[leaf-user] openvpn help

chiew yock sang Fri, 14 May 2004 00:20:25 -0700

I have implemented 2 basic routers with Bering-uClibc v2.1.1 and they are working. Then i add in openvpnz.lrp, libcrpto.lrp, libssl.lrp and liblzo.lrp and tun.o to get two VPN capability routers.

router A has the following IP:
eth0=10.1.4.1
eth1=192.168.1.254
tun0=192.168.99.1

router B
eth0=10.1.4.2
eth1=192.168.2.254
tun0=192.168.99.2

the following is my configuration for both routers

/etc/shorewall/zones
# zone    display  comments
net        Net       Internet
vpn        VPN      Remote Subnet
loc         Local      Local networks

/etc/shorewall/interfaces    (for routerA)
# zone interface broadcast         options
net     eth0      detect
vpn     tun0    192.168.2.255
loc      eth1      detect

/etc/shorewall/policy
#source    dest      policy     log level          limit:burst
loc          vpn        ACCEPT
vpn         loc         ACCEPT
loc          net        ACCEPT
fw          net         ACCEPT
fw          loc          ACCEPT

/etc/shorewall/rules
#action  source   dest   proto   dest port  source ports   original dest
ACCEPT net        fw                  udp        7777

/etc/shorewall/masq
#INTERFACE  SUBNET    ADDRESS
eth0              eth1

/etc/shorewall/tunnels (routerA)
#type             zone        gateway        gateway zone
openvpn:7777  net         192.168.99.2

/etc/openvpn/openvpn.conf
dev tun0
ifconfig 192.168.99.1 192.168.99.2
secret secret.key

I do
cd /etc/openvpn
openvpn --genkey --secret key

How to copy this key to router B and vice versa?Or i only need to generate the key in one router?

In routerA, when i try to ping 192.168.99.2, the following commands pop up:
Virtual device tun0 asks to queue packet!
ping: sendto: Network is down

and when i do, openvpn --ping 5 --dev tun0 it says all encryption and authentication features disabled-- all data will be tunnelled as cleartext socket bind failed on local address [undef]:5000:Address already in use Exiting

Is it because I didn't enable encryption and authentication?Pls help

Thanks

_________________________________________________________________ Download ringtones, logos and picture messages from MSN Malaysia http://www.msn.com.my/mobile/ringtones/default.asp

-------------------------------------------------------
This SF.Net email is sponsored by: SourceForge.net Broadband
Sign-up now for SourceForge Broadband and get the fastest
6.0/768 connection for only $19.95/mo for the first 3 months!
http://ads.osdn.com/?ad_id=2562&alloc_id=6184&op=click
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] openvpn help

Reply via email to