Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
S
S
SachaDerr2014-10-16 13:30:27
openvpn
SachaDerr, 2014-10-16 13:30:27

Have I configured my OpenVPN gateway correctly?

My configuration:
30730a76363b40d6ad6a63c3bd43ce68.JPG
The task is to connect via OpenVPN subnet, my computer 192.168.0.x to the OpenVPN server 10.8.0.1 / 87.***.***.99:1194, and further from the server using the client through another OpenVPN to the next OpenVPN server 82.***.***.44:443
My server config is MyVirtServer:

mode server
server 10.8.0.0 255.255.255.0 #vpn subnet
local  87.***.***.99
port 1194
proto tcp
;proto udp
dev tun1 #dev-name
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key  # This file should be kept secret
dh /etc/openvpn/dh1024.pem
ifconfig-pool-persist ipp.all
keepalive 10 120
cipher DES-EDE3-CBC  # Triple-DES
comp-lzo
max-clients 5
user nobody
group nogroup
persist-key
persist-tun
verb 0
mute 20

My home client config is MyPC:
client
dev tun
proto udp
remote 87.***.***.99
port 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
ns-cert-type server
cipher DES-EDE3-CBC  # Triple-DES
comp-lzo
# Set log file verbosity.
verb 0
# Silence repeating messages
;mute 20

My client config on MyVirtServer :
client
dev tun0
proto tcp
remote 82.***.***.44
port 443
resolv-retry infinite
nobind
persist-key
persist-tun
persist-remote-ip
ca vpsserver.crt
tls-remote 82.***.***.44
auth-user-pass vpsserverpass.auth
auth-nocache
comp-lzo
verb 3
auth SHA256
cipher AES-256-CBC
keysize 256
tls-cipher DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA

I don't see any errors in openvpn logs...
Please help me figure it out?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
G
Glueon, 2014-10-16
@Glueon

Draw a schematic of the circuit you want to get.
If I understand correctly, I want to have something like "double":
After turning on the VPN on the home PC, should all traffic eventually go to the public VPN and be masked?
It is not yet clear why the line is needed:
push "route 192.168.0.0 255.255.255.0" #home net

Report
S
SachaDerr, 2014-10-16
@saschaderr

I thought so to separate OpenVPN subnet 10.8.0.0 and internal network 192.168.0.0?
Or am I completely off topic?
The scheme is this:

Мой ПК (192.168.0.85) <-----OpenVPN туннель на внешний IP моего сервера :1194-----> Мой вирт. Сервер  ->(10.8.0.0)  <----OpenVPN туннель на vpsserver.com:443-----> OpenVPN vpsserver.com Сервер

Similar questions
R
rze02015-11-05 17:57:52
There is an OpenVPN connection, but no ping. What's wrong? 3Reply
M
maddog6702018-03-17 17:21:55
OpenVpn connects but can't access sites. Why? 1Reply
B
by_EL2020-05-11 00:50:25
What certificates are used to encrypt data when sending and receiving information on openvpn? 0Reply
V
Vlad2018-03-22 10:48:42
How to connect to NAS VPN server from a remote PC? 1Reply
W
WTFSU2018-03-23 15:21:48
How to block P2P traffic with Suricata (OpenVPN)? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question