OpenVPN Support Forum

Posted: **Mon Jan 10, 2011 10:41 pm**

Hello, please help me in the problem. A week apart from this problem. Immediately apologize of my English.
I want to connect 4 PCs, all running Windows 7 (up to this point used Hamachi-2, but there, through some repeaters decreases the speed here advised OpenVPN).
Two PCs in my house are behind a router (there is a stat. external adresses PC 192.168.1.2, 192.168.1.3), 1 pc of another provider (at the other end of town) and 1 PC to the router from abroad)

To make it more detailed:
These PC need to connect (do not know what to call it because I know bad this apart, connected by a principle of Hamachi-2 (as esteemed peer-to-peer), in general for games is necessary. There is a game Red Alert 3, play on a local network with Hamachi-2, all they see each other in "chat games", but because of the low speed can not play, it becomes a turn-based game. To solve the problem decided to try OpenVPN. It seems the server picked, customers connected, can ping each other, but in the game did not see each other. First, using a config option dev tun - in the game did not see each other, now tried to dev tap - server sees all clients, but clients not see each other).

Here network diagram:
2 PC (192.168.1.2 - 3) <----> | router | (external static IP 89 .*.*.*) <------------> I
---------------------------------------------------------------------------------------------- N
---------------------------------------------------------------------------------------------- T
1 PC (192.168.16.115 internal static IP from ISP) <----------------------------> E
---------------------------------------------------------------------------------------------- R
---------------------------------------------------------------------------------------------- N
-------------------------------------------------- ------------------------------------------- E
1 PC (192.168.1.2 )<----> | router | (external static IP 83 .*.*.*) <----------------> T

Here's the server config:

Code: Select all

port 1194
proto udp

dev tap
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
tls-auth ta.key 0

server 1.1.1.0 255.255.255.0
ifconfig-pool-persist ipp.txt
client-to-client
route 1.1.1.0 255.255.255.0
route 192.168.1.0 255.255.255.0
push "client-to-client"
keepalive 10 120
comp-lzo
max-clients 5
persist-key
persist-tun
status openvpn-status.log
verb 3

Here's the config of client:

Code: Select all

client
dev tap
proto udp

remote 89 .*.*.* 1194
resolv-retry infinite
nobind

persist-key
persist-tun

ca ca.crt
cert black.crt
key black.key

ns-cert-type server
tls-auth ta.key 1
comp-lzo
verb 3

Help solve this problem. Thank you!

Posted: **Mon Jan 10, 2011 10:47 pm**

Another problem encountered. Can not create file format PKCS12. I do not know what went wrong. Here's the log:

Code: Select all

C:\Program Files\OpenVPN\easy-rsa>vars
 
C:\Program Files\OpenVPN\easy-rsa>clean-all
Скопировано файлов:         1.
Скопировано файлов:         1.
 
C:\Program Files\OpenVPN\easy-rsa>build-ca
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
............++++++
.................++++++
writing new private key to 'keys\ca.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [UK]:
State or Province Name (full name) [OD]:
Locality Name (eg, city) [Odessa]:
Organization Name (eg, company) [OpenVPN]:
Organizational Unit Name (eg, section) []:Timur
Common Name (eg, your name or your server's hostname) []:OpenVPN-CA
Email Address [antariuz@*.*]:
 
C:\Program Files\OpenVPN\easy-rsa>build-key-server server
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
......++++++
..............++++++
writing new private key to 'keys\server.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [UK]:
State or Province Name (full name) [OD]:
Locality Name (eg, city) [Odessa]:
Organization Name (eg, company) [OpenVPN]:
Organizational Unit Name (eg, section) []:Timur
Common Name (eg, your name or your server's hostname) []:server
Email Address [antariuz@*.*]:
 
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Using configuration from openssl.cnf
Loading 'screen' into random state - done
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName           :PRINTABLE:'UK'
stateOrProvinceName   :PRINTABLE:'OD'
localityName          :PRINTABLE:'Odessa'
organizationName      :PRINTABLE:'OpenVPN'
organizationalUnitName:PRINTABLE:'Timur'
commonName            :PRINTABLE:'server'
emailAddress          :IA5STRING:'antariuz@*.*'
Certificate is to be certified until Jan  7 08:58:35 2021 GMT (3650 days)
Sign the certificate? [y/n]:y
 
 
1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
 
C:\Program Files\OpenVPN\easy-rsa>build-key-pkcs12 server
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
..............++++++
..........++++++
writing new private key to 'keys\server.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [UK]:
State or Province Name (full name) [OD]:
Locality Name (eg, city) [Odessa]:
Organization Name (eg, company) [OpenVPN]:
Organizational Unit Name (eg, section) []:Timur
Common Name (eg, your name or your server's hostname) []:server
Email Address [antariuz@*.*]:
 
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Using configuration from openssl.cnf
Loading 'screen' into random state - done
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName           :PRINTABLE:'UK'
stateOrProvinceName   :PRINTABLE:'OD'
localityName          :PRINTABLE:'Odessa'
organizationName      :PRINTABLE:'OpenVPN'
organizationalUnitName:PRINTABLE:'Timur'
commonName            :PRINTABLE:'server'
emailAddress          :IA5STRING:'antariuz@*.*'
Certificate is to be certified until Jan  7 08:59:03 2021 GMT (3650 days)
Sign the certificate? [y/n]:y
failed to update database
TXT_DB error number 2
Loading 'screen' into random state - done
No certificate matches private key
Не удается найти C:\Program Files\OpenVPN\easy-rsa\keys\*.old

Posted: **Tue Jan 11, 2011 4:07 pm**

Does anyone can help?

Posted: **Wed Jan 12, 2011 5:56 am**

1 thing that jumped out at me
push "client-to-client"
that is not a client option, so can not be pushed to clients

OpenVPN Support Forum

OpenVPN or how to configure it from the Windows 7

OpenVPN or how to configure it from the Windows 7

Also have one more question

Re: OpenVPN or how to configure it from the Windows 7

Re: OpenVPN or how to configure it from the Windows 7