Unable to connect to OpenVPN server

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by Incognito on Super User See other posts from Super User or by Incognito
Published on 2012-04-02T00:29:27Z Indexed on 2012/04/05 23:32 UTC
Read the original article Hit count: 436

Filed under:
|
|
|

I'm trying to get a working setup of OpenVPN on my VM and authenticate into it from a client.

I'm not sure but it looks to me like it's socket related, as it's not set to LISTEN, and localhost seems wrong. I've never set up VPN before.

# netstat -tulpn | grep vpn
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
udp        0      0 127.0.0.1:1194          0.0.0.0:*                           24059/openvpn

I don't think this is set up correctly.

Here's some detail into what I've done. I have a VPS from MediaTemple:

These are my interfaces before starting openvpn:

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:39482 errors:0 dropped:0 overruns:0 frame:0
          TX packets:39482 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:3237452 (3.2 MB)  TX bytes:3237452 (3.2 MB)

venet0    Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:127.0.0.1  P-t-P:127.0.0.1  Bcast:0.0.0.0  Mask:255.255.255.255
          UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
          RX packets:4885284 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4679884 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:835278537 (835.2 MB)  TX bytes:1989289617 (1.9 GB)

venet0:0  Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:205.[redacted]  P-t-P:205.186.148.82  Bcast:0.0.0.0  Mask:255.255.255.255
          UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1

I've followed this guide on setting up a basic server and getting a .p12 file, however, I was receiving an error that stated /dev/net/tun was missing, so I created it 

mkdir -p /dev/net
mknod /dev/net/tun c 10 200
chmod 600 /dev/net/tun

This resolved the error preventing the service from launching, however, I am unable to connect.

On the server I've set up the myserver.conf file (as per the tutorial) to indicate local 127.0.0.1 (I've also attempted with the public IP address, perhaps I don't understand what they mean by local IP?). The server launches without error, this is what the log looks like when it starts:

Sun Apr  1 17:21:27 2012 OpenVPN 2.1.3 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Mar 11 2011
Sun Apr  1 17:21:27 2012 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Sun Apr  1 17:21:27 2012 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sun Apr  1 17:21:27 2012 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Sun Apr  1 17:21:27 2012 TUN/TAP device tun0 opened
Sun Apr  1 17:21:27 2012 /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
Sun Apr  1 17:21:27 2012 GID set to openvpn
Sun Apr  1 17:21:27 2012 UID set to openvpn
Sun Apr  1 17:21:27 2012 UDPv4 link local (bound): [AF_INET]127.0.0.1:1194
Sun Apr  1 17:21:27 2012 UDPv4 link remote: [undef]
Sun Apr  1 17:21:27 2012 Initialization Sequence Completed

This creates a tun0 interface that looks like this:

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:10.8.0.1  P-t-P:10.8.0.2  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

And the netstat command still indicates the state is not set to LISTEN.

On the client-side I've installed the p12 certs onto two devices (one is an android tablet, the other is an Ubuntu desktop). I don't see port 1194 as open either.

Both clients install the cert files and then ask me for the L2TP secret (which was set on the file), but then they oddly ask me for a username and a password, which I don't know where I could possibly get those from. I attempted all of my logins, and some whacky guesses that were frantically pulling at straws.

If there's any more information I could provide let me know.

© Super User or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about vpn

Related posts about ubuntu-10.10

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle