hi all,
have tried making vpn server using raspi-3, used , combined many tutorials , think server running since have 2 ip addresses 1 pi , other server i.e. 10.8.0.1.
problem cannot connect pi using openvpn gui or openvpn client.
here 2 client , server configuration files:
server:
;local 192.168.1.72 # if uncomment server won't work, fails
dev tun
proto udp
port 1194
;tun-mtu 1500
;tun-mtu-extra 32
;mssfix 1450
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/vpn-server.crt
key /etc/openvpn/easy-rsa/keys/vpn-server.key
dh /etc/openvpn/easy-rsa/keys/dh2048.pem
server 10.8.0.0 255.255.255.0
# server , remote endpoints
ifconfig 10.8.0.1 10.8.0.2 # line added
#add route client routing table openvpn subnet
push "route 192.168.1.72 255.255.255.0" # line added
#push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option dns 8.8.8.8"
push "dhcp-option dns 8.8.4.4"
# set primary domain name server address soho router
# if router not dns, can use google dns 8.8.8.8
push "dhcp-option dns 192.168.0.1" # uncommented, should match own router address , should not need changed
# override client default gateway using 0.0.0.0/1 and
# 128.0.0.0/1 rather 0.0.0.0/0. has benefit of
# overriding not wiping out original default gateway.
push "redirect-gateway def1"
client-to-client
duplicate-cn
keepalive 10 120
tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0
cipher aes-128-cbc
comp-lzo
;user nobody
;group nogroup
persist-key
persist-tun
status /var/log/openvpn-status.log 20
#log /var/log/openvpn.log
verb 3
;mute 20
, client:
client
dev tun
proto udp
remote "my public ip address" 1194
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
ns-cert-type server
key-direction 1
cipher aes-128-cbc
comp-lzo
verb 3
mute 20
#copy of ca certificate here
<ca>
certificates , keys after , match files :
/etc/openvpn/easy-rsa/keys
please me find out wrong.
many thanks
siamak
have tried making vpn server using raspi-3, used , combined many tutorials , think server running since have 2 ip addresses 1 pi , other server i.e. 10.8.0.1.
problem cannot connect pi using openvpn gui or openvpn client.
here 2 client , server configuration files:
server:
;local 192.168.1.72 # if uncomment server won't work, fails
dev tun
proto udp
port 1194
;tun-mtu 1500
;tun-mtu-extra 32
;mssfix 1450
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/vpn-server.crt
key /etc/openvpn/easy-rsa/keys/vpn-server.key
dh /etc/openvpn/easy-rsa/keys/dh2048.pem
server 10.8.0.0 255.255.255.0
# server , remote endpoints
ifconfig 10.8.0.1 10.8.0.2 # line added
#add route client routing table openvpn subnet
push "route 192.168.1.72 255.255.255.0" # line added
#push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option dns 8.8.8.8"
push "dhcp-option dns 8.8.4.4"
# set primary domain name server address soho router
# if router not dns, can use google dns 8.8.8.8
push "dhcp-option dns 192.168.0.1" # uncommented, should match own router address , should not need changed
# override client default gateway using 0.0.0.0/1 and
# 128.0.0.0/1 rather 0.0.0.0/0. has benefit of
# overriding not wiping out original default gateway.
push "redirect-gateway def1"
client-to-client
duplicate-cn
keepalive 10 120
tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0
cipher aes-128-cbc
comp-lzo
;user nobody
;group nogroup
persist-key
persist-tun
status /var/log/openvpn-status.log 20
#log /var/log/openvpn.log
verb 3
;mute 20
, client:
client
dev tun
proto udp
remote "my public ip address" 1194
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
ns-cert-type server
key-direction 1
cipher aes-128-cbc
comp-lzo
verb 3
mute 20
#copy of ca certificate here
<ca>
certificates , keys after , match files :
/etc/openvpn/easy-rsa/keys
please me find out wrong.
many thanks
siamak
1. "local" seems not paramenter openvpn
2. openvpn start on server (rasperry) without error (consult log)
3. connect client in local network or on internet
4. have port forwarding in router (port 1194)
have working openvpn on raspberry 2 additional security (ccd , password) , can connect iphone on internet local network, works perfect
2. openvpn start on server (rasperry) without error (consult log)
3. connect client in local network or on internet
4. have port forwarding in router (port 1194)
have working openvpn on raspberry 2 additional security (ccd , password) , can connect iphone on internet local network, works perfect
raspberrypi
Comments
Post a Comment