FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor


 
 
LinkBack Thread Tools
 
Old 06-05-2010, 08:52 PM
Gaurish Sharma
 
Default Help me with OpenVPN

Hi,
I am trying to connect to a OpenVPN but no success. it says
"openvpn[5052]: TCP: connect to xx.xx.xx.xx:1723 failed, will try
again in 5 seconds: Connection refused" and this goes on.

On Server Side, I checked openVPN is running OKAY but its not listing
to port 1723.

here is my server config:
port 1194
proto udp
dev tun
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
client-to-client
comp-lzo
max-clients 10
user nobody
group users

Here is the log on server:
Sat Jun 5 06:13:37 2010 us=301342 Diffie-Hellman initialized with 1024 bit key
Sat Jun 5 06:13:37 2010 us=301881 TLS-Auth MTU parms [ L:1542 D:138
EF:38 EB:0 ET:0 EL:0 ]
Sat Jun 5 06:13:37 2010 us=302048 ROUTE default_gateway=96.44.148.129
Sat Jun 5 06:13:37 2010 us=314676 TUN/TAP device tun0 opened
Sat Jun 5 06:13:37 2010 us=314709 TUN/TAP TX queue length set to 100
Sat Jun 5 06:13:37 2010 us=314744 /sbin/ip link set dev tun0 up mtu 1500
Sat Jun 5 06:13:37 2010 us=315382 /sbin/ip addr add dev tun0 local
10.8.0.1 peer 10.8.0.2
Sat Jun 5 06:13:37 2010 us=316319 /sbin/ip route add 10.8.0.0/24 via 10.8.0.2
RTNETLINK answers: File exists
Sat Jun 5 06:13:37 2010 us=316774 ERROR: Linux route add command
failed: external program exited with error status: 2
Sat Jun 5 06:13:37 2010 us=316797 Data Channel MTU parms [ L:1542
D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Jun 5 06:13:37 2010 us=317235 GID set to users
Sat Jun 5 06:13:37 2010 us=317305 UID set to nobody
Sat Jun 5 06:13:37 2010 us=317324 Socket Buffers: R=[129024->131072]
S=[129024->131072]
Sat Jun 5 06:13:37 2010 us=317338 UDPv4 link local (bound): [undef]:1194
Sat Jun 5 06:13:37 2010 us=317347 UDPv4 link remote: [undef]
Sat Jun 5 06:13:37 2010 us=317361 MULTI: multi_init called, r=256 v=256
Sat Jun 5 06:13:37 2010 us=317417 IFCONFIG POOL: base=10.8.0.4 size=62
Sat Jun 5 06:13:37 2010 us=317429 IFCONFIG POOL LIST
Sat Jun 5 06:13:37 2010 us=317454 Initialization Sequence Completed


i have already tried switching IPtables on or OFF but still can't connect.

Any tips?
Regards,
Gaurish Sharma
www.gaurishsharma.com
 
Old 06-06-2010, 12:04 AM
Damjan Georgievski
 
Default Help me with OpenVPN

> "openvpn[5052]: TCP: connect to xx.xx.xx.xx:1723 failed, will try
> again in 5 seconds: Connection refused"
...
> here is my server config:
> port 1194
> proto udp

Does this ^^ ring a bell?


Just to make sure it's clear, your server listens on UDP 1194, your
client tries to connect to TCP 1723.


--
damjan
 
Old 06-06-2010, 04:15 AM
Benjamin Campbell
 
Default Help me with OpenVPN

On Sat, Jun 5, 2010 at 6:04 PM, Damjan Georgievski <gdamjan@gmail.com>wrote:

> > "openvpn[5052]: TCP: connect to xx.xx.xx.xx:1723 failed, will try
> > again in 5 seconds: Connection refused"
> ...
> > here is my server config:
> > port 1194
> > proto udp
>
> Does this ^^ ring a bell?
>
>
> Just to make sure it's clear, your server listens on UDP 1194, your
> client tries to connect to TCP 1723.
>
>
> --
> damjan
>


That would seem too easy, but yeah... That is OpenVPN's "default" port.

"Port 1194 is the official
IANA<http://en.wikipedia.org/wiki/Internet_Assigned_Numbers_Authority>assigned
port number for OpenVPN. Newer versions of the program now default
to that port." -- Wikipedia<http://en.wikipedia.org/wiki/OpenVPN#Networking>

Ben
 
Old 06-06-2010, 08:43 AM
Kazuo Teramoto
 
Default Help me with OpenVPN

On Sun, Jun 6, 2010 at 1:15 AM, Benjamin Campbell
<benji.campbell@gmail.com> wrote:
> "Port 1194 is the official
> IANA<http://en.wikipedia.org/wiki/Internet_Assigned_Numbers_Authority>assigned
> port number for OpenVPN. Newer versions of the program now default
> to that port." -- Wikipedia<http://en.wikipedia.org/wiki/OpenVPN#Networking>

Cant you pass --port and --proto to force client using the default
port and udp? (I dont use openvpn, only read the manual to try to
help, so sorry if this dont make sense)

Regards,
Kazuo

--
«Dans la vie, rien n'est ą craindre, tout est ą comprendre»
Marie Sklodowska Curie.
 
Old 06-06-2010, 05:28 PM
Gaurish Sharma
 
Default Help me with OpenVPN

Hi,
Thank you all. you been great. With your help, I am now able to
connect but small problem. I can't transfer/ping any data. I think
there is some problem with firewall rules with Iptables.

But I don't know much about iptables. Any guide which would be get
started with IPtables?


Regards,
Gaurish Sharma



On Sun, Jun 6, 2010 at 2:13 PM, Kazuo Teramoto <kaz.rag@gmail.com> wrote:
> On Sun, Jun 6, 2010 at 1:15 AM, Benjamin Campbell
> <benji.campbell@gmail.com> wrote:
>> "Port 1194 is the official
>> IANA<http://en.wikipedia.org/wiki/Internet_Assigned_Numbers_Authority>assigned
>> port number for OpenVPN. Newer versions of the program now default
>> to that port." -- Wikipedia<http://en.wikipedia.org/wiki/OpenVPN#Networking>
>
> Cant you pass --port and --proto to force client using the default
> port and udp? *(I dont use openvpn, only read the manual to try to
> help, so sorry if this dont make sense)
>
> Regards,
> Kazuo
>
> --
> «Dans la vie, rien n'est ą craindre, tout est ą comprendre»
> Marie Sklodowska Curie.
>
 
Old 06-06-2010, 09:32 PM
Benjamin Campbell
 
Default Help me with OpenVPN

On Sun, Jun 6, 2010 at 11:28 AM, Gaurish Sharma
<contact@gaurishsharma.com>wrote:

> Hi,
> Thank you all. you been great. With your help, I am now able to
> connect but small problem. I can't transfer/ping any data. I think
> there is some problem with firewall rules with Iptables.
>
> But I don't know much about iptables. Any guide which would be get
> started with IPtables?
>
>
> Regards,
> Gaurish Sharma
>
>
>
> On Sun, Jun 6, 2010 at 2:13 PM, Kazuo Teramoto <kaz.rag@gmail.com> wrote:
> > On Sun, Jun 6, 2010 at 1:15 AM, Benjamin Campbell
> > <benji.campbell@gmail.com> wrote:
> >> "Port 1194 is the official
> >> IANA<http://en.wikipedia.org/wiki/Internet_Assigned_Numbers_Authority
> >assigned
> >> port number for OpenVPN. Newer versions of the program now default
> >> to that port." -- Wikipedia<
> http://en.wikipedia.org/wiki/OpenVPN#Networking>
> >
> > Cant you pass --port and --proto to force client using the default
> > port and udp? (I dont use openvpn, only read the manual to try to
> > help, so sorry if this dont make sense)
> >
> > Regards,
> > Kazuo
> >
> > --
> > «Dans la vie, rien n'est ą craindre, tout est ą comprendre»
> > Marie Sklodowska Curie.
> >
>


Here is a high abstraction based howto... That may get your gears turning.
http://www.netfilter.org/documentation/HOWTO//packet-filtering-HOWTO.html<Here%20is%20a%20high%20abstraction%20ba sed%20howto...%20That%20may%20get%20your%20gears%2 0turning.%20%20http://www.netfilter.org/documentation/HOWTO//packet-filtering-HOWTO.html>

--
Thanks

Ben Campbell
 

Thread Tools




All times are GMT. The time now is 01:17 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org