Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [openvpn]

OpenVPN is a free and open source software VPN solution. It allows secure point-to-point or site-to-site connections with routed or bridged configurations and remote access facilities.

OpenVPN is a free and open source software application that implements VPN techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses SSL/TLS security for encryption and is capable of traversing network address translators and firewalls.

It's architecture is build upon 4 principles:

  • Encryption
  • Authentication
  • Networking
  • Security

More info is to be found on the Open-Source site of VPN.
A very thorough tutorial can be found on Shorewall.

3274 questions
11
votes
3 answers

OpenVPN don't start: --cert fails with 'client.crt': No such file or directory

I have a VPS Server running with openVZ and CentOs 6 and I want to install openVPN on it. I followed this tutorial: https://www.digitalocean.com/community/tutorials/how-to-setup-and-configure-an-openvpn-server-on-centos-6 but I'm not able to start…
Peter
  • 245
  • 2
  • 3
  • 10
11
votes
2 answers

Which openvpn cipher should I use?

From both a performance and security standpoint, which cipher should I use with openvpn? According to http://openvpn.net/index.php/open-source/documentation/howto.html#security , the default is Blowfish, and the recommendation/example is to use…
Daniel S. Sterling
  • 1,584
  • 2
  • 11
  • 13
11
votes
3 answers

VPN can't connect properly

have set up a vpn client on my laptop connecting to a openvpn server on a vps. It was working just fine until i restarted my laptop. I get this connection log in the VPN client: Tue Nov 01 19:25:26 2011 OpenVPN 2.2.1 Win32-MSVC++ [SSL] [LZO2] built…
Daniel Gratz
  • 235
  • 1
  • 2
  • 4
11
votes
3 answers

OpenVPN - ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)

There are lots of questions pertaining this error, and there is a suggested manual fix which works well, but there's no permanent solution. How can i permanently solve this? Im having this issue on a debian wheezy server, using OpenVPN client to…
Joe
  • 366
  • 1
  • 2
  • 9
10
votes
2 answers

How can I fix link-mtu and tun-mtu are used inconsistently warnings in OpenVPN?

when connecting to my OpenVPN I am getting the following warnings in the client log: Sat Mar 09 06:52:57 2019 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1469', remote='link-mtu 1569' Sat Mar 09 06:52:57 2019 WARNING: 'tun-mtu' is…
Tiago Stapenhorst
  • 373
  • 1
  • 4
  • 14
10
votes
1 answer

OpenVPN 2.4 security differences between tls-crypt and tls-auth

I was reading and tls-crypt and was curious would that increase security and reduce the chance of keys being compromised during handshakes and that it offers better security over tls-auth? Maybe someone could better explain tls-auth and tls-crypt…
Jason
  • 3,931
  • 19
  • 66
  • 107
10
votes
1 answer

How to disconnect a single client connection in OpenVPN?

Would like to forcefully kick a specific user connection. OS is Ubuntu 16, OVPN Server is OpenVPN 2.3.10 I can see them connected in /etc/openvpn/openvpn-status.log which lists out current client status. And their persistent connection pool is saved…
emmdee
  • 2,187
  • 12
  • 36
  • 60
10
votes
3 answers

OpenVPN and systemd-resolved

How does one use the dns pushed via an openvpn server with systemd-resolved ? Before I decide to 'upgrade' to systemd-networkd. I could use some variant of openvpn-resolv-conf script to call resolvconf to manage entries in /etc/resolv.conf on…
sw1nn
  • 161
  • 1
  • 2
  • 7
10
votes
3 answers

Helo command rejected: Host not found - Setup postfix to accept sending mails from my home server through my public server

I would like to receive system emails from my home server. So I'm trying to configure postfix to do that through my public server. My public server has a fixed IP, while my home server is in a private network with a messed up hostname due to my…
The Quantum Physicist
  • 658
  • 2
  • 11
  • 26
10
votes
4 answers

Openvpn, forward packets very slowly

I rebooted my server, and an odd issue just came out. I am running on ArchLinux, the clients are Ubuntu, Android and Mac. The problem is that accessing the internet via the clients is slow, about 2ko/s and slowly stop. But downloading something from…
Cubox
  • 118
  • 1
  • 2
  • 12
10
votes
1 answer

OpenVPN Error : TLS Error: local/remote TLS keys are out of sync: [AF_INET]

Fist off thanks for reading this, I appreciate any and all suggestions. I am having some serious problems reconnecting to my OpenVPN client using Riseup.net's VPN. I have spent a few days banging my head against the wall in attempts to set this up…
Lucidity
  • 103
  • 1
  • 1
  • 5
10
votes
1 answer

openssl invalid CA certificate

I'm setting up server-to-server OpenVPN with a PKI infrastructure, and cannot make it work. I suspect it's something in the certificate chain, but I'm at a loss to explain how. I have an offline Root CA, and a certificate hierarchy. The CA's are…
Michael Hart
  • 113
  • 1
  • 1
  • 8
10
votes
2 answers

Trying to set up OpenVPN server on a vps

I'm trying to set up an OpenVPN server on my VPS for myself when I'm in public places, using this tutorial, http://tipupdate.com/how-to-install-openvpn-on-ubuntu-vps/ However whenever I try to start the server, it gives me this, root@vps:~#…
Austin
  • 173
  • 1
  • 2
  • 8
10
votes
2 answers

Anonymizing OpenVPN Allow SSH Access to Internal Server

I'm using an anonymizing VPN, but want SSH access to internal computer. How do I access my internal computer through SSH? When I do ssh 98.123.45.6, the connection times out. IP address from cable provider: 98.123.45.6 Anonymous IP through VPN:…
Lionel
  • 231
  • 2
  • 8
10
votes
3 answers

openvpn list all active certificates

I have a openvpn setup on ubuntu that multiple users are connecting to. I want to list all the active certificates with their Common name. Is their a way of doing this ?
nashrafeeq
  • 255
  • 1
  • 3
  • 12
1 2 3
99 100