Need help! [openvpn over dynamic ssh proxy]

This forum is for general conversation and user-user networking.
Post Reply
major
OpenVpn Newbie
Posts: 4
Joined: Wed Apr 25, 2012 12:32 pm
Location: unknown
Contact:

Need help! [openvpn over dynamic ssh proxy]

Post by major » Wed Apr 25, 2012 12:54 pm

Greetings to all
Please be patient
with me, I am fresh fish :p
My ISP is suffocating openvpn protocol (always fail in TLS handshake), so I have to find another way to connect.
I tried to use ssh to the same vps (as dynamic socks5 proxy) using port 1050
I am connected... but nothing more (ie: nothing is happening)
I cannot ping client from server
I cannot ping server from client
here is a copy of server.conf:
port 38823
proto tcp
dev tun
script-security 3
tls-server
ca /etc/openvpn/2.0/keys/ca.crt
cert /etc/openvpn/2.0/keys/server.crt
key /etc/openvpn/2.0/keys/server.key
dh /etc/openvpn/2.0/keys/dh1024.pem
server 10.13.13.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 10.13.13.0 255.255.255.0"
push "redirect-gateway"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
client-to-client
keepalive 10 120
cipher AES-128-CBC
comp-lzo
max-clients 10
user nobody
group nogroup
persist-key
persist-tun
route-noexec
verb 4

and here is a copy of client.ovpn:
client
# pull
dev tun
proto tcp
socks-proxy-retry
socks-proxy 127.0.0.1 1050
remote <vps.ip.here> 38823
route <vps.ip.here> 255.255.255.255 net_gateway
resolv-retry infinite
nobind
persist-key
persist-tun
script-security 3
ca ca.crt
client client.crt
key client.key
cipher AES-128-CBC
comp-lzo
ping 5
ping restart 10
verb 3

Also I checked / double-checked iptables, and seems nothing is wrong.
Any ideas will be appreciated .

User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:

Re: Need help! [openvpn over dynamic ssh proxy]

Post by janjust » Wed Apr 25, 2012 2:09 pm

try it without all the routing rules on both client and server ; with socks proxies in combination with redirect-gateway you need to especially careful that the SOCKS proxy host (the SSH host in your case) remains reachable via a non-VPN route *after* the VPN tunnel comes up.

major
OpenVpn Newbie
Posts: 4
Joined: Wed Apr 25, 2012 12:32 pm
Location: unknown
Contact:

Re: Need help! [openvpn over dynamic ssh proxy]

Post by major » Wed Apr 25, 2012 10:09 pm

In fact, I fell in that loop, since I'm doing SSH to the same vps
also tried to stop all routing
I am able to connect, but could not ping server from client, and vise versa.
Any ideas?

User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:

Re: Need help! [openvpn over dynamic ssh proxy]

Post by janjust » Thu Apr 26, 2012 9:52 am

set 'verb 4' in the client config file, connect, then post the connection log file here.

major
OpenVpn Newbie
Posts: 4
Joined: Wed Apr 25, 2012 12:32 pm
Location: unknown
Contact:

Re: Need help! [openvpn over dynamic ssh proxy]

Post by major » Tue May 08, 2012 5:13 pm

I re-installed everything, and reset all
now the client is connected (using dynamic socks5 proxy)
and windows client & linux server can ping each other.
but this is it (my ip still as it is).
if I forwarded everything into the server's localhost, I will lose the socks proxy, thus connection will drop.
I must make the client forward traffic to the tunnel (except ports 2600 and 1080 because they are used to proxy).
Any ideas?

User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:

Re: Need help! [openvpn over dynamic ssh proxy]

Post by janjust » Wed May 09, 2012 3:59 pm

again: set 'verb 4' in the client config file, connect, then post the connection log file here.

major
OpenVpn Newbie
Posts: 4
Joined: Wed Apr 25, 2012 12:32 pm
Location: unknown
Contact:

Re: Need help! [openvpn over dynamic ssh proxy]

Post by major » Thu May 31, 2012 3:53 pm

Well...
I solved the problem, by adding the following to client.ovpn:

Code: Select all

route <vps.ip> <subnet.mask.here> net_gateway
But now I have another issue,
I want to make openvpn client and server at the same time
server to my connection, and client to other openvpn connection
is that possible to do, like bridging 2 networks?

salazarj
OpenVpn Newbie
Posts: 1
Joined: Mon Aug 06, 2012 2:35 am
Location: Australia
Contact:

Re: Need help! [openvpn over dynamic ssh proxy]

Post by salazarj » Mon Aug 06, 2012 2:39 am

Thanks for info supplied in this thread. Has helped answer some of my own questions. :P

James

Post Reply