Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
C
C
cskamsk2014-04-30 16:57:49
openvpn
cskamsk, 2014-04-30 16:57:49

How do I share files with clients via OpenVPN up on Debian 6.0?

Good evening!
Faced the problem of setting up a VPN server on a raised Debian (digitalocean, if important). The task was simple. Share your Android, Windows and Mac devices with OpenVPN, which means using removable media, hard drives and SSDs inside VPN without too much headache.
In total, we have: a stable working channel, the devices are in fact independent, ping on them, as well as on the DHCP server itself, does not work, despite the fact that access to the Internet and SSH to the server passes.
Listing of contents of configurations and tables below:
server.conf

local a.b.c.d
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"

tls-auth ta.key 0
port 5000
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem

server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
client-config-dir ccd
route 10.8.0.0 255.255.255.0
push "route 10.8.0.0 255.255.255.0"
client-to-client

comp-lzo
keepalive 10 120
persist-key
persist-tun
status openvpn-status.log
verb 3

openvpn-status.log
In total we have 3 certificates vpn.windows, vpn.home, vpn.android
OpenVPN CLIENT LIST
Updated,Wed Apr 30 13:45:18 2014
Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
vpn.home,a.b.c.d:1026,1328776,3005450,Wed Apr 30 13:33:14 2014
vpn.windows,a.b.c.d:1025,2444386,1602231,Wed Apr 30 13:20:57 2014
ROUTING TABLE
Virtual Address,Common Name,Real Address,Last Ref
10.8.0.0/24,vpn.home,a.b.c.d5:1026,Wed Apr 30 13:33:15 2014
10.8.0.14,vpn.windows,a.b.c.d:1025,Wed Apr 30 13:45:17 2014
10.8.0.6,vpn.home,a.b.c.d5:1026,Wed Apr 30 13:45:16 2014
10.8.0.13C,vpn.home,a.b.c.d:1026,Wed Apr 30 13:45:17 2014
GLOBAL STATS
Max bcast/mcast queue length,1
END

clientconfig.ovpn
remote a.b.c.d 5000
client
dev tun
ping 10
comp-lzo
proto udp
tls-client
tls-auth ta.key 1
remote-cert-tls server
pkcs12 vpn.home.p12
verb 3
pull

Also, /etc/openvpn/ccdthere are two files with the names of the certificates and with the following content
iroute 10.8.0.0 255.255.255.0
. Viscosity and OpenVPN work as a client on the devices. Thanks in advance for your replies.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
P
Panfilov, 2014-05-05
@cskamsk

Is there still a need?

Report
C
cskamsk, 2014-05-07
@cskamsk

Port 5000 is initially open to the outside. Here are all open ports

netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1343/sshd       
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      1290/exim4      
tcp6       0      0 :::139                  :::*                    LISTEN      971/smbd        
tcp6       0      0 :::21                   :::*                    LISTEN      8657/proftpd: (acce
tcp6       0      0 :::22                   :::*                    LISTEN      1343/sshd       
tcp6       0      0 ::1:25                  :::*                    LISTEN      1290/exim4      
tcp6       0      0 :::445                  :::*                    LISTEN      971/smbd        
udp        0      0 10.8.0.1:123            0.0.0.0:*                           1061/ntpd       
udp        0      0 a.b.c.d:123      0.0.0.0:*                           1061/ntpd       
udp        0      0 127.0.0.1:123           0.0.0.0:*                           1061/ntpd       
udp        0      0 0.0.0.0:123             0.0.0.0:*                           1061/ntpd       
udp        0      0 a.b.c.d:5000     0.0.0.0:*                           1322/openvpn    
udp        0      0 a.b.e.f:137     0.0.0.0:*                           955/nmbd        
udp        0      0 a.b.c.d:137      0.0.0.0:*                           955/nmbd        
udp        0      0 0.0.0.0:137             0.0.0.0:*                           955/nmbd        
udp        0      0 a.b.e.f:138     0.0.0.0:*                           955/nmbd        
udp        0      0 a.b.c.d:138      0.0.0.0:*                           955/nmbd        
udp        0      0 0.0.0.0:138             0.0.0.0:*                           955/nmbd

By a strange coincidence, the openvpn.log file is not written at all. It is not in this folder. Wrote the keys. Did not include the option - all clients use their own PKCS12.
After all the tricks, clients receive addresses and go to the network through the server, but they do not see each other. Is there any manual on routing for openvpn, almost unfamiliar with * nix?

Similar questions
K
Kenny002019-04-26 12:25:51
Which bundle on MIKROTIK is best for connecting branches via the Internet to the main white IP? 7Reply
E
Evgeny Vorobyov2021-01-06 12:11:05
Why doesn't marking packets for sending via another route to Mikrotik via OpenVPN work? 1Reply
K
Kwad2021-01-07 23:50:09
VPN connections to every Windows interface? 6Reply
D
dm1rt1y2019-05-08 18:11:31
How to reach the device through OpenVPN? 3Reply
M
maxitop2016-12-15 08:11:11
Recommend a free OpenVPN client? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question