LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 08-24-2009, 11:01 AM   #1
dpeterson3
Member
 
Registered: Jun 2008
Distribution: Debian
Posts: 164

Rep: Reputation: 16
OpenVPN connection problem


I installed OpenVPN so I could do NFS at school. My server and client are both Debian Lenny. My server seems to be working fine. My laptop is having trouble communicating with the server once it connects. The connection initialization is fine. There are no errors spit back. When I try to ping the server, I can not. I get the message
Code:
sudo ping 10.78.11.1
ping: sendmsg: Operation not permitted
I know my server is 10.78.11.1, but my route command spits back
Code:
sudo route
10.78.11.5      *               255.255.255.255 UH    0      0        0 tun0
10.78.11.0      10.78.11.5      255.255.255.0   UG    0      0        0 tun0
I have never used a VPN before, but I am thinking my gateway should be 10.78.11.1 instead of 10.78.11.5. Also, I opened port 1194 in my firewall, but seemyport.com lists this error.
Quote:
Could not connect to 1194 on 131.151.212.175 (Connection refused). Bummer.
It appears you have the port forwarding set up, but nothing is answering on port 1194.
My computer is directly on the internet and I have the rule made in Firestarter to allow connections on 1194. I can't figure out why I can't ping my server.
 
Old 08-24-2009, 12:33 PM   #2
teebones
Member
 
Registered: Aug 2005
Location: /home/teebones
Distribution: sometimes this, sometimes that..
Posts: 502

Rep: Reputation: 56
to mods, this belongs to linux networking category

to the OP:
please provide a clear situation overview, and post your vpn configs, so we can have a look, maybe you've missed something.
Or wrong ip's on the wrong places.. etc

Also give us ip addresses, of machines (wan side, internal site, virtual sides, etcetc)
you can mask some addresses for privacy reasons, e.g. 123.543.223.123 could be written as 123.xxx.xxx.123.
of it's provided that the middle numbers/octets are not important.
 
Old 08-24-2009, 12:39 PM   #3
uteck
Member
 
Registered: Oct 2003
Location: Elgin,IL,USA
Distribution: GalliumOS on Chrombook
Posts: 674

Rep: Reputation: 211Reputation: 211Reputation: 211
What ISP do you use?
Some ISP's block VPN ports and make you 'upgrade' to business class service for it.

When you connect from the client to the server, what output do you see?
Are you testing from inside your network? I know I can't use my OpenVPN inside the network, so I had to test from a friends house.
 
Old 08-24-2009, 04:34 PM   #4
dpeterson3
Member
 
Registered: Jun 2008
Distribution: Debian
Posts: 164

Original Poster
Rep: Reputation: 16
Sorry about the wrong section. I don't know what posessed me to put it here instead of in networking. My files are attached. Client is the client that is being a pain. The server file is there also. I am on a campus network. Rather than having a private network, my computer has its own dns name. I can access it directly from the internet. Its current IP is 131.xxx.xxx.101. I would rather have a private network, but campus policy will not allow it. Everything here gets its own DNS name and takes a DHCP lease when it connects (no exceptions). In my config file, my server has its DNS name listed. I still think it is a problem on the client side just because I can't ping it (the client) on port 1194 even though my port is open in my firewall (firestarter).

thanks for the replies
Attached Files
File Type: txt client.conf.txt (3.5 KB, 7 views)
File Type: txt server.conf.txt (10.2 KB, 7 views)
 
Old 08-25-2009, 08:04 AM   #5
uteck
Member
 
Registered: Oct 2003
Location: Elgin,IL,USA
Distribution: GalliumOS on Chrombook
Posts: 674

Rep: Reputation: 211Reputation: 211Reputation: 211
Have you tried doing a portscan of your machine to ensure that the port is not being blocked? Use your laptop from another location and try using nmap/wireshark to find out what ports are visible. I have a feeling that your campus network may not allow access to this port.

http://www.wireshark.org/
Youtube has a few howto's posted on using it.
http://www.youtube.com/watch?v=jzkUuc5jK8Q
 
Old 08-25-2009, 09:53 PM   #6
dpeterson3
Member
 
Registered: Jun 2008
Distribution: Debian
Posts: 164

Original Poster
Rep: Reputation: 16
Found the problem.
http://www.fs-security.com/docs/vpn.php
Opening the port in the firewall is not enough. The interface can not be firewalled. Firestarter doesn't support this yet. Adding the lines there to both linux boxes took care of my problem. I can now ping my server no problem. Thanks for all the help.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
On-demand OpenVPN connection helpmhost Linux - Networking 0 06-23-2009 04:59 PM
OpenVPN Connection Problem priyadarshan Linux - Newbie 1 02-27-2009 09:15 AM
openvpn connection A - B via C MarioT Linux - Networking 1 01-22-2009 09:01 AM
what is the CA files in the openvpn connection ? . adam_blackice Linux - Networking 1 08-07-2007 11:13 AM
OpenVPN Connection Issue ArcLinux Linux - Networking 1 06-08-2007 04:21 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 07:26 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration