Configuring OpenVPN as Hotspot Proxy

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
nlucchesi
OpenVpn Newbie
Posts: 15
Joined: Tue Jul 12, 2011 11:40 pm
Location: Chicago
Contact:
Contact nlucchesi

Configuring OpenVPN as Hotspot Proxy

Post by nlucchesi » Tue Aug 02, 2011 5:29 pm

I want to create a VPN Service that encrypts my WiFi traffic from a WinXP laptop at a public hotspot to my OpenVPN server on my DD-WRT router at home. After reaching the server, I want the traffic to go back out over the Internet.

In other words, I want to configure OpenVPN as a secure proxy to accept a tunnel from me at the public hotspot and then redirect the traffic back out my (unsecured) home Internet connection/ISP. Essentially, I want to duplicate the kind of service offered by HotSpotVPN (http://www.hotspotvpn.com/) and Witopi (http://www.witopia.net/).

The best example of configuration files for what I want to do is : http://forum.eeeuser.com/viewtopic.php?pid=92277

Below is my client and server configuration files and the log I'm getting while trying to connect.

Can anyone hazard a guess why the TLS handshake is timing out?

Thank you for your time and attention. I'm sorry to be such a newbie.

- nello



Start-Up Script

Code: Select all

/proc/sys/net/ipv4/ip_forward
chmod 600 /tmp/openvpn/ta.key
chmod 600 /tmp/openvpn/key.pem

Firewall Script

Code: Select all

iptables -t nat -A POSTROUTING -s 10.10.50.0/24 -o eth0 -j MASQUERADE
iptables -I INPUT 1 -p udp --dport 443 -j ACCEPT

Client Configuration

Code: Select all

client
dev tun
dev-node openVPN-TAP
proto udp
remote <- snip -> 443 
resolv-retry infinite
nobind
persist-key
persist-tun
float 
ca ca.crt
cert client1.crt
key client1.key
ns-cert-type server
tls-auth ta.key 1
tls-cipher AES256-SHA
remote-cert-tls server
cipher AES-256-CBC
auth SHA512
comp-lzo

verb 6
mute 20

Server Configuration

Code: Select all

root@DD-WRT:/tmp/openvpn# cat openvpn.conf
dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem
keepalive 10 120
verb 4
mute 5
log-append /var/log/openvpn
tls-server
management 127.0.0.1 5002
management-log-cache 50
mtu-disc yes
topology subnet
client-config-dir /tmp/openvpn/peers
script-security 2
port 443
proto udp
cipher aes-256-cbc
auth sha512
ifconfig-pool-persist /tmp/openvpn/ip-pool 86400
comp-lzo yes
tls-cipher AES256-SHA
fast-io
tun-mtu 1500
server 10.10.50.0 255.255.255.0
dev tun0
tls-auth /tmp/openvpn/ta.key 0
max-clients 5
status /var/log/openvpn-status.log
push "redirect-gateway def1"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
push "persist-tun"
push "persist-key"
verb 6

Client Connection Log

Code: Select all

Tue Aug 02 12:10:14 2011 us=886000   config = 'C:\Program Files\OpenVPN\config\client.ovpn'
Tue Aug 02 12:10:14 2011 us=886000   mode = 0
Tue Aug 02 12:10:14 2011 us=886000   show_ciphers = DISABLED
Tue Aug 02 12:10:14 2011 us=886000   show_digests = DISABLED
Tue Aug 02 12:10:14 2011 us=886000   show_engines = DISABLED
Tue Aug 02 12:10:14 2011 us=886000   genkey = DISABLED
Tue Aug 02 12:10:14 2011 us=886000   key_pass_file = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=886000   show_tls_ciphers = DISABLED
Tue Aug 02 12:10:14 2011 us=886000 Connection profiles [default]:
Tue Aug 02 12:10:14 2011 us=886000   proto = udp
Tue Aug 02 12:10:14 2011 us=886000   local = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=886000   local_port = 0
Tue Aug 02 12:10:14 2011 us=886000   remote =  <- snip ->
Tue Aug 02 12:10:14 2011 us=886000   remote_port = 443
Tue Aug 02 12:10:14 2011 us=886000   remote_float = ENABLED
Tue Aug 02 12:10:14 2011 us=886000   bind_defined = DISABLED
Tue Aug 02 12:10:14 2011 us=886000   bind_local = DISABLED
Tue Aug 02 12:10:14 2011 us=886000   connect_retry_seconds = 5
Tue Aug 02 12:10:14 2011 us=886000   connect_timeout = 10
Tue Aug 02 12:10:14 2011 us=886000   connect_retry_max = 0
Tue Aug 02 12:10:14 2011 us=886000   socks_proxy_server = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=886000   socks_proxy_port = 0
Tue Aug 02 12:10:14 2011 us=886000   socks_proxy_retry = DISABLED
Tue Aug 02 12:10:14 2011 us=886000 Connection profiles END
Tue Aug 02 12:10:14 2011 us=886000   remote_random = DISABLED
Tue Aug 02 12:10:14 2011 us=886000   ipchange = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=886000   dev = 'tun'
Tue Aug 02 12:10:14 2011 us=886000   dev_type = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=886000   dev_node = 'openVPN-TAP'
Tue Aug 02 12:10:14 2011 us=886000   lladdr = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=886000   topology = 1
Tue Aug 02 12:10:14 2011 us=886000   tun_ipv6 = DISABLED
Tue Aug 02 12:10:14 2011 us=886000   ifconfig_local = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=886000   ifconfig_remote_netmask = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=886000   ifconfig_noexec = DISABLED
Tue Aug 02 12:10:14 2011 us=886000   ifconfig_nowarn = DISABLED
Tue Aug 02 12:10:14 2011 us=886000   shaper = 0
Tue Aug 02 12:10:14 2011 us=886000   tun_mtu = 1500
Tue Aug 02 12:10:14 2011 us=886000   tun_mtu_defined = ENABLED
Tue Aug 02 12:10:14 2011 us=886000   link_mtu = 1500
Tue Aug 02 12:10:14 2011 us=886000   link_mtu_defined = DISABLED
Tue Aug 02 12:10:14 2011 us=886000   tun_mtu_extra = 0
Tue Aug 02 12:10:14 2011 us=886000   tun_mtu_extra_defined = DISABLED
Tue Aug 02 12:10:14 2011 us=886000   fragment = 0
Tue Aug 02 12:10:14 2011 us=886000   mtu_discover_type = -1
Tue Aug 02 12:10:14 2011 us=886000   mtu_test = 0
Tue Aug 02 12:10:14 2011 us=886000   mlock = DISABLED
Tue Aug 02 12:10:14 2011 us=886000   keepalive_ping = 0
Tue Aug 02 12:10:14 2011 us=886000   keepalive_timeout = 0
Tue Aug 02 12:10:14 2011 us=886000   inactivity_timeout = 0
Tue Aug 02 12:10:14 2011 us=886000   ping_send_timeout = 0
Tue Aug 02 12:10:14 2011 us=886000   ping_rec_timeout = 0
Tue Aug 02 12:10:14 2011 us=886000   ping_rec_timeout_action = 0
Tue Aug 02 12:10:14 2011 us=886000   ping_timer_remote = DISABLED
Tue Aug 02 12:10:14 2011 us=886000   remap_sigusr1 = 0
Tue Aug 02 12:10:14 2011 us=886000   explicit_exit_notification = 0
Tue Aug 02 12:10:14 2011 us=886000   persist_tun = ENABLED
Tue Aug 02 12:10:14 2011 us=886000   persist_local_ip = DISABLED
Tue Aug 02 12:10:14 2011 us=886000   persist_remote_ip = DISABLED
Tue Aug 02 12:10:14 2011 us=886000   persist_key = ENABLED
Tue Aug 02 12:10:14 2011 us=886000   mssfix = 1450
Tue Aug 02 12:10:14 2011 us=886000   resolve_retry_seconds = 1000000000
Tue Aug 02 12:10:14 2011 us=886000   username = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=886000   groupname = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=886000   chroot_dir = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=886000   cd_dir = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=886000   writepid = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=886000   up_script = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=886000   down_script = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=886000   down_pre = DISABLED
Tue Aug 02 12:10:14 2011 us=886000   up_restart = DISABLED
Tue Aug 02 12:10:14 2011 us=886000   up_delay = DISABLED
Tue Aug 02 12:10:14 2011 us=886000   daemon = DISABLED
Tue Aug 02 12:10:14 2011 us=886000   inetd = 0
Tue Aug 02 12:10:14 2011 us=886000   log = DISABLED
Tue Aug 02 12:10:14 2011 us=886000   suppress_timestamps = DISABLED
Tue Aug 02 12:10:14 2011 us=886000   nice = 0
Tue Aug 02 12:10:14 2011 us=886000   verbosity = 6
Tue Aug 02 12:10:14 2011 us=886000   mute = 0
Tue Aug 02 12:10:14 2011 us=886000   gremlin = 0
Tue Aug 02 12:10:14 2011 us=886000   status_file = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=886000   status_file_version = 1
Tue Aug 02 12:10:14 2011 us=886000   status_file_update_freq = 60
Tue Aug 02 12:10:14 2011 us=886000   occ = ENABLED
Tue Aug 02 12:10:14 2011 us=886000   rcvbuf = 0
Tue Aug 02 12:10:14 2011 us=886000   sndbuf = 0
Tue Aug 02 12:10:14 2011 us=886000   sockflags = 0
Tue Aug 02 12:10:14 2011 us=886000   fast_io = DISABLED
Tue Aug 02 12:10:14 2011 us=886000   lzo = 7
Tue Aug 02 12:10:14 2011 us=886000   route_script = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=886000   route_default_gateway = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=886000   route_default_metric = 0
Tue Aug 02 12:10:14 2011 us=886000   route_noexec = DISABLED
Tue Aug 02 12:10:14 2011 us=896000   route_delay = 5
Tue Aug 02 12:10:14 2011 us=896000   route_delay_window = 30
Tue Aug 02 12:10:14 2011 us=896000   route_delay_defined = ENABLED
Tue Aug 02 12:10:14 2011 us=896000   route_nopull = DISABLED
Tue Aug 02 12:10:14 2011 us=896000   route_gateway_via_dhcp = DISABLED
Tue Aug 02 12:10:14 2011 us=896000   max_routes = 100
Tue Aug 02 12:10:14 2011 us=896000   allow_pull_fqdn = DISABLED
Tue Aug 02 12:10:14 2011 us=896000   management_addr = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   management_port = 0
Tue Aug 02 12:10:14 2011 us=896000   management_user_pass = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   management_log_history_cache = 250
Tue Aug 02 12:10:14 2011 us=896000   management_echo_buffer_size = 100
Tue Aug 02 12:10:14 2011 us=896000   management_write_peer_info_file = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   management_client_user = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   management_client_group = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   management_flags = 0
Tue Aug 02 12:10:14 2011 us=896000   shared_secret_file = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   key_direction = 2
Tue Aug 02 12:10:14 2011 us=896000   ciphername_defined = ENABLED
Tue Aug 02 12:10:14 2011 us=896000   ciphername = 'AES-256-CBC'
Tue Aug 02 12:10:14 2011 us=896000   authname_defined = ENABLED
Tue Aug 02 12:10:14 2011 us=896000   authname = 'SHA512'
Tue Aug 02 12:10:14 2011 us=896000   prng_hash = 'SHA1'
Tue Aug 02 12:10:14 2011 us=896000   prng_nonce_secret_len = 16
Tue Aug 02 12:10:14 2011 us=896000   keysize = 0
Tue Aug 02 12:10:14 2011 us=896000   engine = DISABLED
Tue Aug 02 12:10:14 2011 us=896000   replay = ENABLED
Tue Aug 02 12:10:14 2011 us=896000   mute_replay_warnings = DISABLED
Tue Aug 02 12:10:14 2011 us=896000   replay_window = 64
Tue Aug 02 12:10:14 2011 us=896000   replay_time = 15
Tue Aug 02 12:10:14 2011 us=896000   packet_id_file = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   use_iv = ENABLED
Tue Aug 02 12:10:14 2011 us=896000   test_crypto = DISABLED
Tue Aug 02 12:10:14 2011 us=896000   tls_server = DISABLED
Tue Aug 02 12:10:14 2011 us=896000   tls_client = ENABLED
Tue Aug 02 12:10:14 2011 us=896000   key_method = 2
Tue Aug 02 12:10:14 2011 us=896000   ca_file = 'ca.crt'
Tue Aug 02 12:10:14 2011 us=896000   ca_path = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   dh_file = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   cert_file = 'client1.crt'
Tue Aug 02 12:10:14 2011 us=896000   priv_key_file = 'client1.key'
Tue Aug 02 12:10:14 2011 us=896000   pkcs12_file = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   cryptoapi_cert = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   cipher_list = 'AES256-SHA'
Tue Aug 02 12:10:14 2011 us=896000   tls_verify = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   tls_export_cert = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   tls_remote = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   crl_file = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   ns_cert_type = 64
Tue Aug 02 12:10:14 2011 us=896000   remote_cert_ku[i] = 160
Tue Aug 02 12:10:14 2011 us=896000   remote_cert_ku[i] = 136
Tue Aug 02 12:10:14 2011 us=896000   remote_cert_ku[i] = 0
Tue Aug 02 12:10:14 2011 us=896000   remote_cert_ku[i] = 0
Tue Aug 02 12:10:14 2011 us=896000   remote_cert_ku[i] = 0
Tue Aug 02 12:10:14 2011 us=896000   remote_cert_ku[i] = 0
Tue Aug 02 12:10:14 2011 us=896000   remote_cert_ku[i] = 0
Tue Aug 02 12:10:14 2011 us=896000   remote_cert_ku[i] = 0
Tue Aug 02 12:10:14 2011 us=896000   remote_cert_ku[i] = 0
Tue Aug 02 12:10:14 2011 us=896000   remote_cert_ku[i] = 0
Tue Aug 02 12:10:14 2011 us=896000   remote_cert_ku[i] = 0
Tue Aug 02 12:10:14 2011 us=896000   remote_cert_ku[i] = 0
Tue Aug 02 12:10:14 2011 us=896000   remote_cert_ku[i] = 0
Tue Aug 02 12:10:14 2011 us=896000   remote_cert_ku[i] = 0
Tue Aug 02 12:10:14 2011 us=896000   remote_cert_ku[i] = 0
Tue Aug 02 12:10:14 2011 us=896000   remote_cert_ku[i] = 0
Tue Aug 02 12:10:14 2011 us=896000   remote_cert_eku = 'TLS Web Server Authentication'
Tue Aug 02 12:10:14 2011 us=896000   tls_timeout = 2
Tue Aug 02 12:10:14 2011 us=896000   renegotiate_bytes = 0
Tue Aug 02 12:10:14 2011 us=896000   renegotiate_packets = 0
Tue Aug 02 12:10:14 2011 us=896000   renegotiate_seconds = 3600
Tue Aug 02 12:10:14 2011 us=896000   handshake_window = 60
Tue Aug 02 12:10:14 2011 us=896000   transition_window = 3600
Tue Aug 02 12:10:14 2011 us=896000   single_session = DISABLED
Tue Aug 02 12:10:14 2011 us=896000   push_peer_info = DISABLED
Tue Aug 02 12:10:14 2011 us=896000   tls_exit = DISABLED
Tue Aug 02 12:10:14 2011 us=896000   tls_auth_file = 'ta.key'
Tue Aug 02 12:10:14 2011 us=896000   server_network = 0.0.0.0
Tue Aug 02 12:10:14 2011 us=896000   server_netmask = 0.0.0.0
Tue Aug 02 12:10:14 2011 us=896000   server_bridge_ip = 0.0.0.0
Tue Aug 02 12:10:14 2011 us=896000   server_bridge_netmask = 0.0.0.0
Tue Aug 02 12:10:14 2011 us=896000   server_bridge_pool_start = 0.0.0.0
Tue Aug 02 12:10:14 2011 us=896000   server_bridge_pool_end = 0.0.0.0
Tue Aug 02 12:10:14 2011 us=896000   ifconfig_pool_defined = DISABLED
Tue Aug 02 12:10:14 2011 us=896000   ifconfig_pool_start = 0.0.0.0
Tue Aug 02 12:10:14 2011 us=896000   ifconfig_pool_end = 0.0.0.0
Tue Aug 02 12:10:14 2011 us=896000   ifconfig_pool_netmask = 0.0.0.0
Tue Aug 02 12:10:14 2011 us=896000   ifconfig_pool_persist_filename = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   ifconfig_pool_persist_refresh_freq = 600
Tue Aug 02 12:10:14 2011 us=896000   n_bcast_buf = 256
Tue Aug 02 12:10:14 2011 us=896000   tcp_queue_limit = 64
Tue Aug 02 12:10:14 2011 us=896000   real_hash_size = 256
Tue Aug 02 12:10:14 2011 us=896000   virtual_hash_size = 256
Tue Aug 02 12:10:14 2011 us=896000   client_connect_script = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   learn_address_script = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   client_disconnect_script = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   client_config_dir = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   ccd_exclusive = DISABLED
Tue Aug 02 12:10:14 2011 us=896000   tmp_dir = 'C:\DOCUME~1\NELLOL~1\LOCALS~1\Temp\'
Tue Aug 02 12:10:14 2011 us=896000   push_ifconfig_defined = DISABLED
Tue Aug 02 12:10:14 2011 us=896000   push_ifconfig_local = 0.0.0.0
Tue Aug 02 12:10:14 2011 us=896000   push_ifconfig_remote_netmask = 0.0.0.0
Tue Aug 02 12:10:14 2011 us=896000   enable_c2c = DISABLED
Tue Aug 02 12:10:14 2011 us=896000   duplicate_cn = DISABLED
Tue Aug 02 12:10:14 2011 us=896000   cf_max = 0
Tue Aug 02 12:10:14 2011 us=896000   cf_per = 0
Tue Aug 02 12:10:14 2011 us=896000   max_clients = 1024
Tue Aug 02 12:10:14 2011 us=896000   max_routes_per_client = 256
Tue Aug 02 12:10:14 2011 us=896000   auth_user_pass_verify_script = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   auth_user_pass_verify_script_via_file = DISABLED
Tue Aug 02 12:10:14 2011 us=896000   ssl_flags = 0
Tue Aug 02 12:10:14 2011 us=896000   client = ENABLED
Tue Aug 02 12:10:14 2011 us=896000   pull = ENABLED
Tue Aug 02 12:10:14 2011 us=896000   auth_user_pass_file = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   show_net_up = DISABLED
Tue Aug 02 12:10:14 2011 us=896000   route_method = 0
Tue Aug 02 12:10:14 2011 us=896000   ip_win32_defined = DISABLED
Tue Aug 02 12:10:14 2011 us=896000   ip_win32_type = 3
Tue Aug 02 12:10:14 2011 us=896000   dhcp_masq_offset = 0
Tue Aug 02 12:10:14 2011 us=896000   dhcp_lease_time = 31536000
Tue Aug 02 12:10:14 2011 us=896000   tap_sleep = 0
Tue Aug 02 12:10:14 2011 us=896000   dhcp_options = DISABLED
Tue Aug 02 12:10:14 2011 us=896000   dhcp_renew = DISABLED
Tue Aug 02 12:10:14 2011 us=896000   dhcp_pre_release = DISABLED
Tue Aug 02 12:10:14 2011 us=896000   dhcp_release = DISABLED
Tue Aug 02 12:10:14 2011 us=896000   domain = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   netbios_scope = '[UNDEF]'
Tue Aug 02 12:10:14 2011 us=896000   netbios_node_type = 0
Tue Aug 02 12:10:14 2011 us=896000   disable_nbt = DISABLED
Tue Aug 02 12:10:14 2011 us=896000 OpenVPN 2.2.1 Win32-MSVC++ [SSL] [LZO2] built on Jul  1 2011
Tue Aug 02 12:10:14 2011 us=896000 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Tue Aug 02 12:10:15 2011 us=76000 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Tue Aug 02 12:10:15 2011 us=76000 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Tue Aug 02 12:10:15 2011 us=76000 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Tue Aug 02 12:10:15 2011 us=76000 LZO compression initialized
Tue Aug 02 12:10:15 2011 us=76000 Control Channel MTU parms [ L:1602 D:210 EF:110 EB:0 ET:0 EL:0 ]
Tue Aug 02 12:10:15 2011 us=76000 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Aug 02 12:10:15 2011 us=106000 Data Channel MTU parms [ L:1602 D:1450 EF:102 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Aug 02 12:10:15 2011 us=106000 Local Options String: 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
Tue Aug 02 12:10:15 2011 us=106000 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC, auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
Tue Aug 02 12:10:15 2011 us=106000 Local Options hash (VER=V4): 'a5d50645'
Tue Aug 02 12:10:15 2011 us=106000 Expected Remote Options hash (VER=V4): '14d315e7'
Tue Aug 02 12:10:15 2011 us=106000 UDPv4 link local: [undef]
Tue Aug 02 12:10:15 2011 us=106000 UDPv4 link remote: <- snip ->
Tue Aug 02 12:10:15 2011 us=106000 UDPv4 WRITE [86] to  <- snip ->P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0
Tue Aug 02 12:10:15 2011 us=106000 UDPv4 READ [0] from [undef]: DATA UNDEF len=-1
Tue Aug 02 12:10:17 2011 us=149000 UDPv4 WRITE [86] to  <- snip ->: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #2 ] [ ] pid=0 DATA len=0
Tue Aug 02 12:10:21 2011 us=225000 UDPv4 WRITE [86] to  <- snip ->: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #3 ] [ ] pid=0 DATA len=0
Tue Aug 02 12:10:29 2011 us=968000 UDPv4 WRITE [86] to  <- snip ->: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #4 ] [ ] pid=0 DATA len=0
Tue Aug 02 12:10:45 2011 us=430000 UDPv4 WRITE [86] to  <- snip ->: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #5 ] [ ] pid=0 DATA len=0
Tue Aug 02 12:11:15 2011 us=724000 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Aug 02 12:11:15 2011 us=724000 TLS Error: TLS handshake failed
Tue Aug 02 12:11:15 2011 us=724000 TCP/UDP: Closing socket
Tue Aug 02 12:11:15 2011 us=734000 SIGUSR1[soft,tls-error] received, process restarting
Tue Aug 02 12:11:15 2011 us=744000 Restart pause, 2 second(s)
Last edited by nlucchesi on Tue Aug 02, 2011 10:38 pm, edited 3 times in total.
Router: Asus RT-N16 (Tomato v1.28.0000 MIPSR2-102 K26 USB AIO)
Computers: FreeBSD x86, OSX 10.9, iOS 7
Top
User avatar
Mimiko
Forum Team
Posts: 1564
Joined: Wed Sep 22, 2010 3:18 am

Re: Configuring OpenVPN as Hotspot Proxy

Post by Mimiko » Tue Aug 02, 2011 5:36 pm

May be public Wifi is blocking UDP. Try to switch to proto tcp. Does your server pinging?
Top
nlucchesi
OpenVpn Newbie
Posts: 15
Joined: Tue Jul 12, 2011 11:40 pm
Location: Chicago
Contact:
Contact nlucchesi

Re: Configuring OpenVPN as Hotspot Proxy

Post by nlucchesi » Tue Aug 02, 2011 11:07 pm

Mimiko wrote:Does your server pinging?
My broadband connection is ATT DSL (Chicago area) and I have a dynamic IP address.

I configured my router (DD-WRT running on Asus RT-N16) to use DynDNS.org to maintain a dynamic domain name for me so that I can access my home router.

No, I can't get my dynamic domain name to respond to a PING.

Is there any chance that ATT DSL is blocking ports?

- nello
Router: Asus RT-N16 (Tomato v1.28.0000 MIPSR2-102 K26 USB AIO)
Computers: FreeBSD x86, OSX 10.9, iOS 7
Top
User avatar
Mimiko
Forum Team
Posts: 1564
Joined: Wed Sep 22, 2010 3:18 am

Re: Configuring OpenVPN as Hotspot Proxy

Post by Mimiko » Wed Aug 03, 2011 5:49 am

Is there any chance that ATT DSL is blocking ports?
Not sure about your provider policy. You have to trobleshout your connection issue to your server with that ATT DSL.
Top
User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:
Contact janjust

Re: Configuring OpenVPN as Hotspot Proxy

Post by janjust » Wed Aug 03, 2011 11:05 am

No, I can't get my dynamic domain name to respond to a PING.
first make sure you can use something like SSH to your dyndns address ; is the DD-WRT box configured for SSH? public access?
Is there any chance that ATT DSL is blocking ports?
could be, but if you run openvpn on TCP port 443 and change your client config accordingly then you have a good chance...
Top
Post Reply

Return to “Configuration”