Hello all. First time post. Just what everyone needed another newbie question. Please bear with me.
A little info on my system:
FreePBX 2.9.0.9 / Asterisk 1.8.8.0 / Centos Release 6.2
I installed OpenVPN by executing the following files at my server:
./install-EasyOpenVPN_part1.sh
./install-EasyOpenVPN_part2.sh
./create-EasyOpenVPN-client.sh
Followed the prompts and assume that I provided the required information appropriately.
In my /root/keys directory I find a sub-directory which I suppose was created by the install called:
PBX1.
In it are these files: ca.crt PBX1.conf PBX1.crt PBX1.key PBX1.tar ta.key
At this point I believe that the server side install is complete.
Next I forward port 1194 at my 2WIRE router to my server IP.
I then download and install openvpn-2.2.2-install on my Windows 7 laptop.
I then take PBX1.conf which contains this:
client
dev tun
proto udp
remote mypbx.dyndns.org 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert PBX1.crt
key PBX1.key
comp-lzo
verb 3
cipher aes-128-cbc
tls-auth ta.key 1
Save as PBX1.ovpn
I had also copied the .crt / .key / ovpn files into c:\Program Files(x86)\OpenVPN\config
Next I run openvpn GUI as Administrator and select PBX1.ovpn
The connection window comes up:
Tue Feb 21 17:15:48 2012 OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2] [PKCS11] built on Dec 15 2011
Tue Feb 21 17:15:48 2012 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue Feb 21 17:15:48 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Tue Feb 21 17:15:49 2012 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Tue Feb 21 17:15:49 2012 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Feb 21 17:15:49 2012 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Feb 21 17:15:49 2012 LZO compression initialized
Tue Feb 21 17:15:49 2012 Control Channel MTU parms [ L:1558 D:166 EF:66 EB:0 ET:0 EL:0 ]
Tue Feb 21 17:15:49 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Feb 21 17:15:49 2012 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Feb 21 17:15:49 2012 Local Options hash (VER=V4): '272f1b58'
Tue Feb 21 17:15:49 2012 Expected Remote Options hash (VER=V4): 'a2e63101'
Tue Feb 21 17:15:49 2012 UDPv4 link local: [undef]
Tue Feb 21 17:15:49 2012 UDPv4 link remote: 70.xx.xx.xx:1194
That is as far as I can get. I always see "Connecting" at the top of the connect window but never actually get connected. Either I really messed up somewhere or am totally confused as to how OpenVPN should be used.
Any assistance / recommendations would be greatly appreciated.
Thank you. Peter
Cannot VPN into my Asterisk / CentOS box
-
peterbata
- OpenVpn Newbie
- Posts: 4
- Joined: Tue Feb 21, 2012 3:59 pm
- Location: Canada
- Contact:
-
maikcat
- Forum Team
- Posts: 4200
- Joined: Wed Jan 12, 2011 9:23 am
- Location: Athens,Greece
- Contact:
Re: Cannot VPN into my Asterisk / CentOS box
hi there,
i am not familiar with the easy openvpn scripts but,
are you using pbx1.crt and pbx1.key on both server client?
can you post server config/logs?
Michael.
i am not familiar with the easy openvpn scripts but,
are you using pbx1.crt and pbx1.key on both server client?
can you post server config/logs?
Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
-
peterbata
- OpenVpn Newbie
- Posts: 4
- Joined: Tue Feb 21, 2012 3:59 pm
- Location: Canada
- Contact:
Re: Cannot VPN into my Asterisk / CentOS box
Hello Michael,
Thanks so much for the prompt reply. I believe that I am using pbx1.crt and pbx1.key on the client side. I reference them in the openvpn gui config file and have placed in the config folder.
As far as what is happening on the server side. I'm at a loss to tell you exactly what is going on there.
I will however, try to figure out how to generate those config/logs that you mention. I have spent most of my time in the Windows environment so the transition has been a little daunting to say the least.
Have a wonderful day. I appreciate your help and input very much.
Peter
Thanks so much for the prompt reply. I believe that I am using pbx1.crt and pbx1.key on the client side. I reference them in the openvpn gui config file and have placed in the config folder.
As far as what is happening on the server side. I'm at a loss to tell you exactly what is going on there.
I will however, try to figure out how to generate those config/logs that you mention. I have spent most of my time in the Windows environment so the transition has been a little daunting to say the least.
Have a wonderful day. I appreciate your help and input very much.
Peter
maikcat wrote:hi there,
i am not familiar with the easy openvpn scripts but,
are you using pbx1.crt and pbx1.key on both server client?
can you post server config/logs?
Michael.
-
peterbata
- OpenVpn Newbie
- Posts: 4
- Joined: Tue Feb 21, 2012 3:59 pm
- Location: Canada
- Contact:
Re: Cannot VPN into my Asterisk / CentOS box
Regardless of what I do, I am unable to VPN into my PBX server. I have spent the better part of a week trying to figure this out. What frustrates me even more, is when I think that I can setup and VPN into either a WIN2003 / WIN2008 server in approx 5 minutes.
-
maikcat
- Forum Team
- Posts: 4200
- Joined: Wed Jan 12, 2011 9:23 am
- Location: Athens,Greece
- Contact:
Re: Cannot VPN into my Asterisk / CentOS box
hi there,
create certs/keys on windows platform
copy paste the config to your linux box changing only file locations paths
removing (if any) windows specific directives (f.e route-method exe)
the only thing you must take care on centos is to set selinux in permissive state
and setup iptables to allow traffic (you can disable them also..)
Michael.
if you can setup your openvpn on windows you can do the following:What frustrates me even more, is when I think that I can setup and VPN into either a WIN2003 / WIN2008 server in approx 5 minutes.
create certs/keys on windows platform
copy paste the config to your linux box changing only file locations paths
removing (if any) windows specific directives (f.e route-method exe)
the only thing you must take care on centos is to set selinux in permissive state
and setup iptables to allow traffic (you can disable them also..)
Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
-
peterbata
- OpenVpn Newbie
- Posts: 4
- Joined: Tue Feb 21, 2012 3:59 pm
- Location: Canada
- Contact:
Re: Cannot VPN into my Asterisk / CentOS box
Hello again Michael.
Actually, what I meant was that I have setup VPN in the past on several occasions between Windows clients and Windows servers. However, you bring up an interesting suggestion. I will give a try. Thanks again for all the help. I really appreciate the effort. Peter
Actually, what I meant was that I have setup VPN in the past on several occasions between Windows clients and Windows servers. However, you bring up an interesting suggestion. I will give a try. Thanks again for all the help. I really appreciate the effort. Peter
maikcat wrote:hi there,
if you can setup your openvpn on windows you can do the following:What frustrates me even more, is when I think that I can setup and VPN into either a WIN2003 / WIN2008 server in approx 5 minutes.
create certs/keys on windows platform
copy paste the config to your linux box changing only file locations paths
removing (if any) windows specific directives (f.e route-method exe)
the only thing you must take care on centos is to set selinux in permissive state
and setup iptables to allow traffic (you can disable them also..)
Michael.
-
jimm1909
- OpenVpn Newbie
- Posts: 3
- Joined: Sat Dec 03, 2011 12:51 am
Re: Cannot VPN into my Asterisk / CentOS box
Hi Peter,peterbata wrote:Hello again Michael.
Actually, what I meant was that I have setup VPN in the past on several occasions between Windows clients and Windows servers. However, you bring up an interesting suggestion. I will give a try. Thanks again for all the help. I really appreciate the effort. Peter
maikcat wrote:hi there,
if you can setup your openvpn on windows you can do the following:What frustrates me even more, is when I think that I can setup and VPN into either a WIN2003 / WIN2008 server in approx 5 minutes.
create certs/keys on windows platform
copy paste the config to your linux box changing only file locations paths
removing (if any) windows specific directives (f.e route-method exe)
the only thing you must take care on centos is to set selinux in permissive state
and setup iptables to allow traffic (you can disable them also..)
Michael.
I am struggling with the same issue right now with my Residential Voip and Business Phone System. Did Michael's suggestion help?
What ended up resolving it for you?
Thanks
Jim