Welcome, Guest. Please login or register.
Did you miss your activation email?
Saturday 30 November 2024, 04:48:46 pm

Login with username, password and session length

CLICK HERE for the The official Endian Roadmap and Issue tracker
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  VPN Support
| | |-+  [GW2GW] Please help: OpenVPN with static key via TUN & no certs
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: [GW2GW] Please help: OpenVPN with static key via TUN & no certs  (Read 13201 times)
blackironcastle
Jr. Member
*
Offline Offline

Posts: 2


« on: Tuesday 19 June 2012, 09:00:43 pm »

Hello everybody, nice to meet you!

First post, and I'm already asking for help.  Wink

I've replaced an aging machine with Endian (2.5.1). I'm rather happy with the setup - the firewall and content filter are working well.

Problem is, I am having trouble to recreate the OpenVPN setup we had estabilished on the previous machine - a simple Net-to-Net (Gw2Gw) affair, relying uniquely on a secret pre-shared key.

We were also using TUN to connect the opposite end. And this is where the problem starts, ladies and gents...

While I wish I could push for an Endian-to-Endian solution, with certificates and increased security, this isn't currently the case (a pity, as I'd rather like to do it "the Endian way").

Anyhow, my idea is to bring up the tunnel via the command line, invoking a custom OpenVPN config file.
So far, I've obtained minimal results - the tun0 interface comes up but no traffic comes through it (note: the script starts up, but I cannot return to the command line - I have to invoke another SSH prompt, which might point out something is wrong / incomplete).

EDIT (June 26 2012): of course the window locked up - I forgot to start up the whole thing as a daemon.

I've already enabled IP forwarding and added rules for tun0 in iptables, but I'd like to hear your opinion on the matter. There is certainly more I can do (I'm looking up whether the block happens someplace else), but I'd like to play it as safe as possible.

Thanks in advance for your help and suggestions! Let me know whether I should post more details (e.g., firewall rules and/or code).

-- Black.
Logged
blackironcastle
Jr. Member
*
Offline Offline

Posts: 2


« Reply #1 on: Tuesday 26 June 2012, 05:27:31 pm »

Bump, sorry.

Any ideas, clues, suggestions?... Anybody with past experience about this issue?

My script starts up, but so far no luck in getting through the tunnel.

I'd really like to get the ball rolling on this one.

Thanks again!
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.063 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com