Fedora Servers :: OpenVPN Setup On FC12 - Ethernet Ports?
Apr 12, 2010
I am trying to setup a VPN on my FC 12 box. Looks like getting openvpn to work behind NAT is as easy as just forwarding the ports. Do I need to forward any specific protocols (GRE, etc)? Also, can I do this with one Ethernet port (IE: RJ-45 jack), or do you recommend a second ethernet port? I could add in another PCI ethernet card if it makes it easier. Anyone know if a single ethernet jack will work or do I need two?
View 2 Replies
ADVERTISEMENT
Sep 9, 2010
I'm following this guide [URL]. I am trying to use a bridge to vpn from work to home.
/etc/network/interfaces
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto br0
iface br0 inet dhcp
bridge_ports eth0
iface eth0 inet manual
up ifconfig $IFACE 0.0.0.0 up
up ip link set $IFACE promisc on
down ip link set $IFACE promisc off
down ifconfig $IFACE down
I am forced to use dhcp because of my router. (although it is a static lease) I think this is where I am hung up. Everything else seems to be working properly though. I have a windows client connecting but is limited to the server serving out openvpn. (192.168.1.21) In other words it is not functioning as a bridged vpn service.
ifconfig
openvpn server.conf
local 192.168.1.21
port 1199
proto udp
dev tap0
up "/etc/openvpn/up.sh br0"
down "/etc/openvpn/down.sh br0"
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
dh dh1024.pem
ifconfig-pool-persist ipp.txt
server-bridge 192.168.1.21 255.255.255.0 192.168.1.100 192.168.1.200
keepalive 10 120
tls-auth ta.key 0 # This file is secret
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
View 2 Replies
View Related
Sep 1, 2011
I'm currently trying to set up OpenVPN on my Ubuntu Server, however I'm having trouble setting up bridging. I am following the tutorial for bridging that is located on the Wiki here: [URL] At the current time my /etc/network/interfaces looks like this (default from Ubuntu install):
[Code]...
View 9 Replies
View Related
Feb 1, 2010
I just installed fc12 (64 bit) on a t61p laptop. If the ethernet is connected when the laptop is powered up, it is seen and is present in the network configuration hardware profile. If I wait until the machine is booted before I connect it, it isn't present. How do I make it so that I can connect the ethernet at any time?
Except for this minor nit, everything else worked perfectly right out of the box.
View 3 Replies
View Related
Jan 17, 2011
I am trying to setup an OpenVPN server in bridged mode (Ubuntu 10.04 Lts). The goal is for the clients to be able to reach all the servers behind Openvpn server's lan. I have followed the official OpenVPN guide for Ubuntu 10.04.
My network setup is:
Private lan: 10.90.90.0-255 255.255.255.0
Gateway: 10.90.90.1
Openvpn server ip: 10.90.90.8
Gateway public ip: 79.xxxxxxxxx
I have forward port 1195 to the Vpn server through my gateway firewall.Besides that no other firewall is running.I can connect and ping the server both from windows and ubuntu clients. The difference is that from windows I can reach the private lan but not from ubuntu clients.
View 2 Replies
View Related
Jun 29, 2011
I've had an issue in KDE where each time I restart my computer, I get 5-7 notifications that it wasn't able to connect to my ethernet port. (Or something close to that) I think it's trying to connect to my marvell port over and over. Has this happened with anyone else? I think I remember this happening with Ubuntu as well only it only tried to connect to that port once and then stopped trying.
View 1 Replies
View Related
Dec 12, 2010
I have recently installed an ltsp system, client and server. Everything works except i cannot get my client side serial ports to work or register for that matter. Can anyone point me to the steps i should take to get these working.
View 1 Replies
View Related
Jan 21, 2010
After fixing network issue (change to vanilla kernel) and configuring alsa sound drivers, I realise that I may be spending some time doing some more config before putting my machine to hardcore use!
So, is it possible or can anyone recommend a program that can do an image of the hdd which I can save on an external drive and install/reinstall it on hard drive if i ever need to?
View 1 Replies
View Related
Feb 14, 2011
Within the documentation of example OpenVPN setups there is a setup that shows an OpenVPN Server with two network interfaces. One interfaces is plugged into the public internet network and the second interface is plugged into the private network.
Normally I assume that it would be best to place the OpenVPN system inside the network behind the router and firewall and open only the ports needed on the router to allow access to the OpenVPN system. All other router ports would be closed. This is the first example they show. To see what I am talking about see page(s) 6-7 here -> [URL]
If one were to use the two interface public facing setup, when would that setup best be justified? I guess if you didn't want to open any ports on the router/firewall then this could be justified but then you have to lock down this public system individually instead of having it protected by the network firewall.
View 1 Replies
View Related
Apr 12, 2010
I've updated software and want to run :
jabberd-2.2.8-5.fc12 (i686)
View 2 Replies
View Related
Jan 30, 2010
Networking problem obviously
View 1 Replies
View Related
Apr 12, 2010
i just installed Fedora 12, clean without anything change in it. I opened services dialog, and the openvpn service have status:dead, however it shows that it is enabled.when i try to run it as:/sbin/service openvpn start.It write OK. However if check it:/sbin/service openvpn status it write that service not running. What is a point of a problem? I have opened openvpn in FireWall,however without success, may be some additionsl services for openvpn are not running?
View 1 Replies
View Related
Apr 16, 2010
I have a system with one (sometimes two) ethernet ports, that works happily in an old Fedora 5 build. But I can't get it to work on a new Centos 5.4 build. Original system: One dedicated ethernet port on card always connected to the systems dedicated equipment and no external access (the system is the DHCP master for that network). An optional second USB dongle that is a second ethernet port, used for debugging and development. (This is a DHCP client with full conectivity. In /etc/sysconfig/network-scripts I have ifcfg-eth0, ifcfg-eth1 and a route-eth0. Neither of the ifcfg files needs an explicit HWADDR, which means the same ones work for all boxes. And when one needs to be connected to the network all is fine.
The system is being moved to Centos 5.4, most is working with minimal change, but I am having problems with the ethernet ports. If it only has the on board ethernet connected, all is fine. If you have the USB dongle connected things go wrong: This system brings up the USB ethernet first, and tries to assign it to eth0 (which fails), and then brings up the on board ethernet as eth1 (which also fails). I have tried forcing the behaviour of the network by setting the HWADDR(s), but this does not result in the on board coming up as eth0, it comes up as __tmpxxxx as follows:
ifconfig -a
__tmp226406138 Link encap:Ethernet HWaddr 00:80:66:07:A8:63
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
[Code]...
Currently the only solution is to unplug the USB dongle through restart and plug in afterwards, and this wont work when the unit is remote and in the field.
View 14 Replies
View Related
Mar 28, 2010
I've been struggling for days trying to open port 53 and 25 but can't get it to work. My iptables at /etc/sysconfig contains the following:
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0] .....
On the server machine when I do port scan with nmap I see the following result:
Starting Nmap 4.76 [URL] at 2010-03-28 01:03 CET
Warning: Hostname localhost resolves to 2 IPs. Using 127.0.0.1.
Interesting ports on localhost (127.0.0.1):
Not shown: 986 closed ports .....
But when I try to do telnet from an external machine, e.g:
telnet <IP of host> 53
I get:
Connection refused
telnet: Unable to connect to remote host
I also did a port scan with a tool on an external machine but port 53 and 25 weren't listed as opened ports. Also CheckDNS.net on the server returns "Connection reset. Probably DNS server is offline". I am 100% sure that named and sendmail are running. When I do a ps -aux I see:
named 9261 0.0 0.3 85528 14784 ? Ssl 00:46 0:00 /usr/sbin/named -u named
root 2550 0.0 0.0 9536 1960 ? Ss Mar23 0:02 sendmail: accepting connections
View 14 Replies
View Related
Jun 16, 2009
I had configured openvpn in my fedora 7. every thing seems ok. created all server,client certificates. and at client laptop i am using win xp. i installed vpn at client laptop n vpn is connected and client got the ip address of the range which i had defined in server.conf.
Now the problem is this that client vpn is connected and got the ip even than client not able to ping local network of my office.guys ur support n guidance needed.
View 1 Replies
View Related
Aug 15, 2010
lspci reports 07:00.0 Ethernet controller: Marvell Technology Group Ltd. 88E8056 PCI-E Gigabit Ethernet Controller (rev 12) 08:00.0 Ethernet controller: Marvell Technology Group Ltd. 88E8056 PCI-E Gigabit Ethernet Controller (rev 12) eth0 is picked up (light when I plug n the cable lights up). nothing for eth1.
other OSes on the same machine pick up both.
My /etc/network/interfaces file looks like
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
iface eth1 inet static
[Code]...
For those who are interested, I have an adsl modem and a router is connected to the modem. eth1 is a connection to the modem. eth0 to the router.
View 5 Replies
View Related
Apr 8, 2011
My first one is the network: Our routers' ethernet ports are all in use and I cant get one of them. So Im asking you what I need to buy. Our router now is a speedport w701v. The new router should have wlan and good working LAN. It shouldnt be very expensive... give me some tips what I should look for (because Im very new with router...) and maybe give me a link where they tested many routers (and where I can trust the results).
View 3 Replies
View Related
Apr 9, 2010
I have 2 (some future machines will have 4) ethernet ports. I want to have them configured such that if any gets unplugged, as long as at least one of them is plugged in, it can reach the network (even if via a different IP address), and it can be reached (at least when trying a working IP address). I tried this for /etc/network/interfaces:
Code:
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
[Code]...
View 15 Replies
View Related
Jun 28, 2010
I need to ask about Virtual Interface, as I need to use my ethernet interface to act as two ethernet ports. As I need to give eth0 an IP address and give eth0.5 another ip address, and make some natting and other issues. Can I do that with the same interface?
View 3 Replies
View Related
May 4, 2011
I finally got the certs to configure:
openvpn --config server.conf
Tue May 3 17:26:27 2011 OpenVPN 2.1.1 i686-redhat-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Jan 5 2010
Tue May 3 17:26:27 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Tue May 3 17:26:27 2011 Diffie-Hellman initialized with 1024 bit key
Tue May 3 17:26:27 2011 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue May 3 17:26:27 2011 ROUTE default_gateway=192.168.122.1
Tue May 3 17:26:27 2011 TUN/TAP device tun0 opened
Tue May 3 17:26:27 2011 TUN/TAP TX queue length set to 100
Tue May 3 17:26:27 2011 /sbin/ip link set dev tun0 up mtu 1500
Tue May 3 17:26:27 2011 /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
Tue May 3 17:26:27 2011 /sbin/ip route add 10.8.0.0/24 via 10.8.0.2
Tue May 3 17:26:27 2011 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Tue May 3 17:26:27 2011 Socket Buffers: R=[114688->131072] S=[114688->131072]
Tue May 3 17:26:27 2011 UDPv4 link local (bound): [undef]:1194
Tue May 3 17:26:27 2011 UDPv4 link remote: [undef]
Tue May 3 17:26:27 2011 MULTI: multi_init called, r=256 v=256
Tue May 3 17:26:27 2011 IFCONFIG POOL: base=10.8.0.4 size=62
Tue May 3 17:26:27 2011 IFCONFIG POOL LIST
Tue May 3 17:26:27 2011 Initialization Sequence Completed
But openvpn still won't start; where to go from here.
Tue May 3 17:54:25 2011 TCP/UDP: Socket bind failed on local address 192.168.122.3:1194: Address already in use
Tue May 3 17:54:25 2011 Exiting
View 3 Replies
View Related
Apr 9, 2011
I have a Opensuse 11.4 workstation that has two ethernet ports and I was wondering if there is the chance to use the other ethernet port as a switch to a Mac/PC?
View 2 Replies
View Related
Feb 27, 2011
I had 2 Ethernet ports and neither of them were working on a fresh build a friend was struggling with. After reading the suggestions to fix the issue and thinking that there had to be an easier way I had an epiphany. I would go to my spare parts box and bring out my old Netgear GA311 and pop it into the slot. So after searching for 10 minutes I found it and installed it. Booted up the rig and it found that right away (SWEET) now that's not the fix anybody can do that, once I updated Ubuntu the on-board ports started working (that's what I'm using now). I can't explain what the update did but for a few bucks a used card in the tool box might not be a bad idea!
Mother board is a Gigabyte GAX58A-UD5 Rev.1 Personally I'm an ASUS guy.
View 1 Replies
View Related
Apr 30, 2011
Just recently got a new rig, and was wondering, is there a way to share internet via a switch. I understand the problems with switches is that they dont assign IPs like routers do, but if my ubuntu machine worked like a router by assigning IPs, could it work? Current setup is as such. I have one ubuntu machine with 1 ethernet port (this shall be the main preferably) 1 mac with a single ethernet port 1 modem with a single ethernet port that cannot assign more than one IP address. And a 5 port switch. Would it be possible to place the modem into the switch, get the ubuntu machine to receive the IP address, and broadcast all other address' to everyone else via the same switch and ethernet cable?
View 3 Replies
View Related
Aug 9, 2010
i have installed openvpn and config it for a tunnel. my server.conf and client,conf is as follow:
server.conf
port 1194
proto udp
[code]...
View 1 Replies
View Related
Mar 11, 2010
I'm currently using Ubuntu 9.1, and a motherboard which has two Ethernet ports on it.
What I would like to do is bridge these ports, so I can plug in another Ethernet cable and run it to an unmanaged switch in my room (handy for my work laptop when on-call and building other PCs, etc).
I.e. Router --> 8-Port Switch --> My PC.
Eth 0 --> 192.168.1.100 static
Eth 1 --> 5-Port Switch --> DHCP
I believe this is the config to make the ports bridged:
ifconfig Eth0 0.0.0.0
ifconfig Eth1 0.0.0.0
brctl addbr Bridge0
brctl addif Bridge0 Eth0
brctl addif Bridge0 Eth1
ifconfig Bridge0 up
- How do I save this so upon reboot it sticks?
- How do I force Eth0 to remain as a static IP of 192.168.1.100?
View 8 Replies
View Related
Jan 17, 2011
Looking for a test tool where I can fire up any number of ports (TCP and / or UDP) to listen on.
I am currently getting my using nc but its only 1 port at a time (i know I can open up multiple sessions but thats cumbersome), it can't do UDP, and it closes at the end of the session.
A friend has suggested socat but it looks pretty much the same except it can do UDP, but also cumbersome, I have to manually output to a different file per port, etc.
Basically its so I can quickly test firewall and NAT rules.
View 7 Replies
View Related
Aug 23, 2010
I have loaded Suse 10.3 on a system that has 4 Ethernet ports, all Intel chipsets. 2 ports have the 82571 chipset, 1 port has the 82573 chipset and the last one has the 82567. The 82567 chipset can use the e1000 driver and the 8257x chipsets require the e1000e driver. We are only actually using the 82571 ports.
When the system is booted, the 82567 seems to get bound to the e1000 driver and the 82573 gets bound to the e1000e driver. Doing an "lsmod" I see both drivers loaded. It appears the 82571 drivers are getting bound to the e1000 driver which is a major problem. They work for a while but eventually they lock up with enormous error counts according to "ifconfig". How I know the e1000 driver is bound to the 82571 ports is that when I remove it(modprobe -r e1000) and then try to use one of them, I get a "network unreachable". When e1000 is loaded these ports seem to work fine. I tried modding the file in /etc/sysconfig/hardware that corresponds to the PCI address of these ports(i.e., hwcfg-bus-pci-0000:08:00.0) to force the module to e1000e, but no luck there either.
View 1 Replies
View Related
Dec 10, 2010
Can anyone recommend a good tutorial in how to use/setup a VPN using openVPN? I've registered with strongvpn.com but am a complete newb to setting up VPN on Ubuntu.
View 1 Replies
View Related
Apr 18, 2010
I have a tricky problem which I could soIve with a c program. I wrote one and found I didnt have gcc so I tried to install it. I was told I needed to install packages. I acknowledged and an error was generated gcc-4.4.2-7.fc12.i686 requires libgomp = 4.4.2-7.fc12 I try to install libgomp and go round again.
View 2 Replies
View Related
Mar 31, 2010
I'm trying to setup OpenVPN to use a third party CA, and its unclear to me how to use the serial and index.txt files that are created when one uses the easy-rsa scripts to setup OpenVPN. If i'm using my own CA can I ignore those? Its also unclear to me how OpenVPN figures out the server.key passphrase. I'd also like to leverage the --tls-verify cmd directive but I am unsure of where to specify it.
What I would like to do is have --tls-verify call a perl script that then verifies that the CN of the certificate the client is passing in matches a cn in an LDAP group. I figure I can do the LDAP group lookup with some easy perl stuff, its unclear to me though if --tls-verify is going to pass in the RDN of the client cert.
View 2 Replies
View Related
