Ok I gave your suggestion a shot, using your link through Google translate and http://www.maxwhale.com/how-to-install-l2tp-vpn-on-centos/ for comparison.
Everything seems to go well until the 'ipsec verify' part when it says: [root@vps1418 /]# ipsec verify Checking your system to see if IPsec got installed and started correctly: Version check and ipsec on-path [OK] Linux Openswan U2.6.32/K(no kernel code presently loaded) Checking for IPsec support in kernel [FAILED] SAref kernel support [N/A] Checking that pluto is running [OK] Pluto listening for IKE on udp 500 [FAILED] Pluto listening for NAT-T on udp 4500 [FAILED] Checking for 'ip' command [OK] Checking /bin/sh is not /bin/dash [OK] Checking for 'iptables' command [OK] Opportunistic Encryption Support [DISABLED] I think the biggest problem here is the "Checking for IPsec support in kernel"? I use 2.6.32-042stab085.20 - I know it's not the latest kernel, but supposedly ipsec support should be in kernels after stab084? On Sat, Jun 21, 2014 at 7:28 PM, Pavel Odintsov <pavel.odint...@gmail.com> wrote: > Hello! > > In modern version of OpenVZ you can use l2tp with ipsec support > instead OpenVPN: http://habrahabr.ru/company/FastVPS/blog/205162/ > (sorry this manual in russian language but it's very simple). It's > very useable because you do not need any special clients on Windows > hosts. Maybe you can try this? > > > > On Sat, Jun 21, 2014 at 2:11 PM, Benjamin Henrion <zoo...@gmail.com> wrote: >> On Sat, Jun 21, 2014 at 8:47 AM, Rene C. <ope...@dokbua.com> wrote: >>> I got the openvpn part itself down, no problem, but getting it to work >>> in a container is a lot of hassle. Many pages, but most are outdated >>> and things keeps changing. Anyone know how to get it to work TODAY? >>> >>> The server is an otherwise normal server with public ip addresses and >>> works with cpanel, no problem that far. The problem is getting an >>> openvpn service to work in it. >>> >>> I've already added the tun device, and I can connect to the server >>> with the openvpn client, just can't continue from there, so some >>> routing is missing. >>> >>> I've followed the general routing instructions but because openvz >>> doesn't support MASQ it doesn't work. >>> >>> - which modules to insmod on the hwnode >> >> Just make sure "tun" is present in lsmod. >> >>> - which modules to add into /etc/vz/vz.conf >> >> The same. "tun" should be part of the list of modules in vz.conf, so >> it gets loaded at vz start. >> >>> - which modules to add into /etc/vz/<ct>.conf >> >> And the for the CTID you want to run openvpn access in: >> >> https://openvz.org/VPN_via_the_TUN/TAP_device#Granting_container_an_access_to_TUN.2FTAP >> >> Can you provide openvpn-client debug messages? >> >> -- >> Benjamin Henrion <bhenrion at ffii.org> >> FFII Brussels - +32-484-566109 - +32-2-4148403 >> "In July 2005, after several failed attempts to legalise software >> patents in Europe, the patent establishment changed its strategy. >> Instead of explicitly seeking to sanction the patentability of >> software, they are now seeking to create a central European patent >> court, which would establish and enforce patentability rules in their >> favor, without any possibility of correction by competing courts or >> democratically elected legislators." >> _______________________________________________ >> Users mailing list >> Users@openvz.org >> https://lists.openvz.org/mailman/listinfo/users > > > > -- > Sincerely yours, Pavel Odintsov > _______________________________________________ > Users mailing list > Users@openvz.org > https://lists.openvz.org/mailman/listinfo/users _______________________________________________ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
