www.zeroshell.org

[Luigi10]

I'm trying to setup a VPN across two different ZS boxes that are separated by two cable ISP connections. One network has one /24 network and the other has about 15 different /24 networks on it. I have the VPN up and running, but I noticed that when I tried to ping and tracert across the VPN from one location to the other the traffic is going out the cable ISP connection instead of going through the VPN. You can see the hops hit the ZS box then the 10.x.x.x IP address of the cable modem then hit two public IP addresses inside my ISPs network. Then the connection drops. Please let me know what information you need to help me with this. Thanks.

[Luigi10]

I was just looking through the forum and found that someone had posted a picture that has a ZS gui config titled "IP Traffic to tunnel through VPN"

This is where you would go into and specify what kind of traffic will go over the VPN. I believe this is where I need to make the config changes to get my VPN to work properly. Where do I find this config setting in the ZS? Thanks.

[Luigi10]

I just wanted to follow-up on this. Does anyone know where I need to go to specify the types of traffic to go over the VPN? Thanks.

[Luigi10]

No one?

[Luigi10]

I'm trying to create the VPN from scratch using instructions on this PDF converted to English. http://digilander.libero.it/smasherdevourer/schede/linux/Zeroshell%20vpn.pdf The VPN goes up then goes right down. I don't know what the problem is. Here are the logs:

18:25:49 TCPv4_CLIENT link remote: x.x.x.22:1195
18:25:52 [zeroshell.example.com] Peer Connection Initiated with x.x.x.22:1195
18:25:53 Initialization Sequence Completed
18:25:54 Interface VPN00 is UP
18:26:02 Connection reset, restarting [0]
18:26:02 /root/kerbynet.cgi/scripts/vpn_mii VPN00 1500 1575 init
18:26:02 SIGUSR1[soft,connection-reset] received, process restarting
18:26:03 Interface VPN00 is DOWN
18:26:07 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
18:26:07 TUN/TAP device VPN00 opened
18:26:07 Attempting to establish TCP connection with x.x.x.22:1195
18:28:03 TCP connection established with x.x.x.22:1195
18:28:03 TCPv4_CLIENT link local: [undef]
18:28:03 TCPv4_CLIENT link remote: x.x.x.22:1195
18:28:14 [UNDEF] Inactivity timeout (--ping-restart), restarting
18:28:14 /root/kerbynet.cgi/scripts/vpn_mii VPN00 1500 1575 init
18:28:14 SIGUSR1[soft,ping-restart] received, process restarting
18:28:19 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
18:28:19 TUN/TAP device VPN00 opened
18:28:19 Attempting to establish TCP connection with x.x.x.22:1195
18:31:28 TCP: connect to x.x.x.22:1195 failed, will try again in 5 seconds: Connection timed out (errno=110)
18:31:36 TCP: connect to x.x.x.22:1195 failed, will try again in 5 seconds: No route to host (errno=113)
18:33:14 TCP connection established with x.x.x.22:1195
18:33:14 TCP/UDP: Dynamic remote address changed during TCP connection establishment
18:33:14 TCPv4_CLIENT link local: [undef]
18:33:14 TCPv4_CLIENT link remote: x.x.x.22:1195
18:33:25 [zeroshell.example.com] Peer Connection Initiated with x.x.x.22:1195
18:33:26 Initialization Sequence Completed
18:33:28 Interface VPN00 is UP
18:33:35 Connection reset, restarting [0]
18:33:35 /root/kerbynet.cgi/scripts/vpn_mii VPN00 1500 1575 init
18:33:35 SIGUSR1[soft,connection-reset] received, process restarting
18:33:35 Interface VPN00 is DOWN
18:33:40 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
18:33:40 TUN/TAP device VPN00 opened
18:33:40 Attempting to establish TCP connection with x.x.x.22:1195
18:36:49 TCP: connect to x.x.x.22:1195 failed, will try again in 5 seconds: Connection timed out (errno=110)
18:37:39 TCP connection established with x.x.x.22:1195
18:37:39 TCP/UDP: Dynamic remote address changed during TCP connection establishment
18:37:39 TCPv4_CLIENT link local: [undef]
18:37:39 TCPv4_CLIENT link remote: x.x.x.22:1195
18:37:50 [UNDEF] Inactivity timeout (--ping-restart), restarting
18:37:50 /root/kerbynet.cgi/scripts/vpn_mii VPN00 1500 1575 init
18:37:50 SIGUSR1[soft,ping-restart] received, process restarting
18:37:55 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
18:37:55 TUN/TAP device VPN00 opened
18:37:55 Attempting to establish TCP connection with x.x.x.22:1195
18:37:56 TCP connection established with x.x.x.22:1195
18:37:56 TCPv4_CLIENT link local: [undef]
18:37:56 TCPv4_CLIENT link remote: x.x.x.22:1195
18:38:03 [zeroshell.example.com] Peer Connection Initiated with x.x.x.22:1195
18:38:04 Initialization Sequence Completed
18:38:04 Interface VPN00 is UP
18:38:15 [zeroshell.example.com] Inactivity timeout (--ping-restart), restarting
18:38:15 /root/kerbynet.cgi/scripts/vpn_mii VPN00 1500 1575 init
18:38:15 SIGUSR1[soft,ping-restart] received, process restarting
18:38:15 Interface VPN00 is DOWN
18:38:20 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
18:38:20 TUN/TAP device VPN00 opened
18:38:20 Attempting to establish TCP connection with x.x.x.22:1195
18:41:29 TCP: connect to x.x.x.22:1195 failed, will try again in 5 seconds: Connection timed out (errno=110)
18:41:43 TCP connection established with x.x.x.22:1195
18:41:43 TCP/UDP: Dynamic remote address changed during TCP connection establishment
18:41:43 TCPv4_CLIENT link local: [undef]
18:41:43 TCPv4_CLIENT link remote: x.x.x.22:1195
18:41:45 [zeroshell.example.com] Peer Connection Initiated with x.x.x.22:1195
18:41:46 Initialization Sequence Completed
18:41:47 Interface VPN00 is UP
18:41:58 [zeroshell.example.com] Inactivity timeout (--ping-restart), restarting
18:41:58 /root/kerbynet.cgi/scripts/vpn_mii VPN00 1500 1575 init
18:41:58 SIGUSR1[soft,ping-restart] received, process restarting
18:41:58 Interface VPN00 is DOWN
18:42:03 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
18:42:03 TUN/TAP device VPN00 opened
18:42:03 Attempting to establish TCP connection with x.x.x.22:1195
18:42:03 TCP connection established with x.x.x.22:1195
18:42:03 TCPv4_CLIENT link local: [undef]
18:42:03 TCPv4_CLIENT link remote: x.x.x.22:1195
18:42:12 Connection reset, restarting [0]
18:42:12 /root/kerbynet.cgi/scripts/vpn_mii VPN00 1500 1575 init
18:42:12 SIGUSR1[soft,connection-reset] received, process restarting
18:42:17 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
18:42:17 TUN/TAP device VPN00 opened
18:42:17 Attempting to establish TCP connection with x.x.x.22:1195
18:42:18 TCP connection established with x.x.x.22:1195
18:42:18 TCPv4_CLIENT link local: [undef]
18:42:18 TCPv4_CLIENT link remote: x.x.x.22:1195
18:42:20 [zeroshell.example.com] Peer Connection Initiated with x.x.x.22:1195
18:42:21 Initialization Sequence Completed
18:42:23 Interface VPN00 is UP
18:42:29 Connection reset, restarting [-1]
18:42:29 /root/kerbynet.cgi/scripts/vpn_mii VPN00 1500 1575 init
18:42:29 SIGUSR1[soft,connection-reset] received, process restarting
18:42:29 Interface VPN00 is DOWN
18:42:34 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
18:42:34 TUN/TAP device VPN00 opened
18:42:34 Attempting to establish TCP connection with x.x.x.22:1195
18:45:43 TCP: connect to x.x.x.22:1195 failed, will try again in 5 seconds: Connection timed out (errno=110)
18:48:57 TCP: connect to x.x.x.22:1195 failed, will try again in 5 seconds: Connection timed out (errno=110)
18:52:11 TCP: connect to x.x.x.22:1195 failed, will try again in 5 seconds: Connection timed out (errno=110)