OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

Just no connection

https://forums.openvpn.net/viewtopic.php?t=7153

Page 1 of 1

Just no connection

Posted: Sun Oct 03, 2010 2:10 am
by kkaal
I have set up a Suse server and installed openVPN according to http://www.komaii.com/linux/openvpn-on-SuSE10.0/

This is the server config file:

Code: Select all

port 1194
dev tun
ca /etc/openvpn/ssl/ca.crt
cert /etc/openvpn/ssl/server.crt
key /etc/openvpn/ssl/server.key
dh /etc/openvpn/ssl/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
persist-key
persist-tun
status
tls-server
I start the openVPN server on the linux on the command line. This is the output:

Code: Select all

xxxxx:/usr/local/src/openvpn-2.0.9/easy-rsa # openvpn /etc/openvpn/server.conf
Sun Oct  3 12:42:41 2010 OpenVPN 2.0.9 i686-suse-linux [SSL] [LZO] [EPOLL] built on Oct  2 2010
Sun Oct  3 12:42:41 2010 Diffie-Hellman initialized with 1024 bit key
Sun Oct  3 12:42:41 2010 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sun Oct  3 12:42:41 2010 TUN/TAP device tun0 opened
Sun Oct  3 12:42:41 2010 /sbin/ip link set dev tun0 up mtu 1500
Sun Oct  3 12:42:41 2010 /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
Sun Oct  3 12:42:41 2010 /sbin/ip route add 10.8.0.0/24 via 10.8.0.2
Sun Oct  3 12:42:41 2010 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Sun Oct  3 12:42:41 2010 UDPv4 link local (bound): [undef]:1194
Sun Oct  3 12:42:41 2010 UDPv4 link remote: [undef]
Sun Oct  3 12:42:41 2010 MULTI: multi_init called, r=256 v=256
Sun Oct  3 12:42:41 2010 IFCONFIG POOL: base=10.8.0.4 size=62
Sun Oct  3 12:42:41 2010 IFCONFIG POOL LIST
Sun Oct  3 12:42:41 2010 Initialization Sequence Completed
This seems to be ok. I checked it by sending a ping to 10.8.0.1. That works.

I try to connect from a openVPNGUI on a Windows 7.

Config file on the Windows7 client:

Code: Select all

client
dev tun
proto udp
remote www.myserver.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client1.crt
key client1.key
comp-lzo
verb 3
When I try to connect, I get this output:

Code: Select all

Sun Oct 03 14:00:21 2010 OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Aug 20 2010
Sun Oct 03 14:00:21 2010 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Sun Oct 03 14:00:21 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sun Oct 03 14:00:21 2010 LZO compression initialized
Sun Oct 03 14:00:21 2010 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sun Oct 03 14:00:21 2010 Socket Buffers: R=[8192->8192] S=[32768->32768]
Sun Oct 03 14:00:21 2010 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Sun Oct 03 14:00:21 2010 Local Options hash (VER=V4): '41690919'
Sun Oct 03 14:00:21 2010 Expected Remote Options hash (VER=V4): '530fdded'
Sun Oct 03 14:00:21 2010 UDPv4 link local: [undef]
Sun Oct 03 14:00:21 2010 UDPv4 link remote: xxx.xxx.xxx.xxx:1194
When I try to ping the server (10.8.0.1), I get no answer back.

The firewalls on the server and the client are switched off temporarily.

What am I doing wrong?

Re: Just no connection

Posted: Wed Oct 06, 2010 11:43 am
by kkaal
I am serious, I need to make this setup fly.

Are there no gurus who could at least tell me what and how I could test??

Re: Just no connection

Posted: Thu Oct 07, 2010 5:10 am
by george
It looks like you may be missing some things in your config.

Compare to my working server.conf:

Code: Select all

local 192.168.xxx.xxx #LAN IP
port 1194
proto udp
dev tun0 #static device to iptables rule sets
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key  # This file should be kept secret
dh /etc/openvpn/easy-rsa/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
ifconfig 10.8.0.1 10.8.0.2 #server tun0 ip
push "route 192.168.x.0 255.255.255.0"
push "route 192.168.x.0 255.255.255.0"
push "route 192.168.x.0 255.255.255.0"
push "route 192.168.x.0 255.255.255.0"
push "route 192.168.x.0 255.255.255.0"
push "route 192.168.x.0 255.255.255.0"
push "route 192.168.xx.0 255.255.255.0"
push "route 192.168.xx.0 255.255.255.0"
push "route 192.168.xx.0 255.255.255.0"
push "route 192.168.xx.0 255.255.255.0"
push "route 192.168.xx.0 255.255.255.0"
push "route 192.168.xxx.0 255.255.255.0"
push "dhcp-option DNS 192.168.xxx.xx"
keepalive 10 120
comp-lzo
daemon
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log 5
status-version 2
log-append  /etc/openvpn/openvpn.log
verb 4
management localhost 7505
plugin /usr/lib/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login

route 10.8.1.0 255.255.255.0
route 10.8.2.0 255.255.255.0
route 10.8.3.0 255.255.255.0
route 10.8.4.0 255.255.255.0
client-config-dir /etc/openvpn/ccd
Also, make sure you are getting the routes from the server on the client.

Re: Just no connection

Posted: Fri Oct 08, 2010 11:55 am
by Douglas
Sun Oct 03 14:00:21 2010 UDPv4 link local: [undef]
Sun Oct 03 14:00:21 2010 UDPv4 link remote: xxx.xxx.xxx.xxx:1194
If it ends here, it's not connecting. Firewalls?

Re: Just no connection

Posted: Fri Oct 08, 2010 12:43 pm
by krzee
double check that your firewalls are not dropping anything.
if your server is behind a NAT, double check your port forwarding for the right ip/port/protocol.
make sure that your clients are using the correct ip/port/protocol

Your client is not reaching the openvpn process on your server, basic networking issue.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/