Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-user

From: Joseph <syscon780@×××××.com>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] openvpn static ip
Date: Thu, 25 Feb 2010 23:10:50
Message-Id: 20100225222138.GD6860@syscon4.inet
In Reply to: Re: [gentoo-user] openvpn static ip by Xavier Parizet
1 On 02/25/10 22:17, Xavier Parizet wrote:
2 [snip]
3 >> topology subnet
4 >> remote 208.38.31.237 9000
5 >> resolv-retry infinite
6 >> nobind
7 > ^^^^^^
8 > you should remove this line to avoid connection refused messages from
9 >the server. As you are in udp, client should bind on udp source port to
10 >get messages from the server.
11
12 I remove this one from client.conf
13
14 >
15 >> tun-mtu 1500
16 >> tun-mtu-extra 32
17 >> mssfix 1200
18 >> persist-key
19 >> persist-tun
20 >> remote-cert-tls server
21 >> ca "/etc/openvpn/client_clinic2/ca.crt"
22 >> cert "/etc/openvpn/client_clinic2/syscon9.crt"
23 >> key "/etc/openvpn/client_clinic2/syscon9.key"
24 >> tls-auth "/etc/openvpn/client_clinic2/vpn_my.key" 1
25 >> comp-lzo
26 >> log /var/log/openvpn.log
27 >> log-append /var/log/openvpn.log
28 >> verb 3
29 >>
30 >>
31 >> log file from client:
32 >>
33 >> cat /var/log/openvpn.log
34 >> [SNIP]
35 >>
36 >> Whey sever log is always showing this message: [ECONNREFUSED]:
37 >> Connection refused (code=111
38 >
39 >From what i can see, please try to add full path to the ccd directory in
40 >client-config-dir directive on the server path. Also check permissions
41 >on that directory. On which user are you running openvpn on the server ?
42 >On the client ?
43 >
44 >Can you increase verbosity and see if there is no open fails on the
45 >server ? If it works, you should have the following line in server logs:
46 >OPTIONS IMPORT: reading client specific options from: [path to ccd]/syscon9
47 >MULTI: Learn: [192.168.139.15] -> syscon9/[ip source:port source]
48 >
49 >--
50 > Xavier Parizet
51 >YaGB : http://gentooist.com
52 >GPG : C7DC B10E FC21 63BE
53 >B453 D239 F6E6 DF65 1569 91BF
54 >
55
56 I added full path to the server for ccd:
57 /etc/openvpn/ccd
58
59 Now I'm getting consistent IP: 192.168.139.2 every-time I restart openvpn.client_clinic2
60 but I'm not getting what I requested in ccd/syscon9:
61 ifconfig-push 192.168.139.15 255.255.255.0
62
63 The client runs openvpn as user root,
64 the server runs openvpn as user openvpn.
65
66 --
67 Joseph

Replies

Subject Author
Re: [gentoo-user] openvpn static ip Xavier Parizet <xav@×××××××××.com>
Report Message
Find on MARC Find on Google Groups