OpenVPN Setup
Bill Tillman
btillman99 at yahoo.com
Wed May 11 15:21:49 UTC 2011
________________________________
From: Kevin Wilcox <kevin.wilcox at gmail.com>
To: Bill Tillman <btillman99 at yahoo.com>
Cc: freebsd-questions at freebsd.org
Sent: Wed, May 11, 2011 9:28:08 AM
Subject: Re: OpenVPN Setup
On Wed, May 11, 2011 at 09:11, Bill Tillman <btillman99 at yahoo.com> wrote:
> 2. I have my OpenVPN process running on my FreeBSD server and wish to test it
> with the OpenVPN client for Windows on my laptop from an outside location. But
> the only outside locations I have access to right now are the local McDonalds
> and Starbucks which offer free WiFi via AT&T's network. The trouble with this
>is
> they appear to be blocking almost everything at these locations with the
> exception of HTTP traffic. I can't make the connection and I cannot acces my
>LAN
> via SSH either. I don't think they are blocking any particular ports on these
> systems as much as they are just blocking everything except those ports which
> allow users to surf the web. The only thing which appears in the status window
> is that's it trying to make the handshake but then fails. I can ping my home
> server from these outside locations so I know my server is reachable.
It's not uncommon for guest/visitor/unsponsored/portal wireless to
only have ports 80 and 443 (sometimes only port 80) open. You can
modify your server's config to use port 80 instead of 1194 (assuming
you aren't running a webserver on that machine). Keep in mind that if
you do that then before you can connect you'll have to:
o change the config on the server
o restart openvpn on the server
o change the config on the client
kmw
_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
Thanks again. Setting the proto to tcp, port 443 is working at least. I'm
sitting comfortably in a Starbucks with a cup of java and smooth jazz playing
and with a powered connection so I won't have to worry about battery in this
laptop which only lasts about 20 minutes these days. So I can run the VPN client
here and it makes connection and grabs an IP address 10.8.0.6, and I can ping
the tunnel device on the other end 10.8.0.1 but I cannot access the other side
of the VPN server at home, 10.0.0.0/24. Nothing will reply to pings and my
attempts to do remote desktop with one of my windows machines fails and I cannot
access the Samba shares on the VPN server. I guess this must be a routing issue
but I thought the OpenVPN server set this up when it started. Any additional
advice will be appreciated. I'm going to stay here and hack at it until they run
me off.
Just cleared one more hurdle. Turns out the PUSH line in server.conf was still
commented out. A quick change there and it's off and running. I can now ping
inside my LAN from this remote connection and just completed a successful Remote
Desktop session with one of the Windows clients inside as well. I'm still
somewhat confused on the routes needed and several of my tests are still in
place on the home LAN servers so I'm not sure what actually worked and what can
be removed if any. The PUSH line though seemed to be all it needed but I think
there is something on the inside which needs to be set as well.
Sorry for all the traffic, but I have the time this week to hack at this until I
get it right.
More information about the freebsd-questions
mailing list