[clue-tech] VPN configuration questions to Jim Ockers

blackcat gsc at omegadogs.com
Wed Mar 15 12:21:26 MST 2006 

Hi Jim

Tell us about the configuration files.
-- is it okay to use "tap" ?   Or is "tun" better ?
-- can "secret" be followed by any file name and extension or
are the choices limited ?   Of course the file with the key has
  to have the same name.

> I set up a configuration file on the client that looks like this:
>      remote (remote server)
>      dev tap
>      ifconfig (client IP) (server IP)
>      secret clientkey.txt
>
> ...with the static key found in a .txt file named clientkey.txt
>
> ...and the config file on the server looks like this:
>      dev tap
>      ifconfig (server IP) (client IP)
>      secret clientkey.txt

-- Can one do without setting up a virtual TAP interface ?

-- The port 1194 is forwarded through NAT so that the correct
server receives it.  I was trying to "log on" from the VPN
client.



On 2006-Mar 14, at 8:47 PM, Jim Ockers wrote:

Hi "blackcat",

blackcat wrote:
>
>
> --===============0757973846==
> Content-Type: multipart/alternative; boundary=Apple-Mail-56-860338735

Any chance you could just use text for your e-mail?  Thanks.

> I am sending this to you gurus on behalf of Bill Goodrich who is a
> friend of mine.
> AGSC
>
>
> On 2006-Mar 14, at 3:36 PM, Bill Goodrich wrote:
>
> Hello,
>
> I am somewhat new at using openVPN and have had difficulty getting it
> up and running.  I was hoping someone here might know a
> bit about it and could fill me in on what I might be doing wrong.  I
> am using OpenVPN for both the server and client.
>
> I've tried to follow the "static key mini-HowTo" on the openVPN site.
> That can be found at: http://openvpn.net/static.html
>
> I set up a configuration file on the client that looks like this:
>      remote (remote server)
>      dev tap
>      ifconfig (client IP) (server IP)
>      secret clientkey.txt
>
> ...with the static key found in a .txt file named clientkey.txt
>
> ...and the config file on the server looks like this:
>      dev tap
>      ifconfig (server IP) (client IP)
>      secret clientkey.txt
>
> I opened the corresponding port ( 1194 ) using UDP on both the server
> and client.  When I try to log in from the client I

Could you please clarify what this means?  You "opened the corresponding
port" could mean a lot of things.  You opened it in your firewalls?  Are
you sure it's actually open?  Can you run tcpdump and capture packets
that are UDP and to that port so you can verify that the server is  
actually
getting the packets sent to port 1194 on its IP address?

> recieve an error message #678 "The remote computer did not respond,"
> etc.  Does this mean anything to anyone?  Any help will
> be much appreciated.  Thank you.

What does it mean you "try to log in" ?  Telnet?  ssh?  What IP address
did you try to connect to?

It would help if you could send the output of "ifconfig tap0" from
both systems.  The first thing to check is that the VPN actually
came up.

I use Openvpn a lot and have found it to be extremely easy to use and
very versatile.  Good luck with it.

-- 
Jim Ockers, P.Eng. (ockers at ockers.net)
Contact info: please see http://www.ockers.net/
_______________________________________________
CLUE-tech mailing list
CLUE-tech at cluedenver.org
http://cluedenver.org/mailman/listinfo/clue-tech

_______________________________________________
CLUE-tech mailing list
CLUE-tech at cluedenver.org
http://cluedenver.org/mailman/listinfo/clue-tech

More information about the clue-tech mailing list