Almost like a soft shutdown except purely a drop all unless from clientside static IP.

Any ideas how to implement this? I understand that I ca ...

I setup an OpenVPN server but whenever I try to connect with the Windows 10 OpenVPN client I get the following error:

There was an error attempting to connect to the selected server

Here's what I see in the logs:

⏎10/11/2021, 11:17:42 PM EVENT: WAIT ⏎10/11/2021, 11:17:42 PM Connecting to [3.133.152.18]:1194 (3.133.152.18) via UDPv4
⏎10/11/2021, 11:17:46 PM Server poll timeout, trying next re ...

I am trying to allow OpenVPN clients to the OpenVPN which has access to two different subnets. The 10.203.1.61 has a public network and is used when clients access OpenVPN while the 172.28 (ens4) is a private IP into that network. I would like them to also have the ability to access the network running on ens4.

ens3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 9000 inet 10.203.1.61 net ...

I am trying to set up my openvpn network but I have a problem.

My LAN configuration is as follows:

• main router Zyxel 192.168.1.1 acting as gateway (vdsl connection) and access point;
• openwrt router TD-W8970 192.168.1.2 acting as access point and vpn server (10.212.79.1)

What I want to do is to create a VPN network with clients that must send internet requests only through my LAN gateway (192.168.1.1) ...