LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 11-19-2012, 04:45 AM   #1
borivoje83
LQ Newbie
 
Registered: Nov 2012
Posts: 1

Rep: Reputation: Disabled
Smile OpenVPN connection through a proxy server


I am trying to connect to OpenVPN server via proxy.

So regarding my system for vpn I have the following: home network which is on 192.168.1.0 subnet. I DON'T HAVE server on my router (Which is some TPLINK). I am running the openvpn server form one of my "clients" on the local network namely desktop which runs Kubuntu. I am accessing this home network with Acer netbook. The connection can be ppp0 (3G modem) or the network at my office at the univerisity where, in order to "get out" to the internet, you must set up a proxy.

Meanwhile I ran into this

http://askubuntu.com/questions/35647...unsecured-hots

I went on to set up the configs as described in this post on askubuntu.

The present state:

I have set up certificates and keys successfully.
I try to connect from my office via proxy:

Code:
borivoje@borivoje-AOD270 /etc/openvpn $ sudo openvpn client.conf
[sudo] password for borivoje: 
Mon Nov 19 10:06:43 2012 OpenVPN 2.2.1 i686-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Mar 30 2012
Mon Nov 19 10:06:43 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Nov 19 10:06:43 2012 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Mon Nov 19 10:06:43 2012 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Nov 19 10:06:43 2012 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Nov 19 10:06:43 2012 LZO compression initialized
Mon Nov 19 10:06:43 2012 Control Channel MTU parms [ L:1576 D:168 EF:68 EB:0 ET:0 EL:0 ]
Mon Nov 19 10:06:43 2012 Socket Buffers: R=[87380->131072] S=[16384->131072]
Mon Nov 19 10:06:43 2012 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Mon Nov 19 10:06:43 2012 Local Options hash (VER=V4): 'e39a3273'
Mon Nov 19 10:06:43 2012 Expected Remote Options hash (VER=V4): '3c14feac'
Mon Nov 19 10:06:43 2012 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Mon Nov 19 10:06:43 2012 Attempting to establish TCP connection with [AF_INET]147.x.x.x:8080 [nonblock]
Mon Nov 19 10:06:44 2012 TCP connection established with [AF_INET]147.x.x.x:8080
Mon Nov 19 10:06:44 2012 Send to HTTP proxy: 'CONNECT 188.x.x.x:443 HTTP/1.0'
Mon Nov 19 10:06:49 2012 recv_line: TCP port read timeout expired: Operation now in progress (errno=115)
Mon Nov 19 10:06:49 2012 TCP/UDP: Closing socket
Mon Nov 19 10:06:49 2012 SIGUSR1[soft,init_instance] received, process restarting
Mon Nov 19 10:06:49 2012 Restart pause, 5 second(s)
My server.conf

Code:
proto tcp
dev tap
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1"
ifconfig-pool-persist ipp.txt
keepalive 60 300
tls-auth ta.key 0
# Compress data to save bandwidth
comp-lzo
user openvpn
group openvpn
persist-key
persist-tun
# Logs are useful for debugging
log-append openvpn-log
verb 3
mute 10

My client config

Code:
client
dev tap
proto tcp
# replace 1.2.3.4 by your server IP
remote 188.x.x.x 443
http-proxy 147.x.x.x 8080
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert you.crt
key you.key
ns-cert-type server
tls-auth ta.key 1
comp-lzo
user nobody
group nogroup
verb 3
mute 20
--http-proxy-retry
I switched form the standard 1194 port to 443, since, it seems, that proxy does not allow the connection to the 1194, giving the Forbidden 403 errror.

Thanks for your patience!
 
Old 11-19-2012, 02:37 PM   #2
Mousepad123
LQ Newbie
 
Registered: Oct 2012
Distribution: CentOS or Debian
Posts: 23

Rep: Reputation: 3
I think you may have a problem in server.conf:

server 10.8.0.0 255.255.255.0

Try changing the IP and subnet to your external network and see if that helps. If not, try running httpd on that port and see if it works. If so, then it's an OpenVPN problem. If not, try messing around with SELinux or your firewall software/gateway.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Connection to CentOs Server with OpenVPN... Then what? acschnabel Linux - Server 2 09-27-2011 09:45 PM
Unable to connect to proxy server though wi fi connection active proxy settings ok ncpanicker Linux - Wireless Networking 3 04-11-2011 04:27 AM
IPCOP - Proxy server over OpenVPN waelaltaqi Linux - Networking 0 11-30-2006 11:50 AM
Help!. Problem connecting to an Openvpn through proxy server. microsoftguy Linux - Software 1 08-03-2006 10:54 PM


All times are GMT -5. The time now is 08:42 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration