Hello,I created an OpenVPN server and connected a Windows client to it and it
worked very good. I added a new NIC to my server and I want to connect new
clients to my OpenVPN server via this new NIC. My new NIC name is enp0s9:
# ifconfigenp0s3: flags=4163 mtu 1500
inet 10.0.2.15 netmask
Hello,How to run multiple configuration files at the same time? Can I merge the
configuration files?
Thank you.___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
Hello,Is it possible to hide the OpenVPN connection from the Internet
censorship and filtering devices? These devices easily block OpenVPN
connections.Does OpenVPN have special settings for this? Maybe there is a need
to change the source code of the OpenVPN program!
Any idea?
Thank you.__
Hello,In an internal network, clients do not have access to the Internet, but
the OpenVPN server has access to the Internet. If the clients connect to the
OpenVPN server with the OpenVPN client, will they be able to access the
Internet by default? Or need to write iptables rules for internet sha
Hello,
Thank you so much for your reply.
I did, but got an error:
# systemctl start openvpn-server@server
Job for openvpn-server@server.service failed because the control process exited
with error code.
See "systemctl status openvpn-server@server.service" and "journalctl -xeu
openvpn-server@serv
Hello,
My OpenVPN server has two NICs and both of them are connected to the Internet,
but Linux only activates one of them at the same time. For example:
# ping -I enp0s3 google.com
PING google.com (216.239.38.120) from 10.0.2.15 enp0s3: 56(84) bytes of data.
64 bytes from any-in-2678.1e100.net (
le is using the default 1194 port, I'm guessing that you need to change that
to something like 1195 (assuming nothing else is using it). That will mean
adjusting the client conf file to use the different port as well. There may be
additional firewall rules needed to allow access to this sec
Hello,
Is it possible to run multiple OpenVPN server on one NIC? Or each OpenVPN
server profile needs a separate NIC?
Thank you.
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-u
Openvpn-users wrote:
Without seeing both conf files, I can only guess at the issue but, did you use
different "local" directives in each conf file?
On Saturday, July 22, 2023 at 08:02:17 AM CDT, Jason Long via Openvpn-users
wrote:
Hello,
My OpenVPN server has two NICs a
, Jason Long via Openvpn-users wrote:
> Is it possible to run multiple OpenVPN server on one NIC? Or each OpenVPN
> server profile needs a separate NIC?
This is not really an "OpenVPN" question, but more a general TCP-IP
question.
Server processes need to be unique in regards to &
Hi Gert,
Thanks again.
I have two questions:
1- If the port number is different, then "server" IP can be the same? For
example, the first server use:
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh.pem
server 10.8.0.0 255.255.255.0
The
, Jochen Bern
wrote:
On 23.07.23 15:32, Jason Long via Openvpn-users wrote:
> 1- If the port number is different, then "server" IP can be the same? > For
> example, the first server use:
>
> port 1194
[...]
> server 10.8.0.0 255.255.255.0
>
> The
Hi Gert,
Thanks again for your reply.
But, I tested my OpenvPN server. As I understand, the Port number is important
for the OpenVPN server, because with the same IP address and Different Port,
The OpenVPN worked.
Server 1:
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
quot; directives in each conf file?
On Saturday, July 22, 2023 at 08:02:17 AM CDT, Jason Long via Openvpn-users
wrote:
Hello,
My OpenVPN server has two NICs and both of them are connected to the Internet,
but Linux only activates one of them at the same time. For example:
# ping -I enp0s
uly 24, 2023 at 11:55:26 AM GMT+3:30, Bo Berglund
wrote:
On Mon, 24 Jul 2023 05:45:47 + (UTC), Jason Long via Openvpn-users
wrote:
PLEASE STOP TOP-POSTING (corrected below)!
>>On Sunday, July 23, 2023 at 06:29:20 PM GMT+3:30, Gert Doering
>> wrote:
>>
>>Hi,
M GMT+3:30, tincantech via Openvpn-users
wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
--- Original Message ---
On Monday, July 24th, 2023 at 11:42, Jason Long via Openvpn-users
wrote:
> Hello,
> Thank you so much for your reply.
> Your answer raised another questio
Hello,I have three questions:
1- Is it possible to use the same key files for different servers or should
separate keys be generated for each server?
2- If it is possible to use the same key files, what are the advantages and
disadvantages?
3- When is it better to use new key files?
Thank you.
Hello,
My Server has two NICs:
enp0s8 (LAN)
enp0s3 (NAT)
I created a virtual interface like the below:
# touch /etc/network/interfaces.d/ifcfg-enp0s3:0
# nano /etc/network/interfaces.d/ifcfg-enp0s3:0
auto enp0s3:0
iface enp0s3:0 inet static
address 10.0.5.20
netmask 255.255.255.0
Then:
# syst
rn
wrote:
On 25.07.23 09:54, Jason Long via Openvpn-users wrote:
> enp0s3: flags=4163 mtu 1500
> inet 10.0.2.15 netmask 255.255.255.0 broadcast 10.0.2.255
> enp0s3:0: flags=4163 mtu 1500
> inet 10.0.5.20 netmask 255.255.255.0 broadcast 10.0.5.255
... so y
Hello,I have a question and I'm thankful if someone clear it for me.I guess it
would be better if each server has its own key files, but the server means the
server configuration file or an OpenVPN (physical or VM) server?I mean, if an
OpenVPN server has a lot of server configuration files (serv
2023 at 9:09 PM, Jochen Bern wrote:
On 25.07.23 18:10, Jason Long via Openvpn-users wrote:
> Hello,I have a question and I'm thankful if someone clear it for me.I guess
> it would be better if each server has its own key files, but the server means
> the server configuration
Hello,By default, the location of OpenVPN server configuration file is
"/etc/openvpn/". Is it possible to change this default location?
Thank you.___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/list
Hello,
I just created a virtual NIC and all the iptables rules that I did for a real
NIC, I did for this virtual NIC too. Consider an OpenVPN server that has one
NIC with three public IPs and you want to run an OpenVPN server.conf file for
each IPs. You must set these three public IPs on your NI
Hello,
Thank you so much for your reply.
Can I change this default location?
On Wednesday, July 26, 2023 at 09:18:35 AM GMT+3:30, Bo Berglund
wrote:
On Tue, 25 Jul 2023 21:42:40 + (UTC), Jason Long via Openvpn-users
wrote:
>Hello,By default, the location of OpenVPN ser
Hello,
Thanks again.
Yes, I'm testing on a virtual machine and haven't moved it to a real server
yet, But the public IP address has nothing to do with the server configuration
file. The IP address is important for the client file that wants to connect to
my server. In the client file, I must set
Hello,
Suppose several IP addresses are set on a NIC and the name of the NIC is eth0.
For example, you have set "1.2.3.4", "1.2.3.5" and "1.2.3.6" IP addresses on
the eth0.
You want to launch several server configuration files for each IP. For example,
for IP "1.2.3.4" you want to launch Server
On Thu, Jul 27, 2023 at 11:54 AM, Bo Berglund wrote:
On Wed, 26 Jul 2023 10:00:51 + (UTC), Jason Long via Openvpn-users
wrote:
>On Wednesday, July 26, 2023 at 09:18:35 AM GMT+3:30, Bo Berglund
> wrote:
>>On Tue, 25 Jul 2023 21:42:40 + (UTC), Jason Long via O
Hello,
My server.conf is:
port 1194
proto udp
dev tun0
ca ca.crt
cert server.crt
key server.key
dh dh.pem
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
push "route 172.20.1.0 255.255.0.0"
push "route 172.20.50.0 255.255.255.128
On Sunday, July 30, 2023 at 02:12:06 PM GMT+3:30, Gert Doering
wrote:
Hi,
On Sun, Jul 30, 2023 at 10:09:33AM +, Jason Long via Openvpn-users wrote:
> 172.20.1.0 via 10.8.0.0 device tun
> 172.20.50.0 via 10.8.0.0 device tun
> Wherever that came from, it's not a valid
On Sun, Jul 30, 2023 at 6:01 PM, Jochen Bern wrote:
On 29.07.23 16:11, Jason Long via Openvpn-users wrote:
> How can OpenVPN recognize that the configuration files Server-1.conf,
> Server-2.conf and Server-3.conf should be for IP address "1.2.3.4"?
>By default, a
On Sun, Jul 30, 2023 at 7:34 PM, Bo Berglund wrote:
On Sat, 29 Jul 2023 14:11:48 + (UTC), Jason Long via Openvpn-users
wrote:
>How can OpenVPN recognize that the configuration files Server-1.conf,
>Server-2.conf and Server-3.conf should be for IP address "1.2.3.4&
On Sun, Jul 30, 2023 at 6:16 PM, Jochen Bern wrote:
On 30.07.23 12:54, Jason Long via Openvpn-users wrote:
> On Sunday, July 30, 2023 at 02:12:06 PM GMT+3:30, Gert Doering
> wrote:
> On Sun, Jul 30, 2023 at 10:09:33AM +0000, Jason Long via Openvpn-users wrote:
>>
for 172.20.1.18: Packets: Sent = 4, Received = 0, Lost = 4
(100% loss),
C:\>
What is the problem?
On Sun, Jul 30, 2023 at 6:16 PM, Jochen Bern wrote:
On 30.07.23 12:54, Jason Long via Openvpn-users wrote:
> On Sunday, July 30, 2023 at 02:12:06 PM GMT+3:30, Gert Doering
>
Hello,
I have an OpenVPN server VM with two NICs:
enp0s3: NAT (10.0.2.15)
enp0s8: LAN (192.168.1.20)
My OpenVPN VM can see my internal network. For example:
# ping 172.20.1.18
PING 172.20.1.18 (172.20.1.18) 56(84) bytes of data.
64 bytes from 172.20.1.18: icmp_seq=1 ttl=63 time=1.21 ms
64 bytes
Hi,
On Mon, Jul 31, 2023 at 06:40:45AM +, Jason Long via Openvpn-users wrote:
> I want to connect my Windows VM to my OpenVNP server so that it can see my
> internal network. For example, my Windows VM can "ping 172.20.1.18".
IP communication (ping) always requires two dir
Hi,
On Mon, Jul 31, 2023 at 08:02:43AM +, Jason Long wrote:
> the problem is that I must enable the IP forwarding. In this mailing list and
> other places on the Internet, I read that the IP Forwarding must be disabled.
This is good. So routing/iptables have been correct, after all, just
th
>
>
>
>
> From: "Jason Long via Openvpn-users"
> Date: Saturday, 29 July 2023 at 16:18:44
> To: "Tincantech via Openvpn-users"
> Subject: [Openvpn-users] How to write the iptables rules for a NIC with
> multiple IP addresses?
>
>
>
On 30.07.23 20:55, Jason Long wrote:
> I found that I need to add the following iptables rule for virtual
> NICs to my iptables rules:
> iptables -t nat -A POSTROUTING -s $YOUR_OPENVPN_SUBNET -j SNAT
> --to OpenVPN_NIC_IP
>
> I have another question. For each public IP address, I must to rewrit
On 30.07.23 21:55, Jason Long wrote:
> I added the following lines to the server configuration file:
> route 172.20.1.0 255.255.0.0
> push "route 172.20.1.0 255.255.0.0"
>
> And added the following line to the client.ovpn file:
> route add 172.20.1.0 255.255.0.0
> So you're telling the server
On Mon, Jul 31, 2023 at 4:35 PM, Jochen Bern wrote:
On 31.07.23 13:42, Jason Long wrote:
> And added the following lines to the client.ovpn file:
>
> route 172.20.1.0 255.255.255.0
> push "dhcp-option dns 172.20.1.2"
> push "dhcp-option dns 172.20.1.7"
> dhcp-option DOMAIN MY_DOMAIN
(I
On Mon, Jul 31, 2023 at 4:20 PM, Jochen Bern wrote:
On 31.07.23 13:34, Jason Long wrote:
> Did you forget the PORT rule?
> # iptables -I INPUT -p udp --dport PORT -j ACCEPT
That rule a) *already* addresses *several* OpenVPN instances at once (as
it specifies *only* the port, not IP or i
On Mon, Jul 31, 2023 at 10:43 PM, Bo Berglund wrote:
On Mon, 31 Jul 2023 18:52:07 + (UTC), Jason Long via Openvpn-users
wrote:
>What is the usage of the "client-to-client" and "iroute"?
client-to-client:
if you would like connecting clients to be able to re
Hello,Is it possible to set public IP addresses from different countries on one
NIC?
VPN provider companies provide VPN service with IP addresses of different
countries. Do they have a separate server in that country? Or have they just
set IP addresses from different countries on the same server
On Mon, Jul 31, 2023 at 11:49 PM, Jochen Bern wrote:
On 31.07.23 21:42, Jason Long via Openvpn-users wrote:
> Hello,Is it possible to set public IP addresses from different
> countries on one NIC?
> VPN provider companies provide VPN service with IP addresses of
> different c
On Mon, 31 Jul 2023 21:51:43 +0200, Gert Doering wrote:
>Hi,
>
>On Mon, Jul 31, 2023 at 09:11:31PM +0200, Bo Berglund wrote:
>> On Mon, 31 Jul 2023 18:52:07 +0000 (UTC), Jason Long via Openvpn-users
>> wrote:
>>
>> >What is the usage of the "client-
On 31.07.23 21:14, Jason Long wrote:
> On Mon, Jul 31, 2023 at 4:20 PM, Jochen Bern wrote: >>
> If, on the other hand, you'd like to type less, it's up to you to find
>> ways to make the rules less specific that still agree with whatever
>> *external* requirements you may have. For OpenVPN, the fo
On Tue, 1 Aug 2023 05:57:29 + (UTC), Jason Long via Openvpn-users
wrote:
>OK,
>in my use case I set up a VPN server on a public IP with the sole purpose to
>act
>as a connection point between an IoT device running on a LAN with no public IP
>available which we needed to acc
Hello,To use OpenVPN with a NIC that has multiple IP addresses set on it, I
need to use the following statement in the server configuration file:
Local "Virtual IP"
But, when I use the following firewall rules and specify the virtual NIC,
OpenVPN network card and IP range, is there still a need f
On Fri, Aug 4, 2023 at 12:59 PM, David Sommerseth
wrote: On 31.07.23 21:42, Jason Long via Openvpn-users wrote:
> Hello,Is it possible to set public IP addresses from different
> countries on one NIC?
This is a bit unclear. Generally, you assign multiple IP addresses to a
sing
Hello,Any idea?I would be grateful if someone could guide me.
Cheers.
On Wed, Aug 2, 2023 at 11:17 PM, Jason Long via
Openvpn-users wrote: Hello,To use
OpenVPN with a NIC that has multiple IP addresses set on it, I need to use the
following statement in the server configuration file
On Mon, Aug 7, 2023 at 1:58 PM, Jochen Bern wrote:
On 06.08.23 22:41, Jason Long via Openvpn-users wrote:
> Hello,Any idea?I would be grateful if someone could guide me.
>
> On Wed, Aug 2, 2023 at 11:17 PM, Jason Long via
> Openvpn-users wrote: Hello,To use
> OpenVPN
Hello,How to hardening an OpenVPN server? I found
"https://openvpn.net/community-resources/hardening-openvpn-security/";, but I
guess this is not complete. For example, it didn't say anything about using the
local statement.
Thank you.
___
Openvpn-use
On Thu, Aug 10, 2023 at 11:07 PM, Gert Doering wrote:
hi,
On Thu, Aug 10, 2023 at 07:27:50PM +, Jason Long via Openvpn-users wrote:
> Hello,How to hardening an OpenVPN server? I found
> "https://openvpn.net/community-resources/hardening-openvpn-security/";, but I
On 10/08/2023 21:44, Jason Long via Openvpn-users wrote:
[...snip...]
> Hello,
> I see. Can you show me a good article about hardening an OpenVPN
> server on Linux?
The best hardening trick you can do to OpenVPN: Use tls-crypt together
with UDP
With this setup, port scan
Hello,Is it true that WireGuard is safer and faster than OpenVPN?
Thank you.___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
Hello,
I added "tls-crypt ta.key 0" and "data-cipher AES-256-GCM" to my Server.conf
and "tls-crypt ta.key 1" and "data-cipher AES-256-GCM" to my Client.conf.
Client.ovpn is:
client
dev tun20
proto udp
remote 192.168.1.20 2000
resolv-retry infinite
nobind
persist-key
persist-tun
c
Hello,
I added a virtual IP to my OpenVPN NIC as below:
...
enp0s3:1: flags=4163 mtu 1500
inet 20.1.1.20 netmask 255.0.0.0 broadcast 20.255.255.255
ether 08:00:27:ed:b4:7c txqueuelen 1000 (Ethernet)
...
Then, I added the following line to my Server.conf file:
local 20.1.1.20
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
Sent with Proton Mail secure email.
--- Original Message ---
On Saturday, August 12th, 2023 at 07:39, Jason Long via Openvpn-users
wrote:
> Hello,
> I added "tls-crypt ta.key 0" and "data-cipher AES-256-G
Hi,
On Fri, Aug 11, 2023 at 09:11:22PM +, Jason Long via Openvpn-users wrote:
> Hello,Is it true that WireGuard is safer and faster than OpenVPN?
Safer: no. Marketing claims.
Faster: depends. With DCO, OpenVPN can be faster, because AES-GCM is
hardware accelerated on many Intel/AMD C
Hello,
I added a virtual IP to my OpenVPN NIC as below:
...
enp0s3:1: flags=4163 mtu 1500
inet 20.1.1.20 netmask 255.0.0.0 broadcast 20.255.255.255
ether 08:00:27:ed:b4:7c txqueuelen 1000 (Ethernet)
...
Then, I added the following line to my Server.conf file:
local 20.1.1.20
Hi,
On Sun, Aug 13, 2023 at 05:23:07AM +, Jason Long wrote:
> Is there a way that OpenVPN can hide itself from censorship devices?
> Something like a statement or something like that.
>This has not much to do with the thread topic or the Subject: - and
>the short answer is "no".
>(The long
On Sun, Aug 13, 2023 at 2:55 PM, Bo Berglund
wrote: On Sun, 13 Aug 2023 09:44:08 + (UTC),
Jason Long via Openvpn-users
wrote:
>Patches?
>The OpenVPV is open source, what about changing the source code and its
>fingerprint?
Yes, you are free to do so if you desire (and are p
Hello,Is the local statement only for physical NICs or does it work for virtual
NICs as well?
Thank you.___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
Hi,
On Sun, Aug 13, 2023 at 08:55:21PM +, Jason Long via Openvpn-users wrote:
> Hello,Is the local statement only for physical NICs or does it work for
> virtual NICs as well?
As I wrote like 2 weeks ago, this is *all* about IP addresses, not about
NICs.
>As a consequence, it
Hi,
On Mon, Aug 14, 2023 at 06:33:52AM +, Jason Long wrote:
> Why without the local statement my OpenVPN worked?
As I explained weeks ago, the combination of "port" + "local IP" needs
to be unique. So if you have only one OpenVPN process listening on
one port, you do not need to force the IP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
Sent with Proton Mail secure email.
--- Original Message ---
On Monday, August 14th, 2023 at 09:23, Jason Long via Openvpn-users
wrote:
>
> Mon Aug 14 12:52:03 2023 read UDPv4: Connection reset by peer (WSAECONNRESET)
&g
Hi,
On Mon, Aug 14, 2023 at 10:13:48AM +, Jason Long wrote:
> And because my client does not have direct access to IP "20.1.1.20", then it
> showed me that error. If my client connected to the OpenVPN server directly,
> then I should not have such a problem. Am I right?
>You need to get
Hello,
To increase the security of OpenVPN, I want to use the ccd-exclusive. I googled
it, but I could not find a good example. I just found the following question:
https://serverfault.com/questions/877201/limit-access-to-remote-server-via-particular-vpn
But, I really don't know what to do.
I mu
Hi,
On Mon, Aug 14, 2023 at 10:51:41AM +, Jason Long wrote:
> So, my iptables rules are OK and my problem is just my test environment.
> If someone really has such an environment, then what is the solution?
Build a proper test environment... whatever you have at hand, either
wire an OpenWRT
On Mon, Aug 14, 2023 at 5:16 PM, tincantech
wrote: -BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Sent with Proton Mail secure email.
--- Original Message ---
On Monday, August 14th, 2023 at 14:13, Jason Long via Openvpn-users
wrote:
> Hello,
> To increase the secur
On Mon, Aug 14, 2023 at 11:47 PM, tincantech
wrote: -BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
--- Original Message ---
On Monday, August 14th, 2023 at 20:49, Jason Long wrote:
> On Mon, Aug 14, 2023 at 5:16 PM, tincantech
>
> > wrote:
> >
> > Hello,
> > Thank you so mu
On Mon, Aug 14, 2023 at 6:25 PM, Bruno Tréguier via Openvpn-users
wrote: Hello,
Le 14/08/2023 à 15:59, Jason Long via Openvpn-users a écrit :
> Hi,
> Thank you so much.
> But I am sure that in a real environment such a scenario can also exist.
> Consider an internal network where u
On Mon, Aug 14, 2023 at 8:22 PM, Gert Doering
wrote: Hi,
On Mon, Aug 14, 2023 at 01:59:32PM +, Jason Long wrote:
> But I am sure that in a real environment such a scenario can also exist.
> Consider an internal network where users connect to an internal OpenVPN
> server and this server has
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Sent with Proton Mail secure email.
--- Original Message ---
On Monday, August 14th, 2023 at 22:11, Jason Long wrote:
> On Mon, Aug 14, 2023 at 11:47 PM, tincantech
>
> > wrote:
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA256
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
--- Original Message ---
On Tuesday, August 15th, 2023 at 10:57, Jason Long wrote:
> Hello,
> My OpenVPN server internal network IP is "192.168.1.20" and the IP address of
> client is "192.168.1.21". Both VMs can ping each other.
>
On Tue, Aug 15, 2023 at 5:33 PM, Gert Doering wrote: Hi,
On Tue, Aug 15, 2023 at 12:54:45PM +, Jason Long via Openvpn-users wrote:
> I did a tcpdump:
>
> # tcpdump --interface any udp port 2000 -n -v
> tcpdump: listening on any, link-type LINUX_SLL (Linux cooked v1), cap
On Tue, Aug 15, 2023 at 5:57 PM, tincantech
wrote: -BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
--- Original Message ---
On Tuesday, August 15th, 2023 at 15:02, Gert Doering
wrote:
> Hi,
>
> On Tue, Aug 15, 2023 at 12:54:45PM +0000, Jason Long via Openvpn-us
Hi,
On Tue, Aug 15, 2023 at 12:54:45PM +, Jason Long via Openvpn-users wrote:
> I did a tcpdump:
>
> # tcpdump --interface any udp port 2000 -n -v
> tcpdump: listening on any, link-type LINUX_SLL (Linux cooked v1), capture
> size 262144 bytes
> 08:50:47.761991 IP (tos 0x
Hi,
On Wed, Aug 16, 2023 at 06:35:01AM +, Jason Long wrote:
> I added the following lines to my server.conf:
>
> client-config-dir myclient
> ccd-exclusive
> route 192.168.1.0 255.255.255.0
>This tells the server "put routing towards 192.168.1.0 into the VPN",
>while 192.168.1.x is your LAN
On 16.08.23 12:23, Jason Long via Openvpn-users wrote:
>> On Wed, Aug 16, 2023 at 06:35:01AM +, Jason Long wrote:
>>> route 192.168.1.0 255.255.255.0
>>
>> This tells the server "put routing towards 192.168.1.0 into the VPN"
[...]
> So, what is
>On 16/08/2023 15:05, Jason Long via Openvpn-users wrote:
> On 16.08.23 12:23, Jason Long via Openvpn-users wrote:
>>> On Wed, Aug 16, 2023 at 06:35:01AM +, Jason Long wrote:
[...snip...]
> Hello,
> I used
> "https://www.howtoforge.com/how-to-install-and-configur
On Wed, Aug 16, 2023 at 6:27 PM, Jochen Bern
wrote: On 16.08.23 15:05, Jason Long wrote:
> I used
> "https://www.howtoforge.com/how-to-install-and-configure-openvpn-server-on-debian-10/";
> tutorial to create my OpenVPN server.
(No date on the article ... no date on the comments ... OpenVPN v
On Thu, Aug 17, 2023 at 1:52 AM, Jochen Bern
wrote: On 16.08.23 23:28, Jason Long wrote:
> 1- What is the difference between /etc/openvpn and /etc/openvpn/server
> directories?
>The systemd "unit files" that define the >templates for the services you
>"systemctl" later on used to expect all c
On Thu, Aug 17, 2023 at 8:24 AM, Bo Berglund
wrote:On Wed, 16 Aug 2023 21:28:29 + (UTC), Jason
Long via Openvpn-users
wrote:
>Hi Jochen,Thank you for your advice about the >How-to articles.Can you answer
>my questions?
>1- What is the difference between >/etc/openvpn a
On Thu, Aug 17, 2023 at 5:32 PM, Jochen Bern
wrote: >On 17.08.23 14:12, Jason Long wrote:
> It is even better if each server has its own >separate keys.
>You didn't mention setting up multiple servers >yet IIRC, but yes, same
>best practice there ... in principle.
>However, if you plan to ins
On Fri, Aug 18, 2023 at 7:51 PM, Jochen Bern
wrote: On 18.08.23 16:31, Jason Long wrote:
> 1- So, if we have multiple servers, then it is >better that the servers
> have the same key, but each client has its >own key. Am I right?
>No.
>I said that *if* you want your clients to be able >to
> On 18.08.23 21:22, Jason Long wrote:
> 1- In the round-robin mechanism, we can use the same keys for our
> servers, but each client uses its own key.
>You *can* do that, yes.
>Since you apparently don't provide clients with a CRL or any other means
>to have server certs revoked, I guess it
On 19.08.23 10:02, Bo Berglund wrote:
> On Sat, 19 Aug 2023 07:03:01 + (UTC), Jason Long via Openvpn-users
> wrote:
>> I have another questions:
>> 1- I checked the "Subject" of the ca.crt file and my CN name is "Server".
>> Now,
>> I mu
Hello,
I changed my server configuration and my OpenVPN server and my client each one
have a NIC:
OpenVPN Server: 10.0.2.15
Client: 10.0.2.16
The OpenVPN server network configuration is as below and has access to the
Internet:
# ifconfig
enp0s3: flags=4163 mtu 1500
inet 10.0.2.15 n
>Hi,
On Mon, Aug 14, 2023 at 09:19:44PM +0000, Jason Long via Openvpn-users wrote:
> Hi Bruno,Thank you so much for your reply.Both (Server and Client) can ping
> each other and without the local statement my client can connect to the
> OpenVPN server.My >client connecting to th
>Hi,
>On Sat, Aug 19, 2023 at 02:18:37PM +, Jason Long via Openvpn-users wrote:
> Sat Aug 19 18:23:53 2023 NOTE: unable to redirect IPv4 default gateway --
> Cannot read current default gateway from system
>If client and server are in the same network, and the client has no
>Hi,
>I don't know what mail client you are using, but the signature of the
>author of the email you are replying to should be removed before writing
>any text.
>This said, check my reply below.
>On 20/08/2023 11:49, Jason Long via Openvpn-users wrote:
> Hi,
> I
>Hi,
>On Sun, Aug 20, 2023 at 09:49:25AM +, Jason Long wrote:
> >On Sat, Aug 19, 2023 at 02:18:37PM +, Jason Long via Openvpn-users wrote:
> > Sat Aug 19 18:23:53 2023 NOTE: unable to redirect IPv4 default gateway --
> > Cannot read current default gateway from sy
Hello,
I googeled my question, but unfortunately, I could not find a correct and
complete article about it and I'm thankful if the experts here, write the
answer step by step and in summary.
Suppose you have an OpenVPN server. Now, you want to set two public IP
addresses on it. Your public IP a
Hello,
My server and client IP addresses are in range 10.0.2.X.
I created a CCD directory and create a file inside the folder. I wrote the
below lines in this file:
iroute 10.0.2.0 255.255.255.0
Then, I opened the server.conf file and wrote these lines in it:
client-config-dir CCD
ccd-exclusiv
>Hi,
>On Sun, Aug 20, 2023 at 01:14:55PM +, Jason Long via Openvpn-users wrote:
> I googeled my question, but unfortunately, I could not find a correct and
> complete article about it and I'm thankful if the experts here, write the
> answer step by step and in >su
>Hi,
>On Mon, Aug 21, 2023 at 06:40:04AM +, Jason Long wrote:
> You said "This is not what I would have - I'd have a public IP address on the
> NIC,or 2, or 3.", does that mean you assign a separate network card for each
> IP address? If yes, >then if your server is physical, the number of y
On Mon, 21 Aug 2023 06:12:45 + (UTC), Jason Long via Openvpn-users
wrote:
>Hello,
>My server and client IP addresses are in range 10.0.2.X.
>I created a CCD directory and create a file inside the folder. I wrote the
>below lines in this file:
>
>iroute 10.0.2.0 255.255.
>Hi,
>On 22/08/2023 09:56, Jason Long via Openvpn-users wrote:
> 1- When I use "local" then I must not use "multihome" and vice versa?
>No. You can have 'multihome' along with 'local', but in this case
>'multihome' will do nothi
On Tue, Aug 22, 2023 at 4:54 PM, Gert Doering
wrote: >Hi,
>On Tue, Aug 22, 2023 at 07:56:44AM +, >Jason Long wrote:
> Thank you so much again.
> 1- When I use "local" then I must not use >"multihome" and vice versa?
>When you use local, the IP address that >OpenVPN will use is fixed, so
>no
1 - 100 of 143 matches
Mail list logo
