Welcome, Guest. Please login or register.
Did you miss your activation email?
Saturday 30 November 2024, 11:20:42 pm

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  VPN Support
| | |-+  EFW Client to Server (HMA)
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: EFW Client to Server (HMA)  (Read 15177 times)
seh2000
Full Member
***
Offline Offline

Posts: 16


« on: Wednesday 07 July 2010, 11:19:29 pm »

Hello all,

Hope to get help here, even that I see many posts with no replies! And sorry for the long post.

I am using an Paid OpenVPN service from a US Provider that allows me not only to have IP address in different locations, but as well make my VoIP better as my ISP don't like SIP services.
I been using clients on my computers (mix of Mac and Windows), but I would very much love to use the OpenVPN feature in EFW.

To test the EFW firewall is not activated to assure nothing blocks.

I am using the Gw2Gw option (assume I do not need to do any configuration of OpenVPM Server nor IPsec) have done the following settings:
Connect to: ...:443 (IP address of the server and the required port #)
Upload Certificate: CA Certificate from the Server (remote)
PKCS#12: blank
User name: my user name (for remote server)
Password: my password (for remote server)
Connection Type: Routed
Bridge to: Green
Block DHCP responses...: Not checked
NAT: Not checked
Protocol: TCP (as per instruction)
HTTP Proxy Config.: Nothing done

The instructions from the provider say:
1. The openvpn port at our end is TCP 443.
2. To connect you need both .crt files - one is CA server certificate and another is client certificate. Also you need to enable user/password authentication (it's "auth-user-pass" config file option).

Here the first issue, where can I add two certificates? I only see one place under Gw2Gw!

Maybe there is a way to do changes to the EFW OpenVPN configuration file? But to do so I need to know where the file is located (I am not a super Linux expert) to edit, etc.

So far when I try to connect I get "connection refused" all the time.
The OpenVPN Log attached where I see the verification of certificate fails, which I assume is because I need to use two certificates or?


Your help is much appreciated!

Steen
Logged
mrkroket
Hero Member
*****
Offline Offline

Posts: 495


« Reply #1 on: Thursday 08 July 2010, 01:17:54 am »

Config files are located in:

/etc/openvpn/
and
/var/efw/openvpn/
Logged
seh2000
Full Member
***
Offline Offline

Posts: 16


« Reply #2 on: Thursday 08 July 2010, 01:56:40 am »

Hello mrkroket!

Appreciated!

Still wonder where to put the two certificates the provider mentioned...ideas?
They also provided me with some .ovpn files...

I forgot to mention that I used version 2.3, see now there is a newer version 2.4 will try to install and see...


Thanks - Steen
Logged
seh2000
Full Member
***
Offline Offline

Posts: 16


« Reply #3 on: Saturday 10 July 2010, 02:02:06 am »

...OK - I finally got 2.4 to work (had issue with a PCMCIA card), but I still fail to get the Gw2Gw to work with the remote OpenVPN server.

The support from the remote OpenVPN server say "Impossibility to put all three certificates may mean that they (Endian) only support connecting Endian-to-Endian devices, and they already have other two certificates bundled." as mentioned initial in my post I have 2 certificates and a key file, but how to get both certificates installed?

Ideas!
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.078 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com