norton 360 is killing me

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
derrickearly
OpenVpn Newbie
Posts: 14
Joined: Fri Oct 08, 2021 8:01 pm

norton 360 is killing me

Post by derrickearly » Mon Oct 11, 2021 3:26 pm

I cannot get a ping 10.8.0.1 through from the client unless I pull down the norton 360 "smart firewall". This could have a lot to do with all my other setup issues. One step at a time. Here are my config files. No errors on the logs. I can post them is necessary.

server
dev-node "OpenVPN TAP-Windows6"
local 192.168.1.177
port 1194
proto udp
dev tun
server 10.8.0.0 255.255.255.0
topology subnet

ca ca.crt
cert mrtuxVPN.crt
key mrtuxVPN.key # This file should be kept secret
dh dh.pem
tls-auth ta_new.key 0 # This file is secret

#push "redirect-gateway def1"
#push "dhcp-option DNS 8.8.8.8"

keepalive 10 120
comp-lzo
persist-key
persist-tun

client-config-dir "C:\\OpenVPN\\config"
ccd-exclusive
route 10.0.0.0 255.255.255.0

verb 4


client
client
dev tun
proto udp
#remote 192.168.1.175 1194
remote mrtuxvpn.ddnsfree.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun

comp-lzo
verb 3
explicit-exit-notify 2
ping 10
ping-restart 60

route-method exe
route-delay 2

<ca>
-----BEGIN CERTIFICATE-----
MIIDQjCCAiqgAwIBAgIUKyTwTF/TOJx2EIqEIQerd2eahF0wDQYJKoZIhvcNAQEL
BQAwEzERMA8GA1UEAwwIbXJ0dXgtQ0EwHhcNMjExMDA4MTk0ODQ4WhcNMzExMDA2
MTk0ODQ4WjATMREwDwYDVQQDDAhtcnR1eC1DQTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbpYS3bDCLBsT0cLP6eAd207fO830x3zD+pgCp5w56BvDiI
5n0mkYDEMsNVVD2CKIA4VOPp0zcq6hTgoqlDFWvWkjtFrjGZAUq5nU8fSQaXaTKY
qJ9yCHdvMglbDtBB21PMgdAApHdEkcCT/shXYuef/AHGii1KpCI+Avz7/5UwwC1s
pqBCtJ9jxA0ag02vraZxDm1uPirRM8q06QNarF8VKSh9QInxP8d3qq2gnEFhPqhY
VIZwr7szk8RfMnVKg37hDtalBF0EwfXTuuBgVzIfcvqQNHYsNSDM2u9Zt7qZilzJ
vaiZEsmbSq0EWxha2eg2L+97b2/6VgArEWMXHt8CAwEAAaOBjTCBijAdBgNVHQ4E
FgQUiCAjCMXDwKWB+iSRL3z5ZpVdWAAwTgYDVR0jBEcwRYAUiCAjCMXDwKWB+iSR
L3z5ZpVdWAChF6QVMBMxETAPBgNVBAMMCG1ydHV4LUNBghQrJPBMX9M4nHYQioQh
B6t3Z5qEXTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQsF
AAOCAQEASlapMvKmgQ44v4UKXZAXH74xiIQNSxflLmBSsc34cYf4RCMtA4v0iHTE
dYP1dBQXX6QaSDWUArcnOrGYxTMJQCa2dInPW6z/L1cUerEhrGc6HUcOMnsBUhZ3
OFmlTpDKSCxkecegq1/Z/GwnwGkr6XnBCB9a3YrBGd6+vQTznomkt19Ng1vMNwGJ
D1aV+IrHTGIv9uU0B9EXx1RxOTI2+gVCsEUGObh+lDZab8kmFP7gavBT3L13rcjf
wo4Sa8of2X+HjRqRbqeynNKWaTrOFa/Dvt6pGNd5ozOO4xkRPmDiCMo1pxm6XzWl
3CfeCT2FZD5E5oqZcr0FLjqWrhaf0w==
-----END CERTIFICATE-----
</ca>
<cert>
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:36:c9:2a:5c:66:b5:7b:cf:d3:69:1c:fc:36:c2:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=mrtux-CA
Validity
Not Before: Oct 8 20:53:29 2021 GMT
Not After : Jan 11 20:53:29 2024 GMT
Subject: CN=client
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:62:7e:40:de:71:8d:30:05:39:5e:9e:e4:d1:
69:67:3d:37:ce:b2:2e:e2:0c:b4:dd:cf:2f:8d:2d:
e3:25:af:3a:e0:77:e0:43:ad:7a:30:d9:ed:5e:b1:
32:da:6f:44:f5:44:48:f7:f3:fe:47:7a:96:42:69:
89:e3:5c:c6:c0:ba:b5:5b:ae:36:c7:88:ea:e3:0b:
3b:90:24:2e:66:ad:4b:dd:f9:d8:6c:fe:a8:d6:7b:
f0:3e:67:b0:82:b0:23:d9:ad:ac:eb:f2:4c:6b:e9:
43:5e:18:3b:1c:ea:7c:15:8b:9e:66:8f:5e:f0:73:
11:60:df:60:6a:d3:f9:c0:03:0f:e6:47:01:ee:8e:
23:41:32:34:b0:33:af:b9:5a:27:e5:db:57:04:7e:
9e:09:23:9e:41:c5:59:bb:f1:4d:1d:7c:f1:d9:eb:
44:79:52:f9:4b:2a:ec:40:b8:41:32:64:f0:6f:5a:
98:b8:bc:6e:18:33:b6:2e:23:35:fb:03:1c:a1:92:
8a:45:c9:b5:bf:e3:06:d9:05:4a:6d:a5:eb:3e:fb:
3b:31:04:e4:0a:87:41:55:9e:26:6f:3d:56:a5:22:
a0:12:22:29:a7:02:3c:82:79:7a:27:e0:28:19:d5:
8f:1b:1c:e3:cc:70:c2:4e:2e:df:a4:1e:54:7a:3b:
d9:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
68:D1:E8:8B:8A:4D:40:8D:65:47:B6:28:6A:4D:97:23:25:95:1C:2B
X509v3 Authority Key Identifier:
keyid:88:20:23:08:C5:C3:C0:A5:81:FA:24:91:2F:7C:F9:66:95:5D:58:00
DirName:/CN=mrtux-CA
serial:2B:24:F0:4C:5F:D3:38:9C:76:10:8A:84:21:07:AB:77:67:9A:84:5D

X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
Signature Algorithm: sha256WithRSAEncryption
b6:d6:4a:eb:3c:76:9b:27:1c:ae:23:7a:57:ea:8b:c2:99:c4:
19:5a:d0:9d:86:a0:a5:ad:50:72:97:06:8f:e5:09:70:9c:01:
cf:9d:7c:74:f9:25:aa:15:d3:60:10:d9:56:44:0b:66:f4:ea:
38:94:8c:70:8a:9c:0b:20:40:6e:27:ac:ce:ec:17:36:a7:e8:
ea:4b:75:a4:a3:fd:d9:2e:a0:15:48:8c:f0:e0:84:79:89:9a:
3e:28:ed:cd:d1:38:25:c4:eb:0e:30:cd:45:fb:15:7a:eb:9c:
4a:01:e8:ce:19:12:a0:12:9a:08:c0:16:24:a4:79:7e:0b:82:
a5:f3:be:f7:2e:aa:4c:dd:ad:77:99:16:db:b2:90:e3:be:84:
c0:af:39:ad:80:ac:69:cc:3a:5a:81:69:0d:c1:83:38:45:55:
5b:26:45:68:a0:bf:d7:c7:c9:a2:e6:81:ab:fd:9d:89:cb:da:
c3:6c:f1:3c:6f:26:79:3c:6a:78:4f:86:63:cb:b9:51:e3:c6:
0d:2c:31:5b:2b:8a:7d:4b:bf:b4:15:58:a2:04:10:dc:6c:1c:
71:bf:72:19:dc:28:63:41:a4:50:04:e3:4b:71:11:a8:0a:57:
77:a0:84:93:97:e2:17:81:c8:2c:27:a4:b8:cb:da:c5:94:54:
e2:34:33:b0
-----BEGIN CERTIFICATE-----
MIIDTjCCAjagAwIBAgIQdzbJKlxmtXvP02kc/DbCiTANBgkqhkiG9w0BAQsFADAT
MREwDwYDVQQDDAhtcnR1eC1DQTAeFw0yMTEwMDgyMDUzMjlaFw0yNDAxMTEyMDUz
MjlaMBExDzANBgNVBAMMBmNsaWVudDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAOpifkDecY0wBTlenuTRaWc9N86yLuIMtN3PL40t4yWvOuB34EOtejDZ
7V6xMtpvRPVESPfz/kd6lkJpieNcxsC6tVuuNseI6uMLO5AkLmatS9352Gz+qNZ7
8D5nsIKwI9mtrOvyTGvpQ14YOxzqfBWLnmaPXvBzEWDfYGrT+cADD+ZHAe6OI0Ey
NLAzr7laJ+XbVwR+ngkjnkHFWbvxTR188dnrRHlS+Usq7EC4QTJk8G9amLi8bhgz
ti4jNfsDHKGSikXJtb/jBtkFSm2l6z77OzEE5AqHQVWeJm89VqUioBIiKacCPIJ5
eifgKBnVjxsc48xwwk4u36QeVHo72WcCAwEAAaOBnzCBnDAJBgNVHRMEAjAAMB0G
A1UdDgQWBBRo0eiLik1AjWVHtihqTZcjJZUcKzBOBgNVHSMERzBFgBSIICMIxcPA
pYH6JJEvfPlmlV1YAKEXpBUwEzERMA8GA1UEAwwIbXJ0dXgtQ0GCFCsk8Exf0zic
dhCKhCEHq3dnmoRdMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAN
BgkqhkiG9w0BAQsFAAOCAQEAttZK6zx2myccriN6V+qLwpnEGVrQnYagpa1QcpcG
j+UJcJwBz518dPklqhXTYBDZVkQLZvTqOJSMcIqcCyBAbieszuwXNqfo6kt1pKP9
2S6gFUiM8OCEeYmaPijtzdE4JcTrDjDNRfsVeuucSgHozhkSoBKaCMAWJKR5fguC
pfO+9y6qTN2td5kW27KQ476EwK85rYCsacw6WoFpDcGDOEVVWyZFaKC/18fJouaB
q/2dicvaw2zxPG8meTxqeE+GY8u5UePGDSwxWyuKfUu/tBVYogQQ3Gwccb9yGdwo
Y0GkUATjS3ERqApXd6CEk5fiF4HILCekuMvaxZRU4jQzsA==
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDqYn5A3nGNMAU5
Xp7k0WlnPTfOsi7iDLTdzy+NLeMlrzrgd+BDrXow2e1esTLab0T1REj38/5HepZC
aYnjXMbAurVbrjbHiOrjCzuQJC5mrUvd+dhs/qjWe/A+Z7CCsCPZrazr8kxr6UNe
GDsc6nwVi55mj17wcxFg32Bq0/nAAw/mRwHujiNBMjSwM6+5Wifl21cEfp4JI55B
xVm78U0dfPHZ60R5UvlLKuxAuEEyZPBvWpi4vG4YM7YuIzX7AxyhkopFybW/4wbZ
BUptpes++zsxBOQKh0FVniZvPValIqASIimnAjyCeXon4CgZ1Y8bHOPMcMJOLt+k
HlR6O9lnAgMBAAECggEBAJEKMAyeWnA/NgxhVDxOpkYfqOg8dSynJklYS5m2uqh4
PhvnspzOvh16zhvZ1Zk8X9TS08C0eTbsUg14174djFR5dX7tWLKzNH8ZVVuGODyL
orYTRO11zS8k9O75JU5KB3VNtwMvJkFk0K5qmjHznKOMiZH3yI1M94UV1cllsVgy
nalhHBXFF0rUXNdrz6os06byH0c2SioE4pXvJ4BFGk891Rc6I3jgrQMGudMa0qgW
oGPXZG8yP8YhxCSUBa8a8qKRBoew49YvJ07tXaHQzrM1x7m6jIqaVFeUsbxv/is0
5W99eXGotYSf/ddHYyDp9BnaFHCLAr1lvWtTiOObDiECgYEA+jcTm0XGQzhQUMZp
toxyNXkIrqYUAeLZqTb4Eica4ZVwxJblrktniRZx1X3V8AkL1ARN2+enwAcZBmEI
+PU4clFmxDz59AKHmuP6GOvTr3MDRWwRHLFx1D4Mu4ZRKHy59BsKfETJWMOyPJFv
CyRCGqs48cqTBhD8WiCioXNw7ncCgYEA7825Bo20qOVwus1Fi22Hid4gN4hDoOAo
W9QRjUyh4mxxRju8YIyKtr/DDQQWU5ekpHECkqVlAXBUdmgSPSeFbq7PEZ7+bwvr
50nls07jz3aFTT5bch+D6aYyY3Xa8yxiog1h156Ed5E35tDEYklhDNOJfJEzBuF7
MpFr2pKreJECgYBDQaqzgf3Y87oi/DJOL1JDrVT4HQwjtaZsJapotrozCMhXD3iN
cRdTcgUHLdvjuYrEYqPLCGm+5CmF3W9b/A5ALEFDXmCRhlyM9dqz+C/eaTvn3TR8
UfYW5tblUSVfjKcvRlV7McItaezu+uiuRgC+ymd0Fs+OQeKTF1KfszgX4QKBgQDM
Ac4ovyE0lo0CvmMtrK6kIW5zD9/I2yo6hP2xocIO6IatY2BtGuNfeWAskI+V6epN
Yz73FvII+VFBsmPh1t9zPBA5Q3PdcNzuVTWvB6xS8NeS0TvmqN0GRzeS2c69FcOL
basRTnAPcGGIYY7QtvBzgvryGGy6q9StPn3s4t4xoQKBgQDDO4ZhfUs91rfQVztE
owKekNHE/DkDSTh1mrqtxp1EEXyUv3ATrYISezA77sqC/HqpAW0CNZEdZ0QK/gLt
SbHZxoEsYdsFRe1cTR5ANkO2FnpAoJ5IFQamy6uQ/+7fWFAzZ3bhZIct/yYj8CFA
XSVlXrLtC5mbzlG176/GwHf/7w==
-----END PRIVATE KEY-----
</key>
remote-cert-tls server
tls-auth [inline] 1
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
0857e43cde9f0a70ddb7151b63729ed3
3f5f34bc1f3839d9533bb8a1376080ba
793562316de07d0a44d2febd77148d1d
89c9ea0f86c3455906c6cb2f35b8a51f
a88837c3c0ab0831720e606f4884e5f2
2c12ef48e056f864c7e547f0f6ee0cc7
f7dad5df7aabfb5016c954e7c4315cdf
22e6a7cd455d920b88dc4a4e490d1f48
e0e0cdc29993ac7e254dea76aebdc843
9c462647ab41676fcecdb7aa10b6bbdb
fe40364a5be1b4361b74d18c372c23b7
196dd2907d583b6a48deef8036dcc5de
231a75a217ba96f68007b8ef01940e16
4c511c32abe72064f954967e9ed40477
c0d47e16a27c014bb8eeb84145a1cda0
4671664978a0f8cac76e9114e2f92330
-----END OpenVPN Static key V1-----
</tls-auth>
verb 4

ccd client
#ifconfig-push 10.10.10.5 10.10.10.6
#iroute 10.0.0.0 255.255.255.0
#iroute 192.168.1.0 255.255.255.0

ifconfig-push 10.8.0.10 255.255.255.0

derrickearly
OpenVpn Newbie
Posts: 14
Joined: Fri Oct 08, 2021 8:01 pm

Re: norton 360 is killing me

Post by derrickearly » Mon Oct 11, 2021 4:55 pm

I fixed norton 360 finally.

Did this on both the client and server.
Right click on the norton icon in the notification area.
Open Norton 360\Settings\Firewall\Firewall Reset\Reset [+]
restart the computer

Start the server and client. Run ping -t 10.8.0.2 on the server. Run ping -t 10.8.0.1 on the client

Did this on the client and server
Right click on the norton icon in the notification area.
double click Security
History
Find entries with "Connected to a public network. (10.8.0.0/255.255.255.0)".
Select the entry. Click on More Options\Trust.

You know that you fixed it when both pings start working.

Post Reply