Welcome, Guest. Please login or register.
Did you miss your activation email?
Sunday 24 November 2024, 03:51:40 am

Login with username, password and session length

Visit the Official Endian Reference Manual  HERE
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  VPN Support
| | |-+  Bridged VPN half-works
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Bridged VPN half-works  (Read 9479 times)
maxxer
Full Member
***
Offline Offline

Posts: 13


« on: Thursday 05 November 2009, 04:58:25 am »

Hi.
I've installed my first EFW today, and I love it already.
But I'm having problems with OpenVPN.
I've configured a bridged VPN. The client connects fine, I can ping EFW and other machines on the lan, I can do ssh and other things, but as soon as traffic is above a certain rate the connection (web, ssh) drops.
I.e. I cannot open EFW admin interface: it asks me user/pass, but as soon as I press enter I see a little activity and then stop.
If I do SSH, either on EFW or another machine, it works as long as the output is a  of lines. But if I do something like an ls -l of /var the connection get stuck. In past I had similar problems due to mtu misconfiguration, but I double checked and everything seems ok.
Server config:
Code:
; daemon configuration
daemon
mode server
tls-server
proto udp
port 41194
multihome
user openvpn
group openvpn

cd /var/openvpn
client-config-dir clients

script-security 2 system

; tunnel configuration
dev tap0
server-bridge 192.168.0.1 255.255.255.0 192.168.0.101 192.168.0.110
push "route-gateway 192.168.0.1"

passtos
comp-lzo
management 127.0.0.1 5555
keepalive 8 30

tun-mtu 1500
tun-mtu-extra 32
mssfix 1450

persist-key
persist-tun
persist-local-ip
persist-remote-ip

; logging and status
writepid /var/run/openvpn/openvpn.pid
ifconfig-pool-persist openvpn.leases
status /var/log/openvpn/openvpn-status.log
verb 1

client-connect "/usr/local/bin/dir.d-exec /etc/openvpn/client-connect.d/"
client-disconnect "/usr/local/bin/dir.d-exec /etc/openvpn/client-disconnect.d/"

; certificates and authentication
dh /var/efw/openvpn/dh1024.pem
pkcs12 /var/efw/openvpn/pkcs12.p12

client-cert-not-required
auth-user-pass-verify "/usr/bin/openvpn-auth" via-file
username-as-common-name

client conf:
Code:
client
dev tap
proto udp
remote myremote 41194
resolv-retry infinite
nobind
persist-key
persist-tun
ca /etc/openvpn/my.pem
auth-user-pass /etc/openvpn/my_pass.txt
comp-lzo
verb 3
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450

any help appreciated.
thanks
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.047 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com