openVPN server setup?

Hello,

We have installed “openVPN” from openSUSE 11.2 repo and “openVPN - webmin module” (GUI).

What it needs to be done … “Road Warriors” need to be able to access websites through openSUSE box sitting in the data center, from remote locations (hotel, coffe shops, wi-fi hot spots,…)

We’re half way there but it gets stucked somewhere with the IP’s :\

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I’m not sure how it is done normally but I’ve setup OpenVPN a few times on
different distros just starting with the builds on OpenVPN’s site. From
memory:

Set the service to run automatically.
Configure networks (IP ranges for VPNing, netmasks, routes, etc.)
Configure IP forwarding to be automatic if needed (I think it is)
Configure whether or not VPNing users can see eachother
Configure a set of server keys
Configure a set of keys for each user and allow them on the server side
Distribute user keys to users
Configure firewalls to allow the UDP port where OpenVPN listens
Play

A few of those are optional… mandatory: basically setup the network
side, setup the server keys, setup the client keys, distribute and use.

Good luck.

On 02/22/2010 05:06 AM, erik100 wrote:
>
> Hello,
>
> We have installed “openVPN” from openSUSE 11.2 repo and “openVPN -
> webmin module” (GUI).
>
> What it needs to be done … “Road Warriors” need to be able to access
> websites through openSUSE box sitting in the data center, from remote
> locations (hotel, coffe shops, wi-fi hot spots,…)
>
> We’re half way there but it gets stucked somewhere with the IP’s :
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJLgsUiAAoJEF+XTK08PnB5g8IP/ivh+foYEho7W7S4NNXqWmgU
cEvWUolkZdECXqkBBtdykXN9WNUfp7u1tZ52tebJpGNMzo+OBUpNUqMvknCF2jn7
R8/+e++TrcYD3sRflwd4pSiAf1OE1eXKK6EqugM4PGjqkrLLFbO5oX5xGK6PTbbm
VeTFt4Q5nnWz8BO07HlPo1qu5Pu1Az63OsbYvw0oDF/44rtCXmnVw2kv+Fu5amwt
ZfEEQDUETtA0yEAwaTQwlKIcHOjVQSifHQwKS6EjGb0OTKxfkLQs+bg1Wv+3hnr1
ABWoB4HsuXfivkF0dXuZ+Sl6THODYIEbBCdqlv8HCa+nN895ZEGx45RwCKbh4V5k
WNA6/86GJaCUyjMV02wvEUXal2fHerYOTB8nxE1Mjbyt6e9QnWmDes6qsCSdsCYw
DKaFmShuSrWA4hAt3BmF9DEVqTeNhWCSwISYorze7hsyg+28HhkhTZXPoLKQ/MM9
5TIzWDjNq1hG6ytYekrnSaa+/Iem/mMR1RDaZj5aCJoHbo2BiqTwQiLa2dKzQoyv
U9q31JwemJXLqY7Xfstwf5NCi6XdsgUO0ZJSVJpKncpUIReJG4A8wrJXDHEzqOMK
xIW/DMcWnE7kkCO/AIP8P7CpXWjz46QR7Ok37WA8ixHsIfI8l1mR+hj7n6NbRnEt
37onQrl97DedsNv5LQ9V
=0/vs
-----END PGP SIGNATURE-----

First of all thank you for your reply. I was hoping someone could post their conf. files (server, client) and point me to the right direction. Someone who is running openVPN on openSUSE 11.2 box.

Essentially trying to give you that info would be a rehash of the instructions at openvpn.net, e.g. here:

HOWTO

So that’s why there is no enthusiasm to do your reading for you.

@ken_yap

It’s not that I haven’t learned about the reading you have sugested. I’m confused about firewall, is there only port 1194 that needs to be open, or I need to do something else like firewall-masquerading, or maybe adding “net.ipv4.ip_forward=1” to /etc/sysctl.conf …

Port 1194 UDP needs to be allowed at the firewall, and if the VPN server is not the gateway, any port forwarding at the firewall added. But openvpn works best when it’s installed on the firewall/gateway machine because of the issue of setting the gateway for VPN traffic for clients without too much pain.

@ken_yap

I have configured “server.conf” and “client.conf”. When I’m trying to connect to server from remote location, I get this notification “Options error: --http-proxy MUST be used in TCP Client mode (i.e. --proto tcp-client)
Use --help for more information.”

TCP Client mode? But, I’m using UDP. :\