Tutorial for configuring OpenVPN [on hold]
- by user2699451
I have been through 10+ tutorials on setting up a OpenVPN, and each tutorial gives a different problem...
Does anyone know of a decent and helpful website/tutorial which I could go to to get it set up? I have been battling through it for almost 2 months now.
Yes, I have also bugged forums.openvpn, but I think I have "reached my post limit" with them.
I have to configure it remotely via ssh.
UPDATE:
okay, I have been asked to be more clear on the topic
I followed this tutorial (as a example) -
http://www.servermom.com/how-to-build-openvpn-server-on-centos-6-x/732/
I had no issues setting up, etc. except when I boot into windows and run the OpenVPN GUI Client, it connects and gives this error:
WARNING: Bad encapsulated packet length from peer (21331), which must be 0 and <= 1576 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attemping restart...]
Here is my server config:
port 1194 #- port
proto udp #- protocol
dev tun
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
reneg-sec 0
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
plugin /usr/lib64/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login #- Co$
#plugin /etc/openvpn/radiusplugin.so /etc/openvpn/radiusplugin.cnf #- Uncomment$
client-cert-not-required
username-as-common-name
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 5 30
comp-lzo
persist-key
persist-tun
status 1194.log
verb 3
and my client config:
client
dev tun
proto udp
remote [server ip] 1194 # - Your server IP and OpenVPN Port
resolv-retry infinite
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ca ca.crt
auth-user-pass
comp-lzo
reneg-sec 0
verb 3
OpenVPN Client Log:
Thu Oct 31 11:51:29 2013 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct 1 2006
Thu Oct 31 11:51:44 2013 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Thu Oct 31 11:51:44 2013 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Thu Oct 31 11:51:44 2013 LZO compression initialized
Thu Oct 31 11:51:44 2013 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Oct 31 11:51:44 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Oct 31 11:51:44 2013 Local Options hash (VER=V4): '2547efd2'
Thu Oct 31 11:51:44 2013 Expected Remote Options hash (VER=V4): '77cf0943'
Thu Oct 31 11:51:44 2013 Attempting to establish TCP connection with x.x.x.x:1194
Thu Oct 31 11:51:44 2013 TCP connection established with x.x.x.x:1194
Thu Oct 31 11:51:44 2013 TCPv4_CLIENT link local: [undef]
Thu Oct 31 11:51:44 2013 TCPv4_CLIENT link remote: x.x.x.x:1194
// after this it just hangs, nothing happens
So I dont know what I am doing wrong but I am getting a bit impatient and on each forum I post this, I get stupid/unrelated/unhelpful answers...
