Re: [Astlinux-users] VPN config

Fri, 07 Oct 2011 06:55:52 -0700 

David,

Is the AstLinux box your firewall at home?  If not, you'll need to create a 
route on that device for the openvpn subnet.

If it IS the firewall, you'll have to go into the firewall tab and allow 
openvpn traffic to whatever local nets you want it to reach.

(sorry for the top-reply).

Darrick

________________________________
From: David Kerr [da...@kerr.net]
Sent: Friday, October 07, 2011 8:49 AM
To: AstLinux Users Mailing List
Subject: Re: [Astlinux-users] VPN config



On Thu, Oct 6, 2011 at 3:01 PM, Michael Keuter 
<li...@mksolutions.info<mailto:li...@mksolutions.info>> wrote:

You need to enable the pptp-vpn Firewall-Plugin, and if its not the router, you 
need to forward GRE and TCP 1723 to it.


That firewall plugin states that it is automatically enabled when PPTP is 
enabled, and indeed it seams to be.  The firewall problem is at the client side 
where I am behind a firewall I have no control on.

In OpenVPN server, you can leave the default settings, I added in the "push" 
box "route 192.168.xx.0 255.255.255.0" for my internal network.

You need to use certificates. Create one for your user, then you can download 
it. Create a new configuration in Viscosity and in Authentication set it to 
SSL/TLS Client and import the CA, crt and key from your download.

You need to be on another network range to be able test it!


Okay, have made progress with OpenVPN.  Got the certificates all set up. 
Configured Viscosity client and it failed to connect.  Decided to open 
EXT->Local for port 1194 in the Astlinux firewall and then it connected.  I can 
ping 192.168.1.1 (my Astlinux box).  However I cannot get to anything else 
inside my network, no 192.168.1.xx.  No ping, no http.   Is there anything else 
I have to do at my firewall or at the viscosity client side?  I do have "route 
192.168.1.0 255.255.255.0" in the push field on the server.

Thanks,
David

------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security
threats, fraudulent activity, and more. Splunk takes this data and makes
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2dcopy2
_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users

Donations to support AstLinux are graciously accepted via PayPal to 
pay...@krisk.org.

Reply via email to