Ubuntu Networking :: OpenVPN Works Fine, But Can't Filter Traffic Between Users?
May 13, 2011
I'm using ubuntu server 10.04 with openvpn installed on it. My vpn is working fine, all the users can connect without any issue.My problem is that I'm unable to filter the VPN traffic using openvpn. I can't allow all users to be able to interact with other vpn users. I need to avoid this kind of traffic.I was trying to build an iptables firewall, but I just noticed that my openvpn traffic isn't being filtered by iptables.In FORWARD chain, no matter what rule I use openvpn would continue to allow traffic between my clients. It does appear that openvpn is skipping FORWARD chain?For example:
Code:
# iptables -L FORWARD -nv
Chain FORWARD (policy DROP 0 packets, 0 bytes)
[code]....
View 3 Replies
ADVERTISEMENT
Aug 31, 2010
I'm facing a problem when I establish VPN connections using OpenVPN to Your Freedom Server. " you can see their documentation here ", I've installed OpenVPN from synaptic and I used the client to connect through VPN and it works !! but there is no traffic in FF or any application !!I tired to insert some HTTP proxy also belongs to the same server and it works. What really wonders me is that OpenVPN seems to work only when I'm connecting to streams sites "e.g. ustream, justin.tv" Is there anyway to force the whole traffic to use OpenVPN " I'm using Mobile modem and it works fine with OpenVPN in win7
View 7 Replies
View Related
Mar 1, 2011
I have access to a VPN I use when having confidential instant messaging sessions. For the purposes of my work, essentially.I'm a command line kind of guy, and like to use Finch (the shell version of Pidgin) for those.However, when I turn on my OpenVPN connection it routes all traffic through the VPN. Web-browsing, IMing, and I can no longer access other machines on my home network.Can I set OpenVPN to only route traffic I ask through that connection (either by port number or application, or some way I haven't thought of), while other traffic flows through my usual home network?Some kind of local proxy perhaps? Or a dd-wrt box set up as a proxy, connected to OpenVPN?I've played around with the GUI environment too (I have a basic GUI I sometimes use on my main machine) and have installed the full desktop 10.10 on a second machine just to see if I can work it out.
View 2 Replies
View Related
May 6, 2010
I have a need to make a rather odd filter in tcpdump- I would like to capture only all those packages on interface eth0, that are outgoing(in other words from IP 192.168.1.1, which is IP for eth0 in this computer) and doesn't have src MAC address 11:22:33:44:55:66. However, fallowing command says, that syntax is wrong:
Code:
tcpdump -n -p -i eth0 src host 192.168.1.1 ether src not 11:22:33:44:55:66
Is this possible? If yes, then what is the correct command?
View 3 Replies
View Related
Dec 10, 2010
I have installed OpenVPN to use it as an internet gateway butcan't get it to work.OpenVPN installed without any problem. The client can also connect and ping the server but there is no internet traffic.I think it is because of a wrong gateway address which the client gets but I'm not sure. server IP address is 10.8.0.1 and the client can ping this IP but it's default gateway is always 10.8.0.5 which is not accessible from the client.This is my server.conf:
Code:
dev tun
proto tcp
[code]...
View 7 Replies
View Related
Jan 16, 2011
I got it set up in the NetworkManager applet (imported the client.ovpn), but when I connect it sends ALL my traffic through the VPN. I would prefer all accesses to the internet go over my normal default gateway, rather then all the way through to the VPN's default gateway.When I connect through the command line:
Code:
openvpn --config client.ovpn
I don't have this problem, and accesses to the internet still go over my default gateway on
[code]...
View 1 Replies
View Related
Aug 31, 2010
I have some questions about openVPN. I am wanting to hide my downloading through transmission and I'd like to know if I can use openVPN for this? Also do I need access to a server? I don't understand how it all works.
View 5 Replies
View Related
Oct 5, 2010
This has been bugging me for quite a long time. I need to have a pptp connection to my university. I have tried to locate the error, but this has been a real trouble.
A little bit of history: My girlfriend had a laptop with M$ vista on it with a working PPTP connection. I had a laptop with Ubuntu, with which I couldn't get the PPTP working.
When my laptop crashed, I bought a new one on which I run a dual boot XP SP3 and Ubuntu. I also own a desktop (Dual M$ Win 7 / Ubuntu standard Karmic) and my girfriend also upgraded to Win 7.
Currently, the XP version is the only one on which I can get a connection. Both Ubuntu and the Win 7's give me a GRE proc 47 not received error. I know our router (a DAVOLINK DV2020) is notorious for not sending through GRE proc 47, but this either shouldn't be the case or it shouldn't matter, since I can make a perfect connection through the XP OS.
This is quite a handicap, since we both study at the university for which we require working VPN PPTP connections.
Settings:
Gateway: vpn-eur-pptp.eur.nl
Username: 123456ab@eur.nl
Password: password
Authentication: MSCHAP / MSCHAPv2
[Code].....
View 3 Replies
View Related
Dec 3, 2010
My Windows machine can ping Ubuntu by name, but Ubuntu can only ping the Windows machine by using it's IP address. This was working fine in both directions until I purged Samba. After purging Samba, I couldn't ping in either direction unless I used the IP address. I did some reading and found that Samba provides NetBIOS functionality that allows the machines to resolve host names without a DNS. Since I'm not running a local DNS, I decided to reinstall Samba. Unfortunately, I've not been able to restore it to full working condition. I don't want to use hosts files as all the IP addresses are assigned automatically by DHCP. I want to be able to access the Windows machine by name.
View 9 Replies
View Related
Apr 30, 2010
I installed Ubuntu (10.04) today and it has gone smoothly except for the fact that I can't connect to the Internet when in Ubuntu (connection works fine in Windows XP). I am using a wireless USB card (Linksys WUSB600N) to connect.
The weird thing is that the card detects all the local networks, asks me for a password to my network, and it even says it is connected to my network after I put the password in -- but when I open Firefox no pages will load.
There is another weird quirk as well: Ubuntu will not restart or shut down properly (it hangs around indefinitely with the little white / orange dots going across the screen) unless I first remove the wireless card from the USB slot. But that doesn't bother me as badly as the lack of Internet.
View 3 Replies
View Related
Jul 17, 2009
Filter access server through the net only to authenticated users from domain controller (Win2k). Server (Centos)(Firewall with 2 nic), which makes access to the net, with only 196MB RAM (PIII500Mhz), so I do not want a solution based on proxy or what resources it uses large I want a solution with a script that runs at login on windows this check series HDD and to communicate with Linux server that's open accessor another simple solutionNow just use only MAC filtering on
View 1 Replies
View Related
Jan 23, 2010
I have been using Ubuntu 10.04 (32 bit) as a headless workstation, running a VNC screen. Worked perfectly for about 3 weeks, then suddenly, I lost the Drag and Drop capability, for all applications.For example: Dragging and dropping to move items on the desktop does not work. The item simply pops back to the original location.Dragging and dropping to move items from one folder to another does not work. Same behavior the item just pops back to the original location.Dragging and dropping Bookmarks in Firefox does not work. The attempted Drag and Drop is ignored.Copy and paste still works fine.The problem does NOT occur when using an attached monitor (primary display screen :0).After much Googling (including these forums), I suspected that the changed behavior was caused by an update (from Ubuntu Update Manager). I confirmed this with the following:
Reinstalled Ubuntu 10.04 fresh from the live cd.
Configured minimal networking and installed VNC server.
Tested Drag and drop -- works okay
Applied pending updates (116) from Ubuntu Update Manager
Tested Drag and drop -- not working
I am using vnc4server and openssh-server installed from the repositories using Synaptic.
View 4 Replies
View Related
Oct 29, 2010
I just got Ubuntu and am new at this stuff. I have a dual boot windows 7 64 bit one and ubuntu 10.4. I booted ubuntu at startup and then tried to go online, but it says my wireless device is disabled. I tried pressing the keys on my keyboard to see if that may work, but it doesn't. I am lost and new at this.
View 1 Replies
View Related
Dec 18, 2010
I have a openvpn server configured and users are using from remote location. I got some errors in the /var/log/messages file as:PHP Code:
Dec 18 16:09:37system openvpn[7221]: x.x.x.x:58983 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Dec 18 16:09:37 system openvpn[7221]: x.x.x.x:58983 TLS Error: TLS handshake fai
[code]....
View 1 Replies
View Related
May 17, 2011
I switched from windows to Ubuntu 10.10. But I'm not getting along with it as well as I expected I would Specially cause I'm not getting the best out of it due to limited web connectivity. I used to use a usb WiMax modem back in windows (which is also supposed to be supported by linux as my service provider said) for internet. But I'm having a hard time configuring it on my Ubuntu. The modem works fine but I'm failing to install the drivers [url]. I used my cell as a temporary modem to get help from the web.
I downloaded:-
i2400m firmware 1.5.0
WiMAX Tools 1.4.5
WiMAX Network Service 1.5.2
According to the documentation, I'm supposed to install the linux kernel 2.6.35 which Maverick comes with anyway.
Then comes the part to install the firmware. The command I used was
Code:
But unfortunately and annoyingly the result is
Code:
I didn't get it. Am I missing any package or something?
View 1 Replies
View Related
Oct 1, 2009
This is my startup routine:
I log on and Network Manager shows no wireless adapter.
I go to System > Administration > Network:
There are two entries in the Devices tab: Wireless and Ethernet
As soon as I double click the Wireless device and the configuration pops up, the device starts working (no changes to the settings are made)
I have the following set to ON:
- Controlled by Network Manager
- Activate device when computer starts
- Allow all users to enable and disable this device
View 7 Replies
View Related
Jul 1, 2010
I am trying to list all traffic from 1 IP address but filter out port 1057.I keep getting syntax errors. I've tried:
Code:
ngrep -e host xx.xx.xxx.170 not port 1057
ngrep -e port 1057 -x host xx.xx.xxx.170
ngrep -e not port 1057 -x host xx.xx.xxx.170
etc.
View 7 Replies
View Related
Sep 16, 2015
I'm running OpenVPN service on both debian server and client. When start connection between client and server, I expect all the computer traffic (except ARP and DHCP requests) go through created tunnel. However, when I capture packets on wlan0 on client (the only connection going outside host) using Wireshark, I can see DNS requests visible and sometimes incoming TCP traffic as well, but most of the traffic is going through tunnel as expected. I provide both configurations of client and server and client routing table for inspection. I changed server address to avoid server exploitation in the case of some big configuration mistake.
Commands to run OpenVPN services are:
Code: Select allFor client: sudo openvpn --config /etc/openvpn/client.conf &
For server: sudo openvpn --config /etc/openvpn/server.conf &
**Client routing table when VPN is OFF**
Code: Select allKernel IP routing table
Destination   Gateway     Genmask     Flags Metric Ref  Use Iface
default     192.168.1.1   0.0.0.0     UG  1024  0    0 wlan0
192.168.1.0Â Â Â *Â Â Â Â Â Â Â Â 255.255.255.0Â Â UÂ Â Â 0Â Â Â 0Â Â Â Â 0 wlan0
[code]...
I searched through many forums and documentation and I found, that for all the traffic going via VPN is command: *push "redirect-gateway def1"* neccessary, however, I have leaks despite this command being in place. I already spent over 2 days with this and tried to configure it in many ways, now I have no clue what I'm missing.
View 0 Replies
View Related
Apr 30, 2010
one of these "WiFi works in Gnome, not in KDE" threads, but I have been all over google and hundreds of threads across different sites and can't figure this one out.As mentioned, wireless is peachy in Gnome, unfortunately I like KDE and I'm more productive using it (when I have internet). Wired network works fine in KDE, and my network card
Code:
03:00.0 Network controller: Intel Corporation Wireless WiFi Link 5100
Subsystem: Intel Corporation Device 1201
[code]....
View 1 Replies
View Related
Feb 3, 2011
I have an Ubuntu VPS running 10.10 x86_64
This is what is in my /etc/network/interfaces right now.
Code:
auto eth0
iface eth0 inet static
address 67.202.x.x
gateway 67.202.x.1
netmask 255.255.255.0
auto lo
iface lo inet loopback
My server.conf
code....
I can get the VPN server running and everything connects fine from the client. I just don't know how to tunnel all the traffic through the VPS because it involves making the bridge which I'm having trouble with. What exactly am I supposed to put in /etc/network/interfaces?
View 1 Replies
View Related
Dec 5, 2010
I have set up an openvpn server on ubuntu via port tcp 443. The server use a public network and almost every ports are blocked (not 443) So when a client connect to the server, if it send traffic needing a blocked port, the connection cannot been etablished of course. So i d like to know if it is possible to redirect all incoming traffic on the server to an other unblocked port (like 443) to bypass firewall.
I dont think openvpn offer this possibility but maybe with linux it is possible..
View 3 Replies
View Related
Nov 17, 2010
I have a remote network that I manage consisting of a DLink DFL-210 firewall/router, and behind that a Dell server running openSUSE 11.2 and a collection of Windows XP/Vista/7 computers.
The Linux box is running OpenVPN as a server (that is how I connect to this network) and a client (it connects to a second server - running XP - at a different location).
The DLink router is the DHCP server and provides addresses on the 192.168.51.0/24 network. The OpenVPN server provides the 10.8.51.0/24 address range.
The remote network that the Linux box connects to is 192.168.54.0/24 via the OpenVPN network 10.8.54.0/24.
I have added routes to the DLink router to route all traffic to the 10.8.51.0/24 and 192.168.54.0/24 networks to the Linux box.
With SUSEFirewall turned off, after I have connected via OpenVPN from my remote computer I can ping all active 192.168.51.0/24 addresses. Other computers on the 192.168.51.0/24 network can ping computers on the 192.168.54.0/24 network. But if I turn on SUSEFirewall, neither of these work. However, I can ping 10.8.54.1 from any computer on the 192.168.51.0/24 network.
How can I set up SUSEFirewall to allow these networks to communicate with eachother?
View 5 Replies
View Related
Apr 5, 2010
i have some problems with configuring openvpn tunnel connection to my openvpn server. I'm using static-key tcp connection. Network manager always said to me that connection could not be established. Also, when i try to run openvpn from terminal, i got some strange permissions problem:
Code:
openvpn --config config.ovpn
Mon Apr 5 15:48:37 2010 OpenVPN 2.1_rc19 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Oct 13 2009
Mon Apr 5 15:48:37 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Apr 5 15:48:37 2010 /usr/sbin/openvpn-vulnkey -q moj.key
[code]....
View 1 Replies
View Related
Mar 30, 2011
Basically i set up a webserver using this tutorial but installed ubuntu 10.10 [URL]
im using charter cable and it has that ubee router. when i tried to set up the static ip the closest thing i saw was an option called static ip lease in which input my servers local address and mac address and checked enable. then i applied dmz to my servers local ip. after that i typed in my public ip and to my excitement it worked. so i began creating the website. i dont know if all that is relevant but just in case i didnt want to leave anything out. this is my first time with linux and servers and ive only been at it for about 5 days. anyways i made the website and everything was going good then i needed to reboot the server so i did. after reboot i logged into the server then went back to the other room where i worked on the server using putty from a pc and flashfxp and tried to navigate to the website in firefox. it didnt work. if i try to go to the website address from a computer on my network i get a problem loading page error from firefox and if im on a different network it shows my router page to login and configure. i dont understand how it was working then after reboot it all of a sudden doesnt.
o also i installed gnump3 today before reboot if that is important
View 1 Replies
View Related
Mar 21, 2011
I have a setup of squid3 with ntlm authen and I use squidGuard 1.5 to filter my web traffic. My squid3 is authenticating users properly and parsing all rules. The problem is with squidguard which doesn't seem to filter out users. below is my squidguard config.
Code:
dbhome /usr/local/squidGuard/db
logdir /usr/local/squidGuard/log
[code]....
View 3 Replies
View Related
Mar 30, 2010
On my Acer netbook (AOA-150-1635) the wireless works fine with WinXP, Ubuntu, and used to work with Suse 11.1. I replaced the Suse 11.1 with a clean network install of Suse 11.2. I couldn't get the wireless to work and did another network install using the wireless. When the install was completed I could not get the wireless to work with Suse 11.2. When I run the "collectNWData.sh" it shows--
!!! CND0120E: Network card wlan0 has no IP address
wlan0 Interface doesn't support scanning : Network is down
[code].....
I looked up error CD0120E and changed the network devices setup to "traditional". The wireless "scan" picked up the routers and I added the encryption keys. Still no joy. I ran "collectNWData.sh" again and it said it is better to use the Network Manager.
!!! CND0180I: The system can't ping external IP address 195.135.220.3
!!! CND0150E: There might be a problem with the default gateway definition 10.1.1.1 on interface eth0
[code]....
Going back to Yast, Network Devices, I set Network Manager. The result is that it is back to the beginning with "collectNWData.sh" giving the original error.
View 9 Replies
View Related
Mar 18, 2010
I've got 9.04 and 9.10 both installed on the same machine. The /home directory is on a separate partition, so both OSes use the same /home.I can't get Compiz to work at all in 9.10, even though it's been perfectly fine in 9.04. Is there a backport of some sort that i should install?The fixes I've found all point to editing the xorg.conf file, but of course, Karmic doesn't have an xorg.conf file.I've tried reinstalling the Compiz files, reinstalled the open-source video drivers, installed/uninstalled fglrx drivers a few times, rebooted dozens of times.
View 8 Replies
View Related
Nov 14, 2010
Though I had solved this but I was premature. Here are the details. When I use HDMI to connect to my lcd TV it works fine in Windows7. (I have dual partitions W7/Ubuntu),but when I boot into Ubuntu and use HDMI, nothing happens.
lori@lori-laptop:~$ aplay -l
**** List of PLAYBACK Hardware Devices ****
card 0: SB [HDA ATI SB], device 0: STAC92xx Analog [STAC92xx Analog]
Subdevices: 1/1
Subdevice #0: subdevice #0
[Code]...
also when I open the Gnome Alsa Mixer, under the HDMI tab, there is just a blank screen. I believe I have the latest Alsa releases.
View 4 Replies
View Related
Nov 16, 2010
I have a working LDAP-server (I belive!!) I want my laptops to authenticate against the server, when they logon. That works fine as long as the network is present. But I also want the users to be able to log on, when the network is down. When I go to a terminal (without network) I can su to another LDAP-user.I can login via graphical login-screen with the network attached, but not when it is disconnected.
In a terminal id john gives me information about the user john.
My conf. files looks like this:
/etc/ldap.conf
host 172.16.0.138:389
ldap_version 3
bind_policy soft
[Code]...
View 1 Replies
View Related
Dec 15, 2010
I have Ubuntu 10.10 installed for some time now and I don't boot my Win7 machine in weeks!I love how solid, robust it is... and also how good it looks.Love the features like Ubuntu One (use it a lot!) and the Software Center. I'm 95% converted and I would be 100% if it weren't for 2 issues:
1 - The machine won't shutdown. Rebooting works fine but shutdown it just hangs... Kinda sucks having to press the Power Off button every time...
2 - I'm on a laptop but it doesn't recognize my battery. All I get is a "electric ray" on the panel. Even if I remove AC power it still does the same... No charging information, nothing... I tried
Code:
sudo modprobe pmu_battery
on the terminal but is says that the module could not be found.
Everything else works terrific (better than Windows!) with this two exceptions...
View 9 Replies
View Related
