OpenVPN

Hi guys,

So I followed these instructions:

apt-get install openvpn
cd /etc/openvpn
unzip ~makin/encryptec.zip
(enter password)
/etc/init.d/openvpn restart

Then searched the forum for any thing about VPN’s.

Not sure what i need to do next to access my VPN.

Any help would be appreciated.

Cheers Makin

is this a typo?

unzip ~makin/encryptec.zip

what’s in the zip file, and where should it go?

I’m guessing MP has sent you some openVPN config files?

Im assuming that the zip file had the config info in order to allow connections to the server.

“attachment allows remote access to your server”

Zip file is placed here:

cd /etc/openvpn

try doing an ‘ifconfig’, we’ll be able to tell if the VPN connection has loaded correctly. Also, do you want to do an ls in /etc/openvpn/ ?

It would be helpful if you let us know what’s in the zip file… post the results of:

sudo unzip -l /etc/openvpn/encryptec.zip

or manually check with (GUI):

sudo file-roller /etc/openvpn/encryptec.zip

and as kirrus suggests, post the results of

ls /etc/openvpn

and if it exists

ls /etc/openvpn/ws

Or you could try this… assuming the encryptec.zip is in /etc/openvpn and it’s supposed to be extracted to /etc/openvpn

Open a terminal and type:

sudo cp -r /etc/openvpn /etc/openvpn-bak
cd /etc/openvpn
sudo unzip encryptec.zip
sudo /etc/init.d/openvpn restart

hitting enter after each line, and entering your password when asked

In the Zip file Is Encryptec.conf file and a folder called Encryptec, in the cotents of the Encryptec folder is ca.crt, makin-client.crt, makin-client.key and ta.key

ls /etc/openvpn
encryptec encryptec.conf encryptec.zip update-resolv-conf

ls /etc/openvpn/ws
ls: cannot access /etc/openvpn/ws: No such file or directory

root@ubuntu:/etc/openvpn# sudo unzip encryptec.zip
Archive: encryptec.zip
[encryptec.zip] encryptec.conf password:
replace encryptec.conf? [y]es, [n]o, [A]ll, [N]one, [r]ename: y
inflating: encryptec.conf
replace encryptec/ta.key? [y]es, [n]o, [A]ll, [N]one, [r]ename: y
inflating: encryptec/ta.key
replace encryptec/ca.crt? [y]es, [n]o, [A]ll, [N]one, [r]ename: y
inflating: encryptec/ca.crt
replace encryptec/makin-client.key? [y]es, [n]o, [A]ll, [N]one, [r]ename: y
inflating: encryptec/makin-client.key
replace encryptec/makin-client.crt? [y]es, [n]o, [A]ll, [N]one, [r]ename: y
inflating: encryptec/makin-client.crt
root@ubuntu:/etc/openvpn# sudo /etc/init.d/openvpn restart

  • Stopping virtual private network daemon(s)…
  • Stopping VPN ‘encryptec’
    …done.
  • Starting virtual private network daemon(s)…
  • Autostarting VPN ‘encryptec’
    …done.

OK, it looks like the VPN tunnel is active… try:

ifconfig

and check for an entry similar to:

tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:xx.xx.x.xxx P-t-P:xx.xx.x.xxx Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

if it’s there, the tunnel IS active.

Ok so the tunnel is active, Nube question, how do i start using it.

Dunno… What do you want to do with it :wink: ?

login to the server and start installing stuff.

OK perhaps my questions are the wrong ones. I assumed that conencting via VPN would give me an interface to work with. Lets start with how can i work on the server using some sort of ui be it text like SSH or GUI if available.

Cheers for all of the help so far i do appreciate it.

you could use HotSSH to manage an SSH connection

install with:

sudo apt-get install hotssh

then you’ll find it in Applications>Internet>Secure Shell

more info here:

Or

Type the following command in any terminal:
ssh loginname:password@servername_or_IP
or
ssh loginname@servername_or_IP
If the server accepts the connection, you will immediately be prompted to enter the password.
To login in graphical mode (using X server) you must use the -X option.

apt-get install openssh ssh [email protected] (password as supplied)

You are connected to the VPN - it really was that easy … :wink:

I’d recommend you add this to /etc/hosts;

10.10.0.14 makin_server 10.10.0.15 makin_home

Then you can do;

oot@makin:~# ping -c5 makin_home PING makin_home (10.10.0.15) 56(84) bytes of data. 64 bytes from makin_home (10.10.0.15): icmp_req=1 ttl=64 time=29.3 ms 64 bytes from makin_home (10.10.0.15): icmp_req=2 ttl=64 time=30.9 ms 64 bytes from makin_home (10.10.0.15): icmp_req=3 ttl=64 time=29.1 ms 64 bytes from makin_home (10.10.0.15): icmp_req=4 ttl=64 time=29.7 ms 64 bytes from makin_home (10.10.0.15): icmp_req=5 ttl=64 time=29.9 ms

— makin_home ping statistics —
5 packets transmitted, 5 received, 0% packet loss, time 4005ms
rtt min/avg/max/mdev = 29.183/29.821/30.902/0.598 ms

Or

ssh makin@makin_server

so every time i try to ssh via terminal to 10.10.0.14 i get a connection time out any ideas?

can you ping 10.10.0.14 ?

Yes it lets me ping it fine.

Are there any firewalls on the desktop or router that are blocking port 22…in your router, try allowing incoming TCP and UDP connections on port 22 from 10.10.0.14 to your desktops IP

ping, uses ICMP you are attempting a TCP/UDP connection, so try

nmap -p 22 10.10.0.14
(for tcp)
nmap -sU -p 22 10.10.0.14
(for udp)

you might also want to install tcptraceroute
and run

sudo tcptraceroute -p 22 10.10.0.4

Hi, can you try again … when you connect to the openvpn for the first time it allocates you a 10.10.* IP address … and this address needs to be added to the forwarding tables on the VPN server and to the firewall config on your box. I’m afraid I may have mis-typed the IP on your box so if you could give it ago now … :-[

OKI so i restarted the service and then tried sshing in again to 10.10.0.14 and it seems its let me in.

Cheers for the help.