Page 1 of 3 123 LastLast
Results 1 to 40 of 93
  1. #1

    HOWTO OpenVPN setup guide for FC3, FC4, FC5, CentOS and others,connecting via Windows

    Hi,

    I have had great difficulty in setting up OpenVPN, so I thought, when I finally do get it to work, I will write a HOWTO, so other can hopefully benefit…

    This guide was done using a FC4 VPS, running on Xen, it will work on OpenVZ, all you need to do is ask your VPS provider to install “tun support”.

    1. First of all get a few additional repos, If you already have your repos setup, skip this step

    If you have Fedora 3, follow these steps,

    http://stanton-finley.net/fedora_cor...notes.html#Yum

    If you have Fedora 4, follow these steps,

    http://stanton-finley.net/fedora_cor...notes.html#Yum

    If you have Fedora 5, follow these steps,

    http://stanton-finley.net/fedora_cor...notes.html#Yum

    If you have CentOS, follow the “additional third party CentOS repos”


    http://www.osresources.com/11_6_en.html


    Then issue these commands, each line is a new command, anything beginning with "#" are comments so dont try to execute those.

    Code:
    yum update
    
    yum install openssl openssl-devel
    # openssl and openssl-devel may be installed already… so don’t worry



    2. Right, now you want to install OpenVPN, here are the commands,

    Code:
    yum install openvpn -y
    
    #Now check that it works
    
    service openvpn start
    service openvpn stop

    3. A few things to setup before you can make certificates, issue these commands,

    Code:
    find / -name "easy-rsa"
    
    #you should get an output like this…
    
    /usr/share/doc/openvpn-2.0.7/easy-rsa
    
    #Now, make a copy of the easy-rsa directory, to /etc/openvpn/ ( make sure you #have put the right version number in i.e. mine was -2.0.7, change if needed)
    
    cp -R /usr/share/doc/openvpn-2.0.7/easy-rsa /etc/openvpn/
    
    cd /etc/openvpn/easy-rsa
    
    chmod 777 *
    
    mkdir /etc/openvpn/keys


    4. You need to edit the vars file, located in /etc/openvpn/easy-rsa
    You can use any editor you like, I used vi.

    Change the line
    Code:
    export KEY_DIR=$D/keys
    to

    Code:
    export KEY_DIR=/etc/openvpn/keys
    Also at the bottom of this file you will see something similar to this,

    Code:
    export KEY_COUNTRY=US
    export KEY_PROVINCE=CA
    export KEY_CITY=SOMEWHERE
    export KEY_ORG="My Org"
    export [email protected]
    Change this to your own values.

    5. Now its time to make the certificates, enter these commands

    Code:
    . ./vars
    Code:
    ./clean-all
    Code:
    ./build-ca
    # just hit enter to the defaults apart from Common Name, this must be unique
    # call it something like mydomain-ca

    Code:
    ./build-key-server server
    Code:
    ./build-key client1
    # remember that common name must be unique e.g. use mydomain-client1
    # and YES you want to sign the keys

    Code:
    ./build-key client2
    # do this step for as many clients as you need.

    Code:
    ./build-dh

    6. We are almost done now… right we need to create a few config files, you can download my template from here,

    Code:
    cd /etc/openvpn
    Code:
    wget www.designpc.co.uk/downloads/server.conf
    # make sure you change a few things in the server.conf file, like DNS
    # servers

    Code:
    touch server-tcp.log
    ~ this makes the log file..

    Code:
    touch ipp.txt
    this makes the IP reservation list.


    7. You need to make a few changes to OpenVPN itself. Go to..

    Code:
    cd /etc/init.d/
    edit the openvpn file

    #Uncomment this line (line 119)
    Code:
    echo 1 > /proc/sys/net/ipv4/ip_forward
    Add these lines below it, changing 123.123.123.123 to your public IP address,

    Code:
    iptables -t nat -A POSTROUTING -s 192.168.2.3 -j SNAT --to 123.123.123.123
    	iptables -t nat -A POSTROUTING -s 192.168.2.4 -j SNAT --to 123.123.123.123
    	iptables -t nat -A POSTROUTING -s 192.168.2.5 -j SNAT --to 123.123.123.123
    	iptables -t nat -A POSTROUTING -s 192.168.2.6 -j SNAT --to 123.123.123.123
    	iptables -t nat -A POSTROUTING -s 192.168.2.7 -j SNAT --to 123.123.123.123
    	iptables -t nat -A POSTROUTING -s 192.168.2.8 -j SNAT --to 123.123.123.123
    	iptables -t nat -A POSTROUTING -s 192.168.2.9 -j SNAT --to 123.123.123.123
    	iptables -t nat -A POSTROUTING -s 192.168.2.10 -j SNAT --to 123.123.123.123
    Now install iptables if you don’t have it already,

    Code:
    yum install iptables
    
    #test it
    
    service iptables start
    service iptables stop

    8. Now for the client config files. If your client is a Windows machine, make sure you have installed OpenVPN, use the gui version, downloadable from here;

    http://www.designpc.co.uk/downloads/....3-install.exe

    You need to copy a few files from the server to your client machine, here is the list, located in /etc/openvpn/keys/

    ## WARNING ## Use a secure way of transferring these files off the server, something like WinSCP.

    ca.crt
    client1.csr
    client1.key
    client1.crt

    Put these files in this directory C:\Program Files\OpenVPN\config\

    Now you need to make a client config, here is an example..


    PHP Code:
    client
    dev tun
    proto tcp

    #Change my.publicdomain.com to your public domain or IP address
    remote my.publicdomain.com 1194

    resolv
    -retry infinite
    nobind
    persist
    -key
    persist
    -tun


    ca ca
    .crt
    cert client1
    .crt
    key client1
    .key

    ns
    -cert-type server

    #DNS Options here, CHANGE THESE !!
    push "dhcp-option DNS 123.123.123.123"
    push "dhcp-option DNS 123.123.123.124"

    comp-lzo

    verb 3 
    Make sure you edit any of the lines with comments above them.

    Call this file client1.opvn and put it in C:\Program Files\OpenVPN\config\

    Make sure the file extension is .opvn not .txt

    To connect right click on OpenVPN in the taskbar >> Connect

    To test ping 192.168.2.1

    If you get a response, you in business
    ...........................................................................................

    Credits

    Stanton Finley, for all the YUM configs
    OpenVPN.net

    If I have made any mistakes, please post and I will correct.

    Thanks

  2. #2
    Join Date
    Dec 2004
    Location
    New York, NY
    Posts
    10,574
    Great guide! Thank you for the post.

  3. #3
    Join Date
    Aug 2004
    Location
    Houston, TX
    Posts
    1,394
    I have 2 Network cards on my VPN box and are able to get this working fine to route from remote access to pass all through our public interface, but I cannot access anything through the private interface or the private interface itself.

    Does anyone know where I would add some sort of route or such for this?
    Eleven2 Web Hosting - World-Wide Hosting, Done Right!
    Shared Hosting | Reseller Hosting | Dedicated | Virtual Premium Servers
    Server Locations in: Dallas | Los Angeles | Singapore | Amsterdam

  4. #4
    Join Date
    Jul 2006
    Posts
    87
    Hey great tutorial! I really appreciate it... however when I try to start OpenVPN after all the config I get:

    Code:
    Starting openvpn: iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
    Perhaps iptables or your kernel needs to be upgraded.
    iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
    Perhaps iptables or your kernel needs to be upgraded.
    iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
    Perhaps iptables or your kernel needs to be upgraded.
    iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
    Perhaps iptables or your kernel needs to be upgraded.
    iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
    Perhaps iptables or your kernel needs to be upgraded.
    iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
    Perhaps iptables or your kernel needs to be upgraded.
    iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
    Perhaps iptables or your kernel needs to be upgraded.
    iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
    Perhaps iptables or your kernel needs to be upgraded.
    Hmmm? Any ideas? I am running FC5 inside a OpenVZ VPS. As well, what OpenVPN icon are you talking about?

    Thanks,
    http://www.jdaigle.net/ - My portfolio
    http://www.logicdeck.com/ - Awesome tutorials and webmaster resources!

  5. #5
    Cannot get it to work.My server has RHEL4.
    i forwarded this url to the host but to no use.They cannot figure out how to get it to work.They emailed me saying that the tutorial is outdated and it does not work for RHEL

  6. #6
    Quote Originally Posted by Rodney-E2 View Post
    I have 2 Network cards on my VPN box and are able to get this working fine to route from remote access to pass all through our public interface, but I cannot access anything through the private interface or the private interface itself.

    Does anyone know where I would add some sort of route or such for this?
    Theres a trick to getting local networking.. working, I believe its disabled by default, may be wrong, check openvpn.net docs
    Stuart Munro

  7. #7
    Quote Originally Posted by HL-Justin View Post
    Hey great tutorial! I really appreciate it... however when I try to start OpenVPN after all the config I get working


    Hmmm? Any ideas? I am running FC5 inside a OpenVZ VPS. As well, what OpenVPN icon are you talking about?

    Thanks,
    You need your vps proviser to install the NAT module I believe, very easy on their part, it should work just fine...

    Also who is your provider?

    Cheers
    Stuart Munro

  8. #8
    Quote Originally Posted by ramesh80 View Post
    Cannot get it to work.My server has RHEL4.
    i forwarded this url to the host but to no use.They cannot figure out how to get it to work.They emailed me saying that the tutorial is outdated and it does not work for RHEL
    I thought RHEL was pretty much the same as CentOS, which is what I did the tutorial on...

    What version of openvpn you using, also, why is it not working, any log files? Also are you connecting from a linux or windows machine?

    Cheers
    Stuart Munro

  9. #9

    Starting openvpn: [FAILED]

    Thanks for the article.
    Could you please help me with this problem?

    after installing openvpn it gives an error message

    Code:
    [[email protected] ~]# service openvpn start
    Starting openvpn:                                          [FAILED]
    I've followed the guide completely and restarted the OS
    But it doesn't work.
    The OS is CentOS 4

  10. #10
    What is the meaning of your SNAT rules? Do you have some specific need or something (which is not said in the text). You can route your users with one SNAT rule... or with one MASQ rule.

    Btw I don't like these kind of tutorials, because they only list commands and explain nothing. Yes, we all know how to "do something", but why are we doing it? what will be achived once we do it? why is that? how does the thing work? etc. A proper how-to is one that explains "why is something" and not just "do iptables .... and your done". A begginer does not prosper from this kind of text because he learns nothing.... yes he can be trained to repeat those commands and install many VPN systems (so can a monkey), but the first time when he runs into problems and errors he will have no idea what to do. Because he didn't learn anything from the tutorial.
    Last edited by nixadm; 10-12-2007 at 12:23 PM.

  11. #11
    Join Date
    May 2004
    Posts
    350
    I seem to get this error while trying to build the cert:

    Code:
    [[email protected] easy-rsa]# ./vars 
    NOTE: when you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/keys
    [[email protected] easy-rsa]# ./clean-all
    you must define KEY_DIR
    and my vars file has:

    Code:
    # WARNING: clean-all will do
    # a rm -rf on this directory
    # so make sure you define
    # it correctly!
    #export KEY_DIR=$D/keys
    export KEY_DIR=/etc/openvpn/keys
    # Issue rm -rf warning
    echo NOTE: when you run ./clean-all, I will be doing a rm -rf on $KEY_DIR
    any ideas?

  12. #12
    Quote Originally Posted by nixadm View Post
    What is the meaning of your SNAT rules? Do you have some specific need or something (which is not said in the text). You can route your users with one SNAT rule... or with one MASQ rule.

    Btw I don't like these kind of tutorials, because they only list commands and explain nothing. Yes, we all know how to "do something", but why are we doing it? what will be achived once we do it? why is that? how does the thing work? etc. A proper how-to is one that explains "why is something" and not just "do iptables .... and your done". A begginer does not prosper from this kind of text because he learns nothing.... yes he can be trained to repeat those commands and install many VPN systems (so can a monkey), but the first time when he runs into problems and errors he will have no idea what to do. Because he didn't learn anything from the tutorial.
    Hi,

    I did it mainly for if the user wanted to do any NAT stuff later on.

    Im sorry you didn't like my tutorial...! The reason for doing it was it took me ages to figure out OpenVPN, I was very much a newbie when I started with it

    As for explaining VPN, I think if you are looking for a VPN you would think people know what a VPN is, therefore no need to explain in detail what it does, the tutorial plainly guides users to using an alternative software to achieve some sort of VPN.

    I know when I was looking at VPN for the first time I didn't go straight to how I install one, first I wanted to understand what it was and what the achieve!

    PS - In regards to your comments on guides "explaining nothing" I must disagree! We are out of the machine code era, code nowadays is near enough "human readable" therefore the command itself explains roughly what it does.

    But thank you for your comments anyway.
    Last edited by stuartornum; 10-18-2007 at 04:37 AM.
    Stuart Munro

  13. #13
    Quote Originally Posted by Trix View Post
    I seem to get this error while trying to build the cert:

    Code:
    [[email protected] easy-rsa]# ./vars 
    NOTE: when you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/keys
    [[email protected] easy-rsa]# ./clean-all
    you must define KEY_DIR
    and my vars file has:

    Code:
    # WARNING: clean-all will do
    # a rm -rf on this directory
    # so make sure you define
    # it correctly!
    #export KEY_DIR=$D/keys
    export KEY_DIR=/etc/openvpn/keys
    # Issue rm -rf warning
    echo NOTE: when you run ./clean-all, I will be doing a rm -rf on $KEY_DIR
    any ideas?
    Hi,

    Its . ./vars

    so,

    dot space dot/vars

    NOT

    dot/vars

    Should work fine then.

    PS I got stuck on this the first time
    Stuart Munro

  14. #14
    Quote Originally Posted by stability View Post
    Thanks for the article.
    Could you please help me with this problem?

    after installing openvpn it gives an error message

    Code:
    [[email protected] ~]# service openvpn start
    Starting openvpn:                                          [FAILED]
    I've followed the guide completely and restarted the OS
    But it doesn't work.
    The OS is CentOS 4
    Could you post the log file in /var/log/messages I think.
    Stuart Munro

  15. #15
    Thanks for the tut, I did setup on server CentOS and trying to access from winxp client.

    After connection, I see key2/81.x.x.x:3358 MULTI: bad source address from client [81.x.x.x], packet dropped

    Where 81.x.x.x is client ip. Any suggestion?
    Website Hosting by Rackset
    Professional, Affordable, Reliable

    Web Hosting Provider

  16. #16
    Quote Originally Posted by RACKSET View Post
    Thanks for the tut, I did setup on server CentOS and trying to access from winxp client.

    After connection, I see key2/81.x.x.x:3358 MULTI: bad source address from client [81.x.x.x], packet dropped

    Where 81.x.x.x is client ip. Any suggestion?
    Hi,

    Can you PM me your log, and I will have a look at it for you.

    Cheers
    Stuart Munro

  17. #17
    Join Date
    Mar 2006
    Posts
    74
    Is there anyway of configuring openVPN so we don't need a client to connect?
    Some VPN providers are offering VPN with no client software.

  18. #18
    Quote Originally Posted by RACKSET View Post
    Thanks for the tut, I did setup on server CentOS and trying to access from winxp client.

    After connection, I see key2/81.x.x.x:3358 MULTI: bad source address from client [81.x.x.x], packet dropped

    Where 81.x.x.x is client ip. Any suggestion?
    Hi,

    Can you post your log file for this:

    /var/log/messages

    Do you get the error on the win XP client of openvpn or on the server?
    Stuart Munro

  19. #19
    Thank you for your attention, the issue has been resolved. I think that was an issue with iptables. I fixed it with issuing the command:

    iptables -t nat -A POSTROUTING -o ethX -s 10.8.0.0/24 -j SNAT --to 1.1.1.1

    Where 1.1.1.1 is public IP of vpn server.
    Website Hosting by Rackset
    Professional, Affordable, Reliable

    Web Hosting Provider

  20. #20
    Join Date
    Oct 2007
    Posts
    106
    Hi,

    Fantastic Tutorial and a great help. You Rock.

  21. #21
    Join Date
    Apr 2007
    Location
    Melbourne, Australia
    Posts
    410
    Awesome, thorough guide, stuartornum - thank you !!
    CentOSBlog.com - CentOS Management, Help, Tutorials and Guides, Security, News, Downloads, Scripts and more!
    www.ctkn.net - Quick and easy tips and tutorials for Linux and Windows users !

  22. #22
    Join Date
    Aug 2002
    Location
    Bharat
    Posts
    4,722
    Good tutorial, I think I should get my hands dirty with VPN too, its gonna help in my upcoming project.
    Vinsar.Net - Quality Web Hosting at Economical Price on USA & European Servers
    Offering domains, shared, reseller & VPS hosting.
    Reliable Domain Reseller Account Resell Domains with Confidence

  23. #23
    If you are using CSF (Config Server Firewall) you should create a file named 'csfpre.sh' in /etc/csf and add the following rules to it, then restart CSF, csf -r

    /sbin/iptables -A INPUT -j ACCEPT -s 10.8.0.0/24 -i tun0
    /sbin/iptables -A OUTPUT -j ACCEPT -s 10.8.0.0/24 -o tun0

    /sbin/iptables -A FORWARD -j ACCEPT -p all -s 0/0 -i tun0
    /sbin/iptables -A FORWARD -j ACCEPT -p all -s 0/0 -o tun0

    /sbin/iptables -t nat --flush
    /sbin/iptables -t nat -A POSTROUTING -o venet0 -s 10.8.0.0/24 -j SNAT --to 1.1.1.1
    Where 1.1.1.1 is public IP of vpn server.
    Website Hosting by Rackset
    Professional, Affordable, Reliable

    Web Hosting Provider

  24. #24

    thanks!

    thanks man going to test it

  25. #25
    Join Date
    Jun 2005
    Posts
    39
    Can I install it near Cpanel /whm ?

    is openssl installed with Cpanel ?
    should I install again ?

    How can I add a vpn account for a user with limited BW ?
    Last edited by anon-e-mouse; 01-21-2008 at 06:06 PM. Reason: merging posts

  26. #26
    Quote Originally Posted by bakhanbeigi View Post
    Can I install it near Cpanel /whm ?
    Yes it is possible

    Quote Originally Posted by bakhanbeigi View Post
    How can I add a vpn account for a user with limited BW ?
    This is a lot harder to achieve, I suggest you go to a specialist for this or use a VPN provider.

    Regards
    Stuart Munro

  27. #27
    Join Date
    Mar 2005
    Posts
    533
    Can Install this form WHM/Install RPM ?

  28. #28
    Join Date
    Mar 2005
    Posts
    533
    oh sorry I sent my message in wrong place.. sorry

  29. #29
    Join Date
    Mar 2005
    Posts
    533
    Thanks stuartornum for your guide,

    I have some question,

    whats your mean of DNS? is your mean ns1.mysite.com and ns2.maysite.com which I set for our domains ?

    I downloaded OpenVPN GUI from this link : http://openvpn.se/files/install_pack....3-install.exe
    (Your link does not work)
    In the status bar when I right click on OpenVPN Icon I have this options only:
    Proxy Setting, About, Exit
    and I don't have Connect , what should I do ?


    Regards

  30. #30
    Quote Originally Posted by webhostbeginner View Post
    Thanks stuartornum for your guide,

    I have some question,

    whats your mean of DNS? is your mean ns1.mysite.com and ns2.maysite.com which I set for our domains ?

    I downloaded OpenVPN GUI from this link : http://openvpn.se/files/install_pack....3-install.exe
    (Your link does not work)
    In the status bar when I right click on OpenVPN Icon I have this options only:
    Proxy Setting, About, Exit
    and I don't have Connect , what should I do ?


    Regards
    Do you have a server to connect to?
    Stuart Munro

  31. #31
    Join Date
    Mar 2005
    Posts
    533
    Yes I have a dedicated server with FC6
    I was installed the program in my server successfully , (I was installed OpenVPN from whm>install rpm)

  32. #32
    Join Date
    Mar 2005
    Posts
    533
    hello.....?

  33. #33
    Have you gone through the guide on the 1st page, because there is quite a lot of modifications that need to be done.

    Thnaks
    Stuart Munro

  34. #34
    Thanks for sharing this to us.
    Is a VPS with 512 RAM enough to do the job or do I really need a dedicated server?

    Thanks for advice.

  35. #35
    Hi,

    It really depends on how many people you want to be able to be connected at any one time...

    512MB VPS will do a lot of people, ive tested 128MB VPS with 20 people with no problems.

    Regards
    Stuart Munro

  36. #36
    Quote Originally Posted by stuartornum View Post
    Hi,

    It really depends on how many people you want to be able to be connected at any one time...

    512MB VPS will do a lot of people, ive tested 128MB VPS with 20 people with no problems.

    Regards
    Thanks again Stuart, I'll try this in a week or two.

    -ys-

  37. #37
    Join Date
    Aug 2004
    Location
    Shanghai
    Posts
    1,449
    What a long tutorial!

    To avoid doing all this, we have scripted all the setup for our Debian VPS. Simply follow the following steps. Note that it's generating generic answer to the questions for openssl, as most of the people don't care.

    1. Setup the sever

    Install openvpn and the needed utils:

    apt-get install openvpn openssl udev

    Get this file:

    http://dtcsupport.gplhost.com/openvpn-setup.tar.gz

    Move the content of openvpn-setup in the archive in the /etc/openvpn. Start the "setup" script. That should be enough to have a working setup. This setup script will create a key for 20 clients, which should be enough for most users. It guesses the IP address using netstat -rn, as most chances that your gateway interface is the one that is your public IP address.

    2. Client setup

    The configuration files for the client are in a generated folder client-config. You should send the files corresponding to the client in each computers. Note that the file is to be used with OpenVPN GUI client under windows, as this is the most common setup. It should be quite easy to change the config file for Unix (simply rename with .conf extention instead of .ovpn, and edit the path so OpenVPN can find it's keys).

    3. Windows setup

    Windows users can download the very good GUI here:

    http://openvpn.se/download.html

    Note that vista users HAVE to use this version (at least):

    http://openvpn.net/release/openvpn-2.1_rc7-install.exe

    It is recommend to install the GUI from http://openvpn.se/download.html, and then install the latest development version of openvpn from http://www.openvpn.net/index.php/downloads.html.

    4. How to fix the user access control problem under Vista

    Please follow any of the steps at the following URL to disable UAC. This allows a simpler use of OpenVPN, since the extra security controls in place interfere with OpenVPN: http://www.petri.co.il/disable_uac_in_windows_vista.htm

    5. Please edit the client.ovpn file (in wordpad in case notepad doesn't contain the carriage returns correctly), and add the following to entries, to ensure that it works correctly with Vista

    route-method exe
    route-delay 2

    6. In case you can connect, but browsing does not seem to work, you will probably need to fix the DNS setting in the server configuration

    push "dhcp-option DNS X.X.X.X"

    where of course X.X.X.X is the DNS of your server/VPS.

    7. In case you want many clients with many public IPs

    Then follow this script.

    Please change the IP address to a DNS server that is accessible by the server running the VPN.

    Enjoy!

    P.S: Note that you can find this tutorial (maybe updated) in our wiki pages)
    GPLHost:>_ open source hosting worldwide (I'm founder, CEO & official Debian Developer)
    Servers & our leading control panel and our Xen VPS hosting, which are already included in Debian and Ubuntu
    Available in: Kuala Lumpur, Singapore, Sydney, Seattle, Atlanta, Paris, London, Barcelona, Zurich, Israel

  38. #38
    Join Date
    May 2008
    Posts
    3
    cool tutorial

  39. #39
    Join Date
    Feb 2007
    Posts
    325
    Hello

    thanks

    7. You need to make a few changes to OpenVPN itself. Go to..

    Code:
    cd /etc/init.d/
    edit the openvpn file

    #Uncomment this line (line 119)
    Code:
    echo 1 > /proc/sys/net/ipv4/ip_forward
    Add these lines below it, changing 123.123.123.123 to your public IP address,

    Code:
    iptables -t nat -A POSTROUTING -s 192.168.2.3 -j SNAT --to 123.123.123.123
    iptables -t nat -A POSTROUTING -s 192.168.2.4 -j SNAT --to 123.123.123.123
    iptables -t nat -A POSTROUTING -s 192.168.2.5 -j SNAT --to 123.123.123.123
    iptables -t nat -A POSTROUTING -s 192.168.2.6 -j SNAT --to 123.123.123.123
    iptables -t nat -A POSTROUTING -s 192.168.2.7 -j SNAT --to 123.123.123.123
    iptables -t nat -A POSTROUTING -s 192.168.2.8 -j SNAT --to 123.123.123.123
    iptables -t nat -A POSTROUTING -s 192.168.2.9 -j SNAT --to 123.123.123.123
    iptables -t nat -A POSTROUTING -s 192.168.2.10 -j SNAT --to 123.123.123.123




    what means?

    nano /etc/init.d/openvpn

    line 110-123 is :

    while shift ; do
    [ -z "$1" ] && break
    if test -e /var/run/openvpn.$1.pid ; then
    PIDFILE=`ls /var/run/openvpn.$1.pid 2> /dev/null`
    NAME=`echo $PIDFILE | cut -c18-`
    NAME=${NAME%%.pid}
    stop_vpn
    echo -n " $NAME"
    else
    echo -n " (failure: No such VPN is running: $1)"
    fi
    done
    fi
    echo "."


    i must add this code
    echo 1 > /proc/sys/net/ipv4/ip_forward
    in where?
    please help me
    because all ports in openvpn for me is not open
    Thanks
    Soon ...

  40. #40
    @gplhost

    I can't seem to pm you here. I pm you in ym

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •