Ubuntu Networking :: Broken Networking After OpenVPN Configuration Attempt?
Jul 13, 2011
I have been trying to set up openVPN on a Virtual Machine running Ubuntu 10.04 with the eventual intention of having a closed VPN in the workspace I'm at, and a bridged internet connection out through the server.My initial process/instinct was to go through Webmin. After a fair bit of tooling around making eys/certificates, I was able to get a response (and that's all it was, really) from my windows machine accessing the VPN server. However, in my attempt to bridge the network, I have lost all internet/networking capabilities from the server.Fortunately I am able to access the server directly from the hardware underneath (i.e. I don't need to SSH in or anything), and so I've been attempting to restore the server's networking back to default. I have returned the /etc/network/interfaces file to it's original state (just the loop, and an eth0 on dhcp) and restarted the networking. A check with ifconfig returns what seems to be a working eth0, and the loop (noting else) however I am unable to ping any outside server. When I do, I am given the message:From XXX.XXX.XXX.XXX icmp_seq=1 Destination Host Unreachable(where of course XXX is my IP address).nother VM on the server is able to access the internet just fine, so it's not the overall server hardware...I guess at this point I'm just trying to take steps back,
View 1 Replies
ADVERTISEMENT
Jun 16, 2011
I have (seemingly regretfully) finally upgraded my Fedora Core 7 linux machine that has served me so well for the past decade. One of the final pieces to put in place was my Openvpn config (which was running flawlessly on my FC7) which I cannot get to work.
Here are my steps.
1. Disabled SELinux
2. Added the following entry in my iptables: (although I've stopped iptables to help troubleshoot)
-A INPUT -i tap0 -j ACCEPT
-A INPUT -i br0 -j ACCEPT
-A FORWARD -i br0 -j ACCEPT
3. Yum installed openvpn and bridge-utils (btw I'm using bridging)
4. Configured my bridge-start script as such:
#!/bin/bash
# Set up Ethernet bridge on Linux
# Requires: bridge-utils
# Define Bridge Interface
br="br0" .....
5. Configured my openvpn server conf as such:
proto tcp-server
port 5990
dev tap0 .....
When I execute my bridge-start script it creates the br0 and tap0 then all connectivity vanishes (I can only ping my gateway 10.0.0.50) - internet and any other addresses time out.
View 6 Replies
View Related
Mar 6, 2010
I have a problem with the Fedora 12 Network Manager - OpenVPN configuration. If I use the same configuration and manually start openvpn (as client) I get connected to the OpenVPN server and I can ping the network that I am accessing. With Network Manager - I get connected but when I try to ping is giving me "Destination host unreachable". The routing table looks similar except that when connecting with network manager is giving me on more route in table
Destination Gateway Genmask Flags Metric Ref Use Iface
xxx.xxx.xxx.xxx 192.168.0.1 255.255.255.255 UGH 0 0 0 wlan0
192.168.0.0 0.0.0.0 255.255.255.0 U 2 0 0 wlan0
192.168.171.0 0.0.0.0 255.255.255.0 U 0 0 0 tap0
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 wlan0
Where xxx.xxx.xxx.xxx is the IP of the OpenVPN server. When connecting "manually" I this routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 2 0 0 wlan0
192.168.171.0 0.0.0.0 255.255.255.0 U 0 0 0 tap0
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 wlan0
What I do wrong in Network Manager? If I try to delete the route with xxx.xxx.xxx.xxx is disconnecting the vpn connection.
View 8 Replies
View Related
Apr 5, 2010
i have some problems with configuring openvpn tunnel connection to my openvpn server. I'm using static-key tcp connection. Network manager always said to me that connection could not be established. Also, when i try to run openvpn from terminal, i got some strange permissions problem:
Code:
openvpn --config config.ovpn
Mon Apr 5 15:48:37 2010 OpenVPN 2.1_rc19 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Oct 13 2009
Mon Apr 5 15:48:37 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Apr 5 15:48:37 2010 /usr/sbin/openvpn-vulnkey -q moj.key
[code]....
View 1 Replies
View Related
Jul 18, 2009
I need to downgrade glibc due to a broken kernel after a libc6 upgrade attempt. See:[URL]..Especially with the reduced capabilities I have right now (few if any programs are working), how might I go about downgrading glibc to 2.6?
View 1 Replies
View Related
Jun 24, 2010
The nm-applet starts automatically as it should, and also tries to connect to the local, wireless LAN, but always fails its first attempt. If I click the icon and ask nm-applet to connect again, it always succeeds.
The server, running the wireless LAN, never sees the first attempt to connect, so no wonder this attempt fails. But it would be nice to make it succeed!
View 2 Replies
View Related
Dec 29, 2010
I'm setting up an Ubuntu 10.04 system; installed open-ssh. I'll call this box A. I also have an older box B with Debian. From A I can log into B via the usual way (ssh <user>@<IP>). The 1st attempt at this I was presented with the 'unknown host' warnings & elected to accept it. However, from B when I try logging into A there is no response at all -- no warnings, nothing. I have to ctrl-C back to the prompt. I can successfully ping A from B though. I CAN connect to A from a Windows box using PuTTY as an ssh client with all default settings. Once connected I can log in. Why no response from A when trying to log in from B?
View 1 Replies
View Related
Oct 3, 2009
I've just had a log email sent from the server box and it seems Somebody's trying to gain access to the server via ssh
sshd:
Authentication Failures:
root (210.38.xxx.xx): 16 Time(s)
unknown (210.38.xxx.xx): 7 Time(s)
Invalid Users:
Unknown Account: 7 Time(s)
& it seems that it's somebody who's at Zhanjiang Ocean University in china I've got the firewall enabled, but how do u set up rules to stealth the server's IP address to make it invisible & disable ssh so only I can log into the server to fix any problems (eithernet cable) not over the net
[Code]...
View 1 Replies
View Related
May 28, 2011
My wireless usb will not attempt to connect to my AP even though it shows in ifconfig and iwconfig:further information which i believe may helplspci -v
00:00.0 Host bridge: VIA Technologies, Inc. CN700/VN800/P4M800CE/Pro Host Bridge
Subsystem: VIA Technologies, Inc. Device aa08
Flags: bus master, 66MHz, medium devsel, latency 8
[code]....
View 1 Replies
View Related
Jul 6, 2010
after I upgraded my SUSE 11.0 to 11.1 many problemes solved themselves. But now there is a new one.
I use openvpn, which always used to work without problems. After upgrading to SUSE 11.1 there is the error message:
"/etc/openvpn/client-suse.sh: line 7: modify_resolvconf: command not found
Wed Jul 7 00:11:38 2010 script failed: could not execute shell command"
The shell script is as follows:
Code:
#!/bin/sh
UPORDOWN=$1
DEV=$2
case $UPORDOWN in
up)
modify_resolvconf modify -s openvpn -p openvpn -t OpenVPN
[Code]....
View 4 Replies
View Related
Dec 12, 2010
> sudo apt-get install openvpn bridge-utils
> Reading package lists... Done
> Building dependency tree... Done
> Reading state information... Done
> E: Couldn't find package openvpn
View 1 Replies
View Related
Mar 1, 2011
I have access to a VPN I use when having confidential instant messaging sessions. For the purposes of my work, essentially.I'm a command line kind of guy, and like to use Finch (the shell version of Pidgin) for those.However, when I turn on my OpenVPN connection it routes all traffic through the VPN. Web-browsing, IMing, and I can no longer access other machines on my home network.Can I set OpenVPN to only route traffic I ask through that connection (either by port number or application, or some way I haven't thought of), while other traffic flows through my usual home network?Some kind of local proxy perhaps? Or a dd-wrt box set up as a proxy, connected to OpenVPN?I've played around with the GUI environment too (I have a basic GUI I sometimes use on my main machine) and have installed the full desktop 10.10 on a second machine just to see if I can work it out.
View 2 Replies
View Related
May 7, 2010
I have set up OpenVPN for my connection. I'm using this to connect to the internet from different locations using tunnelling.
Right now I have a few IP's : on eth0 I have IP from my ISP, on eth0:1 I have my own IP.I set up MASQUERADE to eth0 - but in this case when I try to access my restricted resources IP address from ISP is visible.
What I want is to use my own IP address from eth0:1 - could somebody help me to build good working redirect entry for that? I want to redirect all connections to that IP assigned on eth0:1... - just to access Internet using my IP.
View 3 Replies
View Related
Apr 26, 2010
We use Openvpn for remote access to the office network. It would be nice to keep this running and automatically connect to the office at all times.Once started, it does this anyway. The problem lies when the user comes into the office. Openvpn connects as usual to the vpn gateway, but this causes weird routing loops.Is there a way to say to Openvpn "Always connect to the gateway unless you are on network 10.10.10.0/24" ?
View 2 Replies
View Related
Aug 31, 2010
I'm facing a problem when I establish VPN connections using OpenVPN to Your Freedom Server. " you can see their documentation here ", I've installed OpenVPN from synaptic and I used the client to connect through VPN and it works !! but there is no traffic in FF or any application !!I tired to insert some HTTP proxy also belongs to the same server and it works. What really wonders me is that OpenVPN seems to work only when I'm connecting to streams sites "e.g. ustream, justin.tv" Is there anyway to force the whole traffic to use OpenVPN " I'm using Mobile modem and it works fine with OpenVPN in win7
View 7 Replies
View Related
Sep 6, 2010
Followed this guide to the letter:[URL]..
Tried to run command:
sudo /etc/init.d/openvpn restart
And just get a fail returned.
This is what the log-file says.
[Code]...
It says init bridge br0 does not exist. Do I need to create it in the network config or something?
View 6 Replies
View Related
Oct 1, 2010
I am trying to connect to an existing VPN server that I have been using for years now. I am moving my develpment environment over to a Ubuntu box and I must have openvpn working in order to access SVN. It has been a few years since I have been setting up linux boxes. And networking is a soft spot for me. But
The server has been running without problem for a LONG time. A windows computer I have been using connects to it fine and I can access the network on this machine. I am setting up a new computer, but when trying to connect openvpn starts the initialization sequence completes but I cannot ping the network I am trying to connect to.
I use a second VPN connection to connect to an alternative network and it works fine. The difference between these two is that the working vpn connection is a routed IP tunnel and the one that is not working is a bridged connection.
The VPN that is working on this box brings up tun0 while the bridged connection connects but does not bring up a network tun device. The server logs look normal, it just looks like the client is not setting itself up to use the network once connected. (The key/cert pair work find when on a windows box) Just not on this new ubuntu build.
My current client config
Quote:
cert eric@home.crt
key eric@home.key
client
dev tap
[Code]....
The server is using tap, as well as the working windows client uses "dev tap"
It has been a long time since I have been maintaining linux boxes but its coming back slowly.
Do I have to bring a device up manually ?
View 6 Replies
View Related
Jan 22, 2011
I have an OpenVPN setup at work, and windows clients are able to connect fine. On my dual-boot system (Windows XP 64-bit and Ubuntu 10.10 64-bit) I'm able to connect on Windows but not Ubuntu. I use the same files for each. The network manager wasn't working, so I'm doing it via the command line right now:
Below is the output (sanitized)
Code:
Does this mean it's connected? If so, I'm not able to ping anything on the remote network, not even the OpenVPN server.
View 4 Replies
View Related
Apr 28, 2011
I've seen this issue and it never seems to get resolved maybe this time I can find a fix.I'm currently using ubuntu 11.04 although i've had this issue since 10.04 and 10.10When using openvpn in windows it works perfectly fine but when using openvpn on ubuntu that's a completely different story I import my .ovpn file from clearos it loads the keys just fine but when it tries to connect it say's "no valid vpn secrets"
On clearos it gives you 3 certs and a .ovpn file the file sets it to use password with tls certs but it still comes up with this error, i've been quite stumped and it would be nice to possibly shed some light on this so I can finally get ubuntu to work with openvpn if possible.
View 3 Replies
View Related
May 14, 2009
i've set up an openvpn server (with dhcp running on it) and i have to create compatible clients.the problem is how to get an ip by dhcp.with ubuntu i made a script like this
/sbin/ifconfig tap0 up
/sbin/dhclient -e tap0
and everything works fine:tap0 goes up and then start a dhcp request to the server on tap0with fedora there is a nice problem i've noticed that is impossible to run dhclient later on a new interface because i receive this error "dhclient is already running".the tap0 goes up normally but i receive this error when i attempt to get an ip.is there a simple way to get an ip?if i try to kill or restart dhclient when the vpn tunnel is up,all'interfaces lost theirs ip and network goes down crashing my vpn...
View 9 Replies
View Related
Nov 27, 2009
Is there anyway you can configure either OpenVPN client or the system to allow connections using OpenVPN to be made to computers on the OpenVPN network using their alias rather than their IP address. This may sound blasphemous but you can in Windows. That is if the VPN network is say 10.x.0.x I could connect to Comp4 or Comp2 using Comp4 or Comp2 not 10.x.0. 4 or 10.x.0.2 or whatever IP is allocated by the OpenVPN server. If the OpenVPN server has not been restarted then it will usually allocate the same IP every time the same client connects.
View 8 Replies
View Related
Jun 12, 2011
I installed fedora15, My openvpn didn't connect to my working computer.I checked openvpn configure more time, but still don't connect,
View 11 Replies
View Related
Jul 31, 2009
Is it possible to set up an OpenVPN without having to issue keys or certificates.All tutorials I found seem to use them.
I want just a basic username/password approach - I don't care that much about security obviously but is it at all possible?
View 1 Replies
View Related
Mar 2, 2010
i recently rent a VPS and installed with CENTOS 5 64bit, i followed a tutorial to install openVPN to bridge traffic to my windows machine.
View 3 Replies
View Related
May 20, 2011
My boss gave me the task (on a very tiny budget) of wanting to connect our remote offices to our network. Solution I came up with is Site-to-Site VPN.
I want to use OpenVPN on the Linksys Routers (again very tiny budget) and have them connect to our Cisco ASA5505 Firewall, but I am running into major problems.
Question is, even though they both use IPSec SSL are they compatible? If not, is there a work sround?
View 1 Replies
View Related
May 23, 2011
I'd like to configure IPtables to make sure I can only access the internet through an openvpn connection (so when the connection is down I have no way to access the internet but to connect to the vpn again).
I know how to do this with Firestarter (restrictive outgoing policy and I only allow the vpn server IPs) but Firestarter seems to be stupid : for some reason eth0 was changed to eth1 and Firestarter can't work properly anymore, even though that probably can be fixed with Firestarter I'm no more interested in this program and I'd better like to know how to apply the same policy using IPtables.
I've tried a few things already but it failed each time ... how can I effectively allow my computer to connect to the VPN while everything else is blocked ?
View 3 Replies
View Related
Dec 10, 2010
I have installed OpenVPN to use it as an internet gateway butcan't get it to work.OpenVPN installed without any problem. The client can also connect and ping the server but there is no internet traffic.I think it is because of a wrong gateway address which the client gets but I'm not sure. server IP address is 10.8.0.1 and the client can ping this IP but it's default gateway is always 10.8.0.5 which is not accessible from the client.This is my server.conf:
Code:
dev tun
proto tcp
[code]...
View 7 Replies
View Related
Aug 21, 2010
I'm using OpenVPN to connect to a remote system. When I run
Code:
It brings up a new tunnel interface. The problem is that once the tun interface is brought up and the VPN is established, my whole Internet connection slows to a crawl.
Here is the output from ip route show before openvpn:
Code:
And after openvpn:
Code:
View 2 Replies
View Related
Mar 31, 2010
I'm trying to setup OpenVPN to use a third party CA, and its unclear to me how to use the serial and index.txt files that are created when one uses the easy-rsa scripts to setup OpenVPN. If i'm using my own CA can I ignore those? Its also unclear to me how OpenVPN figures out the server.key passphrase. I'd also like to leverage the --tls-verify cmd directive but I am unsure of where to specify it.
What I would like to do is have --tls-verify call a perl script that then verifies that the CN of the certificate the client is passing in matches a cn in an LDAP group. I figure I can do the LDAP group lookup with some easy perl stuff, its unclear to me though if --tls-verify is going to pass in the RDN of the client cert.
View 2 Replies
View Related
Feb 10, 2011
I have two firewalls, one primary (fw1) and one fall-back/backup (fw2). On the LAN side the fw's reside in the same LAN segment. I have a client who wants VPN redundancy. So I configured two VPN tunnels for this client. One via fw1 and a backup via fw2. Since the default gateway on the VPN server points to fw1 only the tunnel via fw1 is established. OpenVPN can't establish a tunnel via fw2 because of the gateway and just sits there waiting...
View 1 Replies
View Related
