Hello All. Has anyone been successful at setting up the openVPN plugin?
If so I really could use a hand, I have been going round and round with this plugin for a month and no luck. It is giving me a couple of redlines at the top and hanging without starting. Rackspace wants to charge me to get it going, but I know there is someone smart enough here that has done this with this plugin.
I tried to email the plugin maker, but so far they have ignored me and its been about five days and all of the howtos on Centos describe putting openVPN 2.0.9 but the plugin uses OpenVPN version 2.0_rc16, OpenSSL version 0.9.7e and it sets up OpenVPN in different directorys than all of the 100+ howtos that I have tried. There does not seem to exist a howto on this plugin.
Here is the setup if someone could help me figure out what I am overlooking.
I have got the keys generated and they seem to check out ok, I'm just having a problem with the network setup.
The main Question is how to set up the network and do I need a bridge device.
the goal is to watch hulu and american tv as I am in Prague.
Here are the Plugin forms, as of now I put some stuff in and it just hangs and goes round and round, never starting the VPN server. Some of the naming conventions on this plugin are not correlating with the documentation, and the normal howto's describe setting it up with a .config file in /etc/openvpn, but this plugin creates /etc/openvpn/servers/VPNName(1st slotbelow)/ccd.
My servers ip is 22.214.171.124 and my netmask is 255.255.255.0
So as you can imagine, I'm about ready to twist my head off. I have marked the needed parts with (????)question marks.
Name (I can figure this one out!)
port (Port) 1194
proto (Protocol) (UDP)
Device (tun) ???
Bridge Device (???) if so what do I call it??
Network Device for Bridge (???) IP config for bridge (???) IP-Address/Gateway : (???) Netmask : (???) IP-Range for Bridge-Clients Start: End: (???) management (Enable Management) (no) Enable: IP: 127.0.0.1 Port: ca (Certification Authority) static (done) Choose key staticserverkey (done) Certificate Server automatic Key Server automatic Diffie-Hellman random file dh2048.pem enable TLS and assume server role during TLS handshake (???) Local host name or IP address (????) Net IP assigns (option server) (???) network netmask (????) Persist/unpersist ifconfig-pool data to file, at seconds intervals (default=600), as well as on program startup and shutdown (option ifconfig-pool-persist) (???) Because the OpenVPN server mode handles multiple clients through a single tun or tap interface, it is effectively a router (option client-to-client) (YES) Allow multiple clients with the same common name to concurrently connect (option duplicate-cn) NO Add an additional layer of HMAC authentication on top of the TLS control channel to protect against DoS attacks (option tls-auth) (YES) ccd-exclusive (Clients enabled only for this server) (yes) Encrypt packets with cipher algorithm (option cipher) (DES-CFB 64 bit Default) Use fast LZO compression (option comp-lzo) (YES) Limit server to a maximum of n concurrent clients (option max-clients) (6) User (nobody) Group (nobody) Don't re-read key files (option persist-key) (???) Don't close and reopen TUN/TAP device or run up/down scripts (option persist-tun)
keepalive (A helper directive designed to simplify the expression of ping and ping-restart in server mode configurations) Ping: Ping-Restart: Set output verbosity
Log at most n consecutive messages in the same category Complete path of status log file openvpn-status.log Complete path of log file openvpn.log tun-mtu (Take the TUN device MTU to be n and derive the link MTU from it)
fragment (Enable internal datagram fragmentation so that no UDP datagrams are sent which are larger than max bytes) mssfix (Announce to TCP sessions running over the tunnel that they should limit their send packet sizes such that after OpenVPN has encapsulated them, the resulting UDP packet size that OpenVPN sends to its peer will not exceed max bytes)
float (Allow remote peer to change its IP address and/or port number)
chroot (Chroot to dir after initialization) /etc/openvpn
Additional Configurations example: push "route 192.168.100.0 255.255.255.0" (?????????????) This parameter adds a route to the client when it's connected
PRE/POST UP/DOWN commands up-pre (script execute before VPN up) ((????) up (script execute after VPN up) ((???) down-pre (script execute before VPN down) (???) down (script execute after VPN down) (????)
I'm trying to connect with windows 7, are there any special caveats or setting that I may need?
Anyone that can help gets a night on the town in Prague next time your here, and I get to call you a badass!