New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
If you are not sure with the source (for lzo and openvpn), you can install openvpn and its dependencies using either aptitude / apt-get.
Thread successfully hijacked. Welcome to Low End Box.
Offer the option of downloading from official OpenVPN mirrors or from you, if the mirror is down.
Problem solved. Everybody remove and recycle your tin foil hats.
THREAD UN-DERAIL: go go go go !!
Nice script. Any reason to use it on one distro versus another?
Thank you. I just thought that more distros, more options.
Generating RSA private key, 1024 bit long modulus
.........................++++++
...............................++++++
e is 65537 (0x10001)
Signature ok
subject=/C=us/ST=tx/L=dallas/CN=server
Getting CA Private Key
bg: 342: job (null) not created under job control
Mon Nov 26 08:36:41 2012 OpenVPN 2.2.2 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] [e
urephia] built on Nov 26 2012
Mon Nov 26 08:36:41 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or hig
her to call user-defined scripts or executables
Mon Nov 26 08:36:41 2012 PLUGIN_INIT: POST /usr/lib/openvpn-auth-pam.so '[/usr/l
ib/openvpn-auth-pam.so] [/etc/pam.d/login]' intercepted=PLUGIN_AUTH_USER_PASS_VE
RIFY
Mon Nov 26 08:36:41 2012 Cannot open /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem f
or DH parameters: error:02001002:system library:fopen:No such file or directory:
error:2006D080:BIO routines:BIO_new_file:no such file
Mon Nov 26 08:36:41 2012 Exiting
cp: cannot stat `/etc/openvpn/easy-rsa/2.0/keys/ca.crt': No such file or directo
ry
zip warning: name not matched: ca.crt
How can I reslove the promble,thanks.
.........................++++++
...............................++++++
e is 65537 (0x10001)
Signature ok
subject=/C=us/ST=tx/L=dallas/CN=server
Getting CA Private Key
bg: 342: job (null) not created under job control
Mon Nov 26 08:36:41 2012 OpenVPN 2.2.2 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] [e
urephia] built on Nov 26 2012
Mon Nov 26 08:36:41 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or hig
her to call user-defined scripts or executables
Mon Nov 26 08:36:41 2012 PLUGIN_INIT: POST /usr/lib/openvpn-auth-pam.so '[/usr/l
ib/openvpn-auth-pam.so] [/etc/pam.d/login]' intercepted=PLUGIN_AUTH_USER_PASS_VE
RIFY
Mon Nov 26 08:36:41 2012 Cannot open /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem f
or DH parameters: error:02001002:system library:fopen:No such file or directory:
error:2006D080:BIO routines:BIO_new_file:no such file
Mon Nov 26 08:36:41 2012 Exiting
cp: cannot stat `/etc/openvpn/easy-rsa/2.0/keys/ca.crt': No such file or directo
ry
zip warning: name not matched: ca.crt
What OS do you use? Is it fresh? Check your box repository /etc/yum.repos.d or /etc/apt, mostly error because of that.
Another great tutorial highlights of the Indonesian
Thanks works great, was just what I was looking for!
ry
Try to go to that directory. Do you see any files like .crt / .key ?
If it's hard to use ssh, try use Btivise Tunnelier, we can see / browse the directory
Newbie here...I have installed the OpenVPN on a Debian OS and enabled TUN as well. I followed above directions including making the tcp config file. The IPTABLES command runs fine with no errors. I can also connect with OpenVPN on Windows 8 desktop using the udp or tcp config connection.
However I cannot browse any internet sites when OpenVPN is active on any of my Win 8 browsers.
Should I be using UDP or TCP connection for browsing the web using my VPS server IP?
Any config/suggestions how to get browse the web using OpenVPN from Win 8?
Appreciate any assistance.
That's probably an issue in the config on the server side (I think). It should have a setting in server.conf (or whichever) that allows for the network to pass through it. I'm sure @regolithmedia probably can talk more into it (because I'm too lazy to look up the exact line right now) but yeah.
Any ideas on my question above on why I cannot browse on my desktop once I have VPN up? Still stuck.
@gillybert: you probably forgot the masquerade/snat to in iptables. The vpn traffic have no idea where to go when you request a website.
Have you try this?
and this :
or this?
http://www.erawanarifnugroho.com/2012/10/21/watching-movies-in-hulu-com-by-using-openvpn.html
Thanks for the help...let me try the iptables nat again...I tried before but still didn't work but let me try fresh again.
If using csf try do this:
Thanks for the recent help on my issue where I could not browse any internet sites when OpenVPN is active on any of my Win 8 browsers.
For learning purpose here was the issue. I tried OpenVPN on my Vista desktop with same OpenVPN 2.2.2, same config files and cert I was using on my Win 8 desktop and everything worked! I also tried same config / cert on my Android Samsung S2 and VPN worked perfectly.
So looks like the issue is between Windows 8 TAP adapter and Open VPN 2.2.2. Since Windows 8 is new there may be a bug/issue in Win8 TAP adapter implementation. I will update thread if I find the resolution.
OK Update on my above problem running OpenVPN client on Windows 8. I changed the properties of the OpenVPN exe to run in Windows 7 compatible mode (also need Run as Administrator checked) and now I can access the Internet via a Win8 desktop.
I used these instructions and it worked a treat, but i have two questions:
Thanks
Nik
Hi nik,
Well i don't create init script for this so you need to start it manually at startup, or you can add the following command to rc.local
openvpn /etc/openvpn/yourconf.conf &
if you want to create user that doesn't need password to login then just add user without password
useradd username
update-rc.d -f openvpn defaults on Debian/ubuntu will make it start at startup, chkconfig openvpn on will do it on CentOS.
The other one is easy to figure out
Please be aware when adding a user without password it is actually adding a system user. So if you wish to do this, make sure you change the shell for the user to something like /bin/noshell or /bin/nologin or the same. Otherwise, you will leave an open user account with a shell on the system.
My 2 cents.
useradd -s /bin/false username
Hi,
this tutorial work like a champ.
tyvm for ur effort
great job , i was test the script and working, thanks mat.
definitely an awesome script props!
Nice, never mseed with setting up a VPN before, but it went nice and smoothly on my OVH dedi. Gonna try it on the Waveride OVZ box I picked up yesterday.
Edit: Yep, works fine on my Waveride box.
Does it check if TUN/TAP is enabled? It doesn't appear to. Just tried it on a box where TUN/TAP isn't enabled, and it said:
=================================================================
OpenVPN Server has been successfully installed
But it didn't work.
Enabling TUN/TAP and going through the process again, now it works.
Thank you very much for your tutorial! Finally OpenVPN is running on my server, I used a lot of tutorial but none was working. Just one question, how can I add more users? Thanks in advance!