Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [openvpn]

OpenVPN is a free and open source software VPN solution. It allows secure point-to-point or site-to-site connections with routed or bridged configurations and remote access facilities.

OpenVPN is a free and open source software application that implements VPN techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses SSL/TLS security for encryption and is capable of traversing network address translators and firewalls.

It's architecture is build upon 4 principles:

  • Encryption
  • Authentication
  • Networking
  • Security

More info is to be found on the Open-Source site of VPN.
A very thorough tutorial can be found on Shorewall.

3274 questions
17
votes
4 answers

No tun device in lxc guest for openvpn

I am trying to set up an openvpn server inside a lxc guest. However, it seams there is no tun device available in the container. Starting openvpn inside the container gives me this error: Tue Sep 18 13:04:18 2012 Note: Cannot open TUN/TAP dev…
Lawrence
  • 233
  • 1
  • 2
  • 5
17
votes
5 answers

OpenVPN make redirect-gateway optional

I'm currently running an OpenVPN server for multiple clients. All traffic is directed through the VPN (it's set up as gateway; push "redirect-gateway def1"). So far, all is working fine. However, I'd like to connect a couple of servers to this…
Tuinslak
  • 1,465
  • 8
  • 32
  • 56
17
votes
3 answers

OpenVPN and DNS. How to?

I'm using OpenVPN to set up a VPN to connect my laptop at home to my workplace LAN. I want to be able to refer my workplace computers by their name and not by their IP but I can't. This is my situation: Workplace LAN: Address space: …
Toto
  • 401
  • 1
  • 5
  • 13
16
votes
2 answers

OpenVPN unable to disable encryption

Both in server and client config I have set: cipher none auth none Following this advice I am also using UDP port 1195. When I launch server and client I get following warnings: Tue Dec 4 12:58:25 2018 ******* WARNING *******: '--cipher none' was…
user2449761
  • 263
  • 1
  • 3
  • 8
16
votes
5 answers

OpenVPN for certain IPs, eth0 for everything else

Summary: I'd like to connect to my VPN and have access to certain servers, but for all other traffic I'd like to use my regular networking. I've setup an OpenVPN server on my VPS, my server.conf file looks like so: port 1194 proto udp dev tun ca…
ThaDon
  • 497
  • 1
  • 5
  • 15
16
votes
5 answers

Are there any Distributed/mesh-like/P2P VPNs?

I have my personal VPN, connecting several devices so they can have fixed IP addresses on an always-reachable network (as long as they are connected to the Internet). This is necessary for me, since my devices can be on the move, on different and…
Valmiky Arquissandas
  • 504
  • 1
  • 4
  • 17
16
votes
4 answers

How do I tell if all traffic is going through the VPN?

I have an OpenVPN set up on the server and I am using OpenVPN connect for my client. I have some internal websites that I need to access and some of them don't work. I want to make sure that when the traffic is going through the VPN and not though…
monkthemighty
  • 555
  • 2
  • 4
  • 11
15
votes
1 answer

Allow Docker containers to connect to OpenVPN clients on the host tunnel interface

I have the following setup : A CentOS host running the docker service A user defined docker bridge network 2 Docker containers connected to that user defined bridge network An OpenVPN installation (currently running on the host. Can also run in a…
ddewaele
  • 333
  • 1
  • 4
  • 12
15
votes
2 answers

How to set up OpenVPN to let the VPN clients to access all the servers inside the server LAN?

My server LAN IP is 192.168.1.1 and there is an intranet web server on 192.168.1.2 The OpenVPN daemon is configured to give clients 192.168.2.* addresses. There is push "route 192.168.1.0 255.255.255.0" line in the config which I expect to enable…
Ivan
  • 3,398
  • 19
  • 50
  • 71
14
votes
2 answers

Is there any solution to make OpenVPN authentication with Google ID?

Or, maybe any oauth? All I could find - is 2factor authentication with google. But I'd like to use Google Apps base for OpenVPN auth. I believe that it is possible to make something like gitlab. Where you can put your certificate and then use it…
Psychozoic
  • 273
  • 2
  • 4
  • 13
14
votes
6 answers

openVPN disconnect via command line in linux

Is there a way to disconnect an openvpn connection that was established by free-radius with a shell command line? I have all information about the openvpn connection: Username Client IP AccountSeassionID ...
hamedsh
  • 389
  • 2
  • 5
  • 18
14
votes
5 answers

SSH traffic over openvpn connection freezes when I cat a file

I have an openvpn (version 2.1_rc15 at both ends) connection setup between two gentoo boxes using shared keys. it works fine for the most part. I use mysql, http, ftp, scp over the vpn with no problems. But when I ssh from the client to the server…
Pawz Lion
  • 474
  • 3
  • 7
  • 12
13
votes
1 answer

OpenVPN low performance. Do I have MTU problems? Dumps inside

I have problems with an OpenVPN tunnel which does not reach line speed. The gateway is a Debian Jessy virtual server hosted at OVH. The client is either my freebsd 10.2 homeserver (Intel I3 Ivy Bridge) or my RaspberryPI2. I deactivated encryption…
Alexander Theißen
  • 184
  • 2
  • 9
13
votes
3 answers

MULTI: bad source address from client - any one-off solutions?

Setup: I have the an openvpn client/server setup (config files at bottom), and I get the infamous MULTI: bad source address from client [192.168.x.x], packet dropped message at server. The server has a public IP address, while the client is behind…
m000
  • 440
  • 1
  • 4
  • 11
13
votes
4 answers

Improving OpenVPN Performance

I've been trying to improve my OpenVPN performance and this is my current setup: cat /etc/openvpn/server.conf port 443 #- port proto tcp #- protocol dev tun #tun-mtu 1500 tun-mtu-extra 32 #mssfix 1450 tun-mtu 64800 mssfix 1440 reneg-sec 0 ca…
user192680
1 2 3
99 100