Server :: Ubuntu 10.10 - OpenVPN And Masquerading
Dec 12, 2010
I have set up OpenVPN Server on a VM (Ubuntu 10.10) running virtualbox bridged to the host. Everything is working fine excepts the fact that I cant seem to be able to assign internal IP (VPN Server) to client connecting. Let me explain: All my clients are connecting and accessing the internet without any issue. Where I have an issue is that all my clients come out the other way on the internet with my server ip address which kind of defeat the purpose. Is there a way (keeping in mind that I am running the server in a VM) to have all my clients accessing the internet with an IP provided by the VPN Server?
View 4 Replies
ADVERTISEMENT
Jul 27, 2010
I've been on a quest to enable full routing through my openvpn tunnel between my office and the colo. Masquerading will work, however it will throw off anything key based and makes a lot of things just more difficult and vague in general. Is there an easy way to do this via iptables? I tried using quagga hoping it would magically solve my problems, however it does not seem to do my routing for me . I just did a basic static route within zebra...
View 3 Replies
View Related
Feb 13, 2010
I want to configure a VPN over the Internet.I installed the 'openvpn' package, generated the key file, transfered it by a secure way to the client, and setted up the configuration file.
So, in that configuration file I input the IP addresses of the tunneled interfaces. Both IPs are static in the tunnel.
Then, I've heard somewhere that I can assign a dynamic configuration IP for the client. I do this registering a range.
Well, when I tried to change static IP to dynamic IP (changing '192.168.0.2' to '192.168.0.0/24') in the configuration file, the OpenVPN didn't work.
Obviously I don't know what I'm doing, and I really, don't believe that simply changing the IP will make it work, but I tried.
I hope I explained my problem as well.
My configuration file:
# OpenVPN Server Configuration File
dev tun 0
ifconfig 192.168.0.1 192.168.0.2
cd /etc/openvpn
secret key_file
In client I execute the 'openvpn' without the '--daemon' parameter.Then I want that my client uses a IP in a range (192.168.0.0/24, for example), instead of a static IP (192.168.0.2).I also thought to use a DHCP server, but I'm not sure that will work.
View 6 Replies
View Related
Feb 11, 2010
l have been trying to enable masquerading in sendmail. I've started from scratch. Here's what I did:
1.My Mail Server name is "ids.com" and local hostname is "server"
2. When I send the mail from my user to other user. The mail goes with user@server
All this allows me to send mail from all of my computers. Now, to get masquerading:
3. I have MASQUERADE_AS(`ids.com'), MASQUERADE_DOMAIN(`ids.com'), and FEATURE(`masquerade_entire_domain'). I also added "ids.com" to /etc/mail/local-host-names to be able to receive mail addressed to that domain.
This masquerades mail originating on the server, but still the mail from the other computers has a "From:" line of the form user@hostname.
View 2 Replies
View Related
Apr 24, 2011
I have a Centos 5.5 Server, Servername is CentOS1. It has a Forum and a HelpDesk. The Help Desk software SENDS and acknowledgement to the user and emails to all the people on the support desk. Users can reply to emails only by accessing the helpdesk NOT by mail. Thus the server is configured to only SEND mail and not to receive any mail at all.
Mail Server is Sendmail.
Hosts file reads : -
# Do not remove the following line, or various programs that require network functionality will fail.
127.0.0.1CentOS1.tech.xxxxx.com CentOS1 localhost.localdomain localhost
::1localhost6.localdomain6 localhost6
There is NO MX Record because this server receives NO mail, it's send only. Unfortunately, the mail it sends has a From Header which is @CentOS1.tech.xxxxx.com. I want it to send from @xxxxx.com. I've read all the howtos on Masquerading and I've tried many, many things, but with the same results. It will NOT change the From. I had it working perfectly a long time ago with a SuSE server, but I can't for the life of me remember what I did. I know I also battled a bit.
The last few lines of sendmail.mc read : -
LOCAL_DOMAIN('localhost.localdomain')dnl
dnl #
dnl # The following example makes mail from this host and any additional
dnl # specified domains appear to be sent from mydomain.com
dnl #
dnl MASQUERADE_AS('xxxxx.com')dnl
dnl FEATURE(masquerade_envelope)dnl
dnl FEATURE(masquerade_entire_domain)dnl
dnl MASQUERADE_DOMAIN(localhost)dnl
dnl MASQUERADE_DOMAIN(localhost.localdomain)dnl
dnl MASQUERADE_DOMAIN(CentOS1.tech.xxxxx.com)dnl
dnl MASQUERADE_DOMAIN(CentOS1)dnl
dnl MASQUERADE_DOMAIN(tech.xxxxx.com)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
dnl MAILER(cyrusv2)dnl
I've tried each one of the MAQUERADE_DOMAIN in turn, none of them work and yes, I have remade it.
View 15 Replies
View Related
Apr 30, 2009
I have some problem getting masquerade works, but no luck. I created a cronjob that do a backup which will notify me by email. I was able to received the email with from "root@domain.mydomain.com" I want to change this to root@mydomain.com, I tried do the masquerade and it does not work.
View 6 Replies
View Related
Sep 13, 2010
Have a router running OpenSUSE 11.3. I have 3 interfaces
eth0 192.168.0.0/24 - local network
eth1 - The Internet if
eth2 - Citynet
I have configured routing and it works. I can browse the Internet from local net. However, I want to connect to my workstation (192.168.0.3) from Citynet interface. I've made masquerading rule in Yast it works just fine like a proxy do (on 192.168.0.2 local server). Now I need to run VPN server in my local net to connect from Citynet interface, and I have problems with it. I've configured pptpd on the router and it work for local network and I have a vpn server under Windows on 192.168.0.2
So my questions are:
1. What do I need to do in yast to allow vpn (pptp) ftom eth2 to 192.168.0.2?
2. What do I need to do in yast to allow vpn on router?
Some how I succeed to make redirection to 192.168.0.2 and it worked, but I've tried to change it to router and can't get it work again.
In all these cases client has the next message:
pptp[109]: LCP: timeout sending Config-Requests
pptp[109]: Connection terminated.
pptp[109]: Modem hangu
View 2 Replies
View Related
Jul 19, 2011
I am literally quite stuck with proftp the version being: ProFTPD Version 1.3.3e# I have the following config:
[Code]...
I mean would I need to logically seperate out a series of passive ports and then open them using my custom routers NAT, so each passive port goes to its own virtual host as such? Just a bit confused about what the next steps would entail I mean I don't have any firewall on my Linux box, don't see the point since I use pfSense and an IPS/IDS and it's never been hacked since!
View 2 Replies
View Related
Jan 25, 2011
How to Nat. I wanted to be able to resolve something like
ftp.myfirstdomain.com to 192.168.0.2
Then ftp.mysecond.com to 192.168.0.3
Just as a random example, I know these cannot be done using name based virtual hosts like in Apache. But I got this working internally using my LAN connection and the 2 IP addresses above, with Bind DNS pointing the dns's to those 2 ip addresses respectively. This worked, yet when I tried connecting from my work place to transfer some files, it kept going to the default user's home directory. Just wanted to get this project finished, 2 domains and one public facing IP address.
View 3 Replies
View Related
Apr 5, 2010
i have some problems with configuring openvpn tunnel connection to my openvpn server. I'm using static-key tcp connection. Network manager always said to me that connection could not be established. Also, when i try to run openvpn from terminal, i got some strange permissions problem:
Code:
openvpn --config config.ovpn
Mon Apr 5 15:48:37 2010 OpenVPN 2.1_rc19 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Oct 13 2009
Mon Apr 5 15:48:37 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Apr 5 15:48:37 2010 /usr/sbin/openvpn-vulnkey -q moj.key
[code]....
View 1 Replies
View Related
Oct 23, 2010
I'm trying hard to run an openvpn server on a openvz VPS, the problem is packets sent from openvpn server process, doesnt reach the client, so connection is never stablished (I run tcpdump on server and wireshark on client to carefully investigate whats wrong), the first guess is that a kind of firewall is blocking traffic (I tried connecting to server through different ISP's but it's possible the national network provider applied some filtering but it cant be on IP,src port or dst port as I'd tried different configuration.
what about deep packet inspection technics, is it possible to block my traffic?) but at exactly the same time I can transmit UDP packets using netcat from server to the guest. there is no firewall enabled in between, I had tried, tcp and udp, tried both open vpn and openvpnAS and tried any thing one can imagine! the VPN is configured as a routed (TUN) type on debian
View 9 Replies
View Related
Aug 9, 2010
i have installed openvpn and config it for a tunnel. my server.conf and client,conf is as follow:
server.conf
port 1194
proto udp
[code]...
View 1 Replies
View Related
Jul 6, 2010
i just one to emulate the windows 2003 - windows XP easy VPN deployment, with my ubuntu server.I got my server side (ubuntu) and client side ( openVPN gui) and everything looks okbut now, i cant make a //server/SHARED and get from my house to the office's docs, despite the conection its ok... whats wrong?
View 14 Replies
View Related
Apr 12, 2011
We're setting up an OpenVPN access server, a quite straight-forward and very customizable system. Only we have a problem, I guess caused by Apache, when we try to reach the client web server via a custom port (see screenshot in attachement) we get the following error: Code: 501 Not Implemented. The requested method is not implemented by this server. Although we have added on the cisco router a port forwarding for port number 9943. It is working when we access the website : port with the local IP address [URL]...
View 2 Replies
View Related
Apr 26, 2010
What client can I use on a MAC to connect to an openvpn server?
All the client s seem to use password connections whereas the openvpn server uses certificates.
View 3 Replies
View Related
Jul 15, 2010
I had recently setup an OpenVPN server on x64 10.04 via the guide found at: [url]
Everything was working perfectly, all clients were able to connect etc.
Today I needed to reboot for a completely unrelated issue - only to find that upon logging in, openVPN was no longer running.
When I tried to execute 'sudo /etc/init.d/openvpn start' I'm presented with an interesting message...
This *used* to say Server. I've double checked all the configs and scripts used in the config and they all check out OK. I purged and reinstalled openVPN to no avail...
View 2 Replies
View Related
Aug 4, 2010
I installed OpenVPN and gadmin-openvpn-server from the repos and I can't seem to activate the openvpn server in the gui. I have the server certificate generated, and all the information on encryption protocols setup, and accounts named and ready, despite accounts that were already there, such as www-data, bind, ossec, etc being listed. The server log states:
PLUGIN_INIT: could not load plugin shared object /usr/lib/openvpn-pam-auth.so: /usr/lib/openvpn/openvpn-pam-auth.so: cannot open shared object file: No such file or directory.
View 5 Replies
View Related
Sep 6, 2010
Followed this guide to the letter:[URL]..
Tried to run command:
sudo /etc/init.d/openvpn restart
And just get a fail returned.
This is what the log-file says.
[Code]...
It says init bridge br0 does not exist. Do I need to create it in the network config or something?
View 6 Replies
View Related
Jul 29, 2010
I need to run a 2nd instance of openvpn on my server so that it can run on udp. The current one runs on tcp and I need to keep that running. Apparently, I need to create a 2nd tun network for it to use - how can I do that? I tried starting a 2nd instance of openvpn but it just seems to hang.
View 1 Replies
View Related
Jun 2, 2010
i have setup Open VPN on Ubuntu 9.04, generated the key and have it running successfully on the server end. I download the open vpn client for windows, copied over the key ca and cert file and connected to the erver. All went well and the open vpn gui said its connected to the server (green comp icon in taskbar) and it said in a ballon it assigned me an ip of 10.8.0.6 it all looks good... BUT i have no vpn access... The virtual adapted in windows is not able to pull an actual IP/gateway and such...
[Code]...
View 7 Replies
View Related
Jul 18, 2010
New ubuntu desktop user here. I've been working with Ubuntu servers for over 3 yrs, using Windows as clients. I have OpenVPN running on an ubuntu 10.04 server, and it has worked well with Windows OpenVPN clients connecting. I took those same settings and applied them to this new install of Ubuntu 10.04 Desktop, and now openvpn seems to be failing when we get to the routes (I wrestled with the network-manager "secrets" issue for hours, but that works now).
I performed the following:
sudo openvpn --config fogbank-ny1.ovpn
--all is well, we're connecting/yay then *screech* FAIL--
Code:
Sun Jul 18 07:17:14 2010 PUSH: Received control message: 'PUSH_REPLY,route 10.8.0.0 255.255.255.0,redirect-gateway def1,dhcp-option DNS 10.8.0.1,route 10.8.0.0 255.255.255.0,topology net30,ping 30,ping-restart 600,ifconfig 10.8.0.10 10.8.0.9'
Sun Jul 18 07:17:14 2010 OPTIONS IMPORT: timers and/or timeouts modified
Sun Jul 18 07:17:14 2010 OPTIONS IMPORT: --ifconfig/up options modified
Sun Jul 18 07:17:14 2010 OPTIONS IMPORT: route options modified
Sun Jul 18 07:17:14 2010 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sun Jul 18 07:17:14 2010 ROUTE default_gateway=192.168.10.1
Sun Jul 18 07:17:14 2010 TUN/TAP device tun0 opened
Sun Jul 18 07:17:14 2010 TUN/TAP TX queue length set to 100
Sun Jul 18 07:17:14 2010 /sbin/ifconfig tun0 10.8.0.10 pointopoint 10.8.0.9 mtu 1500
Sun Jul 18 07:17:14 2010 /sbin/route add -net <mypublicip> netmask 255.255.255.255 gw 192.168.10.1
Sun Jul 18 07:17:14 2010 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.8.0.9
Sun Jul 18 07:17:14 2010 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.8.0.9
Sun Jul 18 07:17:14 2010 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.9
Sun Jul 18 07:17:14 2010 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.9
SIOCADDRT: File exists
Sun Jul 18 07:17:14 2010 ERROR: Linux route add command failed: external program exited with error status: 7
Sun Jul 18 07:17:14 2010 Initialization Sequence Completed
I am using the suggested openvpn routes. If I connect from Windows (actually the .ovpn file is taken directly from the working windows machine).. all is well, routes work fine all traffic is routed thru the VPN -- same way it's worked for over a yar. I assume that this is what is causing networkmanager to fail as well. those logs indicate that it has connected to the vpn, but is probably stopping when it gets to routes.
View 1 Replies
View Related
Oct 26, 2010
I have an Ubuntu server that is currently running Ubuntu 8.10. I was thinking of making it a VPN server for my iPhone and also for my laptop whenever I'm outside and need to access internet over insecure wireless networks. Now that part should be easy I found several guides on how to configure OpenVPN server, as well as enabling clients on iPhone, and OSX.
However, the things is that my server is currently a OpenVPN client also, I have a paid tunnel set up to bypass my ISP blocking incoming traffic on various ports. Is it possible to keep this setting but still enabling a VPN server? Essentially causing traffic from my external device to go in through my tunnel to the VPN server, and then out through the external VPN provider.
View 2 Replies
View Related
Oct 30, 2010
I configured succesfully openvpn server, but the service won't start at boot !I thought openvpn automatically starts al the *.conf files in the /etc/openvpn folder ?on my personal laptop the service automatically starts all the .conf files in the folder. But on my server with server.conf file it won't start at boot. I have to start the service as root
View 1 Replies
View Related
Feb 24, 2011
I have a few issues after setting up Openvpn. At work i just setup a new Ubuntu Server 10.4. The server itself is working Great. I ended up getting Openvpn installed and working to a point. I have searched online and done as much reading as i could find but i keep running into the problem of not understanding. So here is the problem.
The server is set on a static IP address. At first i tried to have the config file listen on a virtual ip address i setup up in /etc/network/interface but that ended up not working so i set it to its specific ip address. I kept running into the error about script security while trying to start Openvpn. I tried to add into the config file "script-security 2" that way the up.sh and down.sh scripts were allowed to be run. That didn't help and then i kept trying to run Openvpn manually running the command
Quote:
And i kept getting a message
Quote:
So what i did was just comment out the "up" and "down" scripts in the config file. This allowed me to actually get Openvpn started on the server. So once this was done i connected form a client machine and was given an ip address like i should. The only issue is that i was not able to actually comunicate with the server. I have a samba share on there to allow me to copy files back and forth but an not able to actually communicate with the server at all. I should note that this is a web server that i can view from the outside. (actually get to the webpage) but i tried to access the website and share via the Openvpn gateway. I also tried to access the website portion using the hostname with no luck.
By the way, prior to putting the server on its separate network i was able to access the webpage and the samba share using both the ip address and the hostname.
View 1 Replies
View Related
Mar 10, 2011
I currently have one of our clients set up to use a routed VPN for their 5 laptops to connect to the server remotley. And this works brilliantly. They are about to bring on a remote office that will need a VPN connection back to the main office, so I was going to set up a bridged connection between the two sites (and possibly more sites in the future).
So my question is whats the best way to go about this? Can I have one instance of OpenVPN running with tun0 set up for a routed connection to the laptops and add a second tun (tun1) to the config that will be for the bridged connection between the sites? Or am I going to have to run multiple instances of OpenVNP, one for the routed and another for the bridged?
If routed and bridged have to run in seperate instances, will I have to add another instance for each new remote site that needs a connection? Can a bridged config connect to multiple sites, or have multiple tuns in the one config?
View 3 Replies
View Related
Mar 21, 2011
I recently loaded up my old powermac g3 with debian 6.0 PPC, and it seems to be running quite good. I control it using ssh from my windows 7 box. I installed default-jre, so I could run the minecraft server on there.
I've got two questions: I installed Openvpn, but I'm a bit confused on how to use it.. I want people to be able to connect to my vpn network over the internet, what configuration should I use, and could someone maybe link me a decent step by step tutorial?
secondly, when I tried to launch the server, it tried to generate a new map, but this is taking ages! on my desktop computer, it only took two seconds, but after over half an hour, it only got to 20% of "preparing spawn area" what could be wrong with this? Any reason why the java virtual machine would have performance issues? I have no clue.. I haven't tried copying over my smp map from my windows box yet, and launching that.. but I doubt performance will be any better. (my windows 7 machine is hosting at the moment for about 10 people)
View 1 Replies
View Related
Oct 20, 2015
I try to establish basic connection between my 2 end systems using openvpn. The problem is when i move the client files to my laptop i cant even ping the server from there. I copy paste the server commands in section 4 [URL] ....
In the client i ran the first command and changing VPNSERVER IP with 10.9.8.1 and LOCALGATEWAY IP with 192.168.1.1
which i thought that whats the server use : ROUTE_GATEWAY 192.168.1.1/255.255.255.0 in the server initialization process
The second command produce error device tun0 not found and when i create one using openvpn --mktun --dev tun
I get RTNETLINK answers : network is unreachable
Note : I use wireless connection in the client system (laptop). The server works good and i could ping him ( from the same machine ) but cant ping him or access the vpn server in my laptop. I also use default openvpn settings...
View 3 Replies
View Related
Mar 2, 2010
i recently rent a VPS and installed with CENTOS 5 64bit, i followed a tutorial to install openVPN to bridge traffic to my windows machine.
View 3 Replies
View Related
Dec 7, 2010
I am trying to setup an OpenVPN server using CentOS 5. I ahve installed everything, configs are good, server starts fine. I have generated my certificates using the easy-rsa 2.0 included with OpenVPN. I have downloaded all the certificates to my machine and setup my client to connect. I am having that typical problem everyone seems to have where my client says certificate verify failed. However I can use openssl on the server to verify and it is ok. What am I doing wrong here?
Code:
[root@GSFOVPNxxx01 openvpn]# openssl verify -CAfile ca.crt gg-jbloomer.crt
gg-jbloomer.crt: OK
[root@GSFOVPNxxx01 openvpn]#
client output
Code:
2010-12-07 08:44:33 MANAGEMENT: CMD 'hold release'
[Code]...
I just dont get it, I have racked my brain and google until my eyes bleed and can not figure this one out.I am sure it is something simple that I am missing.
View 5 Replies
View Related
Jan 7, 2010
I have connected to the VPN server successfully but my IP address still shows up as my normal WAN rather than the server's IP address.hat the push settings I have to configure on the server?Here is my server.conf:Quote:
port 1194
proto tcp
dev tun
[code]....
View 1 Replies
View Related
