Ubuntu Security :: Openvpn Won't Work On A New Network?
Jan 5, 2010
A couple of weeks ago I was using openvpn with a provider of PVNs on a home wifi network with no problems.I had installed openvpn using apt-get install and downloaded theopvn PVN files from the organization.erything worked fine.I would type sudo openvpn nameoffile.ovpn and then add my username and password during the installation process.However, when I try to do the same on an Ethernet network, the installation work fines (as above) and informs me that everything is connected (same as on the home Wifi network) but Firefox and all other software cannot connect to anything on the Internet.I contacted the organization who said the DNS was a problem and I needed to install resolvconf then modify each .opvn file using up /etc/openvpn/update-resolv-conf and down /etc/openvpn/update-resolv-confcauses the installation to hang because it does not like openvpn pointing to an external file.Irrespective of the problem I have with this "solution", previously I could use openvpn without modifying the .ovpn files. It just worked! I wonder if anyone knows why using the exact same configuration on an Ethernet network (which I have not used before with openvpn) is causing problems
View 4 Replies
ADVERTISEMENT
Oct 27, 2010
I followed this tutorial => https://help.ubuntu.com/community/OpenVPN
I'm working on ubuntu 10.10 OS
So everything is ok when i start the tutorial with my interface on code...
The only way I can make it work again is by setting the interfaces back to
auto lo
iface lo inet loopback
>> then reboot
and after that put back the br0 settings in the interfaces en restart the network.
View 4 Replies
View Related
Apr 5, 2010
i have some problems with configuring openvpn tunnel connection to my openvpn server. I'm using static-key tcp connection. Network manager always said to me that connection could not be established. Also, when i try to run openvpn from terminal, i got some strange permissions problem:
Code:
openvpn --config config.ovpn
Mon Apr 5 15:48:37 2010 OpenVPN 2.1_rc19 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Oct 13 2009
Mon Apr 5 15:48:37 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Apr 5 15:48:37 2010 /usr/sbin/openvpn-vulnkey -q moj.key
[code]....
View 1 Replies
View Related
Feb 13, 2010
I want to configure a VPN over the Internet.I installed the 'openvpn' package, generated the key file, transfered it by a secure way to the client, and setted up the configuration file.
So, in that configuration file I input the IP addresses of the tunneled interfaces. Both IPs are static in the tunnel.
Then, I've heard somewhere that I can assign a dynamic configuration IP for the client. I do this registering a range.
Well, when I tried to change static IP to dynamic IP (changing '192.168.0.2' to '192.168.0.0/24') in the configuration file, the OpenVPN didn't work.
Obviously I don't know what I'm doing, and I really, don't believe that simply changing the IP will make it work, but I tried.
I hope I explained my problem as well.
My configuration file:
# OpenVPN Server Configuration File
dev tun 0
ifconfig 192.168.0.1 192.168.0.2
cd /etc/openvpn
secret key_file
In client I execute the 'openvpn' without the '--daemon' parameter.Then I want that my client uses a IP in a range (192.168.0.0/24, for example), instead of a static IP (192.168.0.2).I also thought to use a DHCP server, but I'm not sure that will work.
View 6 Replies
View Related
Jan 2, 2010
Im a total beginner when it comes cryptography and networking. Finally managed to create a connection with OpenVPN on Ubuntu to a vpn provider called ivacy. On this page:http://ivacy.com/en/doc/user/setup/winxp_openvpn they give configuration files and keys, which I used. The question is, if someone wanted to see my network traffic, could they do it using the keys provided on that page. Reading the OpenVPN documentation i saw that it is also possible to create your own keys. Would that be more secure?
View 10 Replies
View Related
Jul 29, 2010
How does network file sharing work in Ubuntu? Is it only enabled for the Public folder? Or does it vary by folder permission settings, specifically in that folder's 'Properties' and allow others access the folders?
I'm asking because someone at my work may have had a complete breach of their personal files in the /home/ directory from their folder permission settings. I want to know if regardless of everyone having access permission to the folder, if they need to drag it to the Public folder for it to be network shared.
View 3 Replies
View Related
Jan 8, 2010
I have a running proxy server that I wish to also turn into a VPN server.The VPN is not used so much that a user can access the network but is used so that they can obtain a geo specific IP address for their applications (the proxy server only does this for HTTP).I would therefore like to block off the VPN from accessing any of my Linux box's ports such as email, web server etc.Clients are given local IPs of 172.16.0.x.What should I take into consideration to block off clients from accessing dangerous stuff on the network?
View 4 Replies
View Related
Nov 29, 2010
There dosent seem to be a guide for this...i can use pptp vpn on ubuntu-how do i use openvpn-a step by step guide would be really useful!!
The vpn provider i use is called 'hidemyass' vpn-anyone know if openvpn will work on ubuntu with this?
View 1 Replies
View Related
Jun 20, 2010
I'm running Ubuntu 10.04 LTS as a VM in Hyper-V, and accessing it via VNC with a machine in the same broadcast domain. I'm using OpenVPN to connect to XeroBank. I have instructions for configuring iptables to permit establishing and using the XeroBank connection, while blocking all other traffic on eth0. I've followed them successfully. I need to also permit the VNC connection, and haven't managed that. FWIW, the VM is at 192.168.111.12::5900 and the workstation is 192.168.111.2.
The attachment to this post lists the recommended contents for each Shorewall file. Which files need changed, and what do I add to each?
View 3 Replies
View Related
Jul 17, 2010
I just installed OpenVPN using apt, and it doesn't seem to have components which are distributed with the source, such as easy-rsa. Why would tools like this be excluded from the package? I prefer to use apt rather than compiling from source, to keep things neat and simple.
View 2 Replies
View Related
Aug 4, 2010
I installed OpenVPN and gadmin-openvpn-server from the repos and I can't seem to activate the openvpn server in the gui. I have the server certificate generated, and all the information on encryption protocols setup, and accounts named and ready, despite accounts that were already there, such as www-data, bind, ossec, etc being listed. The server log states:
PLUGIN_INIT: could not load plugin shared object /usr/lib/openvpn-pam-auth.so: /usr/lib/openvpn/openvpn-pam-auth.so: cannot open shared object file: No such file or directory.
View 5 Replies
View Related
Jan 5, 2011
I use vpntunnel.se and followed their tutorial for OpenVPN and it connects and assigns an IP. However, once the sequence is initiated and I open my browser I cannot connect to a webpage and get a "cannot resolve" error. I e-mailed their support and they suggested I change the DNS of my network settings. I did that but the same problem. Once I close OpenVPN my internet works again. It works in windows, so I know it is not my router...I use a wireless connection with my router. I don't know if this has something to do with anything...
View 9 Replies
View Related
Apr 28, 2011
I'm using a hp dualprocessor athlon 11 g42-415dx notebook pc and my wireless wont work i put the passcode in wicd program and it says bad password. So i tried the pin code on the wireless router and that didnt work so am i doing something wrong or is there something wrong with the hardware? i got the wired connection to work but cant get wireless its a little more complex.
View 1 Replies
View Related
Apr 21, 2010
I have a virtual private server running ubuntu server edition that I have set up as an openvpn client. The problem I have is that the moment I turn on openvpn, I am no longer able to ssh into the machine. Is there a way to enable me to connect to it even when it is tunneling?
View 4 Replies
View Related
Jul 20, 2011
I have to say, I'm a little astonished at how anxious people are to bypass password checks on networks, all for the convenience of having things come up automatically. But given the world as we find it, I'm seeking a different approach.
I have an OpenVPN network. It works fine, but for my laptop, I've selected a client certificate that requires a password, so that if it falls into nefarious hands, the thief will not have immediate access to the VPN.
I'm trying not to have any data at all on the laptop (yes, a waste of a 500GB drive). So I want the VPN up even before I log in through the GUI.
It would be nice if the boot-up sequence would pause for the openvpn start script to ask for this password. I see the script contains a line "# X-Interactive: true" which I understand from documentation is supposed to accomplish this. But it doesn't. OpenVPN simply fails to start, which is better than the alternative, but a pain.
I have already disabled the splash screen (having been around Linux for over ten years, I am more comfortable seeing boot-up messages anyway, though even on this x86 they flash on so quickly I'm not sure I'm really gaining anything).
What am I missing?
View 2 Replies
View Related
Jan 10, 2010
Why is that certificates need to be revoked with openvpn?I simply removed them from the keys folder but everytime the client connects it just places the certificates back into the keys folder itself?! Should that be possible?
Secondly, I have a problems etting the revoke command.Is there a known setting on the openssl.cnf file that might cause this?
[root@server]# source ./vars
NOTE: If you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/easy-rsa/2.0/keys
[root@server]# ./revoke-full client2
Using configuration from /etc/openvpn/easy-rsa/2.0/openssl.cnf
error on line 282 of config file '/etc/openvpn/easy-rsa/2.0/openssl.cnf'
21368:error:0E065068:configuration file routines:STR_COPY:variable has no value:conf_def.c:629:line 282
code....
View 1 Replies
View Related
Feb 14, 2011
Within the documentation of example OpenVPN setups there is a setup that shows an OpenVPN Server with two network interfaces. One interfaces is plugged into the public internet network and the second interface is plugged into the private network.
Normally I assume that it would be best to place the OpenVPN system inside the network behind the router and firewall and open only the ports needed on the router to allow access to the OpenVPN system. All other router ports would be closed. This is the first example they show. To see what I am talking about see page(s) 6-7 here -> [URL]
If one were to use the two interface public facing setup, when would that setup best be justified? I guess if you didn't want to open any ports on the router/firewall then this could be justified but then you have to lock down this public system individually instead of having it protected by the network firewall.
View 1 Replies
View Related
May 5, 2010
Just had to re-install after I did some very silly things. Running 9.10 Ubuntu with XBMC-live Have gnome desktop, Firefox with adobe flash plugin. I set up a script called myvpn to run openvpn and this used to work and now it doesn't I did
[Code]...
If I manually type in each command it works, but the script doesn't?
View 2 Replies
View Related
Sep 9, 2010
I'm following this guide [URL]. I am trying to use a bridge to vpn from work to home.
/etc/network/interfaces
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto br0
iface br0 inet dhcp
bridge_ports eth0
iface eth0 inet manual
up ifconfig $IFACE 0.0.0.0 up
up ip link set $IFACE promisc on
down ip link set $IFACE promisc off
down ifconfig $IFACE down
I am forced to use dhcp because of my router. (although it is a static lease) I think this is where I am hung up. Everything else seems to be working properly though. I have a windows client connecting but is limited to the server serving out openvpn. (192.168.1.21) In other words it is not functioning as a bridged vpn service.
ifconfig
openvpn server.conf
local 192.168.1.21
port 1199
proto udp
dev tap0
up "/etc/openvpn/up.sh br0"
down "/etc/openvpn/down.sh br0"
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
dh dh1024.pem
ifconfig-pool-persist ipp.txt
server-bridge 192.168.1.21 255.255.255.0 192.168.1.100 192.168.1.200
keepalive 10 120
tls-auth ta.key 0 # This file is secret
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
View 2 Replies
View Related
Apr 28, 2011
I've seen this issue and it never seems to get resolved maybe this time I can find a fix.I'm currently using ubuntu 11.04 although i've had this issue since 10.04 and 10.10When using openvpn in windows it works perfectly fine but when using openvpn on ubuntu that's a completely different story I import my .ovpn file from clearos it loads the keys just fine but when it tries to connect it say's "no valid vpn secrets"
On clearos it gives you 3 certs and a .ovpn file the file sets it to use password with tls certs but it still comes up with this error, i've been quite stumped and it would be nice to possibly shed some light on this so I can finally get ubuntu to work with openvpn if possible.
View 3 Replies
View Related
May 31, 2011
my problem is following: I'm running a bridged OpenVPN on my Debian. If the service is running, everything works fine: local and Internet, ftp, mailing from in and outside etc. But, when stopping OpenVPN, sending mails from inside (LAN) fails: I cannot reach smtp (postfix) listening on port 465. And even reaching mailboxes using IMAP gets horribly slow eg. in Thunderbird. Here is my firewall.sh script.
Quote:
#!/bin/sh
echo "
IPTABLES FIREWALL inicializalasa - szures"
# Enter the designation for the Internal Interface's
INTIF="eth0"
[Code].....
View 9 Replies
View Related
Jul 29, 2010
I need to run a 2nd instance of openvpn on my server so that it can run on udp. The current one runs on tcp and I need to keep that running. Apparently, I need to create a 2nd tun network for it to use - how can I do that? I tried starting a 2nd instance of openvpn but it just seems to hang.
View 1 Replies
View Related
May 20, 2009
I have the following problem:I have to networks in remote places.I have an opnvpn client in one network that connects to the the router (openvpn server).My question is,can i connect the network where the openvpn client is,throught the computer with the client to the other network.If yes,how? (please make it an idiot proof anwser because i have limited knowledge about iptables). I was thinking like forwarding (the router in the network with the openvpn client is also firewalling with iptables) the request of the ip class of the openvpn network to the computer with the client,which masquarades the interface
View 2 Replies
View Related
Nov 29, 2009
Does anyone know how to configure Fedora 12 to use netbios over an OpenVPN network
putting
hosts: files wins dns
into the nsswitch.conf file enable netbios over the LAN but not over the VPN.
View 4 Replies
View Related
Jul 5, 2010
how efficient and effective are these snort, argus, ossec etc etc for an organization having 3500 PC Network, connected through 700+ Cisco Devices (Layer 2 and Layer 3), and scattered on 130 different sites (geographically)? what should be the combination of products and what should be the architecture for an efficient forensics activity?
View 2 Replies
View Related
May 17, 2010
I am trying to connect to an OpenVPN connection using the gnome-network manager. I'd like to point out that using the configuration file in /etc/openvpn works perfectly but I have no way of knowing if the connection has dropped. When I set up the connection in the nm it connects for a few seconds then fails. The /var/log/messages file shows this:
May 17 08:31:37 lucid64 kernel: [ 4594.043637] tun0: Disabled Privacy Extensions
View 2 Replies
View Related
Oct 4, 2010
It's been a while since I meant to resolve this emacs-related issue when installing basically any package.
Since I really need network-manager-openvpn, I decided to finally try and ask.
This is a known bug I believe, with no fix if I understand well. My question is: is there a way to go around it (instead of fixing it)
Here it goes : when installing a package (in this case, network-manager-openvpn), emacs gets in the way like this:
Code:
And the package is not installed.
I have already tried uninstalling emacs. Doesn't work...
View 2 Replies
View Related
Feb 22, 2010
We have installed "openVPN" from openSUSE 11.2 repo and "openVPN - webmin module" (GUI).What it needs to be done .. "Road Warriors" need to be able to access websites through openSUSE box sitting in the data center, from remote locations (hotel, coffe shops, wi-fi hot spots,..)We're half way there but it gets stucked somewhere with the IP's
View 6 Replies
View Related
Mar 2, 2010
I use KVpnc and openVPN to connect to my desktop at work from my laptop at home. This works fine, I can reach my desktop at the office from my laptop at home. The only problem is that when the Vpn connection is active I cannot use a browser on my laptop. In fact, I cannot connect to anything outside the office Vpn (like mail, chat etc).
I suspected it had something to do with the DNS servers at the office not being reachable from the Vpn so I added my "regular" DNS servers to the /etc/resolve.conf used when the Vpn is active, I added two lines in total on the form "nameserver <ip-address>". This did not solve the problem. I have searched the KVpn forums without finding anything, and the same goes for the openSUSE forums. Does anybody else experience the same problem?
View 1 Replies
View Related
Jul 6, 2010
after I upgraded my SUSE 11.0 to 11.1 many problemes solved themselves. But now there is a new one.
I use openvpn, which always used to work without problems. After upgrading to SUSE 11.1 there is the error message:
"/etc/openvpn/client-suse.sh: line 7: modify_resolvconf: command not found
Wed Jul 7 00:11:38 2010 script failed: could not execute shell command"
The shell script is as follows:
Code:
#!/bin/sh
UPORDOWN=$1
DEV=$2
case $UPORDOWN in
up)
modify_resolvconf modify -s openvpn -p openvpn -t OpenVPN
[Code]....
View 4 Replies
View Related
