|
Title: vpn wtih endian v2.4 Post by: ty628659 on Monday 23 August 2010, 06:28:45 am Hi, everyone
I just download version 2.4 and try to installed everything worked, excite OpenVpn , and download the windows client from openvpn.net then install on Windows XP Pro with sp3 system on client PC always said : The connection timed out. on same network my webserver working fine. VPN Firewall: Enable or Disable (Both) has same issue. Need help on this. Thanks. OpenVPN Configuration: OpenVPN Server Tab Server configuration: OpenVPN server enabled: (Check), Dynamic IP pool start address:192.168.1.30, Dynamic IP pool end address:192.168.1.39 Account information: Username: DEMO Password:XXXXXXXX Verify password:XXXXXXXX Client routing: Direct all client traffic through the VPN server: Enable Don't push any routes to client: Enable Advanced settings: Port: 1194 Block DHCP responses coming from tunnel: Disable Protocol: UDP Don't block traffic between clients: Enable OPENVNP log: Quote OpenVPN 2010-08-22 09:46:27 openvpn[6528]: SIGTERM[hard,] received, process exiting OpenVPN 2010-08-22 09:46:28 openvpn[6607]: OpenVPN 2.1_rc15 i586-pc-linux [SSL] [LZO2] [EPOLL] built on Aug 11 2009 OpenVPN 2010-08-22 09:46:28 openvpn[6607]: NOTE: when bridging your LAN adapter with the TAP adapter, note that the new bridge adapter will often take on its own IP address that is different from what the LAN adapter was previously set to OpenVPN 2010-08-22 09:46:28 openvpn[6607]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts OpenVPN 2010-08-22 09:46:28 openvpn[6607]: NOTE: --script-security method="system" is deprecated due to the fact that passed parameters will be subject to shell expansion OpenVPN 2010-08-22 09:46:28 openvpn[6607]: WARNING: file "/var/efw/openvpn/pkcs12.p12" is group or others accessible OpenVPN 2010-08-22 09:46:28 openvpn[6607]: WARNING: POTENTIALLY DANGEROUS OPTION --client-cert-not-required may accept clients which do not present a certificate OpenVPN 2010-08-22 09:46:28 openvpn[6607]: TUN/TAP device tap0 opened OpenVPN 2010-08-22 09:46:28 openvpn[6609]: GID set to openvpn OpenVPN 2010-08-22 09:46:28 openvpn[6609]: UID set to openvpn OpenVPN 2010-08-22 09:46:28 openvpn[6609]: UDPv4 link local (bound): [undef]:1194 OpenVPN 2010-08-22 09:46:28 openvpn[6609]: UDPv4 link remote: [undef] OpenVPN 2010-08-22 09:46:28 openvpn[6609]: Initialization Sequence Completed OpenVPN 2010-08-22 10:13:14 openvpn[6609]: event_wait : Interrupted system call (code=4) OpenVPN 2010-08-22 10:13:14 openvpn[6609]: SIGTERM[hard,] received, process exiting OpenVPN 2010-08-22 10:15:15 openvpn[4550]: OpenVPN 2.1_rc15 i586-pc-linux [SSL] [LZO2] [EPOLL] built on Aug 11 2009 OpenVPN 2010-08-22 10:15:15 openvpn[4550]: NOTE: when bridging your LAN adapter with the TAP adapter, note that the new bridge adapter will often take on its own IP address that is different from what the LAN adapter was previously set to OpenVPN 2010-08-22 10:15:15 openvpn[4550]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts OpenVPN 2010-08-22 10:15:15 openvpn[4550]: NOTE: --script-security method="system" is deprecated due to the fact that passed parameters will be subject to shell expansion OpenVPN 2010-08-22 10:15:16 openvpn[4550]: WARNING: file "/var/efw/openvpn/pkcs12.p12" is group or others accessible OpenVPN 2010-08-22 10:15:16 openvpn[4550]: WARNING: POTENTIALLY DANGEROUS OPTION --client-cert-not-required may accept clients which do not present a certificate OpenVPN 2010-08-22 10:15:16 openvpn[4550]: TUN/TAP device tap0 opened OpenVPN 2010-08-22 10:15:16 openvpn[4574]: GID set to openvpn OpenVPN 2010-08-22 10:15:16 openvpn[4574]: UID set to openvpn OpenVPN 2010-08-22 10:15:16 openvpn[4574]: UDPv4 link local (bound): [undef]:1194 OpenVPN 2010-08-22 10:15:16 openvpn[4574]: UDPv4 link remote: [undef] OpenVPN 2010-08-22 10:15:16 openvpn[4574]: Initialization Sequence Completed OpenVPN 2010-08-22 11:41:18 openvpn[4574]: event_wait : Interrupted system call (code=4) OpenVPN 2010-08-22 11:41:18 openvpn[4574]: OpenVPN CLIENT LIST OpenVPN 2010-08-22 11:41:18 openvpn[4574]: Updated,Sun Aug 22 11:41:18 2010 OpenVPN 2010-08-22 11:41:18 openvpn[4574]: Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since OpenVPN 2010-08-22 11:41:18 openvpn[4574]: ROUTING TABLE OpenVPN 2010-08-22 11:41:18 openvpn[4574]: Virtual Address,Common Name,Real Address,Last Ref OpenVPN 2010-08-22 11:41:18 openvpn[4574]: GLOBAL STATS OpenVPN 2010-08-22 11:41:18 openvpn[4574]: Max bcast/mcast queue length,0 OpenVPN 2010-08-22 11:41:18 openvpn[4574]: END OpenVPN 2010-08-22 11:41:18 openvpn[4574]: event_wait : Interrupted system call (code=4) OpenVPN 2010-08-22 11:41:18 openvpn[4574]: SIGTERM[hard,] received, process exiting OpenVPN 2010-08-22 11:41:18 openvpn[18213]: OpenVPN 2.1_rc15 i586-pc-linux [SSL] [LZO2] [EPOLL] built on Aug 11 2009 OpenVPN 2010-08-22 11:41:18 openvpn[18213]: NOTE: when bridging your LAN adapter with the TAP adapter, note that the new bridge adapter will often take on its own IP address that is different from what the LAN adapter was previously set to OpenVPN 2010-08-22 11:41:18 openvpn[18213]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts OpenVPN 2010-08-22 11:41:18 openvpn[18213]: NOTE: --script-security method="system" is deprecated due to the fact that passed parameters will be subject to shell expansion OpenVPN 2010-08-22 11:41:19 openvpn[18213]: WARNING: file "/var/efw/openvpn/pkcs12.p12" is group or others accessible OpenVPN 2010-08-22 11:41:19 openvpn[18213]: WARNING: POTENTIALLY DANGEROUS OPTION --client-cert-not-required may accept clients which do not present a certificate OpenVPN 2010-08-22 11:41:19 openvpn[18213]: TUN/TAP device tap0 opened OpenVPN 2010-08-22 11:41:19 openvpn[18215]: GID set to openvpn OpenVPN 2010-08-22 11:41:19 openvpn[18215]: UID set to openvpn OpenVPN 2010-08-22 11:41:19 openvpn[18215]: UDPv4 link local (bound): [undef]:1194 OpenVPN 2010-08-22 11:41:19 openvpn[18215]: UDPv4 link remote: [undef] OpenVPN 2010-08-22 11:41:19 openvpn[18215]: Initialization Sequence Completed Title: Re: vpn wtih endian v2.4 Post by: llysty on Thursday 16 September 2010, 09:30:43 pm Someone may offer up something else but note the "Don't push any routes to client: Enable"
I would have thought that your problem could be due to no return route from the lan and would suggest pushing routes to client (particularly if using windows/ad) Title: Re: vpn wtih endian v2.4 Post by: e-telligent on Thursday 23 September 2010, 11:29:56 pm Hi,
add this in your sudoers: openvpn ALL=NOPASSWD: /usr/local/bin/remoteroute.py |