Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

OpenVPN via tun-device help needed
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
baeksu
l33t
l33t


Joined: 26 Sep 2004
Posts: 609
Location: Seoul, Korea
PostPosted: Thu Dec 27, 2007 4:25 am    Post subject: OpenVPN via tun-device help needed Reply with quote
I'm trying to set up an OpenVPN tunnel between my home server and my Nokia N800. After following the instruction on Gentoo Wiki (HOWTO OpenVPN primer), I was able to establish connection to the server.

My setup is as follows:

N800 -> through NAT router -> VPN server

I have some services running on the server (imap, ftp), and I can access those through the VPN without a problem. I cannot, however, reach any other machine within my home network. Also, none of the traffic destined outside of the network goes through the VPN.

I think I'm lacking something in either the gateway or route settings. I followed the wiki closely (including enabling packet forwarding), so you can see my configurations from there.
_________________
Gnome:
1. A legendary being.
2. A never ending quest to make unix friendly to people who don't want unix and excruciating for those that do.
Back to top
View user's profile Send private message
Katphish
Apprentice
Apprentice


Joined: 05 Dec 2005
Posts: 155
PostPosted: Thu Dec 27, 2007 4:43 am    Post subject: Reply with quote
Did you setup the server to instruct the clients to use openvpn as the default gateway?

I use the second method myself:

Code:
# If enabled, this directive will configure
# all clients to redirect their default
# network gateway through the VPN, causing
# all IP traffic such as web browsing and
# and DNS lookups to go through the VPN
# (The OpenVPN server machine may need to NAT
# the TUN/TAP interface to the internet in
# order for this to work properly).
# CAVEAT: May break client's network config if
# client's local DHCP server packets get routed
# through the tunnel.  Solution: make sure
# client's local DHCP server is reachable via
# a more specific route than the default route
# of 0.0.0.0/0.0.0.0.
;push "redirect-gateway"

#
# The push "redirect-gateway def1" command,
# commented out in the example, instructs the
# OpenVPN server to send additional routing
# details to connecting clients. Specifically,
# this sends two new routes which are just
# slightly more specific than the normal default
# route. Due to the way routing works
# (more specific before less specific), the
# result is that these new routes effectively
# become the new default routes for all client
# traffic.
# This means that the VPN server effectively
# becomes the default gateway for all VPN traffic.
# This may or may not be what you want.
push "redirect-gateway def1"


The openvpn primer is good but it is a little dated. The default port number is 1194 among other changes. There is a mostly full server configuration at /usr/share/doc/openvpn-2.0.6/examples/sample-config-files/server.conf.gz. The file is gzipped so use zmore to view it.

Here is a more current tutorial with some nicer features:

http://gentoo-wiki.com/HOWTO_Road_Warriors_with_OpenVPN
Back to top
View user's profile Send private message
baeksu
l33t
l33t


Joined: 26 Sep 2004
Posts: 609
Location: Seoul, Korea
PostPosted: Thu Dec 27, 2007 8:17 am    Post subject: Reply with quote
Simply adding the gateway option you suggested didn't work, so I'm going to have a look at the road warrior vpn guide.

I was hoping I wouldn't have to muck with network bridging to get this work, but I guess there's no other way...
_________________
Gnome:
1. A legendary being.
2. A never ending quest to make unix friendly to people who don't want unix and excruciating for those that do.
Back to top
View user's profile Send private message
baeksu
l33t
l33t


Joined: 26 Sep 2004
Posts: 609
Location: Seoul, Korea
PostPosted: Thu Dec 27, 2007 1:46 pm    Post subject: Reply with quote
Well, I tried following the guide, but I guess I got lost on the way. Lost network connection, which is inconvenient on a headless server.

I guess I'll go back to the simple, though less functional openvpn setup I had, and just ssh tunnel whatever few services I need to get through.

Thanks for the help, though.
_________________
Gnome:
1. A legendary being.
2. A never ending quest to make unix friendly to people who don't want unix and excruciating for those that do.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy