Configuring OpenVPN server for reverse client tunneling

Scripts to manage certificates or generate config files

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
garrukapex
OpenVpn Newbie
Posts: 1
Joined: Mon Jan 29, 2018 12:15 am

Configuring OpenVPN server for reverse client tunneling

Post by garrukapex » Mon Jan 29, 2018 12:17 am

So, I'm trying to configure an Open Vpn server to bridge two client connections together. The server is running on a Raspberry Pi 3, and one client, a "drop box" is on a Raspberry Pi 0. The second client is my Ubuntu laptop. Both Pis are running Raspbian Lite, so no GUI interface. I'm pretty comfortable with the command line, but I'm quite stuck here, and after researching for a while, I figured I'd ask for some help.

I'm installing open vpn through the quick, vanilla install method. By which, I'm using `wget https://git.io/vpn -O openvpn.sh && bash openvpn.sh`. It gets the script from that address, and executes it, setting it up as a server. I got that far. Where I'm confused is the configuration for the server. The OpenVpn site says to use the GUI web interface, but I only have command line tools, to save on system resources. Every time I try to run `openvpn --config /etc/openvpn/client.ovpn` on my Pi Zero Client to connect to the VPN, I get the following error message:


Code: Select all

 Sat Jan 27 21:00:14 2018 [server] Peer Connection Initiated with [AF_INET]192.168.1.41:1194
    Sat Jan 27 21:00:16 2018 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
    Sat Jan 27 21:00:16 2018 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 192.168.1.1,route-gateway 10.8.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.8.0.2 255.255.255.0'
    Sat Jan 27 21:00:16 2018 OPTIONS IMPORT: timers and/or timeouts modified
    Sat Jan 27 21:00:16 2018 OPTIONS IMPORT: --ifconfig/up options modified
    Sat Jan 27 21:00:16 2018 OPTIONS IMPORT: route options modified
    Sat Jan 27 21:00:16 2018 OPTIONS IMPORT: route-related options modified
    Sat Jan 27 21:00:16 2018 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
    Sat Jan 27 21:00:16 2018 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=eth0 HWADDR=00:e0:4c:53:44:58
    Sat Jan 27 21:00:16 2018 ERROR: Cannot ioctl TUNSETIFF tun: Operation not permitted (errno=1)
    Sat Jan 27 21:00:16 2018 Exiting due to fatal error

To be clear, in case it wasn't already, I want to use the Pi Zero as a 'drop box' type of device. Its purpose is to be 'dropped' on a network, and tunnel out to the VPN Server. I tunnel into the VPN server using my laptop, and the packets sent from my laptop flow to the Pi Zero, letting me into the internal network the Pi is connected to. I'm trying to use the terminal only client because Darren said it's better, and I don't exactly have a lot of hardware to work with. The more resources I can save, the better.
I'm only asking on here because the only resources I could find out there wanted the GUI, and I don't have one of those. Hak5 uses the install method I used in the second video I linked, but doesn't explain any of how it works, or how to configure it if you're not using a packet squirrel.

I got the idea from a few Hak5 videos, which I will link below. Is there a configuration file I'm missing? If so, what do I have to change? This seems to be a pretty popular method of installing openvpn, so I'm rather surprised there isn't documentation for the command line only version. Thanks for reading all of this mess, and I appreciate any and all responses.

I found this forum based on another question here, which was never answered. I'm hoping that you guys will be able to help me out.
Relevant xkcd [url]https://xkcd.com/979/

[url]https://www.youtube.com/watch?v=b7qr0laM8kA
[url]https://www.youtube.com/watch?v=OlKztGlt8VA&index=5&list=LLccDOYtGTbGsXxNx-0czxTg

ezraoul
OpenVpn Newbie
Posts: 1
Joined: Sat Dec 15, 2018 2:53 pm

Re: Configuring OpenVPN server for reverse client tunneling

Post by ezraoul » Sat Dec 15, 2018 2:54 pm

I had the same question after watching the same videos. Did you ever find a solution?

Post Reply