News:

Rule #1 - Be Patient - Rule #2 - Don't ask when, if you don't contribute - Rule #3 - You have coding skills - LinuxMCE's small brother is available: http://www.agocontrol.com

Main Menu

OpenVPN

Started by dlewis, May 08, 2009, 03:06:29 PM

Previous topic - Next topic
Print
Go Down Pages 1 ... 3 4 5 6 7
User actions

davegravy

#60
August 29, 2009, 03:52:49 PM
My reason for wanting to try openvpn, fyi, is as follows:

My workplace has a seriously draconian IT policy, dispite being a small company. I have HTTP, HTTPS (thankfully), FTP, RDP, and not much more in the way of non-firewalled ports. I want to use my core at home as a proxy to allow me unrestricted web communications. I can use ssh tunnelling via putty for most things, but not anything UDP (such as my office IAX/SIP softphone). I tried to ssh tunnel port 1723 to my core, and tried to establish a pptp vpn connection to no avail. Apparently it uses another protocol in tandem with tcp port 1723 (called GRE or something).

I'm interested to know if OpenVPN can do what I want, especially since it uses SSL which is supposedly UDP friendly.

donpaul

#61
August 31, 2009, 08:02:19 PM
Quote from: davegravy on August 28, 2009, 08:55:52 PM
I just downloaded and ran the script, and got the same errors krys_ got before.

Did you run the script as root? I never get those errors when run as root. I will be making changes and incorporating OpenVPN into LinuxMCE web admin soon.

davegravy

#62
August 31, 2009, 09:20:27 PM
Quote from: donpaul on August 31, 2009, 08:02:19 PM
Did you run the script as root? I never get those errors when run as root. I will be making changes and incorporating OpenVPN into LinuxMCE web admin soon.

Yes, I ran as root.

After the script terminates the contents of /etc/openvpn/easy-rsa/ are as follows:

1.0  2.0  build.sh

There is no /keys directory.

donpaul

#63
August 31, 2009, 10:28:22 PM
Quote from: davegravy on August 31, 2009, 09:20:27 PM
Quote from: donpaul on August 31, 2009, 08:02:19 PM
Did you run the script as root? I never get those errors when run as root. I will be making changes and incorporating OpenVPN into LinuxMCE web admin soon.

Yes, I ran as root.

After the script terminates the contents of /etc/openvpn/easy-rsa/ are as follows:

1.0  2.0  build.sh

There is no /keys directory.



ok, I see the problem. I'll fix it.

donpaul

#64
August 31, 2009, 10:38:32 PM
I fixed it (I hope), grab the latest tar from donpaul.info and give it a shot.

davegravy

#65
September 01, 2009, 10:13:28 PM
Sorry! Not yet  ;)

#ls /etc/openvpn/easy-rsa/2.0/

build-ca          build-key-server  list-crl              revoke-full
build-dh          build-req         Makefile              sign-req
build-inter       build-req-pass    openssl-0.9.6.cnf.gz  vars
build-key         build.sh          openssl.cnf           whichopensslcnf
build-key-pass    clean-all         pkitool
build-key-pkcs12  inherit-inter     README.gz

There's no /keys directory here either... I'm not sure why the keys aren't being generated in their proper location.

davegravy

#66
September 01, 2009, 10:52:12 PM Last Edit: September 01, 2009, 11:04:02 PM by davegravy
I'm not sure build.sh is running from Configure_OpenVPN_Keys.sh... when I run the script manually it generates the keys directory along with all the keys, but does not do this when run from Configure_OpenVPN_Keys.sh

I don't know anything much about .sh scripts, but is the spawn syntax correct?

EDIT: the problem is that the 'expect' package is not installed by default. Add it to the list of packages installed in the script.

donpaul

#67
September 04, 2009, 04:23:06 PM
Quote from: davegravy on September 01, 2009, 10:52:12 PM
I'm not sure build.sh is running from Configure_OpenVPN_Keys.sh... when I run the script manually it generates the keys directory along with all the keys, but does not do this when run from Configure_OpenVPN_Keys.sh

I don't know anything much about .sh scripts, but is the spawn syntax correct?

EDIT: the problem is that the 'expect' package is not installed by default. Add it to the list of packages installed in the script.

Excellent, thanks. Will add it.

dlewis

#68
September 15, 2009, 09:55:31 PM
Are we closer to making this solid and adding this to the next release?

donpaul

#69
September 15, 2009, 10:40:11 PM
Yes... closer. I am going to run/test it on a fresh 810 soon.

dlewis

#70
September 16, 2009, 03:30:11 AM
thanks!

donpaul

#71
September 18, 2009, 11:10:19 PM
I have made changes for 8.10, and integrated it into the lmce-admin. I am running through the test, and so far so good. If anyone has a suggestion, now is the time.

jimbodude

#72
September 18, 2009, 11:43:12 PM
This looks sweet...

I like the "Delete User" button - that was missing from the PPTP implementation.

I'm not sure if there is an easy way to do this - but we do have the hostname if the user configures the DDNS, maybe it could show up here?  If the user has a static IP, a "detect external IP" button would be nice too.

Does this already open up the proper ports in the firewall?

Great work, thanks.

donpaul

#73
September 19, 2009, 01:44:58 AM
I thought about the DDNS field, and I agree on the get IP button - good idea. I'll see what I can do for both of those.

BTW, I added a delete button to the PPTP patch.

jimbodude

#74
September 19, 2009, 04:50:46 AM
Nice.  Good work.
Print
Go Up Pages 1 ... 3 4 5 6 7
User actions