Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


OpenVPN Community Software Auto Installer for CentOS 5 & 6, Debian 6, and Ubuntu 10.10 - Page 2
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

OpenVPN Community Software Auto Installer for CentOS 5 & 6, Debian 6, and Ubuntu 10.10

2

Comments

  • FritzFritz Veteran
    edited November 2012

    If you are not sure with the source (for lzo and openvpn), you can install openvpn and its dependencies using either aptitude / apt-get.

  • @regolithmedia said: Anyway can we get back to the topic? Other than discussing about why using my server for source code?

    Thread successfully hijacked. Welcome to Low End Box.

  • bamnbamn Member
    edited November 2012

    @regolithmedia said: i think it's just matter of preference, there are some people that feel most comfortable download from original source. but in my case, my developer is feel most comfortable if using file in my server. so, in this script I'm using same mirror as my developer.

    Offer the option of downloading from official OpenVPN mirrors or from you, if the mirror is down.

    Problem solved. Everybody remove and recycle your tin foil hats.

  • THREAD UN-DERAIL: go go go go !!

    Nice script. Any reason to use it on one distro versus another?

  • @Damian said: THREAD UN-DERAIL: go go go go !!

    Nice script. Any reason to use it on one distro versus another?

    Thank you. I just thought that more distros, more options.

  • Generating RSA private key, 1024 bit long modulus
    .........................++++++
    ...............................++++++
    e is 65537 (0x10001)
    Signature ok
    subject=/C=us/ST=tx/L=dallas/CN=server
    Getting CA Private Key
    bg: 342: job (null) not created under job control
    Mon Nov 26 08:36:41 2012 OpenVPN 2.2.2 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] [e
    urephia] built on Nov 26 2012
    Mon Nov 26 08:36:41 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or hig
    her to call user-defined scripts or executables
    Mon Nov 26 08:36:41 2012 PLUGIN_INIT: POST /usr/lib/openvpn-auth-pam.so '[/usr/l
    ib/openvpn-auth-pam.so] [/etc/pam.d/login]' intercepted=PLUGIN_AUTH_USER_PASS_VE
    RIFY
    Mon Nov 26 08:36:41 2012 Cannot open /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem f
    or DH parameters: error:02001002:system library:fopen:No such file or directory:
    error:2006D080:BIO routines:BIO_new_file:no such file
    Mon Nov 26 08:36:41 2012 Exiting
    cp: cannot stat `/etc/openvpn/easy-rsa/2.0/keys/ca.crt': No such file or directo
    ry
    zip warning: name not matched: ca.crt

    How can I reslove the promble,thanks.

  • regolithmediaregolithmedia Member
    edited November 2012

    @challengeke said: Generating RSA private key, 1024 bit long modulus

    .........................++++++
    ...............................++++++
    e is 65537 (0x10001)
    Signature ok
    subject=/C=us/ST=tx/L=dallas/CN=server
    Getting CA Private Key
    bg: 342: job (null) not created under job control
    Mon Nov 26 08:36:41 2012 OpenVPN 2.2.2 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] [e
    urephia] built on Nov 26 2012
    Mon Nov 26 08:36:41 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or hig
    her to call user-defined scripts or executables
    Mon Nov 26 08:36:41 2012 PLUGIN_INIT: POST /usr/lib/openvpn-auth-pam.so '[/usr/l
    ib/openvpn-auth-pam.so] [/etc/pam.d/login]' intercepted=PLUGIN_AUTH_USER_PASS_VE
    RIFY
    Mon Nov 26 08:36:41 2012 Cannot open /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem f
    or DH parameters: error:02001002:system library:fopen:No such file or directory:
    error:2006D080:BIO routines:BIO_new_file:no such file
    Mon Nov 26 08:36:41 2012 Exiting
    cp: cannot stat `/etc/openvpn/easy-rsa/2.0/keys/ca.crt': No such file or directo
    ry
    zip warning: name not matched: ca.crt

    How can I reslove the promble,thanks.

    What OS do you use? Is it fresh? Check your box repository /etc/yum.repos.d or /etc/apt, mostly error because of that.

  • Another great tutorial highlights of the Indonesian :D

  • Thanks works great, was just what I was looking for!

  • @challengeke said: cp: cannot stat `/etc/openvpn/easy-rsa/2.0/keys/ca.crt': No such file or directo

    ry

    Try to go to that directory. Do you see any files like .crt / .key ?
    If it's hard to use ssh, try use Btivise Tunnelier, we can see / browse the directory

  • Newbie here...I have installed the OpenVPN on a Debian OS and enabled TUN as well. I followed above directions including making the tcp config file. The IPTABLES command runs fine with no errors. I can also connect with OpenVPN on Windows 8 desktop using the udp or tcp config connection.

    However I cannot browse any internet sites when OpenVPN is active on any of my Win 8 browsers.

    Should I be using UDP or TCP connection for browsing the web using my VPS server IP?

    Any config/suggestions how to get browse the web using OpenVPN from Win 8?

    Appreciate any assistance.

  • @gillybert said: However I cannot browse any internet sites when OpenVPN is active on any of my Win 8 browsers.

    That's probably an issue in the config on the server side (I think). It should have a setting in server.conf (or whichever) that allows for the network to pass through it. I'm sure @regolithmedia probably can talk more into it (because I'm too lazy to look up the exact line right now) but yeah.

  • Any ideas on my question above on why I cannot browse on my desktop once I have VPN up? Still stuck.

  • @gillybert: you probably forgot the masquerade/snat to in iptables. The vpn traffic have no idea where to go when you request a website.

  • Have you try this?

     #iptables -t nat -A POSTROUTING -s 10.2.4.0/24 -j SNAT --to Your_Ip_address
    

    and this :

    # echo 1 > /proc/sys/net/ipv4/ip_forward

    or this? :)

    http://www.erawanarifnugroho.com/2012/10/21/watching-movies-in-hulu-com-by-using-openvpn.html

  • Thanks for the help...let me try the iptables nat again...I tried before but still didn't work but let me try fresh again.

  • budingyunbudingyun Member
    edited December 2012

    @gillybert said: Any ideas on my question above on why I cannot browse on my desktop once I have VPN up? Still stuck.

    If using csf try do this:

    vi /etc/csf/csfpre.sh
    
    iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
    iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT
    iptables -A FORWARD -j REJECT
    iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to SERVER_IP
    
    :wq
    
    service csf restart
    
  • Thanks for the recent help on my issue where I could not browse any internet sites when OpenVPN is active on any of my Win 8 browsers.

    For learning purpose here was the issue. I tried OpenVPN on my Vista desktop with same OpenVPN 2.2.2, same config files and cert I was using on my Win 8 desktop and everything worked! I also tried same config / cert on my Android Samsung S2 and VPN worked perfectly.

    So looks like the issue is between Windows 8 TAP adapter and Open VPN 2.2.2. Since Windows 8 is new there may be a bug/issue in Win8 TAP adapter implementation. I will update thread if I find the resolution.

  • OK Update on my above problem running OpenVPN client on Windows 8. I changed the properties of the OpenVPN exe to run in Windows 7 compatible mode (also need Run as Administrator checked) and now I can access the Internet via a Win8 desktop.

  • I used these instructions and it worked a treat, but i have two questions:

    1. Will this install so that openvpn runs at startup ?
    2. How can i create a user that doesn't need a password to login ?

    Thanks

    Nik

  • @nikc said: I used these instructions and it worked a treat, but i have two questions:

    Will this install so that openvpn runs at startup ?
    How can i create a user that doesn't need a password to login ?

    Thanks

    Nik

    Hi nik,

    Well i don't create init script for this so you need to start it manually at startup, or you can add the following command to rc.local

    openvpn /etc/openvpn/yourconf.conf &

    if you want to create user that doesn't need password to login then just add user without password

    useradd username

  • update-rc.d -f openvpn defaults on Debian/ubuntu will make it start at startup, chkconfig openvpn on will do it on CentOS.

    The other one is easy to figure out ;)

  • Please be aware when adding a user without password it is actually adding a system user. So if you wish to do this, make sure you change the shell for the user to something like /bin/noshell or /bin/nologin or the same. Otherwise, you will leave an open user account with a shell on the system.

    My 2 cents.

  • useradd -s /bin/false username

  • Hi,

    this tutorial work like a champ.

    tyvm for ur effort :)

  • abonkabonk Member

    great job :D, i was test the script and working, thanks mat.

  • akzakz Member
    edited April 2013

    definitely an awesome script props!

  • GaryGary Member
    edited April 2013

    Nice, never mseed with setting up a VPN before, but it went nice and smoothly on my OVH dedi. Gonna try it on the Waveride OVZ box I picked up yesterday.

    Edit: Yep, works fine on my Waveride box. :)

  • GaryGary Member

    Does it check if TUN/TAP is enabled? It doesn't appear to. Just tried it on a box where TUN/TAP isn't enabled, and it said:

    =================================================================
    OpenVPN Server has been successfully installed

    But it didn't work.

    Enabling TUN/TAP and going through the process again, now it works.

  • trexostrexos Member

    Thank you very much for your tutorial! Finally OpenVPN is running on my server, I used a lot of tutorial but none was working. Just one question, how can I add more users? Thanks in advance! :)

Sign In or Register to comment.