[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] OpenVPN through VPN is possible?

  • Subject: Re: [Openvpn-users] OpenVPN through VPN is possible?
  • From: "Roland Pope" <rpope@xxxxxxxxxxxxx>
  • Date: Fri, 3 Feb 2006 09:12:04 +1300

----- Original Message ----- From: "Monty Ree" chulmin2@xxxxxxxxxxx
I setup like below. OpenVPN1 and OpenVPN2 (all are linux server) is connected with OpenVPN.

PC(XP) -- OpenVPN1 -- OpenVPN1  -- Server(linux) (gateway)     (gateway)

# first question
So all connections from PC must go pass OpenVPN1 and OpenVPN2, and it works well.
and I would like to connect between PC and Server too. But I can't connect.

Belows are log message at my PC.
Thu Feb 02 17:18:18 2006 us=178904 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Feb 02 17:18:18 2006 us=179010 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Feb 02 17:18:18 2006 us=179114 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Feb 02 17:18:18 2006 us=179173 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Feb 02 17:18:18 2006 us=179517 Control Channel: TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 1024 bit RSA
Thu Feb 02 18:18:16 2006 us=508777 TLS: tls_process: killed expiring key

I don't know the meaning of the last line(TLS: tls_process: killed expiring key) What is it?
By default, the TLS key for the encrypted session is renegotiated every hour. This is a normal message.
## second question
And I have used secureremote which is a checkpoint IPSEC VPN program. But I couldn't use this VPN (can't connect to vpn) becaus of OpenVPN session. If I disable OpenVPN, I can use checkpoint VPN.

So I guuess that other VPN throught OpenVPN is not work, because of compatibility. right?
I assume you are tring to run a secureremote (IPSEC) vpn between PC and Server?

You should be able to get this to work as the fact that the packets between PC and SERVER are going though a tunnel should be transparent to both ends.
One of the things than can cause problems is the MTU/Fragmentation issues caused by the double encapsuation overhead.
Are your IPSEC conenction requests getting from your PC to the server?
Thats a good place to start. When you start secureremote, check the logs a both ends.

Roland 


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users


Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-02/msg00030.html on line 221

Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-02/msg00030.html on line 221