VPN choices? (OVPN)
Dave B
g8kbvdave at googlemail.com
Fri Mar 21 20:32:15 UTC 2014
> Hi Dave,
>
> Not sure if you are having a problem with the install or configuration but if it's the
> configuration then this page has all for a quick install and config. Skip the install
> section if you are using package add and just follow the config.
>
> https://openvpn.net/index.php/open-source/documentation/howto.html#quick
>
> First note scripts need to be run in sh, not csh or bash.
>
> Second easy-rsa should be in /usr/local/share
>
> Once the keys are created cp/mv/ln -s the keys folder to a desired location such as
> /usr/local/etc/keys (careful on the permissions).
>
> Change the server.conf file to point to your keys.
>
> Change the rc.conf to enable the server and point to your server.conf file;
>
> openvpn_enable="YES"
> openvpn_configfile="/usr/local/etc/server.conf"
>
> Start the ovpn service;
>
> /usr/local/etc/rc.d/openvpn start
>
> Check /var/log/messages for errors.
>
> Nothing very special on the client side. Note if you are running a firewall make sure that it is not blocking UDP 1194
> If it's not working you do not need to reinstall FreeBSD. Delete the package, server.conf and the keys folder.
>
> Chris
Thanks Chris.
That's largely what I was doing (I think.) It's the form filling for the certificate
creation that is tripping me up, not knowing in detail (like, the acceptable
abreviations, codes and other semantics) what needs to be entered.
What's the default shell for FreeBSD9.2? That's what will be in use. (By the
sound of it, another something to trip over.)
Also, it may sound silly, but what's wrong for example with "England" as the
country? Is there a document somewhere that details the format of what
goes into the certificate configureation files? (I have yet to find one, else I
wouldn't ask.)
It is that very page on the OpenVPN site:-
https://openvpn.net/index.php/open-source/documentation/howto.html#quick
Where I keep going round and round in circles. Especially as I wish to set up
a bridge mode VPN, not routed mode, becaust I need UDP traffic as well as TCP.
>From what I've read, only bridged mode will allow that. True/False???
No doubt it makes perfect sense, if you already know "how to" do it all. But
not for me. Or others who have emailed me expressing the same frustration
with it all.
But am I the only one to ask questions when I can't get something going, I
don't know. There again, I tell my customers at work, not to be afraid of
asking even dumb questions, because that means I've not explained things well
enough. Doing this (OVPN) I'm now the dumb user, exactly because I can't
find all the information I need to know.
Client firewall is not an issue, I have full control over that OK, but I will be
behind a NAT router in most locations, that I will have no control over, other
than sitting in front of a PC connected to such a thing. (Office, Hotel, Hotspot
etc.)
I've had to go to a family funeral today (Friday) and the fallout from that will
rumble on for a little while, so a lot of this stuff will be on hold again, until I can
get time to progress it. (I had been hoping to have this working by now,
but...)
That's my other problem, I'm doing all this in odd moments I get free, and not
always in the same physical location, or even the same PC/VM! Not ideal, that
and my handwriting is not condusive to making notes I can read the next day,
so I have a growing collection of text files full of links to various sites, and
notes as to how far I got before it all failed..
Thanks for your time.
Dave B.
More information about the freebsd-questions
mailing list