From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Nkmr3-0001Sb-SV for garchives@archives.gentoo.org; Thu, 25 Feb 2010 23:10:50 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 78739E0A0B for ; Thu, 25 Feb 2010 23:10:49 +0000 (UTC) Received: from mail.shawcable.com (shawmail.shawcable.com [64.59.128.220]) by pigeon.gentoo.org (Postfix) with ESMTP id 9378DE0AFC for ; Thu, 25 Feb 2010 22:21:38 +0000 (UTC) Received: from bpd2mi2no-svcs.prod.shawcable.com ([10.0.184.121]) by bpd2mo3no-ssvc.prod.shawcable.com with ESMTP; 25 Feb 2010 15:21:38 -0700 X-Cloudmark-SP-Filtered: true X-Cloudmark-SP-Result: v=1.0 c=1 a=tiDpqCBa0E0A:10 a=dgx804EzjhD8CRYpIFkhZA==:17 a=fhWuiIdCAAAA:8 a=jQdRpKEpd-AeHY-ncMMA:9 a=c2920vA5AbS7fdhmiSAA:7 a=NyPJZ48pJ8TbMQvmd3fB-5c3Z5oA:4 X-IronPort-AV: E=Sophos;i="4.49,542,1262588400"; d="scan'208";a="266344774" Received: from unknown (HELO bpd2mi2no-cmts.prod.shawcable.com) ([192.168.183.121]) by bpd2mi2no-cmts.prod.shawcable.com with ESMTP; 25 Feb 2010 15:21:38 -0700 X-reinject: true Received: from unknown (HELO syscon4.localdomain) ([68.148.245.78]) by bpd2mi2no-dmz.prod.shawcable.com with ESMTP; 25 Feb 2010 15:21:38 -0700 Received: by syscon4.localdomain (Postfix, from userid 1000) id 00F8CC3A1B; Thu, 25 Feb 2010 15:21:38 -0700 (MST) Date: Thu, 25 Feb 2010 15:21:38 -0700 From: Joseph To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] openvpn static ip Message-ID: <20100225222138.GD6860@syscon4.inet> References: <20100225013240.GB5865@syscon4.inet> <4B86298B.50601@gentooist.com> <20100225165105.GA25777@syscon4.inet> <4B86AF72.6020000@gentooist.com> <20100225192009.GA6860@syscon4.inet> <4B86D8DD.1030705@gentooist.com> <20100225210109.GC6860@syscon4.inet> <4B86E8D8.9060304@gentooist.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1; format=flowed Content-Disposition: inline In-Reply-To: <4B86E8D8.9060304@gentooist.com> User-Agent: Mutt/1.5.20 (2009-06-14) X-Archives-Salt: 566b6c5d-2130-45e6-a025-f85fae019084 X-Archives-Hash: 941b86112c9566bafd8b2300fc89806a On 02/25/10 22:17, Xavier Parizet wrote: [snip] >> topology subnet >> remote 208.38.31.237 9000 >> resolv-retry infinite >> nobind > ^^^^^^ > you should remove this line to avoid connection refused messages from >the server. As you are in udp, client should bind on udp source port to >get messages from the server. I remove this one from client.conf > >> tun-mtu 1500 >> tun-mtu-extra 32 >> mssfix 1200 >> persist-key >> persist-tun >> remote-cert-tls server >> ca "/etc/openvpn/client_clinic2/ca.crt" >> cert "/etc/openvpn/client_clinic2/syscon9.crt" >> key "/etc/openvpn/client_clinic2/syscon9.key" >> tls-auth "/etc/openvpn/client_clinic2/vpn_my.key" 1 >> comp-lzo >> log /var/log/openvpn.log >> log-append /var/log/openvpn.log >> verb 3 >> >> >> log file from client: >> >> cat /var/log/openvpn.log >> [SNIP] >> >> Whey sever log is always showing this message: [ECONNREFUSED]: >> Connection refused (code=111 > >>From what i can see, please try to add full path to the ccd directory in >client-config-dir directive on the server path. Also check permissions >on that directory. On which user are you running openvpn on the server ? >On the client ? > >Can you increase verbosity and see if there is no open fails on the >server ? If it works, you should have the following line in server logs: >OPTIONS IMPORT: reading client specific options from: [path to ccd]/syscon9 >MULTI: Learn: [192.168.139.15] -> syscon9/[ip source:port source] > >-- > Xavier Parizet >YaGB : http://gentooist.com >GPG : C7DC B10E FC21 63BE >B453 D239 F6E6 DF65 1569 91BF > I added full path to the server for ccd: /etc/openvpn/ccd Now I'm getting consistent IP: 192.168.139.2 every-time I restart openvpn.client_clinic2 but I'm not getting what I requested in ccd/syscon9: ifconfig-push 192.168.139.15 255.255.255.0 The client runs openvpn as user root, the server runs openvpn as user openvpn. -- Joseph