I am trying to setup an OpenVPN server using CentOS 5. I ahve installed everything, configs are good, server starts fine. I have generated my certificates using the easy-rsa 2.0 included with OpenVPN. I have downloaded all the certificates to my machine and setup my client to connect. I am having that typical problem everyone seems to have where my client says certificate verify failed. However I can use openssl on the server to verify and it is ok. What am I doing wrong here?
I just dont get it, I have racked my brain and google until my eyes bleed and can not figure this one out.I am sure it is something simple that I am missing.
We have installed "openVPN" from openSUSE 11.2 repo and "openVPN - webmin module" (GUI).What it needs to be done .. "Road Warriors" need to be able to access websites through openSUSE box sitting in the data center, from remote locations (hotel, coffe shops, wi-fi hot spots,..)We're half way there but it gets stucked somewhere with the IP's
I am trying to setup an OpenVPN server in bridged mode (Ubuntu 10.04 Lts). The goal is for the clients to be able to reach all the servers behind Openvpn server's lan. I have followed the official OpenVPN guide for Ubuntu 10.04.
My network setup is:
Private lan: 10.90.90.0-255 255.255.255.0 Gateway: 10.90.90.1 Openvpn server ip: 10.90.90.8 Gateway public ip: 79.xxxxxxxxx
I have forward port 1195 to the Vpn server through my gateway firewall.Besides that no other firewall is running.I can connect and ping the server both from windows and ubuntu clients. The difference is that from windows I can reach the private lan but not from ubuntu clients.
I want to configure a VPN over the Internet.I installed the 'openvpn' package, generated the key file, transfered it by a secure way to the client, and setted up the configuration file.
So, in that configuration file I input the IP addresses of the tunneled interfaces. Both IPs are static in the tunnel.
Then, I've heard somewhere that I can assign a dynamic configuration IP for the client. I do this registering a range.
Well, when I tried to change static IP to dynamic IP (changing '192.168.0.2' to '192.168.0.0/24') in the configuration file, the OpenVPN didn't work.
Obviously I don't know what I'm doing, and I really, don't believe that simply changing the IP will make it work, but I tried.
I hope I explained my problem as well.
My configuration file:
# OpenVPN Server Configuration File dev tun 0 ifconfig 192.168.0.1 192.168.0.2 cd /etc/openvpn secret key_file
In client I execute the 'openvpn' without the '--daemon' parameter.Then I want that my client uses a IP in a range (192.168.0.0/24, for example), instead of a static IP (192.168.0.2).I also thought to use a DHCP server, but I'm not sure that will work.
I'm trying to set up a VPN connection between our CentOS 5.3 server at work and my bosses XP computer at home. At this point, we are kinda locked into Quickbooks. I'm testing the connection from my XP boot at home to see if it works. I can log into our servicemanuals easily enough from XP at home however, the windows takes forever to update. I have the Samba server only listening on port 445 because is seems to work more efficiently at work. I connect to the Samba shares via linux from home and everything works well but, when I try to do anything with the shares from Windows client at home, it's very slow!
I'm thinking that it must have something either to do with the Windows OpenVPN client or the client.conf file. Is there anything I should look at in the .conf file for answers?
We are trying to set up a NIS server on a CentOS system. We need to have a NIS server which can provide NIS authentication to a couple of clients. We are practically new to all this stuff.
Just googled to find some ideas about installing ypserv and ypbind and portmapper. We did all that and also started them successfully. But now the clients are not able to join to the NIS domain . The error log states "YP_DOMAIN NOT BOUND".
I guess we have not entered the /etc/yp.conf, /etc/hosts files properly. Please let us know the detailed steps to setup a NIS server .
Also, please let us know what entries should go into the different /etc/<file_names>? What is meant by HOSTNAME in the /etc/hosts file?
Is there any other files which need to be changed? Are we missing any steps?
Also to add-on, while executing the ypinit command we faced the following error:
At this point, we have to construct a list of the hosts which will run NIS servers. localhost.localdomain is in the list of NIS server hosts. Please cont inue to add the names for the other hosts, one per line. When you are done with the list, type a <control D>. next host to add: localhost.localdomain next host to add:
I have openvpn tunnel setup between two CentOS servers. One of the CentOS servers also acts as a DHCP server for some client computers.
Server A= OpenVPN server Server B= OpenVPN client (connects to Server A with OpenVPN)
The two CentOS servers can ping each other (172.16.0.0/24) via the tun0.
However, client computer connected to Server B (DHCP server) can't reach 172.16.0.1 (which is the OpenVPN server).
I think I am missing some routing in my "ip route show". Following is the full picture:
What command can I issue to get this fixed? something along ip route add?
There is no firewall service on both end. service iptables stop! I can't bridge eth1 and tun0 as DHCP server might mess up the other side. I can't do a push of "redirect-gateway def1" because then clients loose their IP as they send DHCP requests to Server A.
Can anyone recommend a good tutorial in how to use/setup a VPN using openVPN? I've registered with strongvpn.com but am a complete newb to setting up VPN on Ubuntu.
Is there any way to setup the Centos Directory Server without an internet connection?? i tried using the command: yum install centos-ds
but this just tries to connect to the internet to to download the packages. Is there a site where i can find the package so that i can copy it to my server and install it or is there some other way to do this?
I'm trying to setup RAID 1 on a CentOS 5 server for a zimbra email server.I get a partion schema error. Can I do this?The server is a HP Proliant ML150 G3 server with two 80GB HDD.
I'm trying to setup OpenVPN to use a third party CA, and its unclear to me how to use the serial and index.txt files that are created when one uses the easy-rsa scripts to setup OpenVPN. If i'm using my own CA can I ignore those? Its also unclear to me how OpenVPN figures out the server.key passphrase. I'd also like to leverage the --tls-verify cmd directive but I am unsure of where to specify it.
What I would like to do is have --tls-verify call a perl script that then verifies that the CN of the certificate the client is passing in matches a cn in an LDAP group. I figure I can do the LDAP group lookup with some easy perl stuff, its unclear to me though if --tls-verify is going to pass in the RDN of the client cert.
I need to know the procedure to setup VPN between two network. i setup openvpn access server to do this easy. 1. Step by step procedure to setup VPN 2. Setup VPN with DHCP 3. How to check that open vpn is running successfully.
I'm currently trying to set up OpenVPN on my Ubuntu Server, however I'm having trouble setting up bridging. I am following the tutorial for bridging that is located on the Wiki here: [URL] At the current time my /etc/network/interfaces looks like this (default from Ubuntu install):
EDIT-Forgot to mention that I did Xorg -configure before testing the config. Only errors I got were:
(EE) LoadModule: Module ati_r500 does not have a ati_r500ModuleData data object. (EE) Failed to load module "ati_r500" (invalid module, 0)
[Code]...
Linuxquestions--I posted this over on the CentOS forums, which are not as booming. Then I remembered these forums for when I had my VPS way back when and you guys were pretty helpful, of course expected me to mostly do my own reading which I dont mind its just having a hard time understanding some of the things in what I was reading. I even believe I came here with this problem before but abandoned the issue because my VPS was not powerful enough or something of the sort, but this was many years ago also on CentOS using apt. Now using yum which I like much better.
I am trying to set up a mail server on centos5 using sendmail and dovecot, and eventually spamassassin and some antivirus filter as well. I'd also like to get the proper secure auth mechanism set up at some point too. But for starters, I've been having a lot of difficulty trying to even connect to the mail server from a client computer in the local network. I installed Eudora on the client and after some tweaking in dovecot I was able to connect to the mail server, but then when I try to send an email I get a "connection refused" error, with nothing being logged on the server that I can see.
The last time I set up a mail server was Fedora Core 2, so the configuration files have changed a bit to say the least, and I can't really refer back to those to set up this new server. Does anybody know of a good step-by-step doc on getting the mail server going? I've read the man pages and other various readme's, but these really only list out the available options with no really good explanation of what needs to be done to get the mail server going. If there isn't a full write-up on how to do this, I'll put something together when I'm finished so others can use it in the future.
I have just installed CentOS 5. I have set mysql database to access from remote machines. But now the problem is it is not connecting from the local machine now.
We have two CentOS 5 servers in production (web and database). We are setting up a single staging server that will mirror the configurations of these servers as closely as possible. What is the easiest way to ensure the exact same software and configs as the production servers are setup on the new staging server. Our contracted data center provider has already informed us that they do not perform images and NO we do not have physical access to the machines. It is undetermined whether we will be virtualizing the staging server into two virtual servers yet, so for the purposes of this post lets assume we are not. I'm seeking a faster/more precise method than doing this by eye and hand.
I am trying to setup a VPN on my FC 12 box. Looks like getting openvpn to work behind NAT is as easy as just forwarding the ports. Do I need to forward any specific protocols (GRE, etc)? Also, can I do this with one Ethernet port (IE: RJ-45 jack), or do you recommend a second ethernet port? I could add in another PCI ethernet card if it makes it easier. Anyone know if a single ethernet jack will work or do I need two?
Alright, I've been trying to get this fixed on my own, but I think I am missing a fundamental principle and no amount of scripts or hacks is gonna take place of that. I have adito/OpenVPN installed on my media center. It runs fine and I can access adito in my internal network from other computers just fine. But, the whole point is I want to be able to access it remotely!
Now, I had previously made a run at an external FTP site and failed miserably at that, and I think its all coming down to me not knowing how to configure my own router. I have a Netgear router, I can log into it and under Router status I can get what looks to be my routers external IP address. But if I try to access it at https://XXX.XXX.XXX.XXX:4433 (didn't want to use the default port, 443) I get nothing.
So, my main problems as I understand them are: 1)I need to clear the firewall on my router to allow traffic in/out of my reserved port 2)I need to forward incoming requests on that port to the static internal IP of my media center 3)I really would like a more reliable way to verify the info im getting from my routers admin settings page is actually my external IP, is there a command for this or a website that will tell me?
I'm following this guide [URL]. I am trying to use a bridge to vpn from work to home.
/etc/network/interfaces # The loopback network interface auto lo iface lo inet loopback
# The primary network interface auto br0 iface br0 inet dhcp bridge_ports eth0
iface eth0 inet manual up ifconfig $IFACE 0.0.0.0 up up ip link set $IFACE promisc on down ip link set $IFACE promisc off down ifconfig $IFACE down
I am forced to use dhcp because of my router. (although it is a static lease) I think this is where I am hung up. Everything else seems to be working properly though. I have a windows client connecting but is limited to the server serving out openvpn. (192.168.1.21) In other words it is not functioning as a bridged vpn service.
ifconfig openvpn server.conf local 192.168.1.21 port 1199 proto udp dev tap0 up "/etc/openvpn/up.sh br0" down "/etc/openvpn/down.sh br0" ca ca.crt cert server.crt key server.key # This file should be kept secret dh dh1024.pem ifconfig-pool-persist ipp.txt server-bridge 192.168.1.21 255.255.255.0 192.168.1.100 192.168.1.200 keepalive 10 120 tls-auth ta.key 0 # This file is secret comp-lzo user nobody group nogroup persist-key persist-tun status openvpn-status.log verb 3
This will be a little long (having read Phil's 'how to ask questions' FAQ). I'm trying to get OpenVPN working between my CentOS server and some Windoze laptops running XP. There seems to be plenty of sample config files available, but to date, none of them have worked for me. Pulling out my trusty Wireshark, I've found some clues,
BACKGROUND: My local subnet (NAT'ed by my gateway router) is 192.168.52.x. My router has been configured with a conduit (port-forward) for port 1194 (the standard OpenVPN port), which points towards my CentOS server.The CentOS server is .52.112, and the supplicant is .52.110. I have tried the lient both inside and outside my local subnet, with no difference in events or outcomes.
I just recently purchased a vs from a company and i am trying to set up a web site on it with kloxo and set up the mail for it upon setting up the mail settings it says:
"It is very essential that you set the my name to a properly resolvable hostname, since otherwise, many public mailservers like hotmail will reject mails from your server"
Now this is my first time setting up a vs before i have set up linux vm's to get email access but that was about a year ago.
I am currently involved in setting up an openldap server on a CentOS platform. I am having some issues with getting it set up to the point that I can remotely manage the server via phpldapadmin in a web browser. I am running into an issue when starting the slapd daemon.
I have installed the nagios by FAN 2.0 CD. In this distro all the required softwares are bundled. Now i do not know where to start. How can i monitor my other server on the network. I have google on the internet but it is not giving the clear idea. Is there any document on the net or how to which can show that how to configure nagios with centreon or originally from changing nagios files.
on my server I have atMail and a intranet site being hosted using mySQL for the database locally, and obviously backing it up would be a good thing. I got the backup package from the list if you use the add/remove software called dump-0.4.etc.. can't seem to find much on how to use it, set it up, nothing. Granted I could be looking for the wrong thing which I'm sure is the case. As of now it's looking like a USB drive is going to be my only option, that will change in the future as this "project" goes further (we are a windows shop trying out Linux, and the next step is going to be adding another server that's a file server at that point we'll probably go to NAS for the backup and then transer that to a USB for offsite/secondary backup).
Have setup a CentOS 5.5 with IPSConfig that has been running for maybe 6 months, it was only intended to be a web server for multiple domains. Issue now is that a web developer has created a form that he is trying to email from the site, I did not have anything configured for mail and he does not care to write a script that would not require the mail service to be on the web server.
Have configured/reconfigured main.cf multiple times but no success.
Postfix appears to send the outbound email to the queue but never goes out. Have setup mail service for the domain "land***.com" in ISPConfig and tested with a single user created for the domain from the server.
What did I miss in the configuration to get "connection refused"?
Nov 2 11:27:19 WC01 postfix/cleanup[6711]: E4DFA1190011: message-id=<20101102162712.E4DFA1190011@WC01.nors***.com> Nov 2 11:27:19 WC01 postfix/qmgr[6665]: E4DFA1190011: from=<admin@land***.com>, size=377, nrcpt=1 (queue active)
[Code].....
should I remove the domain from mail services and would postfix work on its own on a server with ISPConfig?
