Alright, I've been trying to get this fixed on my own, but I think I am missing a fundamental principle and no amount of scripts or hacks is gonna take place of that. I have adito/OpenVPN installed on my media center. It runs fine and I can access adito in my internal network from other computers just fine. But, the whole point is I want to be able to access it remotely!
Now, I had previously made a run at an external FTP site and failed miserably at that, and I think its all coming down to me not knowing how to configure my own router. I have a Netgear router, I can log into it and under Router status I can get what looks to be my routers external IP address. But if I try to access it at https://XXX.XXX.XXX.XXX:4433 (didn't want to use the default port, 443) I get nothing.
So, my main problems as I understand them are:
1)I need to clear the firewall on my router to allow traffic in/out of my reserved port
2)I need to forward incoming requests on that port to the static internal IP of my media center
3)I really would like a more reliable way to verify the info im getting from my routers admin settings page is actually my external IP, is there a command for this or a website that will tell me?
this is an error in java not knowing its classpath. IANAP, and could use some help in resolving this.I've followed the instructions available at various sites, and the installation went fine.When I start the service I get the following in the wrapper.log:
Code: root@twin:/etc# service adito console Running Adito...
I'm trying to setup OpenVPN to use a third party CA, and its unclear to me how to use the serial and index.txt files that are created when one uses the easy-rsa scripts to setup OpenVPN. If i'm using my own CA can I ignore those? Its also unclear to me how OpenVPN figures out the server.key passphrase. I'd also like to leverage the --tls-verify cmd directive but I am unsure of where to specify it.
What I would like to do is have --tls-verify call a perl script that then verifies that the CN of the certificate the client is passing in matches a cn in an LDAP group. I figure I can do the LDAP group lookup with some easy perl stuff, its unclear to me though if --tls-verify is going to pass in the RDN of the client cert.
I want to configure Xean Extranet Client on linux (ubuntu 9.10). Is any one aware of: :- Were can I download the XEAN client :- How to configure it. Let me know what else details is required.
(ubuntu10.10)i want to use use the Intranet and Extranet at the sanme time at school,how to set ?my Intranet ipv4 :10.62.14.79 255.255.255.0 gw 10.62.14.1my Extranet is DSL(use DHCP)my problem is when i use one of them,i must break the other.
I'm trying to setup OpenVPN in order to connect back to my home network while traveling for secure browsing and such. However, before I can even start trying to set that up I tried to see if I could open port check my computer through the net. And I'm having a hard time doing that.
As far as I can tell, here are my roadblocks: 1. Is ISP (Qwest) blocking my ports? 2. Is my modem doing the proper port forwarding and firewall? 3. Is my router doing the same? 4. Is my firewall on the computer allowing the request?
To minimize sources of error, I've turned off my local and router firewall and setup my router to forward ports. I'm not to familiar with my modem, but I'm pretty sure that the firewall is turned off by default and I think I've done port-forwarding correctly. But still no success when doing an open port check. At this point I don't know how to diagnose the problem.
I'm using Fedora Core 11 and the client OpenVPN on the network-manager into a segmented infrastructure. It works well.
My laptop is on a dmz wireless Zone 192.168.3.0/24 and access Internet through a firewall via a front-end zone 192.168.65.0/24 with wlan0 interface.
But my laptop can access on a back-end zone 192.168.2.0.24 to a server.
When I start the OpenVPN tunnel, I cannot access on my back-end zone because the kernel routing table is modified (all the traffic is routed through the tun vpn interface)
If I define a static route like route add -host 192.168.2.x gw 192.168.3.2 where x is my file serveur, I cannot connect to this server because the routing is make through the tun interface and not by the wlan0 who can access on is gateway
I want to know where changing the kernel routing table file to access on the Internet and on my back-end zone in a same time.
what is the best way here? I have like 5 servers, and I want my clients to access each of them, so in case 1 server is down, they can access remaining servers. Also, it will work like user1 chooses the server number and is connecting to a central database, then reply is OK, and he can connect to the server number he wished.
i have some problems with configuring openvpn tunnel connection to my openvpn server. I'm using static-key tcp connection. Network manager always said to me that connection could not be established. Also, when i try to run openvpn from terminal, i got some strange permissions problem:
Code:
openvpn --config config.ovpn Mon Apr 5 15:48:37 2010 OpenVPN 2.1_rc19 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Oct 13 2009 Mon Apr 5 15:48:37 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Mon Apr 5 15:48:37 2010 /usr/sbin/openvpn-vulnkey -q moj.key
Can anyone recommend a good tutorial in how to use/setup a VPN using openVPN? I've registered with strongvpn.com but am a complete newb to setting up VPN on Ubuntu.
I'm currently trying to set up OpenVPN on my Ubuntu Server, however I'm having trouble setting up bridging. I am following the tutorial for bridging that is located on the Wiki here: [URL] At the current time my /etc/network/interfaces looks like this (default from Ubuntu install):
I need to know the procedure to setup VPN between two network. i setup openvpn access server to do this easy. 1. Step by step procedure to setup VPN 2. Setup VPN with DHCP 3. How to check that open vpn is running successfully.
I am trying to setup an OpenVPN server using CentOS 5. I ahve installed everything, configs are good, server starts fine. I have generated my certificates using the easy-rsa 2.0 included with OpenVPN. I have downloaded all the certificates to my machine and setup my client to connect. I am having that typical problem everyone seems to have where my client says certificate verify failed. However I can use openssl on the server to verify and it is ok. What am I doing wrong here?
I just dont get it, I have racked my brain and google until my eyes bleed and can not figure this one out.I am sure it is something simple that I am missing.
I'm following this guide [URL]. I am trying to use a bridge to vpn from work to home.
/etc/network/interfaces # The loopback network interface auto lo iface lo inet loopback
# The primary network interface auto br0 iface br0 inet dhcp bridge_ports eth0
iface eth0 inet manual up ifconfig $IFACE 0.0.0.0 up up ip link set $IFACE promisc on down ip link set $IFACE promisc off down ifconfig $IFACE down
I am forced to use dhcp because of my router. (although it is a static lease) I think this is where I am hung up. Everything else seems to be working properly though. I have a windows client connecting but is limited to the server serving out openvpn. (192.168.1.21) In other words it is not functioning as a bridged vpn service.
ifconfig openvpn server.conf local 192.168.1.21 port 1199 proto udp dev tap0 up "/etc/openvpn/up.sh br0" down "/etc/openvpn/down.sh br0" ca ca.crt cert server.crt key server.key # This file should be kept secret dh dh1024.pem ifconfig-pool-persist ipp.txt server-bridge 192.168.1.21 255.255.255.0 192.168.1.100 192.168.1.200 keepalive 10 120 tls-auth ta.key 0 # This file is secret comp-lzo user nobody group nogroup persist-key persist-tun status openvpn-status.log verb 3
I am trying to setup an OpenVPN server in bridged mode (Ubuntu 10.04 Lts). The goal is for the clients to be able to reach all the servers behind Openvpn server's lan. I have followed the official OpenVPN guide for Ubuntu 10.04.
My network setup is:
Private lan: 10.90.90.0-255 255.255.255.0 Gateway: 10.90.90.1 Openvpn server ip: 10.90.90.8 Gateway public ip: 79.xxxxxxxxx
I have forward port 1195 to the Vpn server through my gateway firewall.Besides that no other firewall is running.I can connect and ping the server both from windows and ubuntu clients. The difference is that from windows I can reach the private lan but not from ubuntu clients.
We have installed "openVPN" from openSUSE 11.2 repo and "openVPN - webmin module" (GUI).What it needs to be done .. "Road Warriors" need to be able to access websites through openSUSE box sitting in the data center, from remote locations (hotel, coffe shops, wi-fi hot spots,..)We're half way there but it gets stucked somewhere with the IP's
Running Ubuntu 9.10 Ive just got my wireless connection working after first having got the wired eth0 connection working.
With the wired connection I could SSH into my server through my firewall/router (via a forward). I can run up VNC, from there firefox, browse the web - all is well.
I have now setup the wireless connection, using a static IP, and I can likewise SSH into my server. I can run up VNC. I can ping my router. I can log onto it via VNC. I can browse to my router. But I cant browse the internet.
But I cant ping google.com. The reason is there is no host lookup service. Nslookup eventually says no servers could be reached.
So specifically, if I ping www.google.com Im told "unknown host". If I do an NSlookup on it I get timeout, no servers could be reached. However if I ping 66.102.11.104 I get responses.
I see no relevant entries in my firewall log.
Unfortunately I cant traceroute because the package isnt found - and of course I cant install it because I have no internet !
Strangely (to me at least !) if I then tunnel through SSH and browse the web, I have no problems. It works ? I know I am browsing through my SSH tunnel because whatsmyip gives the IP of my router at home, not where Ive SSHd in from. I can surf just fine.
why I cant do host lookups any more (and this did work with my wired connection, but whether its related to my change to wireless, or static IPs or both I cant be sure - it certainly appeared to happen at the same time). And, more to the point, what I need to look for/do to rectify it ?
As a bonus Id be interested in why I can SSH and browse via tunnelling but not direct from my server (via VNC). Just for interests sake !
if config reports :
wlan0 Link encap:Ethernet HWaddr 00:90:4b:27:ae:17 inet addr:192.168.1.69 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::290:4bff:fe27:ae17/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
I've recently installed noip2 which installed fine. Except when I try connect to my noip domain it sends me to my router login page and won't let me access my ubuntu box. How can I set my noip domain so when I connect, it will allow me to access SSH, sabnzbd, etc., instead of forwarding me to the router login page. I'm sensing that I may have to set the ubuntu box to a static ip and forward the various ports of SSH, sabnzbd, etc to it. Would this be correct?
I would like to set up a user account with no network access. Reason is that sometimes my little daughter plays with the computer (for example watching movies on dvd's) and I want to prevent internet access in case she plays unattended. Is there a simple way to do that? I am using ubuntu 10.04.
I want to setup samba on Maverick. This is the case. I have 2 folders want to be shared, freeaccess and restrictedaccess. The freeaccess folder can be accessed by everyone on network. The restritedaccess folder can only be accessed with account named someone. What I want to ask is, how to setup samba that can solve that case...??
I am trying to setup a VPN on my FC 12 box. Looks like getting openvpn to work behind NAT is as easy as just forwarding the ports. Do I need to forward any specific protocols (GRE, etc)? Also, can I do this with one Ethernet port (IE: RJ-45 jack), or do you recommend a second ethernet port? I could add in another PCI ethernet card if it makes it easier. Anyone know if a single ethernet jack will work or do I need two?
I can connect to my access point to surf internet. I setup my Dlink access point (password, network name, etc) in Vista by visiting "http://dlinkap/" in my web browser.
In ubuntu, I can connect and surf the web/internet but i cannot access the setup page.
When I try to type the "http://dlinkap/" to my browser then the browser will redirect it to google search.
I try 192.168.1.1, I can access my linksys router. but my dlink access point, i cannot access the setup page.
I have a question which it believe it is quite simple but I have no clue how to do it... I'm using Fedora 12 and I'm the only Linux machine in my office's LAN... I have Apache (httpd) setup and my co-workers can access the sites perfectly by using my IP address, for example [URL]... So here's the question, how do I setup a domain name so everyone in the LAN can access the sites by typing [URL]..
I have 1 root-server with 2 NICs, both having their own internet IP addresses:
Code: eth0 = 8x.x.x.183 eth2 = 8x.x.x.205 We only have one gateway on that network: Code: gateway = 8x.x.x.1 We want to use eth2 for postfix + http, and eth0 for all the other stuff.
How can this be setup ? With route / ip route / iptables ?
i have setup Open VPN on Ubuntu 9.04, generated the key and have it running successfully on the server end. I download the open vpn client for windows, copied over the key ca and cert file and connected to the erver. All went well and the open vpn gui said its connected to the server (green comp icon in taskbar) and it said in a ballon it assigned me an ip of 10.8.0.6 it all looks good... BUT i have no vpn access... The virtual adapted in windows is not able to pull an actual IP/gateway and such...
I have a few issues after setting up Openvpn. At work i just setup a new Ubuntu Server 10.4. The server itself is working Great. I ended up getting Openvpn installed and working to a point. I have searched online and done as much reading as i could find but i keep running into the problem of not understanding. So here is the problem.
The server is set on a static IP address. At first i tried to have the config file listen on a virtual ip address i setup up in /etc/network/interface but that ended up not working so i set it to its specific ip address. I kept running into the error about script security while trying to start Openvpn. I tried to add into the config file "script-security 2" that way the up.sh and down.sh scripts were allowed to be run. That didn't help and then i kept trying to run Openvpn manually running the command
Quote:
And i kept getting a message
Quote:
So what i did was just comment out the "up" and "down" scripts in the config file. This allowed me to actually get Openvpn started on the server. So once this was done i connected form a client machine and was given an ip address like i should. The only issue is that i was not able to actually comunicate with the server. I have a samba share on there to allow me to copy files back and forth but an not able to actually communicate with the server at all. I should note that this is a web server that i can view from the outside. (actually get to the webpage) but i tried to access the website and share via the Openvpn gateway. I also tried to access the website portion using the hostname with no luck.
By the way, prior to putting the server on its separate network i was able to access the webpage and the samba share using both the ip address and the hostname.
I installed and tested both Windows server 2003 and Red Hat 9.0 with vmware workstation7. After installing 2003 can access internet but Red Hat can't. I want to test squid proxy server, send mail server, webserver etc. So, I would like to know how to setup WMware's network configuration for Red hat can access internet.
Below link is the configuration of VMware network setup both Server 2003 and Red Hat.
Here is Red Hat Configuration: http://i64.servimg.com/u/f64/11/74/16/17/linux10.jpg
Here is Windows Server 2003 configuration: [url]
I am using wireless connection to access internet.
