dokucama

User Tools

Site Tools

Trace: cryptocurrencies wifi vpn_troubleshooting
network_stuff:vpn_troubleshooting

This is an old revision of the document!

Cisco


Juniper SRX


Juniper Netscreen

Checkpoint

OPENVPN SERVER FEDORA 

/etc/openvpn/server/openvpn.log
/etc/openvpn/server/openvpn-status.log
  • On the server:
systemctl enable firewalld
systemctl start firewalld
firewall-cmd --permanent --add-service openvpn
firewall-cmd --permanent --add-masquerade
# also enable ip forwarding with sysctl.conf and don't forget systemctl restart network.service

Start server: 

systemctl start openvpn-server@server.service # Server

Create ovpn file and start client: generate_openvpn_config.sh 

openvpn --config /home/jaime/ovpnrpi/client4.ovpn  # client

If redirection fails:

systemctl stop firewalld
systemctl start firewalld

OPENVPN SERVER RASPBERRY PI https://dzone.com/articles/how-to-setup-an-openvpn-server-on-a-raspberry-pi

curl -L https://install.pivpn.io | bash
# set it as static, you shoud have configured the dhcp reservation and port forwarding in the gw before this!
pivpn add nopass # to create profiles
#
/etc/openvpn/server.conf
# all fields nicely explained here : https://github.com/OpenVPN/openvpn/blob/master/sample/sample-config-files/server.conf

OPENWRT CLIENT OPENVPN:
In LuCi:

  • Click Update-list
  • Then INSTALL: luci-app-openvpn openvpn-easy-rsa openvpn-openssl
  • Press OK on each of them to download and install them.

In CLI, Have these files: 

root@OpenWrt:/etc/config# cat /etc/config/openvpn
config openvpn 'camarreal_ovpn'
  option config '/etc/openvpn/forsythia-client.ovpn'   # This is 'raw' the file generated in the openvpn server by doing "pivpn add nopass"
  option enabled '1'

Firewall and network config (from https://wiki.turris.cz/doc/en/howto/openvpn among other sources): 

root@OpenWrt:/etc/config# cat /etc/config/firewall
config zone 'wan'                               
        option name 'wan'                      
        list network 'wan'                      
        list network 'wan6'                     
        option output 'ACCEPT'                 
        option forward 'REJECT'                
        option masq '1'                         
        option mtu_fix '1'                      
        option input 'REJECT'                  
        list device 'tun0'    

root@OpenWrt:/etc/config# cat /etc/config/network 
config interface 'vpn'         
        option proto 'none'
        option ifname 'tun0'

LINUX VPN-CLIENT
https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/clients.md#linux
START:

mkdir -p /var/run/xl2tpd
touch /var/run/xl2tpd/l2tp-control
service strongswan restart
service xl2tpd restart
strongswan up myvpn
echo "c myvpn" > /var/run/xl2tpd/l2tp-control
ip route add 0/0 dev ppp0


STOP:

ip route del 0/0 dev ppp0
echo "d myvpn" > /var/run/xl2tpd/l2tp-control
strongswan down myvpn

INVESTIGATE WHY CRASHES SOMETIMES: 

May  9 05:16:22 observium xl2tpd: xl2tpd[23954]: Maximum retries exceeded for tunnel 23919.  Closing.
May  9 05:16:22 observium xl2tpd: xl2tpd[23954]: Connection 61860 closed to 148.64.56.150, port 1701 (Timeout)
network_stuff/vpn_troubleshooting.1586032900.txt.gz · Last modified: (external edit)

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki