From: Joseph <syscon780@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] openvpn static ip
Date: Thu, 25 Feb 2010 15:21:38 -0700 [thread overview]
Message-ID: <20100225222138.GD6860@syscon4.inet> (raw)
In-Reply-To: <4B86E8D8.9060304@gentooist.com>
On 02/25/10 22:17, Xavier Parizet wrote:
[snip]
>> topology subnet
>> remote 208.38.31.237 9000
>> resolv-retry infinite
>> nobind
> ^^^^^^
> you should remove this line to avoid connection refused messages from
>the server. As you are in udp, client should bind on udp source port to
>get messages from the server.
I remove this one from client.conf
>
>> tun-mtu 1500
>> tun-mtu-extra 32
>> mssfix 1200
>> persist-key
>> persist-tun
>> remote-cert-tls server
>> ca "/etc/openvpn/client_clinic2/ca.crt"
>> cert "/etc/openvpn/client_clinic2/syscon9.crt"
>> key "/etc/openvpn/client_clinic2/syscon9.key"
>> tls-auth "/etc/openvpn/client_clinic2/vpn_my.key" 1
>> comp-lzo
>> log /var/log/openvpn.log
>> log-append /var/log/openvpn.log
>> verb 3
>>
>>
>> log file from client:
>>
>> cat /var/log/openvpn.log
>> [SNIP]
>>
>> Whey sever log is always showing this message: [ECONNREFUSED]:
>> Connection refused (code=111
>
>From what i can see, please try to add full path to the ccd directory in
>client-config-dir directive on the server path. Also check permissions
>on that directory. On which user are you running openvpn on the server ?
>On the client ?
>
>Can you increase verbosity and see if there is no open fails on the
>server ? If it works, you should have the following line in server logs:
>OPTIONS IMPORT: reading client specific options from: [path to ccd]/syscon9
>MULTI: Learn: [192.168.139.15] -> syscon9/[ip source:port source]
>
>--
> Xavier Parizet
>YaGB : http://gentooist.com
>GPG : C7DC B10E FC21 63BE
>B453 D239 F6E6 DF65 1569 91BF
>
I added full path to the server for ccd:
/etc/openvpn/ccd
Now I'm getting consistent IP: 192.168.139.2 every-time I restart openvpn.client_clinic2
but I'm not getting what I requested in ccd/syscon9:
ifconfig-push 192.168.139.15 255.255.255.0
The client runs openvpn as user root,
the server runs openvpn as user openvpn.
--
Joseph
next prev parent reply other threads:[~2010-02-25 23:10 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-02-25 1:32 [gentoo-user] openvpn static ip Joseph
2010-02-25 2:51 ` Albert Hopkins
2010-02-25 3:37 ` Joseph
2010-02-25 11:56 ` Albert Hopkins
2010-02-25 16:52 ` Joseph
2010-02-25 7:40 ` Xavier Parizet
2010-02-25 16:51 ` Joseph
2010-02-25 17:12 ` Xavier Parizet
2010-02-25 19:20 ` Joseph
2010-02-25 20:01 ` Etaoin Shrdlu
2010-02-25 20:09 ` Xavier Parizet
2010-02-25 21:01 ` Joseph
2010-02-25 21:17 ` Xavier Parizet
2010-02-25 22:21 ` Joseph [this message]
2010-02-26 7:34 ` Xavier Parizet
2010-02-26 0:39 ` Joseph
2010-02-26 8:33 ` J. Roeleveld
2010-02-26 15:13 ` [gentoo-user][SOLVED] " Joseph
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100225222138.GD6860@syscon4.inet \
--to=syscon780@gmail.com \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox