[opensuse] openVPN
Hi all, I want to set up a VPN on my Linux box which is running OpenSuse 10.3. I have installed openVPN using YaST and also openVPN for Network Manager but when I run Network Manager nothing happens and no program is launched. Besides, I don't know how to configure openVPN and on which port it is listening. Does anybody know how to configure it? Also, I want to know if after setting it up successfully, if it is possible to connect to this VPN from a Windows XP/Vista machine? Also, is openSWAN a good alternative to setting up a VPN? Regards, Danesh -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Danesh Daroui wrote:
Hi all,
I want to set up a VPN on my Linux box which is running OpenSuse 10.3. I have installed openVPN using YaST and also openVPN for Network Manager but when I run Network Manager nothing happens and no program is launched. Besides, I don't know how to configure openVPN and on which port it is listening. Does anybody know how to configure it? Also, I want to know if after setting it up successfully, if it is possible to connect to this VPN from a Windows XP/Vista machine? Also, is openSWAN a good alternative to setting up a VPN?
I use OpenVPN with both Linux & XP. It works well. If you study the example configs, it becomes easier to understand. You need to assign a pair of addresses for the tunnel ends and, of course, the addresses get reversed at the opposite ends. You'll also have to create a static key, by using this command: openvpn --genkey --secret static.key OpenVPN normally uses UDP port 1194, but that can be changed and even use TCP. You may find some useful info here: http://openvpn.net/index.php/home.html -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Thanks for the tip, but the problem is that when I installed "openVPN" via YaST, I can not run "openvpn" in shell. It shows that the package is installed but it can not be run. By the way, do you connect to your Linux VPN from XP, by establishing a VPN connection as it should be for other VPNs? D. James Knott wrote:
Danesh Daroui wrote:
Hi all,
I want to set up a VPN on my Linux box which is running OpenSuse 10.3. I have installed openVPN using YaST and also openVPN for Network Manager but when I run Network Manager nothing happens and no program is launched. Besides, I don't know how to configure openVPN and on which port it is listening. Does anybody know how to configure it? Also, I want to know if after setting it up successfully, if it is possible to connect to this VPN from a Windows XP/Vista machine? Also, is openSWAN a good alternative to setting up a VPN?
I use OpenVPN with both Linux & XP. It works well. If you study the example configs, it becomes easier to understand. You need to assign a pair of addresses for the tunnel ends and, of course, the addresses get reversed at the opposite ends. You'll also have to create a static key, by using this command: openvpn --genkey --secret static.key OpenVPN normally uses UDP port 1194, but that can be changed and even use TCP.
You may find some useful info here: http://openvpn.net/index.php/home.html
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
* Danesh Daroui
Thanks for the tip, but the problem is that when I installed "openVPN" via YaST, I can not run "openvpn" in shell. It shows that the package is installed but it can not be run.
Because openvpn executable is not in your path, rpm -ql openvpn |grep bin /usr/sbin/openvpn /usr/sbin/rcopenvpn but you do have executable rights, just include the full path. ps. The convention here is to answer questions *after* they have been asked. -- Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://counter.li.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Danesh Daroui wrote:
Thanks for the tip, but the problem is that when I installed "openVPN" via YaST, I can not run "openvpn" in shell. It shows that the package is installed but it can not be run. By the way, do you connect to your Linux VPN from XP, by establishing a VPN connection as it should be for other VPNs?
It can be started by (root) command or in Yast System Services. I use the command method. On my firewall, I use the following commands in /etc/init.d/boot.local: #start vpn tunnel modprobe tun /usr/local/bin/vpn_up & That script points to /usr/local/bin/vpn_up: #! /bin/bash cd /etc/openvpn /usr/sbin/openvpn --config static-office.conf On my notebook, I start & stop it with scripts that use sudoers to grant root access to user commands. I connect to Linux from both Linux & Windows, though not at the same time as I have only a single static config. You can set up OpenVPN with a key server, to allow multiple connections, but I've never done that. I use OpenVPN for both remote access and also when using WiFi at home. The WiFi access is outside of my firewall and requires OpenVPN or SSH to access my network. -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Friday 19 December 2008 10:15:59 James Knott wrote:
Danesh Daroui wrote:
Thanks for the tip, but the problem is that when I installed "openVPN" via YaST, I can not run "openvpn" in shell. It shows that the package is installed but it can not be run. By the way, do you connect to your Linux VPN from XP, by establishing a VPN connection as it should be for other VPNs?
It can be started by (root) command or in Yast System Services. I use the command method. On my firewall, I use the following commands in /etc/init.d/boot.local: #start vpn tunnel modprobe tun /usr/local/bin/vpn_up &
That script points to /usr/local/bin/vpn_up: #! /bin/bash cd /etc/openvpn /usr/sbin/openvpn --config static-office.conf
Seems like an odd way of starting up an openvpn daemon. Typically, boot.local will be run before the network has been brought up (particularly if controlled by NetworkManager), so openvpn will fail. I guess your conf has enough retries that it eventually comes up though. There is normally a openvpn init script supplied with the package - why not use that? Going back to the OP, as has been mentioned the openvpn binary is in an sbin directory so is not in a normal user path, and is typically run under root privileges because it requires read/write access to a network device (in this case tun or tap). Even explicitly specifying the openvpn binary won't be enough to have your non-root user be able to manipulate an openvpn connection without rights being applied elsewhere. There is also a NetworkManager plugin for openvpn available which does allow a non-root user to configure and start up an openvpn connection from a desktop. Maybe that would be the best place to look? Jon -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (4)
-
Danesh Daroui -
James Knott -
Jonathan Ervine -
Patrick Shanahan