I'm trying to setup a OpenVpn on my Ubuntu 10.04 and after doing the configs from here: [URL] I get an error:
[Code]....
Fedora 11 I have tried just about everything in webmin, the current one I am working with is openswan, and I get this error: ipsec newhostkey --configdir /etc/ipsec.d --output /etc/ipsec.secrets ipsec rsasigkey: key pair generation failed: "-8037"
My boss would like to have our employees connect to our linux server, then access their personal computers to work when they are unable to be in the office. Everyone else in the office uses winblows and they are unwilling to try anything else no matter what the benefit. The most important one is the CAD guy, we need him to work on drawings from school or his latest flings house and I am just running out of steam. how to fix this error or radically change my approach, I will try or do anything.
I have openSUSE 11.2 installed and i need to create a gateway server that allows virtual private network connections. I want to play with my friends some lan games, but we are in different networks, so i want to create this gateway server so we can connect with VPN clients to this server and play freely.
View 7 Replies View RelatedI'm trying to setup OpenVPN in order to connect back to my home network while traveling for secure browsing and such. However, before I can even start trying to set that up I tried to see if I could open port check my computer through the net. And I'm having a hard time doing that.
As far as I can tell, here are my roadblocks:
1. Is ISP (Qwest) blocking my ports?
2. Is my modem doing the proper port forwarding and firewall?
3. Is my router doing the same?
4. Is my firewall on the computer allowing the request?
To minimize sources of error, I've turned off my local and router firewall and setup my router to forward ports. I'm not to familiar with my modem, but I'm pretty sure that the firewall is turned off by default and I think I've done port-forwarding correctly. But still no success when doing an open port check. At this point I don't know how to diagnose the problem.
Well to make this straight forward as possible I want a program like The Hotspot Shield In Windows and Mac, Its uses's VPN (Virtual Private Network). To view Hulu (And other stuff). A link: [URL]. Or can I use it wine (I don't really think so, by the way I didn't test it out Because its blocked in my country).
View 4 Replies View Relatedi have some problems with configuring openvpn tunnel connection to my openvpn server. I'm using static-key tcp connection. Network manager always said to me that connection could not be established. Also, when i try to run openvpn from terminal, i got some strange permissions problem:
Code:
openvpn --config config.ovpn
Mon Apr 5 15:48:37 2010 OpenVPN 2.1_rc19 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Oct 13 2009
Mon Apr 5 15:48:37 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Apr 5 15:48:37 2010 /usr/sbin/openvpn-vulnkey -q moj.key
[code]....
I've been learning linux for a while now with half an eye on making a career out of it in future. One sizeable gap in my knowledge at the moment is networking. Is it feasible/desirable to set up a network of virtual machines to use as an environment to learn networking? My budget is non-existent so I was hoping to be able to get a basic understanding of the principles from installing a few desktops, a virtual gateway etc on VMware workstation on my laptop, and doing a lot of reading online.
Is this feasible, or will I just end up learning about virtual networks instead of real ones? Also how much power would be required, because my 3GB RAM lappy has just gone bang and all I have now is a (new) 1GB RAM lappy.
I'm currently running Koala on a Dell Latitude D630. I've been with Ubuntu since Hardy, so I have some experience, but this is beyond me. Basically, I was at school, closed my laptop, and bicycled home. When I opened it up at home, I saw a blank screen. When I tried to reboot, I was told that the disk couldn't be mounted. When I boot a LiveCD, I can see my two disk partitions (/ and /home) as "16GB Filesystem" and "95GB Filesystem". The 16GB system can't be mounted, and I'm pretty sure is fragged. I tried reinstalling Ubuntu, figuring that would fix it, but no luck- it starts fine, but it gets about halfway through and then says it can't install the files.
The machine is still under a service contract with Dell, so swapping out the HD itself isn't such a big deal. It would be nice to get my data, though. I can successfully mount the 95GB (/home) system. I then see two folders "dan/" and "lost+found/". I can't enter the "dan" folder because I don't have permission. Opening a terminal and navigating to /media/95GB Filestystem/dan/ works if I "sudo su root" first, but not as "ubuntu" In the dan/ folder, all I see is "Access-your-private-data.desktop" (because my /home directory is encrypted) and "README.txt". The README says to run the command "encryptfs-mount-private".
When I do that, however, I just get the message ERROR: Encrypted private directory is not setup properly I tried putting my decryption password immediately after the decrypt command, a la: encryptfs-mount-private mypasswordgoeshere but with no change in results. The one ray of sunshine in all this is that I backup my /home directory to an external every week or two. So the actual data loss is not catastrophic. But it *has* been a busy week, so I would really like to recoup that data, since it includes little things like the first chapter of my dissertation, and the job negotiation emails in my .evolution folder.
how do I stop my Kubuntu to set up an IP ? I tried this:
sudo ifconfig eth0 192.168.0.1
but in the following minutes it changes it!how do I stop it?
Long story short: I opted to encrypt my home, enter the passphrase and soon as I log out and rebooted, I got stuck with a message about /var/lib/ICEauthority file and other messages. So I've been trying to fix one issue at the time. The bottom line is that I'm trying to get to my private folder. Dropped in recovery mode:
[Code]...
I have recently set up a network of 21 computers running Edubuntu 10.10 I use iTalc to communicate with the pcs and also to shutdown all of them at once. The only problem I have, is it doesn't start up again with iTalc. So I switched to ClusterSSH. Only problem I have now is that everytime I run cssh, I need to manually add IP addresses of all the pc's, before I can start issuing commands. Is there a config file or something I can populate with all the IP addresses so that it starts up with all of them already added? And while we are at it, the command to start up a computer on the network?
View 2 Replies View RelatedWe have installed "openVPN" from openSUSE 11.2 repo and "openVPN - webmin module" (GUI).What it needs to be done .. "Road Warriors" need to be able to access websites through openSUSE box sitting in the data center, from remote locations (hotel, coffe shops, wi-fi hot spots,..)We're half way there but it gets stucked somewhere with the IP's
View 6 Replies View RelatedAfter years with Linux and using ssh on a daily basis I have to admit I've never setup public/private key authentication and I've never run passwordless logon to ssh. It's not that I've never tried, I have - I've just never got it working. That to me is an almost alien concept as I am a tinkerer at heart and rarely stop until something is working the way I'd like it to. I get the principle of what's going on but I've always had a mental block about it.
View 3 Replies View RelatedI have set up OpenVPN server using a bridged configuration. My networking "powers" aren't that advanced, so I did this by following the openvpn tutorial for bridged servers. I have tested this with several clients connecting to my server from different locations and it works very nicely (including broadcasts).
My server's LAN IP address is 192.168.2.4, and my LAN's mask is 24. Clients connecting to my server get assigned IP address that also fall within that subnet (i.e., the 192.168.2.x pool contains both physical machines in my home and "virtual" hosts). This is what the OpenVPN walkthrough specifies:
[Code]...
I was wondering if it would be possible for the VPN to fall within a different subnet (such as 10.0.1.x). I would also like to do that without adding another physical NIC to my server, or changing my physical IP address. I would imagine this is possible, since that's how hamachi does it.
I have a Slicehost VPS and I'm trying to set up PPTPD on it. I only have one IP address (the public IP of the box). All the PPTPD howto's I've seen rely on assigning remote clients IPs from the local subnet (e.g. the PPTD server's local IP is 192.168.0.20, and remote IPs are taken from a pool of 192.168.0.30-40).
However I don't think I can do that as I only have the one IP address on Slicehost's network - that public IP (and all other IPs in the segment are public). So what I really want to do is to be able to create a private LAN segment or virtual network adapter and have VPN clients assigned addresses in that segment, then routed out onto the Internet effectively using the PPTPD box as a router. I am using Ubuntu Hardy (LTS).
I'm trying to setup OpenVPN to use a third party CA, and its unclear to me how to use the serial and index.txt files that are created when one uses the easy-rsa scripts to setup OpenVPN. If i'm using my own CA can I ignore those? Its also unclear to me how OpenVPN figures out the server.key passphrase. I'd also like to leverage the --tls-verify cmd directive but I am unsure of where to specify it.
What I would like to do is have --tls-verify call a perl script that then verifies that the CN of the certificate the client is passing in matches a cn in an LDAP group. I figure I can do the LDAP group lookup with some easy perl stuff, its unclear to me though if --tls-verify is going to pass in the RDN of the client cert.
I currently run a Windows 7 Compaq laptop with an Athlon x2 and 4gig of DDR2. I want to either set up a dual-boot on my laptop, or make Linux the Primary with Windows running in something like a virtual box. I am very much into Android and I want to learn Linux as a result of that. So which Distro should be considered in a situation like this.
View 6 Replies View Relatedwhile trying to set up Xen Virtual Nodes we encountered one issue with the network (which is why it is posted here On the DomU the interface is provided by a bonding -bond0- of three NICS. Now the Xen network script a) does not take this bonding b) destroyes even this bonding From a number of posts I assume I have to configure this by hand, correct? Is there an instruction how to do this? Simply create a bridge on top of bond0??
View 1 Replies View RelatedFollowed this guide to the letter:[URL]..
Tried to run command:
sudo /etc/init.d/openvpn restart
And just get a fail returned.
This is what the log-file says.
[Code]...
It says init bridge br0 does not exist. Do I need to create it in the network config or something?
Alright, I've been trying to get this fixed on my own, but I think I am missing a fundamental principle and no amount of scripts or hacks is gonna take place of that. I have adito/OpenVPN installed on my media center. It runs fine and I can access adito in my internal network from other computers just fine. But, the whole point is I want to be able to access it remotely!
Now, I had previously made a run at an external FTP site and failed miserably at that, and I think its all coming down to me not knowing how to configure my own router. I have a Netgear router, I can log into it and under Router status I can get what looks to be my routers external IP address. But if I try to access it at https://XXX.XXX.XXX.XXX:4433 (didn't want to use the default port, 443) I get nothing.
So, my main problems as I understand them are:
1)I need to clear the firewall on my router to allow traffic in/out of my reserved port
2)I need to forward incoming requests on that port to the static internal IP of my media center
3)I really would like a more reliable way to verify the info im getting from my routers admin settings page is actually my external IP, is there a command for this or a website that will tell me?
I've been the las 4 days setting up my first VPN (OpenVPN bridged). The server is up and running OK but when I try to connect I've got this message in the client log.
Quote:
TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
TLS Error: TLS handshake failed
[Code].....
We have to connect one PC in private network (campus) with other PC (mostly a modem in our case)in public network. Connection should be peer to peer like and we have to use C coding for establishing connection between this two systems. Is it possible if we use port forwarding or is there any other way?
View 2 Replies View RelatedThe facts are as follows:
1. I have at work a regular LAN with many PCs, each with a DNS-registered public IP. Therefore I am able to address each of these PCs by their fully-qualified names and, for instance, initiate ssh sessions to any of these computers just by typing "ssh <name_of_machine>" from a terminal.
2. Within the aforementioned LAN I have just created a private network with some clients, which access the LAN through a router (a D-link DIR-825). We have created this private network for many reasons, but most importantly because we need to guarantee that the hosts in this network will remain networked among them even if the LAN goes down for any reason (which unfortunately happens often). But we still need to have access to the hosts in the private network from the LAN.
3. I am able to define port forwarding rules in the router in order to access certain services on the private network's clients. For example. I am able to access (by ssh) hosts "H1" and "H2" on the private network from a client on the LAN by defining rules for forwarding ports "P1" and "P2" on the router's public IP to TCP port 22 on the private IPs of "H1" and "H2", respectively. Then I would access each of these hosts from the LAN by using:
>ssh -p P1 [ip.address.of.router] (for accessing H1) and >ssh -p P2 [ip.address.of.router] (for accessing H2)
4. The problem with the port forwarding approach is that it is not easily scalable. For instance, If I wanted to enable ssh access to each host in the private network, I would have to define a port forwarding rule for each machine, and then REMEMBER all these port rules when initiating a ssh session from the LAN in order to point to the right host. And the problem gets worse when considering more services in addition to ssh.
5. The ideal solution would be to be have a means for addressing each host in the private network individually, in much the same way in which I address the hosts in the LAN (which have DNS-registered names). For instance, in order to access hosts H1 and H2 as in the previous example, i would like to be able to just type
>ssh [name_of_host_H1] (for accessing H1) and >ssh [name_of_host_H2] (for accessing H2)
The bottom line:
I guess I can say that what I need is some kind of combined DNS-ing and routing that allows me to communicate with the hosts in the private network from outside of it in a transparent way.
The question is: what are any possible solutions for accomplishing this? I have searched the web and found stuff about things like VPNs, reverse-proxies and NAT servers, but I really can't understand if any of these could serve to solve my problem (BTW, isn't my router doing some sort of NAT-ing already? could I just add some DNS-ing in some way?)
I run a server that is connected to several other boxes in a private network (192.168.0.0). I have had no problems previously, but upon a reinstall of Debian squeeze I have no connectivity to the private network: a ping of other addresses on that network fail. Ping and connection to outside world is fine. This box is configured similarly to another on this private network which connects successfully. I have quadruple-checked all my basic information. I post my ifconfig below of the malfunctioning device, then the ifconfig for equivalent nic on a box connected succesfully to the private network.
Questions:
1.Could it be a cable problem? (I don't see how since the cables have not been changed I do not believe since my reinstallation).
2. What about the difference in the last lines of eth1 below and eth2 of the successful box. Is it significant that the bad eth1 reads Memory:fc3a0000-fc3c0000
I am new to networking and trying to setup my own local area network using virtual box machines. I have installed BIND 9.7.3 using yum in Fedora (dns server) and created all necessary .conf and zone fil es. I am successfully able to resolve domain names on this host machine (dns server). for example dig @dns.domain.lan client1.domain.lan correctly resolves domain name.
[Code]...
1) My Internet connection is COMCAST with a router box and one public IP address.2) My web server is Apache using 10.1.10.200 as its address.3) Now I want to add another host name (www.myhealth.com) on my server. I did DNS forwardin (with Godaddy) to my COMCAST static IP address.4) I also added (in my httpd.conf) a block for virtual hosting
View 4 Replies View RelatedI've seen this issue and it never seems to get resolved maybe this time I can find a fix.I'm currently using ubuntu 11.04 although i've had this issue since 10.04 and 10.10When using openvpn in windows it works perfectly fine but when using openvpn on ubuntu that's a completely different story I import my .ovpn file from clearos it loads the keys just fine but when it tries to connect it say's "no valid vpn secrets"
On clearos it gives you 3 certs and a .ovpn file the file sets it to use password with tls certs but it still comes up with this error, i've been quite stumped and it would be nice to possibly shed some light on this so I can finally get ubuntu to work with openvpn if possible.
I am using a custom OpenVPN install using 7zip. It installs the program and unzips the keys and configuration files to the correct location. This is being installed by an administrator and needs to work for non admin users. Before there was an issue about not pushing the routes correctly and I am going to get around that by adding the users to the Network Config group which will allow them to add routes but not a whole lot more power. Now I am getting the error "Error opening logfile for writing C:Program FilesOpenVPNlogclient.log.
You probably don't have administrator privileges, which are necessary to run OpenVPN." Is there anyway around this? OpenVPN still works even though this error occurs so is there anyway to just turn the error off (changing verb to 0 does not work) or recompile it to ignore this error? Is there anyway to change the logging location to event viewer or another directory such as C:Users\%currentuser%OpenVPN.log (when I try to do this with log or log-append option it throws another error and doesn't work so I would prefer event viewer so there wouldn't be any permission issues).
i have been looking for a simple network monitor daemon for ubuntu, for some time but have not found anything that suits my requirements and from what i've been reading online there seems to be quite alot of other people out there that are looking for the same thing. [URL]...for-linux.html page seems to have the most comprehensive list of similar products but if you read through all of them they don't seem to be what i'd imagine most home users need. here's a list of what i had in mind, if any one uses something that has these features or knows of something that might meet these requirements please let us know! 1)a small lightweight daemon that can be accessed via the panel on gnome 2)has thee ability to monitor eth or ppp (particularly internet traffic)3)can represent this data in a human readable format ie using megabytes and gigabytes 4)can store a history of how much data is being sent and received over long periods of time (like several months)
View 2 Replies View RelatedI have a virtual private server that I am trying to connect to using x11vnc. I ran this through ssh to setup gnome
sudo apt-get install gnome-core
sudo apt-get install gdm
sudo /etc/init.d/gdm start
sudo dpkg-reconfigure xserver-xorg
I later ran sudo apt-get install ubuntu-desktop to see if that would help.
Code:
#cat /etc/issue
Ubuntu 10.04.1 LTS
l
Code:
#sudo startx
Fatal server error:
xf860OpenConsole: Cannot open /dev/tty0 (No such file or directory)
I assume this is because it probably doesn't have a video card.
[Code]...