http://www.itsatechworld.com/2006/01/29 ... e-openvpn/
It seems ok in that I can at least get my server-side OpenVPN to connect. When I say connect, I mean that the OpenVPN gui turns green, I get a message that it's got an IP address etc.
I've made sure that my zonealarm firewall has allowed OpenVPN on both client and server. I've set port forwarding and such on my router as described in the tutorial. The issue is that I can't get the client to connect at all. No matter what I try (putting server in DMZ, changing the port, etc), all I get is this error:
read UDPv4: Connection reset by perr (WSAECONNRESET)(code=10054)
over and over and over.
I tried using telnet to connect to my computer and the port number for the server and got this:
Connecting to (static IP of my home router) ... Could not open connection to the host, on port 1194: Connect failed
server config:
Code: Select all
local 192.168.1.150 # This is the IP address of the real network interface on the server connected to the router
port 1194 # This is the port OpenVPN is running on - make sure the router is port forwarding this port to the above IP
proto udp # UDP tends to perform better than TCP for VPN
mssfix 1400 # This setting fixed problems I was having with apps like Remote Desktop
push "dhcp-option DNS 192.168.1.1" # Replace the Xs with the IP address of the DNS for your home network (usually your ISP's DNS)
#push "dhcp-option DNS X.X.X.X" # A second DNS server if you have one
dev tap
#dev-node MyTap #If you renamed your TAP interface or have more than one TAP interface then remove the # at the beginning and change "MyTAP" to its name
ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.crt"
key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.key" # This file should be kept secret
dh "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\dh1024.pem"
server 192.168.10.0 255.255.255.128 # This assigns the virtual IP address and subent to the server's OpenVPN connection. Make sure the Routing Table entry matches this.
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1" # This will force the clients to use the home network's internet connection
keepalive 10 120
cipher BF-CBC # Blowfish (default) encryption
comp-lzo
max-clients 100 # Assign the maximum number of clients here
persist-key
persist-tun
status openvpn-status.log
verb 1 # This sets how detailed the log file will be. 0 causes problems and higher numbers can give you more detail for troubleshooting
Code: Select all
client
dev tap
#dev-node MyTAP #If you renamed your TAP interface or have more than one TAP interface then remove the # at the beginning and change "MyTAP" to its name
proto udp
remote 71.179.97.159 1194 #You will need to enter you dyndns account or static IP address here. The number following it is the port you set in the server's config
route 192.168.1.1 255.255.255.0 vpn_gateway 3 #This it the IP address scheme and subnet of your normal network your server is on. Your router would usually be 192.168.1.1
resolv-retry infinite
nobind
persist-key
persist-tun
ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\client1.crt" # Change the next two lines to match the files in the keys directory. This should be be different for each client.
key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\client1.key" # This file should be kept secret
ns-cert-type server
cipher BF-CBC # Blowfish (default) encrytion
comp-lzo
verb 1