openvpn - urgent help requested!

Mike Wright mike.wright at mailinator.com
Fri Apr 10 22:36:10 UTC 2009 

Timothy Murphy wrote:
> Andrew Parker wrote:
>>> What do your routes look like?  What are your configs, and how do you
>>> start openvpn?
> 
> My server.conf and client.conf are:
> --------------------------------------------
> port 1194
> proto udp
> dev tun
> ca /etc/openvpn/keys/ca.crt
> cert /etc/openvpn/keys/server.crt
> key /etc/openvpn/keys/server.key  # This file should be kept secret
> dh /etc/openvpn/keys/dh1024.pem
> server 192.168.5.0 255.255.255.0
> ifconfig-pool-persist ipp.txt
> keepalive 10 120
> comp-lzo
> persist-key
> persist-tun
> status openvpn-status.log
> verb 3
> --------------------------------------------
> dev tun
> proto udp
> remote www.gayleard.com 1194
> resolv-retry infinite
> persist-key
> persist-tun
> ca /etc/openvpn/keys/ca.crt
> cert /etc/openvpn/keys/mary.crt
> key /etc/openvpn/keys/mary.key
> ns-cert-type server
> comp-lzo
> verb 3
> --------------------------------------------
> 
> "route -n" on server and client give:
> --------------------------------------------
> Destination     Gateway         Genmask         Flags Metric Ref    Iface
> 192.168.5.2     0.0.0.0         255.255.255.255 UH    0      0        0 tun0
> 192.168.5.0     192.168.5.2     255.255.255.0   UG    0      0        0 tun0
> 192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
> 192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
> 169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth1
> 0.0.0.0         192.168.1.254   0.0.0.0         UG    0      0        0 eth0
> --------------------------------------------
> Destination     Gateway         Genmask         Flags Metric Ref    Iface
> 192.168.5.1     192.168.5.5     255.255.255.255 UGH   0      0        0 tun0
> 192.168.5.5     0.0.0.0         255.255.255.255 UH    0      0        0 tun0
> 192.168.1.0     0.0.0.0         255.255.255.0   U     2      0        0 eth1
> 0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 eth1
> --------------------------------------------
> 
> I start openvpn on both machines with "sudo service openvpn restart".


Apology for being a buttinsky.  I'm also trying to understand vpn.  As I 
look through "route -n" much of it makes sense but there is something 
unclear.  Would you disclose the relevant parts of the file "ipp.txt". 
I have a feeling it may be revealing.

ps. thanx for the great info :m)

More information about the fedora-list mailing list