openvpn configuration

dmera · January 28, 2009, 3:54am

Hello,
Well as I’m learning my way with OpenSuse, and I’ve learned a lot in the last 6 months , but much more to discover and enjoy I encountered a problem.
I connect to my work via vpnc(for Cisco) and everything is working perfect. I was able to connect from work to home by installing NX client at work(XP) and server at home(OpenSuse 11) and everything works great. Now my wife wants to connect to work and they have a regular vpn server(I was able to connect from XP easy, but cannot make it work in OpenSuse. I installed OpenVpn client and I configured it the way I understood from different documents on the net but I cannot make the connection. Here is the last message which I’m stuck on when starting openvpn

bonaire:/etc/openvpn/easy-rsa # openvpn client.conf
Tue Jan 27 21:52:07 2009 OpenVPN 2.0.9 x86_64-suse-linux [SSL] [LZO] [EPOLL] built on Nov 15 2008
Tue Jan 27 21:52:07 2009 IMPORTANT: OpenVPN’s default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Tue Jan 27 21:52:07 2009 LZO compression initialized
Tue Jan 27 21:52:07 2009 Control Channel MTU parms L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue Jan 27 21:52:07 2009 Data Channel MTU parms L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Jan 27 21:52:07 2009 Local Options hash (VER=V4): ‘69109d17’
Tue Jan 27 21:52:07 2009 Expected Remote Options hash (VER=V4): ‘c0103fa8’
Tue Jan 27 21:52:07 2009 Attempting to establish TCP connection with 198.133.37.20:1723
Tue Jan 27 21:52:07 2009 TCP connection established with 198.133.37.20:1723
Tue Jan 27 21:52:07 2009 TCPv4_CLIENT link local: [undef]
Tue Jan 27 21:52:07 2009 TCPv4_CLIENT link remote: 198.133.37.20:1723
Tue Jan 27 21:52:37 2009 Connection reset, restarting [0]
Tue Jan 27 21:52:37 2009 TCP/UDP: Closing socket
Tue Jan 27 21:52:37 2009 SIGUSR1[soft,connection-reset] received, process restarting
Tue Jan 27 21:52:37 2009 Restart pause, 5 second(s)

here is the client.conf file I’m using(only the executable lines):

client
dev tun
proto tcp
remote 198.133.37.20 1723
resolv-retry infinite
nobind
persist-key
persist-tun
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/client1.crt
key /etc/openvpn/easy-rsa/keys/client1.key
ns-cert-type server
comp-lzo
verb 3

Can anyone give me a hint/help ?
Thank you,
dan

ken_yap · January 28, 2009, 4:56am

OpenVPN != PPTP

dmera · January 29, 2009, 4:39am

I’m trying to decipher your message and I think it means
OpenVpn is not a point to point tunnel protocol? can you suggest me what else I could use?

ken_yap · January 29, 2009, 5:57am

Windows VPN uses a proprietary protocol called PPTP which uses port 1723 as you well know.

OpenVPN is not a Windows PPTP client and uses a different protocol and a different port.

If you do a search on “linux pptp vpn”, this is the first hit. It may not be the only choice of software though. As I have not done this kind of setup before, this is where my knowledge ends. But I know that if you have to connect to port 1723, then OpenVPN is not what you want. I’m sure there are other people on this forum who know more about this.

PPTP Client

dmera · February 1, 2009, 1:22am

I installed pptp and using KInternet I think I’m connected to the network I want. Attached is the log of the connection. I’m not able to use Remote Desktop to connect. Even tough I think I’m connected, I cannot ping the ip address I want. Can anyone who connected via pptp help me out?

SuSE Meta pppd (smpppd-ifcfg), Version 1.59_SVN16 on bonaire.
Status is: disconnected
trying to connect to smpppd
connect to smpppd
Status is: disconnected
Status is: connecting
pppd[0]: Plugin passwordfd.so loaded.
pppd[0]: Renamed interface ppp0 to dsl0
pppd[0]: Using interface dsl0
Status is: connecting
pppd[0]: Connect: dsl0 <–> /dev/pts/3
pppd[0]: CHAP authentication succeeded
pppd[0]: MPPE 128-bit stateless compression enabled
pppd[0]: replacing old default route to eth1 [192.168.1.1]
pppd[0]: local IP address 198.133.37.203
pppd[0]: remote IP address 198.133.37.201
pppd[0]: primary DNS address 198.133.37.9
pppd[0]: secondary DNS address 198.133.37.11
pppd[0]: Script /etc/ppp/ip-up finished (pid 3791), status = 0x0
Status is: connected

dmera · February 1, 2009, 3:08am

here is an extract of the /var/log/messages which leads me to think that I’m tunneling to the network desired but I cannot do anything else. On XP i don’t encounter any issues(well it’s a windows protocol) but I’m sure it can be done in Linux. I just need someone with more experience in this.
Anyway here is the log:

Jan 31 21:04:30 bonaire kernel: martian source 192.168.1.2 from 198.133.37.20, on dev eth1
Jan 31 21:04:30 bonaire kernel: ll header: 00:90:27:9a:02:01:00:14:6c:19:15:5c:08:00
Jan 31 21:04:58 bonaire kernel: martian source 192.168.1.2 from 198.133.37.20, on dev eth1
Jan 31 21:04:58 bonaire kernel: ll header: 00:90:27:9a:02:01:00:14:6c:19:15:5c:08:00
Jan 31 21:05:26 bonaire pptp[6554]: anon log[pptp_handle_timer:pptp_ctrl.c:1049]: closing control connection due to missing echo reply
Jan 31 21:05:26 bonaire pptp[6554]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 12 ‘Call-Clear-Request’
Jan 31 21:05:26 bonaire pptp[6554]: anon log[pptp_conn_close:pptp_ctrl.c:430]: Closing PPTP connection
Jan 31 21:05:26 bonaire pptp[6554]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 3 ‘Stop-Control-Connection-Request’
Jan 31 21:05:26 bonaire pptp[6554]: anon log[call_callback:pptp_callmgr.c:78]: Closing connection (call state)
Jan 31 21:05:26 bonaire pppd[6546]: Modem hangup
Jan 31 21:05:26 bonaire pppd[6546]: Connect time 2.0 minutes.
Jan 31 21:05:26 bonaire pppd[6546]: Sent 1597146426 bytes, received 0 bytes.
Jan 31 21:05:26 bonaire pppd[6546]: restoring old default route to eth1 [192.168.1.1]
Jan 31 21:05:26 bonaire pppd[6546]: MPPE disabled
Jan 31 21:05:26 bonaire pppd[6546]: Connection terminated.
Jan 31 21:05:27 bonaire pppd[6546]: Script /usr/sbin/pptp 198.133.37.20 --nolaunchpppd finished (pid 6550), status = 0x0
Jan 31 21:05:27 bonaire modify_resolvconf: restored /etc/resolv.conf.saved.by.pppd.dsl0 to /etc/resolv.conf
Jan 31 21:05:27 bonaire SuSEfirewall2: Setting up rules from /etc/sysconfig/SuSEfirewall2 …
Jan 31 21:05:27 bonaire SuSEfirewall2: batch committing…
Jan 31 21:05:27 bonaire SuSEfirewall2: Firewall rules successfully set
Jan 31 21:05:27 bonaire pppd[6546]: Script /etc/ppp/ip-down finished (pid 6851), status = 0x0
Jan 31 21:05:27 bonaire pppd[6546]: Exit.

The file /etc/resolv.conf gets modified by the pppd during the connection(with some ip addresses assigned I think by the server i’m trying to connect to ) but it gets restored as soon as i hang the connection.
what am I doing wrong?

ken_yap · February 1, 2009, 7:31am

I’d change the title of the thread if I were you, to get more attention from people who actually know PPTP.

dmera · February 1, 2009, 6:04pm

Can someone help me with my pptp configuration?