[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Connection reset - cannot connect

  • Subject: Re: [Openvpn-users] Connection reset - cannot connect
  • From: "Dawid Ciecierski" <dawid.ciecierski@xxxxxxxxxxxxxx>
  • Date: Sat, 1 Sep 2007 22:22:53 +0100

> > 1) Windows XP client, internal IP, connecting through
> > gateway XP firewall turned off entirely, no anti-virus
> > software etc.
> >
> > 2) Small Linux home router / server in another location. It's external
> > IP is (on the ppp0 interface). Internally machines on eth0
> > / LAN are assigned upwards. NAT is in place to allow them to
> > connect to the Internet.
> >  - Port 1194 is opened, verified with tcpdump.
> >  - INPUT and FORWARD on tun+ are set to ACCEPT.
> This looks suspicious....
> Sat Aug 18 11:51:51 2007 us=126086   push_list = 'route
> You should check the netmask here

I just noticed that Sourceforge deleted my original attachments, so
here they are.

The route above is added as the private LAN behind the server I'm
connecting to have IPs from, and OpenVPN clients should be
getting and above (look at the configs). As I understand it,
netmask means that clients can take any IP from to, so should be ok.

Kind regards.
David Ciecierski

Want control, education, and security from your operating system?
Hardened Linux From Scratch
# Basic settings
dev tun
proto tcp
remote 1194

# Keys
ca "c:\\keys\\ca.crt"
cert "c:\\keys\\dav.crt"
key "c:\\keys\\dav.key"

verb 6
log client6.log
# Basic settings
dev tun
proto tcp
ifconfig-pool-persist ipp.txt

# Route to push to clients
push "route"
push "redirect-gateway"

# Keys
dh /etc/openvpn/keys/dh1024.pem
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key

# Verbosity level.
# 0 -- quiet except for fatal errors.
# 1 -- mostly quiet, but display non-fatal network errors.
# 3 -- medium output, good for normal operation.
# 9 -- verbose, good for troubleshooting
verb 6
Openvpn-users mailing list