Welcome, Guest. Please login or register.
Did you miss your activation email?
Monday 09 December 2024, 10:38:55 pm

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  VPN Support
| | |-+  OpenVPN is not started
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: OpenVPN is not started  (Read 13507 times)
baselbj
Jr. Member
*
Offline Offline

Posts: 2


« on: Saturday 12 December 2015, 10:14:17 pm »

Hi,

I am new to EFW world and while I am trying to configure efw openvpn to accept LDAP login I think I made something wrong with openvpn configuration. I can't see any log information that shows me if the openvpn is working and using the check port tools give me that the port is closed.

My server config:

; daemon configuration for server default (1_0) server #1
daemon
mode server
tls-server
proto tcp
port 1194
tmp-dir /var/tmp
multihome
user openvpn
group openvpn

cd /var/openvpn
; client-config-dir clients

script-security 3
multihome
user openvpn
group openvpn

cd /var/openvpn
; client-config-dir clients

script-security 3

; tunnel configuration

dev tap0
; bridge to GREEN
server-bridge 192.168.1.4 255.255.255.0 192.168.1.150 192.168.1.155
push "route-gateway 192.168.1.4"

; push VPN network splitted

; push global networks
push "route 192.168.1.0 255.255.255.0"

passtos
comp-lzo
management 127.0.0.1 5555
keepalive 5 30

tun-mtu 1500
tun-mtu-extra 32
mssfix 1450

persist-key
persist-tun
persist-local-ip
persist-remote-ip

bcast-buffers 4096

; logging and status
writepid /var/run/openvpn/openvpn.1.pid
ifconfig-pool-persist openvpn.1.leases
status /tmp/openvpn-status.1.log 30
status-version 2
verb 1
client-connect "/usr/local/bin/openvpn-client-connect"
client-disconnect "/usr/local/bin/openvpn-client-disconnect"

up "/usr/local/bin/dir.d-exec /etc/openvpn/ifup.server.d/"
down "/usr/local/bin/dir.d-exec /etc/openvpn/ifdown.server.d/"

; certificates and authentication

dh /var/efw/openvpn/dh1024.pem
cert "/var/efw/vpn/ca/certs/192.168.0.4cert.pem"
key "/var/efw/vpn/ca/certs/192.168.0.4key.pem"
duplicate-cn

client-cert-not-required
auth-user-pass-verify "/usr/bin/openvpn-auth-user-pass" via-env
username-as-common-name
client-to-client   


Settings:
AUTHENTICATION_STACK=ldap,local
CA_FILENAME=cacert.pem
CERT_FILENAME=192.168.0.4cert.pem
LDAP_BIND_DN=cn=Administrator,cn=Users,dc=sham,dc=com
LDAP_BIND_PASSWORD=1111
LDAP_FILTER=(&(objectCategory=person)(objectClass=user)(sAMAccountName=%(u)s))
LDAP_URI=ldap://192.168.1.2
LDAP_USER_BASEDN=cn=Users,dc=sham,dc=com
OPENVPN_ENABLED=on
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.047 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com