[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Problem with connection behind firewall


  • Subject: Re: [Openvpn-users] Problem with connection behind firewall
  • From: Mathias Sundman <mathias@xxxxxxxxxx>
  • Date: Tue, 14 Dec 2004 21:55:09 +0100 (CET)

On Tue, 14 Dec 2004, Christian Guedel wrote:

Hi list,

I'm new here on the list, and I'm also new to VPN. I ran a PPTP server
for several days now, but this seems not to work on another port than
1739. So I tried openvpn. This doesn't work as expected:

The facts:
 - at my school we got a firewall that is very restrictive, but there
are some
 - open ports: TCP/80, TCP/443, TCP/110
 - I've running a gentoo server at home
 - I'd like to forward the whole connection from my home to school
through the firewall
 - I think this is possible?

At home I get 4 public IP's assigned by my ISP, so I can try the VPN.
This does work for me at home with no problem (no encryption, but this
isn't necessary for me). But at school I get some strange errors:

On the server:
Dec 14 13:06:10 [openvpn] Listening for incoming TCP connection on
[undef]:5000
Dec 14 13:06:11 [openvpn] TCP connection established with
212.117.97.246:45193
Dec 14 13:06:11 [openvpn] TCPv4_SERVER link local (bound): [undef]:5000
Dec 14 13:06:11 [openvpn] TCPv4_SERVER link remote:
212.117.97.246:45193
Dec 14 13:06:21 [openvpn] Connection reset, restarting [-1]
Dec 14 13:06:22 [openvpn] LZO compression initialized
Dec 14 13:06:22 [openvpn] TUN/TAP device tap0 opened
Dec 14 13:06:22 [openvpn] /sbin/ifconfig tap0 10.100.100.1 netmask
255.255.255.0 mtu 1492 broadcast 10.100.100.255
Dec 14 13:06:22 [openvpn] Listening for incoming TCP connection on
[undef]:5000
Dec 14 13:06:24 [openvpn] TCP connection established with
212.117.97.246:45200
Dec 14 13:06:24 [openvpn] TCPv4_SERVER link local (bound): [undef]:5000
Dec 14 13:06:24 [openvpn] TCPv4_SERVER link remote:
212.117.97.246:45200
Dec 14 13:07:14 [openvpn] Connection reset, restarting [-1]
Dec 14 13:07:15 [openvpn] LZO compression initialized
Dec 14 13:07:15 [openvpn] TUN/TAP device tap0 opened
Dec 14 13:07:15 [openvpn] /sbin/ifconfig tap0 10.100.100.1 netmask
255.255.255.0 mtu 1492 broadcast 10.100.100.255
Dec 14 13:07:15 [openvpn] Listening for incoming TCP connection on
[undef]:5000

And on the client:
Dec 14 13:06:47 mobile openvpn[29548]: LZO compression initialized
Dec 14 13:06:47 mobile openvpn[29548]: TUN/TAP device tap0 opened
Dec 14 13:06:47 mobile openvpn[29548]: /sbin/ifconfig tap0 10.100.100.2
netmask 255.255.255.0 mtu 1492 broadcast 10.100.100.255
Dec 14 13:06:47 mobile openvpn[29548]: /etc/openvpn/lan/route.sh tap0
1492 1571 10.100.100.2 255.255.255.0 init
Dec 14 13:06:47 mobile openvpn[29548]: Attempting to establish TCP
connection wi th 217.162.245.52:110
Dec 14 13:06:47 mobile openvpn[29548]: TCP connection established with
217.162.2 45.52:110
Dec 14 13:06:47 mobile openvpn[29548]: TCPv4_CLIENT link local: [undef]
Dec 14 13:06:47 mobile openvpn[29548]: TCPv4_CLIENT link remote:
217.162.245.52: 110
Dec 14 13:06:47 mobile openvpn[29548]: Connection reset, restarting [0]
Dec 14 13:06:50 mobile openvpn[29548]: LZO compression initialized
Dec 14 13:06:50 mobile openvpn[29548]: TUN/TAP device tap0 opened
Dec 14 13:06:50 mobile openvpn[29548]: /sbin/ifconfig tap0 10.100.100.2
netmask 255.255.255.0 mtu 1492 broadcast 10.100.100.255
Dec 14 13:06:50 mobile openvpn[29548]: /etc/openvpn/lan/route.sh tap0
1492 1571 10.100.100.2 255.255.255.0 init
Dec 14 13:06:50 mobile openvpn[29548]: Attempting to establish TCP
connection wi th 217.162.245.52:110
Dec 14 13:06:50 mobile openvpn[29548]: TCP connection established with
217.162.2 45.52:110
Dec 14 13:06:50 mobile openvpn[29548]: TCPv4_CLIENT link local: [undef]
Dec 14 13:06:50 mobile openvpn[29548]: TCPv4_CLIENT link remote:
217.162.245.52: 110

I don't know why this doesn't work! Maybe some of you have...

Hmm, you must have left some details out. Your client is connecting to port 110, while your server is listening on port 5000. How do you get this working at all? Do you have a firewall at home forwarding port 110 to port 5000?


Use a packet sniffer to watch how the traffic flow. Are you sure those ports are really open, and not just available through a proxy?

--
_____________________________________________________________
Mathias Sundman                  (^)   ASCII Ribbon Campaign
OpenVPN GUI for Windows           X    NO HTML/RTF in e-mail
http://www.nilings.se/openvpn    / \   NO Word docs in e-mail

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users