www.zeroshell.org Forum Index www.zeroshell.org
Linux Distribution for server and embedded devices
 
 SearchSearch  RegisterRegister  UsergroupsUsergroups 
 ProfileProfile  Log inLog in  Log in to check your private messagesPrivate Message 

Zeroshell as vpn server

 
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> VPN
View previous topic :: View next topic  
Author Message
joakim



Joined: 22 Sep 2011
Posts: 2

PostPosted: Thu Sep 22, 2011 11:12 am    Post subject: Zeroshell as vpn server Reply with quote

Hi i'm trying to set up zeroshell as a vpn server. The goal is to get acces to lan1 from the internet. I have followed the guides vpn server and vpn client on zeroshell.net. I'm using KVpnc as the client but get following error on the client:

debug: [openvpn] Thu Sep 22 11:29:03 2011 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
debug: [openvpn] Thu Sep 22 11:29:03 2011 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
debug: [openvpn] Thu Sep 22 11:29:03 2011 LZO compression initialized
debug: [openvpn] Thu Sep 22 11:29:03 2011 Attempting to establish TCP connection with [AF_INET]SERVER_IP:1194 [nonblock]
debug: [openvpn]
debug: [openvpn] Thu Sep 22 11:29:13 2011 TCP: connect to [AF_INET]SERVER_IP:1194 failed, will try again in 5 seconds: Connection timed out
error: Connection has been timed out. Terminate.
debug: There is a reason to stop connecting, terminating "openvpn" process.
debug: Disconnect requested
debug: Disconnect requested, status connecting
debug: Killing process while connecting.
success: Successful connect try canceled.
debug: Disconnected.

And the output of nmap SERVER_IP -p 1194
PORT STATE SERVICE
1194/tcp filtered unknown

Although I have input deny rules disabled and Openvpn host to lan status=Active

Hope someone can help here
Back to top
View user's profile Send private message
joakim



Joined: 22 Sep 2011
Posts: 2

PostPosted: Tue Oct 04, 2011 8:34 pm    Post subject: solved Reply with quote

Solved

Just a bad firewall rule
Back to top
View user's profile Send private message
optimbit



Joined: 26 Jan 2012
Posts: 1

PostPosted: Thu Jan 26, 2012 9:42 am    Post subject: Hello! Reply with quote

I have the same situation, but I for vpn server I use PPTP. I manage to make modification for this, but I'm stuck at firewall rules:

INPUT Rules
Seq Input Output Description Log Active
1 ETH00 * ACCEPT all opt -- in ETH00 out * 0.0.0.0/0 -> 0.0.0.0/0 no
2 * * ACCEPT all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 state RELATED,ESTABLISHED no
3 ETH01 * ACCEPT 115 opt -- in ETH01 out * 0.0.0.0/0 -> 192.168.x.x no
4 ETH01 * ACCEPT tcp opt -- in ETH01 out * 0.0.0.0/0 -> 192.168.x.x tcp dpt:1723 no
5 ETH01 * ACCEPT 47 opt -- in ETH01 out * 0.0.0.0/0 -> 192.168.x.x no

Where 192.168.x.x is ip of zs.
Default input policy is set to DROP
NAT disable.
ZS has two network interface: etho connected to my lan, eth1 (static ip) to wan
DHCP enable and use another default gateway and DNS (not zs)
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> VPN All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group