[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Openvpn-users Digest, Vol 15, Issue 24


  • Subject: Re: [Openvpn-users] Openvpn-users Digest, Vol 15, Issue 24
  • From: "orlando" <jahorlando@xxxxxxxxx>
  • Date: Fri, 17 Aug 2007 08:22:47 -0500

I would like, read this messages, in my native lenguage "spanish" hay 
alguien en la lista que me puede apoyar y empezar a recibir estos mensajes 
en español para mi es poco productivo tener que estar leyendo todo en ingles 
si podemos leer en español.

bueno mi primera consulta que pasos debo seguir para configurar mi fedora 7 
como cliente openvpn, ya tengo corriendo el servidor vpn sobre rhel 4 AS, 
pero me falta mi fedora 7 como cliente, ya que durante la configuracion me 
salen muchas dudas espero puedan ayudarme a resolver mi duda.

ok. atte.
orlando camarillo ramirez
por el idioma español, es el 2o. idioma mas hablado en el mundo
hagamos que sea el numero 1.



Documento sin título
----- Original Message ----- 
From: <openvpn-users-request@xxxxxxxxxxxxxxxxxxxxx>
To: <openvpn-users@xxxxxxxxxxxxxxxxxxxxx>
Sent: Friday, August 17, 2007 7:31 AM
Subject: Openvpn-users Digest, Vol 15, Issue 24


> Send Openvpn-users mailing list submissions to
> openvpn-users@xxxxxxxxxxxxxxxxxxxxx
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://lists.sourceforge.net/lists/listinfo/openvpn-users
> or, via email, send a message with subject or body 'help' to
> openvpn-users-request@xxxxxxxxxxxxxxxxxxxxx
>
> You can reach the person managing the list at
> openvpn-users-owner@xxxxxxxxxxxxxxxxxxxxx
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Openvpn-users digest..."
>
>
> Today's Topics:
>
>   1. openvpn tap network limits (Williams, Jason)
>   2. Re: openvpn tap network limits (Marco Castillo)
>   3. Re: openvpn tap network limits (Derek Arnold)
>   4. Need recommendations for where to place OpenVPN server
>      (Steven Truong)
>   5. Tunnelblick would not start (Dmitriy Korobskiy)
>   6. Re: openvpn tap network limits (Prasanna Krishnamoorthy)
>   7. Re: Tunnelblick would not start (Dmitriy Korobskiy)
>   8. Revoking access (Greg)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Thu, 16 Aug 2007 16:43:36 -0400
> From: "Williams, Jason" <JWilliams@xxxxxxxxxxxx>
> Subject: [Openvpn-users] openvpn tap network limits
> To: <openvpn-users@xxxxxxxxxxxxxxxxxxxxx>
> Message-ID:
> <94A126020F0015478ADA6A64B38E1B180B19E8FE@xxxxxxxxxxxxxxxxxxxxxxx>
> Content-Type: text/plain; charset="us-ascii"
>
> Does anyone know if OpenVPN has a limit to the number of tunnels that
> can be connected at one time? The book "OpenVPN: Building and
> Integrating Virtual Private Networks" mentions in passing that there is
> a 128 tunnel limit but doesn't elaborate. Has anyone experienced a hard
> limit? Our network could potentially exceed this number.
>
> Also, what about practical limits? We're building a network using dev
> tap and TLS. Hardware is a dual Xeon with 4 GB of RAM and two gigabit
> NICs. I would expect that we're going to overload our server before we
> hit the 128 mark even with typical road warrior usage.
>
> Regards,
> Jason Williams
>
>
>
> ------------------------------
>
> Message: 2
> Date: Thu, 16 Aug 2007 16:39:03 -0600
> From: "Marco Castillo" <mabcastillo@xxxxxxxxx>
> Subject: Re: [Openvpn-users] openvpn tap network limits
> To: openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> Message-ID:
> <47f6f3240708161539o27c882c5kc8138a276a41603f@xxxxxxxxxxxxxx>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Dear Jason:
>  I think I can give you some answers to your second concern. We have
> deployed a 50 nodes site-to-site configuration with OpenVPN. The OpenVPN
> server is a pentium 4 with dual core 2.4 Ghz with 2 GB of RAM running 
> RHEL4.
> I have this configuration running for about 6 months now, the traffic is
> somehow heavy, the VPN tunnels are used at every hour, downloading files,
> using VNC for remote management, etc. At this time I had never seen that 
> the
> OpenVPN process passes the 5% use of CPU. The machine stays with the CPU
> load at 5% - 10%, and with plenty of RAM. The server is just used for
> OpenVPN.
> With the configuration you mentioned, I don't think you're going to have 
> any
> issues.
> Hope this helps
>
> Regards
>
> Marco
>
> On 8/16/07, Williams, Jason <JWilliams@xxxxxxxxxxxx> wrote:
>>
>> Does anyone know if OpenVPN has a limit to the number of tunnels that
>> can be connected at one time? The book "OpenVPN: Building and
>> Integrating Virtual Private Networks" mentions in passing that there is
>> a 128 tunnel limit but doesn't elaborate. Has anyone experienced a hard
>> limit? Our network could potentially exceed this number.
>>
>> Also, what about practical limits? We're building a network using dev
>> tap and TLS. Hardware is a dual Xeon with 4 GB of RAM and two gigabit
>> NICs. I would expect that we're going to overload our server before we
>> hit the 128 mark even with typical road warrior usage.
>>
>> Regards,
>> Jason Williams
>>
>> -------------------------------------------------------------------------
>> This SF.net email is sponsored by: Splunk Inc.
>> Still grepping through log files to find problems?  Stop.
>> Now Search log events and configuration files using AJAX and a browser.
>> Download your FREE copy of Splunk now >>  http://get.splunk.com/
>> _______________________________________________
>> Openvpn-users mailing list
>> Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
>> https://lists.sourceforge.net/lists/listinfo/openvpn-users
>>
> -------------- next part --------------
> An HTML attachment was scrubbed...
>
> ------------------------------
>
> Message: 3
> Date: Thu, 16 Aug 2007 19:15:58 -0500
> From: Derek Arnold <darnold@xxxxxxxxxxxxxxx>
> Subject: Re: [Openvpn-users] openvpn tap network limits
> To: openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> Message-ID: <46C4E8BE.8040904@xxxxxxxxxxxxxxx>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> Marco Castillo wrote:
>> Dear Jason:
>>   I think I can give you some answers to your second concern. We have
>> deployed a 50 nodes site-to-site configuration with OpenVPN. The
>> OpenVPN server is a pentium 4 with dual core 2.4 Ghz with 2 GB of RAM
>> running RHEL4. I have this configuration running for about 6 months
>> now, the traffic is somehow heavy, the VPN tunnels are used at every
>> hour, downloading files, using VNC for remote management, etc. At this
>> time I had never seen that the OpenVPN process passes the 5% use of
>> CPU. The machine stays with the CPU load at 5% - 10%, and with plenty
>> of RAM. The server is just used for OpenVPN.
>> With the configuration you mentioned, I don't think you're going to
>> have any issues.
>> Hope this helps
>>
>> Regards
>>
>> Marco
>>
> Just to chime in, we have a Pentium II with a half gig of RAM serving as
> firewall and OpenVPN server supporting about 30 tunnels and our CPU
> usage is about the same at peak usage.  OpenVPN is currently using about
> 12mb of RAM.  You'll be fine.
>
> Derek
>
>
>
> ------------------------------
>
> Message: 4
> Date: Thu, 16 Aug 2007 18:54:05 -0700
> From: "Steven Truong" <midair77@xxxxxxxxx>
> Subject: [Openvpn-users] Need recommendations for where to place
> OpenVPN server
> To: openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> Message-ID:
> <28bb77d30708161854l1e4a709fl1a4209f5e9c33995@xxxxxxxxxxxxxx>
> Content-Type: text/plain; charset=UTF-8
>
> Hi, all. I am debating where should I put my OpenVPN server (Linux) so
> that my users can connect to it and then access a second server. These
> two servers can be on the same box or with some virtualization like
> VMware of OpenVZ. I have a few possible places that I might place my
> servers:
>
> 1. Both servers in the DMZ between my non-Linux firewall servers.
> These servers can communicate with some limitations with other servers
> on DMZ.
> 2. On a seperate zone or buying a decent hardware firewall and place
> OpenVpn server and the other server behind it.  These servers can not
> communicate with DMZ and LAN.
> 3.  Turn 1st server into VPN and firewall (shorewall or ipcop or
> etc...), put the second server behind this server. These servers can
> not communicate DMZ and LAN.
> 4.  In side my LAN (with possible bridged firewall isolating these two 
> servers).
>
> Could some experts here recommend which setup is best in term of
> security since my users only need to access the second server?
>
> I have always interested in some talks about where are the best places
> of putting VPN servers.  I have read that it is best to have your
> firewall also act as the VPN server.  Could someone share your
> thoughts on this idea?
>
> Could OpenVPN users share some information on where you place your
> OpenVPN servers and why?
>
> Thank you very much for all your inputs.
>
>
>
> ------------------------------
>
> Message: 5
> Date: Thu, 16 Aug 2007 21:58:30 -0400
> From: Dmitriy Korobskiy <dkroot@xxxxxxxxxxxxxxxxxxxxx>
> Subject: [Openvpn-users] Tunnelblick would not start
> To: openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> Cc: info@xxxxxxxxxxxxxxx
> Message-ID: <1895363874.20070816215830@xxxxxxxxxxx>
> Content-Type: text/plain; charset=us-ascii
>
> Hi,
>
> I have a problem with Tunnelblick's 3.0 betas: both RC3 and B4.
>
> I have configuration which is working on Windows with OpenVPN GUI. When I 
> try
> Tunnelblick on a fresh MacBook Pro, OS X 10.4.10, I can not start the 
> app - the
> large tunnel icon shows up and then ... disappears. I could not find any 
> traces
> in system logs either.
>
> I have tried both running with ~/Library/openvpn configuration (copied 
> from
> Windows, client.ovpn copied to client.conf) and deleting 
> ~/Library/openvpn.
>
> No effect.
>
> I understand it's beta but would really love not to run Windows 
> specifically for
> OpenVPN.
>
> Could you help me out?
>
> Any advice on things I can try to resolve it would be greatly appreciated.
>
> Dmitriy <1-127-441 @ICQ, DKroot @Skype>
> <DKroot1 @AIM, dkroot1_at_gmail_dot_com @Google Talk or @MSN, dk_root 
> @Yahoo>
>
> P.S. I am a switcher to Mac, so it is possible that I am doing something
> incredibly wrong.
>
>
>
>
>
> ------------------------------
>
> Message: 6
> Date: Fri, 17 Aug 2007 09:25:05 +0530
> From: "Prasanna Krishnamoorthy" <prasanna79@xxxxxxxxx>
> Subject: Re: [Openvpn-users] openvpn tap network limits
> To: openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> Message-ID:
> <ad0e8ea70708162055r1204ba49m60fe505d7c4ed60@xxxxxxxxxxxxxx>
> Content-Type: text/plain; charset=ISO-8859-1
>
> On 8/17/07, Williams, Jason <JWilliams@xxxxxxxxxxxx> wrote:
>> Does anyone know if OpenVPN has a limit to the number of tunnels that
>> can be connected at one time? The book "OpenVPN: Building and
>> Integrating Virtual Private Networks" mentions in passing that there is
>> a 128 tunnel limit but doesn't elaborate. Has anyone experienced a hard
>> limit? Our network could potentially exceed this number.
>
> Could someone clarify on this? We're planning to have a network with a
> large number of nodes, but the average traffic is probably not going
> to be very high. So we'd probably hit any limit on the number of
> tunnels before we run out of steam on the encryption.
>
>> Also, what about practical limits? We're building a network using dev
>> tap and TLS. Hardware is a dual Xeon with 4 GB of RAM and two gigabit
>> NICs. I would expect that we're going to overload our server before we
>> hit the 128 mark even with typical road warrior usage.
>
> On the inverse, what's the maximum average traffic anyone's seen on
> this list. I'm asking about both real-world, and simulated.
>
> Thanks,
> Prasanna.
>
>
>
> ------------------------------
>
> Message: 7
> Date: Fri, 17 Aug 2007 00:34:30 -0400
> From: Dmitriy Korobskiy <dkroot@xxxxxxxxxxxxxxxxxxxxx>
> Subject: Re: [Openvpn-users] Tunnelblick would not start
> To: openvpn-users@xxxxxxxxxxxxxxxxxxxxx, info@xxxxxxxxxxxxxxx
> Message-ID: <1023550568.20070817003430@xxxxxxxxxxx>
> Content-Type: text/plain; charset=us-ascii
>
> Hi, all
> I've found what the problem was... Apparently, the culprit was muCommander 
> file
> manager 0.8 beta3 that I used to extract ZIPs.
>
> When I extracted natively with Finder - everything worked fine.
>
> Weird... I'll try to isolate test case and follow up with muCommander 
> folks.
>
> DK> Hi,
>
> DK> I have a problem with Tunnelblick's 3.0 betas: both RC3 and B4.
>
> DK> I have configuration which is working on Windows with OpenVPN GUI. 
> When I try
> DK> Tunnelblick on a fresh MacBook Pro, OS X 10.4.10, I can not start the 
> app - the
> DK> large tunnel icon shows up and then ... disappears. I could not find 
> any traces
> DK> in system logs either.
>
> DK> I have tried both running with ~/Library/openvpn configuration (copied 
> from
> DK> Windows, client.ovpn copied to client.conf) and deleting 
> ~/Library/openvpn.
>
> DK> No effect.
>
> DK> I understand it's beta but would really love not to run Windows 
> specifically for
> DK> OpenVPN.
>
> DK> Could you help me out?
>
> DK> Any advice on things I can try to resolve it would be greatly 
> appreciated.
>
> DK> Dmitriy <1-127-441 @ICQ, DKroot @Skype>
> DK> <DKroot1 @AIM, dkroot1_at_gmail_dot_com @Google Talk or @MSN, dk_root 
> @Yahoo>
>
> DK> P.S. I am a switcher to Mac, so it is possible that I am doing 
> something
> DK> incredibly wrong.
>
> DK> -------------------------------------------------------------------------
> DK> This SF.net email is sponsored by: Splunk Inc.
> DK> Still grepping through log files to find problems?  Stop.
> DK> Now Search log events and configuration files using AJAX and a 
> browser.
> DK> Download your FREE copy of Splunk now >>  http://get.splunk.com/
> DK> _______________________________________________
> DK> Openvpn-users mailing list
> DK> Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> DK> https://lists.sourceforge.net/lists/listinfo/openvpn-users
>
> Dmitriy <1-127-441 @ICQ, DKroot @Skype>
> <DKroot1 @AIM, dkroot1_at_gmail_dot_com @Google Talk or @MSN, dk_root 
> @Yahoo>
>
>
>
>
>
> ------------------------------
>
> Message: 8
> Date: Fri, 17 Aug 2007 08:53:01 +0100
> From: "Greg" <gsmart@xxxxxxxxxxxxxxxxxxxxxxxx>
> Subject: [Openvpn-users] Revoking access
> To: <openvpn-users@xxxxxxxxxxxxxxxxxxxxx>
> Message-ID: <001101c7e0a3$a255ede0$340a0a0a@x31xp>
> Content-Type: text/plain; charset="us-ascii"
>
> Hi
>
> I am very new to OpenVPN and FreeBSD.  I need to revoke OpenVPN access
> for an ex-employee.  How can I achieve this from the server end?
>
> Thanks,
> Greg.
>
>
>
> This email and any files transmitted with it are intended only for the
> personal and confidential use of the designated recipient(s) or entity
> named above. If you are not the intended recipient of this message you
> are hereby notified that any review, dissemination, distribution or
> copying of this message is strictly prohibited and you are requested to
> notify the sender immediately by email and delete this email from your
> system. This communication is for information purposes only and should
> not be regarded as an offer to sell or as a solicitation of an offer to
> buy any financial product, an official confirmation of any transaction
> or as an official statement of ADG Capital Management or its affiliated
> companies. Email transmission cannot be guaranteed to be secure or free
> of error and comes with a risk that the email contains a virus, is not
> compatible with your electronic system or has been modified. ADG does
> not represent the information contained in this email is complete or
> accurate and should not be relied upon as such. Therefore ADG does not
> accept any liability for any direct or consequential loss arising from
> the use, or reliance on, this email or its contents.
>
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
>
> ------------------------------
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems?  Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >>  http://get.splunk.com/
>
> ------------------------------
>
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/openvpn-users
>
>
> End of Openvpn-users Digest, Vol 15, Issue 24
> ********************************************* 

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users