OpenVPN Support Forum

the proxy returns

Fri Dec 02 15:16:54 2011 us=703000 Send to HTTP proxy: 'CONNECT myhomeip:1194 HTTP/1.0'
Fri Dec 02 15:16:54 2011 us=890000 HTTP proxy returned: 'HTTP/1.1 501 Not Supported'
Fri Dec 02 15:16:54 2011 us=890000 HTTP proxy returned bad status

try running the OpenVPN server on TCP port 443 - that might be supported; if not, you will need to talk to your proxy sysadmins....

I did a test with a webserver (IIS), it runs fine on port 8080 and I can connect (IIS 7 splash screen) so it works.
If I don't add a port to the config (myopenvpn) then it connects to 1194 whereas it should connect to 80 or 8080, can't I tell openvpn to connect to 8080 as default somewhere else?
The idea behind the openvpn was being able to connect from anywhere regardless of firewall/proxy. I could ask them but would prefer figuring out myself.

Note: I'm running the portable version in which I replace the openvpn.exe by a later version as suggested somewhere in a post (I've mentioned it in this post I think).

the firewall does not seem to allow a 'CONNECT IP:1194'
therefore, you need to run the server on port 80, 8080 or 443; you can do this using etc etc. The client needs to be adjusted accordingly;

???
I'm really sorry but I guess your working on to many tickets at the same time ....

I have a port forwarding on my router which forwards as well port 80, 443 as 8080 to 1194.
All these ports work fine (I tested that with a client which had no proxy on the network).

What about the access server? Wouldn't that be a solution to connect via a browser and so bypassing the proxy?

What about the access server? Wouldn't that be a solution to connect via a browser and so bypassing the proxy?

nope


As for your firewall issue: make sure TCP port 80 and/or 443 is forwarded to TCP port 1194 on your OpenVPN server, then start the client using the http-proxy rule; post the log file here.
Also try opening Internet Explorer and "browse" to <your-ip>:443 via the HTTP proxy - this should fail, of course, as IE is not an OpenVPN client, but you should see traffic on the server side, otherwise the proxy is also blocking this.

I postrd a webpage on port 8080 and a webserver inderneith. This works fine. It is most certainly the proxy I cannot pass.

then you are out of luck - talk to your firewall admins or try to duck the firewall using tools like 'httptunnel' or 'httunnel' - the downside is a severe performance penalty, however.

Thanks a lot for your help!
However, I solved the issue by using the option: proxy settings, HTTP proxy, prompt for user & password (not using config-file).
Probably I had the domain for proxy wrong (it was domain-x\username instead of domain\username).
In the configfile I commented everything regarding proxy, please find it below.

Now, I'm really eager to know more about the client settings.
Summarized: I use a portable openvpnclient 1.6.6, beneith all client settings.
Is there a page which explains every client-setting?
=> I would like to be able to use dns of openvpn for lookups in the openvpn-network, flexibly define which traffic to route or not through vpn
set password for connection in hashed file etc.

J.

-------

dev tun
tls-client

#cryptoapicert "SUBJ:Hoedt Jan"

#remote myopenvserver 80
remote myopenvpnserver 8080


# If redirect-gateway is enabled, the client will redirect it's
# default network gateway through the VPN.
# It means the VPN connection will firstly connect to the VPN Server
# and then to the internet.
# (Please refer to the manual of OpenVPN for more information.)

#redirect-gateway
#auth-nocache

#auto-proxy
#http-proxy 10.x.x.x 80 stdin ntlm

pull

proto tcp-client
#proto udp

script-security 2

ca ca.crt

comp-lzo

reneg-sec 0

auth-user-pass

verb 3

I'm not familiar with the portable openvpnclient 1.6.6 ; I normally categorically refuse to answer any questions related to Access Server

The client settings are all listed on the OpenVPN manual page (e.g. http://openvpn.net/index.php/open-sourc ... pn-21.html

DNS is tricky: either ALL DNS traffic is resolved via the VPN, or none at all. This is not a limitation of OpenVPN but of the DNS resolvers on the client OS - notably Windows is not too good at split-DNS. You can configure DNS on the server using 'push "dhcp-option DNS x.x.x.x"'

What do you mean by "I normally categorically refuse to answer any questions related to Access Server"?
This toppic is about OpenVPN Access Server, isn't it?(?)
Thanks, I'll have a look at the client settings. The link is for 2.x, would there be much difference?
I don't know how to configure the full client, there aren't much options (configfile etc) + there is no portable version of it (which I really need).
I could run the version through ThinApp but not sure if it would work.

This toppic is about OpenVPN Access Server, isn't it?(?)

yep, you were lucky - the category on this one slipped my attention, therefore I replied