Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have this configuration in the server.conf file on my Debian server:
Code:
local SERVER_IP
port 4444
proto udp
dev tun0
##
tun-mtu 1500
tun-mtu-extra 32
##
ca /etc/openvpn/easy-rsa/keys/ca.crt # generated keys
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key # keep secret
dh /etc/openvpn/easy-rsa/keys/dh1024.pem
server 10.44.44.0 255.255.255.0 # internal tun0 connection IP
ifconfig-pool-persist /usr/local/etc/openvpn/ipp.txt
push "route 10.3.3.0 255.255.255.0"
##
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 10 120
comp-lzo # Compression - must be turned on at both end
persist-key
persist-tun
status /var/log/openvpn-status.log
verb 3 # verbose mode
client-to-client
management localhost 7505
verb 3
mute 20
and this ones in the client.conf:
Code:
client
dev tun
port 4444
proto udp
remote SERVER_IP # VPN server IP : PORT
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
resolv-retry infinite
ca ca.crt
cert shahin.crt
key shahin.key
script-security 2
comp-lzo
user nobody
group nobody
persist-key
persist-tun
comp-lzo
log openvpn.log
verb 3
but when I try to connect with nm-applet (NetworkManager) I'll get an `time out error` and nothing will not happen!
I have this configuration in the server.conf file on my Debian server:
Code:
local 88.198.156.177
port 4444
proto udp
dev tun0
##
tun-mtu 1500
tun-mtu-extra 32
##
ca /etc/openvpn/easy-rsa/keys/ca.crt # generated keys
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key # keep secret
dh /etc/openvpn/easy-rsa/keys/dh1024.pem
server 10.44.44.0 255.255.255.0 # internal tun0 connection IP
ifconfig-pool-persist /usr/local/etc/openvpn/ipp.txt
push "route 10.3.3.0 255.255.255.0"
##
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 10 120
comp-lzo # Compression - must be turned on at both end
persist-key
persist-tun
status /var/log/openvpn-status.log
verb 3 # verbose mode
client-to-client
management localhost 7505
verb 3
mute 20
and this ones in the client.conf:
Code:
client
dev tun
port 4444
proto udp
remote SERVER_IP # VPN server IP : PORT
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
resolv-retry infinite
ca ca.crt
cert shahin.crt
key shahin.key
script-security 2
comp-lzo
user nobody
group nobody
persist-key
persist-tun
comp-lzo
log openvpn.log
verb 3
but when I try to connect with nm-applet (NetworkManager) I'll get an `time out error` and nothing will not happen!
There is a problem with your certificate, more than likely a date mismatch. On the system that generated the cerificate (the CA), what is the date? Does it match current time?
There is a problem with your certificate, more than likely a date mismatch. On the system that generated the cerificate (the CA), what is the date? Does it match current time?
on the server it is:
Code:
Wed Dec 19 12:19:33 CST 2012
and on my client it is:
Code:
Wed Dec 19 12:29:34 IRST 2012
do you think is there a problem with it? my server is in Germany and I'm from Iran.
It seems my problem was from my configs. I used example configs and now I'm connected. but speed is too low! I turned off comp-lzo, but speed is too down and I don't like it :-(
It seems my problem was from my configs. I used example configs and now I'm connected. but speed is too low! I turned off comp-lzo, but speed is too down and I don't like it :-(
Did you compile OpenVPN or install from an RPM? What distro are you using? If you compiled, you'll want to make sure the development libraries are installed for LZO also. It's what supports compression for OpenVPN. If the install wasn't compiled with LZO, you'll need to compile and install the binaries again.
Did you compile OpenVPN or install from an RPM? What distro are you using? If you compiled, you'll want to make sure the development libraries are installed for LZO also. It's what supports compression for OpenVPN. If the install wasn't compiled with LZO, you'll need to compile and install the binaries again.
I'm using Debian, and I used apt-get to install openvpn. LZO worked fine, but after turning it off, openvpn becomes faster, but not enough ;-)
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.