http://www.itsatechworld.com/2006/01/29 ... e-openvpn/
It seems ok in that I can at least get my server-side OpenVPN to connect. When I say connect, I mean that the OpenVPN gui turns green, I get a message that it's got an IP address etc.
I've made sure that my zonealarm firewall has allowed OpenVPN on both client and server. I've set port forwarding and such on my router as described in the tutorial. The issue is that I can't get the client to connect at all. No matter what I try (putting server in DMZ, changing the port, etc), all I get is this error:
read UDPv4: Connection reset by perr (WSAECONNRESET)(code=10054)
over and over and over.
I tried using telnet to connect to my computer and the port number for the server and got this:
Connecting to (static IP of my home router) ... Could not open connection to the host, on port 1194: Connect failed
Code: Select all
local 192.168.1.150 # This is the IP address of the real network interface on the server connected to the router port 1194 # This is the port OpenVPN is running on - make sure the router is port forwarding this port to the above IP proto udp # UDP tends to perform better than TCP for VPN mssfix 1400 # This setting fixed problems I was having with apps like Remote Desktop push "dhcp-option DNS 192.168.1.1" # Replace the Xs with the IP address of the DNS for your home network (usually your ISP's DNS) #push "dhcp-option DNS X.X.X.X" # A second DNS server if you have one dev tap #dev-node MyTap #If you renamed your TAP interface or have more than one TAP interface then remove the # at the beginning and change "MyTAP" to its name ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt" cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.crt" key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.key" # This file should be kept secret dh "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\dh1024.pem" server 192.168.10.0 255.255.255.128 # This assigns the virtual IP address and subent to the server's OpenVPN connection. Make sure the Routing Table entry matches this. ifconfig-pool-persist ipp.txt push "redirect-gateway def1" # This will force the clients to use the home network's internet connection keepalive 10 120 cipher BF-CBC # Blowfish (default) encryption comp-lzo max-clients 100 # Assign the maximum number of clients here persist-key persist-tun status openvpn-status.log verb 1 # This sets how detailed the log file will be. 0 causes problems and higher numbers can give you more detail for troubleshooting
Code: Select all
client dev tap #dev-node MyTAP #If you renamed your TAP interface or have more than one TAP interface then remove the # at the beginning and change "MyTAP" to its name proto udp remote 220.127.116.11 1194 #You will need to enter you dyndns account or static IP address here. The number following it is the port you set in the server's config route 192.168.1.1 255.255.255.0 vpn_gateway 3 #This it the IP address scheme and subnet of your normal network your server is on. Your router would usually be 192.168.1.1 resolv-retry infinite nobind persist-key persist-tun ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt" cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\client1.crt" # Change the next two lines to match the files in the keys directory. This should be be different for each client. key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\client1.key" # This file should be kept secret ns-cert-type server cipher BF-CBC # Blowfish (default) encrytion comp-lzo verb 1