Comments on: How to configure OpenVPN

By: Wasser

Wasser — Sun, 03 Aug 2008 23:42:28 +0000

Hi!
I have the following problem:
I configured everything [almost] like you said, but when I go to the Routing table on my dir-655 (I went to Advanced/Routing, think it’s the same) and fill everything, it says that the ip of the gateway is not on the same subnet of the interface. The interface is fixed on WAN and the router does not allow me to change it. The only IP I could fill for the gateway was my external IP, but it’s not working…
Help?

By: glenn0

glenn0 — Thu, 17 Jul 2008 06:39:00 +0000

Hey guys,

I used this guide to setup my VPN (thanks Riley!) but made a few security enhancements along the way. I decided to write up a version of Riley’s guide with my additions. I hope that’s ok Riley.

I’ve added TLS-Auth, password protected 2048-bit keys, AES encryption and explanations in a lot of sections.

It seems you can’t post links in comments here, but if you Google “openvpn lockup”, my blog (called lockup) will be the first result.

Hope it helps.

By: abc

abc — Wed, 16 Jul 2008 19:52:15 +0000

How to share óne vpn client connection to multiple pcs?

I’m connected to an openVPN Server using the openvpn client (dev tun).
The client pc(xp sp2) has 2 nics. one to connect to lan/adsl & the
other to connect to a voice gateway (spa3102)via crossover. How can I
configure the spa3102 connected over nic2 to go through only the open
vpn connection to connect to its sip server? or in other words how can
i share the open vpn client connection?

By: bebopblues

bebopblues — Wed, 28 May 2008 09:30:09 +0000

Riley, first off, many thanks for the tutorial and providing the sample config files. I followed your instructions carefully and established connections between server and clients. The only problem I have is what peter stated a few posts above, my internet dies when openvpn is connected. If I disconnect openvpn, then internet works again. I’ve tried on several local machines, and all seems to be the same problem. Now this only happens on local machines on the local network with the server. I tested a machine outside the network, and it does not lose internet connection, it works perfectly.

Regarding the DNS settings, I used the WAN DNS settings from my cable modem, I’m assuming thats the correct one and not the local gateway (192.168.1.1). I’ve been trying to figure out why the local machines lose internet connection, but I’m still scratching my head and clueless. If you have advice to solve this issue, please reply. Much appreciated.

By: compsafe

compsafe — Fri, 23 May 2008 01:56:22 +0000

Hi, i am trying to configure openvpn and having some queries. For the Intial set up; i configured my desktop as server and laptop as a client, which works fine.Now,I want to take it to the next step. I want the client to connect to my desktop and should be able to access the main webserver throgh my PC. Thatis my PC should be able to act as an interface to allow the laptop to connect the main webserver. Please help. What changes should i make in the congig.files.

By: shukalo83

shukalo83 — Tue, 13 May 2008 17:57:09 +0000

Thank You really on such a great tutorial. I think it’s unique in its simplicity and effectiveness. Everything work flawless for me but when I try to connect from Windows XP client that has no admin privileges the virtual tap interface doesn’t get the default gateway by DHCP. When I am admin from the same machine, everything works perfectly. I don’t know what could be the problem. I installed openvpn gui as an administrator on the client side. So once more, to be specific, I received client address by dhcp 192.168.10.3 but i don’t have def gateway of 192.168.10.1 an that only when I am not logged in as an administrator. I realize that this tutorial is a bit old but there are maybe someone outhere who is willing to give me a hand. Thanks in advance

By: openfish

openfish — Sat, 12 Apr 2008 17:27:10 +0000

Thank you Riley for the well defined VPN set up using OpenVpn.
Though my actual job is to create a site-to-site VPN using OpenVPN, first I tried between two computers within the same LAN, one as the server and the other as a client.
The network address of my LAN is 192.168.1.0. And the pcs’ address is 192.168.1.x1 and 192.168.1.x2. And I used virtual address( with its netmask) 10.8.0.0 255.255.255.0.
I successfully established the VPN between the two computers, that is, when I tried to
ping using the IP of virtual tunnel 10.8.0.1 to other machine whose vpn tunnel ip (virtual ) is 10.8.0.2 it works fine and it works also from other direction.

Again, when i tried to ping byHost ID 192.168.1.12 to other host ID 192.168.1.133 it also pings normally

As per OpenVPN when tunnel get created all traffic should run between the tunnel.
what i guess by this
only Pinging is possible through virtual Ip adresses of the tunnel

not through the actual host ID like 192.168.1.12 to 192.168.1.133 between the two machines if virtual tunnel is already established.

My first question is, is it possible to ping using normal host id, in addition to using virtual address, while tunnel is already created?

My second question, even other machines can ping to the tunneled machines( to the OpenVPN server and client); and the server and the client can ping normally to the other PCs in the LAN using the their host IP addresses.
What I guessed was, only the machines in the tunnel can only ping one another, nothing else, , though they are physically connected in the LAN.
Is it possible, with explanations?
I am looking forward to reading your replies.

Thank you, forum members, in advance.

By: minardi

minardi — Fri, 04 Apr 2008 13:20:07 +0000

Hi.

I have the exact same setup as in this guide, and everything is working except when i connect the client to the server, i loose all internet on the client, yet i still have connection to the server.

I have put in the DNS information on the server config, and it sends the DNS info to the client, yet it still isnt getting any internet connection.

By: timinator

timinator — Mon, 03 Mar 2008 15:44:13 +0000

Hi, I was considering setting up an OpenVPN server behind my DMZ with 2 nics. One public, one private and route between them to my lan. Is this possible?

Thanks
Tim

By: vpnboy

vpnboy — Mon, 25 Feb 2008 18:25:40 +0000

This is the most useful guide for setting up OpenVPN I have found on the web. Thanks. I am not particularly technical but I managed to get OpenVPN up and working (maybe that just shows how good your guide is!).

I am using Win XP Pro Sp2 for both my server side (desktop pc) and my client side (laptop pc). I travel somewhat with my laptop, and I am a little concerned that on my travels anybody who manages to access my laptop without my knowledge will be able to just right-click on the OpenVPN icon in the system tray and then connect to my server and network. It seems I should have a password to protect the OpenVPN connection. However after hours of scouring the official OpenVPN sites I am really no nearer understanding how to achieve this. My biggest fear is breaking my vpn now that I have it working so well!

Your guide mentions using build-key-pass instead of just build-key to password protect the client keys, but I’m not sure how the password protected keys would then work. Is that what I would need to do to stop unauthorised access to my OpenVPN client? Also, I notice that the OpenVPN icon right-click menu has a “Change password” option - maybe this is what I need to do? Any advice much appreciated.