LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   OpenVPN and DNS (http://www.linuxquestions.org/questions/linux-networking-3/openvpn-and-dns-844108/)

ogee 11-13-2010 05:25 PM
OpenVPN and DNS
 
I am running Ubuntu 10.10 and have installed OpenVPN. I am connecting to a service which allows me to get out from behind corporate firewalls and have security in hotspots.

When I run openvpn with the servers .ovpn file it goes through everything and I get an "Initialization Sequence Completed" but when I try to go to a web page it looks for the address but can't find it.

I can ping a numeric IP (xxx.xxx.xxx.xxx) but a named address will not translate. The following is the results that I get :

Code:
robb@WS4313:/etc/openvpn$ sudo openvpn vpn1.ovpn
[sudo] password for robb:
Sat Nov 13 17:05:11 2010 us=606919 Current Parameter Settings:
Sat Nov 13 17:05:11 2010 us=607200  config = 'vpn1.ovpn'
Sat Nov 13 17:05:11 2010 us=607241  mode = 0
Sat Nov 13 17:05:11 2010 us=607275  persist_config = DISABLED
Sat Nov 13 17:05:11 2010 us=607306  persist_mode = 1
Sat Nov 13 17:05:11 2010 us=607515  show_ciphers = DISABLED
Sat Nov 13 17:05:11 2010 us=607547  show_digests = DISABLED
Sat Nov 13 17:05:11 2010 us=607577  show_engines = DISABLED
Sat Nov 13 17:05:11 2010 us=607608  genkey = DISABLED
Sat Nov 13 17:05:11 2010 us=607638  key_pass_file = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=607667  show_tls_ciphers = DISABLED
Sat Nov 13 17:05:11 2010 us=607697 Connection profiles [default]:
Sat Nov 13 17:05:11 2010 us=607729  proto = tcp-client
Sat Nov 13 17:05:11 2010 us=607758  local = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=607788  local_port = 0
Sat Nov 13 17:05:11 2010 us=607818  remote = 'vpn1.cotse.net'
Sat Nov 13 17:05:11 2010 us=607848  remote_port = 443
Sat Nov 13 17:05:11 2010 us=607876  remote_float = DISABLED
Sat Nov 13 17:05:11 2010 us=607905  bind_defined = DISABLED
Sat Nov 13 17:05:11 2010 us=607936  bind_local = DISABLED
Sat Nov 13 17:05:11 2010 us=607966  connect_retry_seconds = 5
Sat Nov 13 17:05:11 2010 us=607995  connect_timeout = 10
Sat Nov 13 17:05:11 2010 us=608025  connect_retry_max = 0
Sat Nov 13 17:05:11 2010 us=608056  socks_proxy_server = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=608085  socks_proxy_port = 0
Sat Nov 13 17:05:11 2010 us=608115  socks_proxy_retry = DISABLED
Sat Nov 13 17:05:11 2010 us=608150 Connection profiles END
Sat Nov 13 17:05:11 2010 us=608181  remote_random = DISABLED
Sat Nov 13 17:05:11 2010 us=608210  ipchange = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=608240  dev = 'tun1'
Sat Nov 13 17:05:11 2010 us=608269  dev_type = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=608299  dev_node = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=608328  lladdr = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=608357  topology = 1
Sat Nov 13 17:05:11 2010 us=608387  tun_ipv6 = DISABLED
Sat Nov 13 17:05:11 2010 us=608417  ifconfig_local = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=608447  ifconfig_remote_netmask = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=608478  ifconfig_noexec = DISABLED
Sat Nov 13 17:05:11 2010 us=608509  ifconfig_nowarn = DISABLED
Sat Nov 13 17:05:11 2010 us=608539  shaper = 0
Sat Nov 13 17:05:11 2010 us=608568  tun_mtu = 1500
Sat Nov 13 17:05:11 2010 us=608598  tun_mtu_defined = ENABLED
Sat Nov 13 17:05:11 2010 us=608628  link_mtu = 1500
Sat Nov 13 17:05:11 2010 us=608658  link_mtu_defined = DISABLED
Sat Nov 13 17:05:11 2010 us=608688  tun_mtu_extra = 0
Sat Nov 13 17:05:11 2010 us=608717  tun_mtu_extra_defined = DISABLED
Sat Nov 13 17:05:11 2010 us=608747  fragment = 0
Sat Nov 13 17:05:11 2010 us=608777  mtu_discover_type = -1
Sat Nov 13 17:05:11 2010 us=608807  mtu_test = 0
Sat Nov 13 17:05:11 2010 us=608839  mlock = DISABLED
Sat Nov 13 17:05:11 2010 us=608869  keepalive_ping = 0
Sat Nov 13 17:05:11 2010 us=608899  keepalive_timeout = 0
Sat Nov 13 17:05:11 2010 us=608928  inactivity_timeout = 0
Sat Nov 13 17:05:11 2010 us=608957  ping_send_timeout = 10
Sat Nov 13 17:05:11 2010 us=608988  ping_rec_timeout = 0
Sat Nov 13 17:05:11 2010 us=609017  ping_rec_timeout_action = 0
Sat Nov 13 17:05:11 2010 us=609046  ping_timer_remote = DISABLED
Sat Nov 13 17:05:11 2010 us=609076  remap_sigusr1 = 0
Sat Nov 13 17:05:11 2010 us=609106  explicit_exit_notification = 0
Sat Nov 13 17:05:11 2010 us=609136  persist_tun = ENABLED
Sat Nov 13 17:05:11 2010 us=609165  persist_local_ip = DISABLED
Sat Nov 13 17:05:11 2010 us=609195  persist_remote_ip = DISABLED
Sat Nov 13 17:05:11 2010 us=609226  persist_key = ENABLED
Sat Nov 13 17:05:11 2010 us=609256  mssfix = 1450
Sat Nov 13 17:05:11 2010 us=609285  passtos = DISABLED
Sat Nov 13 17:05:11 2010 us=609316  resolve_retry_seconds = 1000000000
Sat Nov 13 17:05:11 2010 us=609346  username = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=609375  groupname = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=609405  chroot_dir = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=609434  cd_dir = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=609465  writepid = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=609495  up_script = '/etc/openvpn/update-resolv-conf'
Sat Nov 13 17:05:11 2010 us=609525  down_script = '/etc/openvpn/update-resolv-conf'
Sat Nov 13 17:05:11 2010 us=609556  down_pre = DISABLED
Sat Nov 13 17:05:11 2010 us=609585  up_restart = DISABLED
Sat Nov 13 17:05:11 2010 us=609615  up_delay = DISABLED
Sat Nov 13 17:05:11 2010 us=609646  daemon = DISABLED
Sat Nov 13 17:05:11 2010 us=609675  inetd = 0
Sat Nov 13 17:05:11 2010 us=609705  log = DISABLED
Sat Nov 13 17:05:11 2010 us=609735  suppress_timestamps = DISABLED
Sat Nov 13 17:05:11 2010 us=609765  nice = 0
Sat Nov 13 17:05:11 2010 us=609794  verbosity = 4
Sat Nov 13 17:05:11 2010 us=609824  mute = 0
Sat Nov 13 17:05:11 2010 us=609854  gremlin = 0
Sat Nov 13 17:05:11 2010 us=609883  status_file = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=609912  status_file_version = 1
Sat Nov 13 17:05:11 2010 us=609942  status_file_update_freq = 60
Sat Nov 13 17:05:11 2010 us=609982  occ = ENABLED
Sat Nov 13 17:05:11 2010 us=610014  rcvbuf = 65536
Sat Nov 13 17:05:11 2010 us=610043  sndbuf = 65536
Sat Nov 13 17:05:11 2010 us=610072  sockflags = 0
Sat Nov 13 17:05:11 2010 us=610101  fast_io = DISABLED
Sat Nov 13 17:05:11 2010 us=610132  lzo = 7
Sat Nov 13 17:05:11 2010 us=610163  route_script = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=610192  route_default_gateway = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=610222  route_default_metric = 0
Sat Nov 13 17:05:11 2010 us=610253  route_noexec = DISABLED
Sat Nov 13 17:05:11 2010 us=610282  route_delay = 0
Sat Nov 13 17:05:11 2010 us=610311  route_delay_window = 30
Sat Nov 13 17:05:11 2010 us=610340  route_delay_defined = DISABLED
Sat Nov 13 17:05:11 2010 us=610370  route_nopull = DISABLED
Sat Nov 13 17:05:11 2010 us=610399  route_gateway_via_dhcp = DISABLED
Sat Nov 13 17:05:11 2010 us=610429  max_routes = 100
Sat Nov 13 17:05:11 2010 us=610460  allow_pull_fqdn = DISABLED
Sat Nov 13 17:05:11 2010 us=610490  management_addr = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=610519  management_port = 0
Sat Nov 13 17:05:11 2010 us=610549  management_user_pass = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=610580  management_log_history_cache = 250
Sat Nov 13 17:05:11 2010 us=610609  management_echo_buffer_size = 100
Sat Nov 13 17:05:11 2010 us=610640  management_write_peer_info_file = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=610670  management_client_user = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=610699  management_client_group = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=610729  management_flags = 0
Sat Nov 13 17:05:11 2010 us=610759  shared_secret_file = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=610789  key_direction = 2
Sat Nov 13 17:05:11 2010 us=610818  ciphername_defined = ENABLED
Sat Nov 13 17:05:11 2010 us=610847  ciphername = 'BF-CBC'
Sat Nov 13 17:05:11 2010 us=613073  authname_defined = ENABLED
Sat Nov 13 17:05:11 2010 us=613111  authname = 'SHA1'
Sat Nov 13 17:05:11 2010 us=613142  prng_hash = 'SHA1'
Sat Nov 13 17:05:11 2010 us=613171  prng_nonce_secret_len = 16
Sat Nov 13 17:05:11 2010 us=613202  keysize = 0
Sat Nov 13 17:05:11 2010 us=613232  engine = DISABLED
Sat Nov 13 17:05:11 2010 us=613261  replay = ENABLED
Sat Nov 13 17:05:11 2010 us=613291  mute_replay_warnings = DISABLED
Sat Nov 13 17:05:11 2010 us=613321  replay_window = 64
Sat Nov 13 17:05:11 2010 us=613351  replay_time = 15
Sat Nov 13 17:05:11 2010 us=613381  packet_id_file = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=613411  use_iv = ENABLED
Sat Nov 13 17:05:11 2010 us=613441  test_crypto = DISABLED
Sat Nov 13 17:05:11 2010 us=613470  tls_server = DISABLED
Sat Nov 13 17:05:11 2010 us=613500  tls_client = ENABLED
Sat Nov 13 17:05:11 2010 us=613530  key_method = 2
Sat Nov 13 17:05:11 2010 us=613562  ca_file = 'ca.crt'
Sat Nov 13 17:05:11 2010 us=613593  ca_path = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=613623  dh_file = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=613652  cert_file = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=613681  priv_key_file = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=613710  pkcs12_file = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=613739  cipher_list = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=613768  tls_verify = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=613798  tls_remote = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=613827  crl_file = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=613856  ns_cert_type = 64
Sat Nov 13 17:05:11 2010 us=613885  remote_cert_ku[i] = 0
Sat Nov 13 17:05:11 2010 us=613914  remote_cert_ku[i] = 0
Sat Nov 13 17:05:11 2010 us=613943  remote_cert_ku[i] = 0
Sat Nov 13 17:05:11 2010 us=613972  remote_cert_ku[i] = 0
Sat Nov 13 17:05:11 2010 us=614000  remote_cert_ku[i] = 0
Sat Nov 13 17:05:11 2010 us=614029  remote_cert_ku[i] = 0
Sat Nov 13 17:05:11 2010 us=614058  remote_cert_ku[i] = 0
Sat Nov 13 17:05:11 2010 us=614086  remote_cert_ku[i] = 0
Sat Nov 13 17:05:11 2010 us=614115  remote_cert_ku[i] = 0
Sat Nov 13 17:05:11 2010 us=614144  remote_cert_ku[i] = 0
Sat Nov 13 17:05:11 2010 us=614173  remote_cert_ku[i] = 0
Sat Nov 13 17:05:11 2010 us=614201  remote_cert_ku[i] = 0
Sat Nov 13 17:05:11 2010 us=614231  remote_cert_ku[i] = 0
Sat Nov 13 17:05:11 2010 us=614260  remote_cert_ku[i] = 0
Sat Nov 13 17:05:11 2010 us=614289  remote_cert_ku[i] = 0
Sat Nov 13 17:05:11 2010 us=614318  remote_cert_ku[i] = 0
Sat Nov 13 17:05:11 2010 us=614347  remote_cert_eku = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=614378  tls_timeout = 2
Sat Nov 13 17:05:11 2010 us=614406  renegotiate_bytes = 0
Sat Nov 13 17:05:11 2010 us=614435  renegotiate_packets = 0
Sat Nov 13 17:05:11 2010 us=614464  renegotiate_seconds = 3600
Sat Nov 13 17:05:11 2010 us=614494  handshake_window = 60
Sat Nov 13 17:05:11 2010 us=614523  transition_window = 3600
Sat Nov 13 17:05:11 2010 us=614553  single_session = DISABLED
Sat Nov 13 17:05:11 2010 us=614582  tls_exit = ENABLED
Sat Nov 13 17:05:11 2010 us=614611  tls_auth_file = 'ta.key'
Sat Nov 13 17:05:11 2010 us=614641  pkcs11_protected_authentication = DISABLED
Sat Nov 13 17:05:11 2010 us=614671  pkcs11_protected_authentication = DISABLED
Sat Nov 13 17:05:11 2010 us=614700  pkcs11_protected_authentication = DISABLED
Sat Nov 13 17:05:11 2010 us=614729  pkcs11_protected_authentication = DISABLED
Sat Nov 13 17:05:11 2010 us=614759  pkcs11_protected_authentication = DISABLED
Sat Nov 13 17:05:11 2010 us=614788  pkcs11_protected_authentication = DISABLED
Sat Nov 13 17:05:11 2010 us=614817  pkcs11_protected_authentication = DISABLED
Sat Nov 13 17:05:11 2010 us=614846  pkcs11_protected_authentication = DISABLED
Sat Nov 13 17:05:11 2010 us=614876  pkcs11_protected_authentication = DISABLED
Sat Nov 13 17:05:11 2010 us=614905  pkcs11_protected_authentication = DISABLED
Sat Nov 13 17:05:11 2010 us=614934  pkcs11_protected_authentication = DISABLED
Sat Nov 13 17:05:11 2010 us=614964  pkcs11_protected_authentication = DISABLED
Sat Nov 13 17:05:11 2010 us=614994  pkcs11_protected_authentication = DISABLED
Sat Nov 13 17:05:11 2010 us=615023  pkcs11_protected_authentication = DISABLED
Sat Nov 13 17:05:11 2010 us=615052  pkcs11_protected_authentication = DISABLED
Sat Nov 13 17:05:11 2010 us=615082  pkcs11_protected_authentication = DISABLED
Sat Nov 13 17:05:11 2010 us=615114  pkcs11_private_mode = 00000000
Sat Nov 13 17:05:11 2010 us=615144  pkcs11_private_mode = 00000000
Sat Nov 13 17:05:11 2010 us=615174  pkcs11_private_mode = 00000000
Sat Nov 13 17:05:11 2010 us=615204  pkcs11_private_mode = 00000000
Sat Nov 13 17:05:11 2010 us=615234  pkcs11_private_mode = 00000000
Sat Nov 13 17:05:11 2010 us=615263  pkcs11_private_mode = 00000000
Sat Nov 13 17:05:11 2010 us=615293  pkcs11_private_mode = 00000000
Sat Nov 13 17:05:11 2010 us=615322  pkcs11_private_mode = 00000000
Sat Nov 13 17:05:11 2010 us=615351  pkcs11_private_mode = 00000000
Sat Nov 13 17:05:11 2010 us=615381  pkcs11_private_mode = 00000000
Sat Nov 13 17:05:11 2010 us=615410  pkcs11_private_mode = 00000000
Sat Nov 13 17:05:11 2010 us=615439  pkcs11_private_mode = 00000000
Sat Nov 13 17:05:11 2010 us=615469  pkcs11_private_mode = 00000000
Sat Nov 13 17:05:11 2010 us=615498  pkcs11_private_mode = 00000000
Sat Nov 13 17:05:11 2010 us=615527  pkcs11_private_mode = 00000000
Sat Nov 13 17:05:11 2010 us=615556  pkcs11_private_mode = 00000000
Sat Nov 13 17:05:11 2010 us=615585  pkcs11_cert_private = DISABLED
Sat Nov 13 17:05:11 2010 us=615614  pkcs11_cert_private = DISABLED
Sat Nov 13 17:05:11 2010 us=615643  pkcs11_cert_private = DISABLED
Sat Nov 13 17:05:11 2010 us=615672  pkcs11_cert_private = DISABLED
Sat Nov 13 17:05:11 2010 us=615701  pkcs11_cert_private = DISABLED
Sat Nov 13 17:05:11 2010 us=615730  pkcs11_cert_private = DISABLED
Sat Nov 13 17:05:11 2010 us=615758  pkcs11_cert_private = DISABLED
Sat Nov 13 17:05:11 2010 us=615788  pkcs11_cert_private = DISABLED
Sat Nov 13 17:05:11 2010 us=615816  pkcs11_cert_private = DISABLED
Sat Nov 13 17:05:11 2010 us=615845  pkcs11_cert_private = DISABLED
Sat Nov 13 17:05:11 2010 us=615874  pkcs11_cert_private = DISABLED
Sat Nov 13 17:05:11 2010 us=615903  pkcs11_cert_private = DISABLED
Sat Nov 13 17:05:11 2010 us=615932  pkcs11_cert_private = DISABLED
Sat Nov 13 17:05:11 2010 us=615961  pkcs11_cert_private = DISABLED
Sat Nov 13 17:05:11 2010 us=615989  pkcs11_cert_private = DISABLED
Sat Nov 13 17:05:11 2010 us=616018  pkcs11_cert_private = DISABLED
Sat Nov 13 17:05:11 2010 us=616048  pkcs11_pin_cache_period = -1
Sat Nov 13 17:05:11 2010 us=616077  pkcs11_id = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=616106  pkcs11_id_management = DISABLED
Sat Nov 13 17:05:11 2010 us=616169  server_network = 0.0.0.0
Sat Nov 13 17:05:11 2010 us=616203  server_netmask = 0.0.0.0
Sat Nov 13 17:05:11 2010 us=616235  server_bridge_ip = 0.0.0.0
Sat Nov 13 17:05:11 2010 us=642721  server_bridge_netmask = 0.0.0.0
Sat Nov 13 17:05:11 2010 us=642818  server_bridge_pool_start = 0.0.0.0
Sat Nov 13 17:05:11 2010 us=642855  server_bridge_pool_end = 0.0.0.0
Sat Nov 13 17:05:11 2010 us=642889  ifconfig_pool_defined = DISABLED
Sat Nov 13 17:05:11 2010 us=642923  ifconfig_pool_start = 0.0.0.0
Sat Nov 13 17:05:11 2010 us=642956  ifconfig_pool_end = 0.0.0.0
Sat Nov 13 17:05:11 2010 us=642992  ifconfig_pool_netmask = 0.0.0.0
Sat Nov 13 17:05:11 2010 us=643022  ifconfig_pool_persist_filename = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=643052  ifconfig_pool_persist_refresh_freq = 600
Sat Nov 13 17:05:11 2010 us=643082  n_bcast_buf = 256
Sat Nov 13 17:05:11 2010 us=643112  tcp_queue_limit = 64
Sat Nov 13 17:05:11 2010 us=643141  real_hash_size = 256
Sat Nov 13 17:05:11 2010 us=643169  virtual_hash_size = 256
Sat Nov 13 17:05:11 2010 us=643198  client_connect_script = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=643228  learn_address_script = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=643257  client_disconnect_script = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=643286  client_config_dir = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=643316  ccd_exclusive = DISABLED
Sat Nov 13 17:05:11 2010 us=643345  tmp_dir = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=643374  push_ifconfig_defined = DISABLED
Sat Nov 13 17:05:11 2010 us=643408  push_ifconfig_local = 0.0.0.0
Sat Nov 13 17:05:11 2010 us=643442  push_ifconfig_remote_netmask = 0.0.0.0
Sat Nov 13 17:05:11 2010 us=643473  enable_c2c = DISABLED
Sat Nov 13 17:05:11 2010 us=643501  duplicate_cn = DISABLED
Sat Nov 13 17:05:11 2010 us=643530  cf_max = 0
Sat Nov 13 17:05:11 2010 us=643558  cf_per = 0
Sat Nov 13 17:05:11 2010 us=643588  max_clients = 1024
Sat Nov 13 17:05:11 2010 us=643617  max_routes_per_client = 256
Sat Nov 13 17:05:11 2010 us=643646  auth_user_pass_verify_script = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=643676  auth_user_pass_verify_script_via_file = DISABLED
Sat Nov 13 17:05:11 2010 us=643706  ssl_flags = 0
Sat Nov 13 17:05:11 2010 us=643735  port_share_host = '[UNDEF]'
Sat Nov 13 17:05:11 2010 us=643764  port_share_port = 0
Sat Nov 13 17:05:11 2010 us=643794  client = ENABLED
Sat Nov 13 17:05:11 2010 us=643822  pull = ENABLED
Sat Nov 13 17:05:11 2010 us=643851  auth_user_pass_file = 'up'
Sat Nov 13 17:05:11 2010 us=643894 OpenVPN 2.1.0 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 12 2010
Sat Nov 13 17:05:11 2010 us=644109 WARNING: file 'up' is group or others accessible
Sat Nov 13 17:05:11 2010 us=644471 WARNING: --ping should normally be used with --ping-restart or --ping-exit
Sat Nov 13 17:05:11 2010 us=644513 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sat Nov 13 17:05:11 2010 us=646520 WARNING: file 'ta.key' is group or others accessible
Sat Nov 13 17:05:11 2010 us=646570 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Sat Nov 13 17:05:11 2010 us=646642 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Nov 13 17:05:11 2010 us=646682 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Nov 13 17:05:11 2010 us=646762 LZO compression initialized
Sat Nov 13 17:05:11 2010 us=646990 Control Channel MTU parms [ L:1544 D:168 EF:68 EB:0 ET:0 EL:0 ]
Sat Nov 13 17:05:11 2010 us=826942 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Nov 13 17:05:11 2010 us=827009 Local Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Sat Nov 13 17:05:11 2010 us=827025 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,keydir 0,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Sat Nov 13 17:05:11 2010 us=827061 Local Options hash (VER=V4): 'ee93268d'
Sat Nov 13 17:05:11 2010 us=827090 Expected Remote Options hash (VER=V4): 'bd577cd1'
Sat Nov 13 17:05:11 2010 us=827133 Attempting to establish TCP connection with [AF_INET]208.53.131.110:443 [nonblock]
Sat Nov 13 17:05:12 2010 us=827391 TCP connection established with [AF_INET]208.53.131.110:443
Sat Nov 13 17:05:12 2010 us=827506 Socket Buffers: R=[87380->131072] S=[16384->131072]
Sat Nov 13 17:05:12 2010 us=827550 TCPv4_CLIENT link local: [undef]
Sat Nov 13 17:05:12 2010 us=827588 TCPv4_CLIENT link remote: [AF_INET]208.53.131.110:443
Sat Nov 13 17:05:12 2010 us=868865 TLS: Initial packet from [AF_INET]208.53.131.110:443, sid=910d54dc 547ebfa3
Sat Nov 13 17:05:12 2010 us=869274 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sat Nov 13 17:05:13 2010 us=603797 VERIFY OK: depth=1, /C=US/ST=MA/L=Worcester/O=Packetderm_LLC/CN=vpn2.cotse.net/emailAddress=helpdesk@cotse.net
Sat Nov 13 17:05:13 2010 us=604373 VERIFY OK: nsCertType=SERVER
Sat Nov 13 17:05:13 2010 us=604408 VERIFY OK: depth=0, /C=US/ST=MA/O=Packetderm_LLC/CN=vpn1.cotse.net/emailAddress=helpdesk@cotse.net
Sat Nov 13 17:05:14 2010 us=154566 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Nov 13 17:05:14 2010 us=154675 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Nov 13 17:05:14 2010 us=154842 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Nov 13 17:05:14 2010 us=154880 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Nov 13 17:05:14 2010 us=155067 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sat Nov 13 17:05:14 2010 us=155149 [vpn1.cotse.net] Peer Connection Initiated with [AF_INET]208.53.131.110:443
Sat Nov 13 17:05:16 2010 us=678011 SENT CONTROL [vpn1.cotse.net]: 'PUSH_REQUEST' (status=1)
Sat Nov 13 17:05:16 2010 us=804043 PUSH: Received control message: 'PUSH_REPLY,route 10.10.11.0 255.255.255.0,dhcp-option DNS 208.53.131.111,dhcp-option DNS 208.53.131.243,redirect-gateway def1,route-gateway 10.10.11.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.10.11.220 255.255.255.0'
Sat Nov 13 17:05:16 2010 us=804417 OPTIONS IMPORT: timers and/or timeouts modified
Sat Nov 13 17:05:16 2010 us=804453 OPTIONS IMPORT: --ifconfig/up options modified
Sat Nov 13 17:05:16 2010 us=804481 OPTIONS IMPORT: route options modified
Sat Nov 13 17:05:16 2010 us=804507 OPTIONS IMPORT: route-related options modified
Sat Nov 13 17:05:16 2010 us=804533 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sat Nov 13 17:05:16 2010 us=805064 ROUTE default_gateway=192.168.1.1
Sat Nov 13 17:05:16 2010 us=807052 TUN/TAP device tun1 opened
Sat Nov 13 17:05:16 2010 us=807149 TUN/TAP TX queue length set to 100
Sat Nov 13 17:05:16 2010 us=807281 /sbin/ifconfig tun1 10.10.11.220 netmask 255.255.255.0 mtu 1500 broadcast 10.10.11.255
Sat Nov 13 17:05:16 2010 us=827335 /etc/openvpn/update-resolv-conf tun1 1500 1544 10.10.11.220 255.255.255.0 init
Sat Nov 13 17:05:16 2010 us=841748 /sbin/route add -net 208.53.131.110 netmask 255.255.255.255 gw 192.168.1.1
Sat Nov 13 17:05:16 2010 us=858253 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.10.11.1
Sat Nov 13 17:05:16 2010 us=868521 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.10.11.1
Sat Nov 13 17:05:16 2010 us=882465 /sbin/route add -net 10.10.11.0 netmask 255.255.255.0 gw 10.10.11.1
Sat Nov 13 17:05:16 2010 us=893023 Initialization Sequence Completed
Any ideas would be appreciated.

Thanks

Robb

quanta 11-14-2010 10:57 AM
Quote:
Sat Nov 13 17:05:16 2010 us=804043 PUSH: Received control message: 'PUSH_REPLY,route 10.10.11.0 255.255.255.0,dhcp-option DNS 208.53.131.111,dhcp-option DNS 208.53.131.243,redirect-gateway def1,route-gateway 10.10.11.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.10.11.220 255.255.255.0'
Seen from the above, the OpenVPN server push DNS to clients. Did you check your /etc/resolv.conf to make sure whether it had been updated or not?

ogee 11-14-2010 04:49 PM
quanta,
I just checked my resolv.conf and noted that it was modified this morning when I tried Openvpn from home. I works now from home but the trick will be to see if it works when I get back to work and need to get our from behind a firewall. My /etc/resolv.conf file looks like this:

# Generated by NetworkManager
nameserver 208.67.222.222
nameserver 208.67.220.220
nameserver 64.91.89.2

Thanks for your reply,
Robb

jschiwal 11-15-2010 09:26 AM
Questions involving evading your corporate firewall policies are against LQ rules. Configuring openvpn so you can use your home Internet connection to safely use a wifi hotspot would be OK. It sounds like that part has been resolved. If you need further help with configuring openvpn to use your own home Internet connection to browse safely from wifi hotspots, feel free to start another thread about that legit topic.

This thread is being closed.


All times are GMT -5. The time now is 02:38 PM.