Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [openvpn]

OpenVPN is a free and open source software VPN solution. It allows secure point-to-point or site-to-site connections with routed or bridged configurations and remote access facilities.

OpenVPN is a free and open source software application that implements VPN techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses SSL/TLS security for encryption and is capable of traversing network address translators and firewalls.

It's architecture is build upon 4 principles:

  • Encryption
  • Authentication
  • Networking
  • Security

More info is to be found on the Open-Source site of VPN.
A very thorough tutorial can be found on Shorewall.

3274 questions
22
votes
3 answers

OpenVPN: How to mitigate path MTU issues on a per-client basis?

We have dozens of embedded devices installed at customers, all calling home to our OpenVPN service. That works fine in general, but a few of our customers have severe path MTU issues. Our influence on the customers to fix their networks is limited,…
Nils Toedtmann
  • 3,342
  • 5
  • 26
  • 36
20
votes
4 answers

Resolv Conf Multiple DNS Servers with specific domains

I need the ability to have specific dns servers for multiple networks, and i would like to know how to properly update my /etc/resolv.conf: lets say I have a major vpn, that I route all my trafiic and DNS queries through it. But know I have another…
Alfredo Palhares
  • 301
  • 1
  • 2
  • 3
20
votes
3 answers

Reload OpenVPN config without restarting the process

I have the config in /etc/openvpn/server.conf. Most time I update routing. In the init script there's no case for reload. The service openvpn restart is just stop and then start the process, which obviously will kick everybody off (but I don't want…
Carl
  • 489
  • 1
  • 6
  • 10
20
votes
5 answers

Connect an iPhone to OpenVPN

Is there a way to connect an iPhone to our company OpenVPN server?
Marc
  • 405
  • 2
  • 6
  • 12
20
votes
7 answers

How can I configure openvpn server without push default gateway?

I need configure my openvpn server to provide some LAN resources, but I don't want route all traffic for my clients. Here is my sample network description: My LAN is 192.168.1.0/24. Openvpn network is 192.168.100.0/24. I add push route 192.168.1.0…
Solomon
  • 333
  • 1
  • 3
  • 9
20
votes
11 answers

OpenVPN easy-rsa build-key automation?

I have a lot of keys to generate for my clients VPN server. Whenever I use easy-rsa to generate the keys like this: ./build-key client1 There is some output with a series of questions. The questions all have default answers that are defined in the…
Jake Wilson
  • 8,814
  • 29
  • 97
  • 125
20
votes
3 answers

Multiple openvpn clients on one openvpn server

Can I have multiple openvpn clients connecting to a single openvpn server? The following setting works well for a single user This is the server configuration (openvpn.conf) port 1194 proto udp dev tun secret openvpn-key.txt ifconfig 192.168.2.1…
ServerDown
  • 372
  • 1
  • 2
  • 9
19
votes
1 answer

VPN: ERROR: Linux route add command failed

I have configured a VPN server local 192.168.0.250 dev tun proto udp port 1194 ca /etc/openvpn/easy-rsa/keys/ca.crt cert /etc/openvpn/easy-rsa/keys/server-vpn.crt key /etc/openvpn/easy-rsa/keys/server-vpn.key dh…
stecog
  • 985
  • 5
  • 11
  • 21
19
votes
2 answers

How can multiple clients of an openvpn server find each other?

I am bringing up an openvpn server that will support multiple clients into a private subnet. So on the private subnet the clients connecting will get IP addresses such as 10.8.0.10, 10.8.0.11, etc. One of the facilities I need is for the clients to…
AlanObject
  • 662
  • 2
  • 9
  • 20
19
votes
3 answers

Unable to logon to vpn

My openvpn client log file- The interesting bit: Tue Oct 26 12:32:49 2010 TLS Error: cannot locate HMAC in incoming packet from 67.228.223.12:3389 Tue Oct 26 12:32:49 2010 Fatal TLS error (check_tls_errors_co), restarting Tue Oct 26 12:32:49 2010…
user58283
18
votes
1 answer

How to route only specific openVPN traffic through a openVPN based on IP filtering of the destination?

I noticed a DNS proxy service I saw utilizes openvpn and tunnels supposedly only DNS traffic through the VPN which masks the users of the VPN's geolocation and allows the users system to use their initial connection for all other traffic. I could…
RCG
  • 794
  • 1
  • 6
  • 15
18
votes
7 answers

how to auto start openvpn (client) on ubuntu 12.04 cli?

I have an *.ovpn file that works if I type in sudo openvpn client.ovpn Now I would like to start up openvpn when I boot the computer. It's a headless version of ubuntu - if that matters - 12.04 64bit. I copied filename.ovpn to /etc/openvpn but it's…
waspinator
  • 608
  • 3
  • 13
  • 22
18
votes
3 answers

Getting disconnected from OpenVPN server each hour

I am having a rather strange issue with my OpenVPN configuration. I am connecting from Windows 7 with official latest OpenVPN client to my OpenVPN server (OpenVPN 2.1.4 i386-redhat-linux-gnu). The problem is I am getting disconnected from my OpenVPN…
Andrew
  • 1,104
  • 6
  • 21
  • 37
17
votes
3 answers

How to set a static IP (client side) in OpenVPN?

I am setting up a VPN network with a lot of little devices (running OpenWRT). In my use case, the devices are all identified by a number and I would like their ip adresses to match their ID (e.g: the device number 6 will have an ip in X.X.X.6). I am…
Morreski
  • 283
  • 1
  • 2
  • 5
17
votes
2 answers

stunnel vpn traffic and ensure it looks like SSL traffic on port 443

I am trying to make my outgoing and incoming traffic look as legitimate as close to SSL traffic as possible. Is there a way to DPI my own traffic to ensure it looks like SSL traffic and not OpenVPN traffic? And based on my config setup does all…
Jason
  • 3,931
  • 19
  • 66
  • 107
1 2
3
99 100