LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 04-18-2013, 03:20 AM   #1
farrukh_arshad
LQ Newbie
 
Registered: Dec 2010
Posts: 7

Rep: Reputation: 0
Question OpenVPN server setup


Greetings All,

First of all I must confess I have no understanding of Linux networking except some basic commands (i.e ifconfig) etc and neither I am a networking person, I am a developer and trying to setup a OpenVPN server. Here is the scenario

I have a server with public IP address (this is outside of my company network) and a client which is on my company network behind a firewall. I want to create a VPN network with my server (which have public ip address) and my client which is in my company LAN behind firewall.

Both are Ubuntu systems. I have installed openvpn on both machines, and running openvpn as following

Code:
VPN Server.
External IP = A.B.C.D
VPN IP = 192.168.1.1

sudo openvpn --dev tun --port 8080 --verb 5 --ifconfig 192.168.1.1 192.168.1.2 --secret staticVPN.key

VPN Client
External IP = DHCP on Company LAN behind Firewall.
VPN IP = 192.168.1.2
sudo openvpn --remote A.B.C.D --dev tun --verb 5 --port 8080 --ifconfig 192.168.1.2 192.168.1.1 --secret staticVPN.key
The problem is when I ping from client -> server or vice versa nothing happens. On the client when I start openvpn I see following line at the end of the log

Code:
UDPv4,ifconfig 192.168.1.2 192.168.1.1,cipher BF-CBC,auth SHA1,keysize 128,secret'
Thu Apr 18 12:53:42 2013 us=336508 Local Options hash (VER=V4): '1da4bff1'
Thu Apr 18 12:53:42 2013 us=336539 Expected Remote Options hash (VER=V4): '36e3af21'
Thu Apr 18 12:53:42 2013 us=336582 Socket Buffers: R=[112640->131072] S=[112640->131072]
Thu Apr 18 12:53:42 2013 us=336609 UDPv4 link local (bound): [undef]
Thu Apr 18 12:53:42 2013 us=336632 UDPv4 link remote: [AF_INET]A.B.C.D:8080
Thu Apr 18 12:55:43 2013 us=255431 NOTE: failed to obtain options consistency info from peer -- this could occur if the remote peer is running a version of OpenVPN before 1.5-beta8 or if there is a network connectivity problem, and will not necessarily prevent OpenVPN from running (0 bytes received from peer, 0 bytes authenticated data channel traffic) -- you can disable the options consistency check with --disable-occ.
It seems to me it has something to do with routing / rules. On the server I have added some rules without any understanding what I am doing but no effect. On the server I did following

Code:
ping 192.168.1.2
tcpdump -i eth0
tcpdump -i tun0
With above I was hoping my ping traffic will be forwarded from tun0 to eth0 to reach the VPN client, but I see nothing related to tun0 on the dump of eth0.

As I have mentioned above it seems to me this has something to do with routing rules / port forwarding on both VPN server & VPN client which I am missing, can anyone suggest something here.

Thank you for your time

Regards,
Farrukh Arshad.
 
Old 04-19-2013, 05:59 AM   #2
nikmit
Member
 
Registered: May 2011
Location: Nottingham, UK
Distribution: Debian
Posts: 167

Rep: Reputation: 33
Very likely a firewall/NAT issue

If your client in the company network has a private address, it will be NAT-ed to a public one at the firewall. For OpenVPN to work you will need to forward the relevant ports (I think udp/1194 by default) and add permissions on the firewall.

You can use tcpdump to check that traffic is getting to the server by running it simultaneously on the server and the client:
tcpdump -i eth0 host 192.168.1.2 and udp -n
if you see the packets the client is sending at the server and vice versa you have connectivity.
 
  


Reply

Tags
openvpn


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Setup openvpn server cristi92b Linux - Networking 3 08-19-2012 01:39 AM
setup openvpn on new server? qwertyjjj Linux - Server 4 09-23-2011 03:06 PM
OpenVPN client has not default gateway when connect to OpenVPN server sailershen Linux - Security 3 03-04-2010 02:20 AM
How does OpenVPN Linux server issues IP and netmask to OpenVPN clients on Windows XP pssompura Linux - Networking 0 12-24-2009 02:42 AM
OpenVPN server setup issue (permission denied for file 01.pem) elliot01 Linux - Networking 3 07-06-2009 08:06 PM


All times are GMT -5. The time now is 09:45 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration