Thank you ahallubuntu for the reply.
Yes, it is dumb to say that there is no client in network business. What I ment is that I ran openvpn as a deamon from both the server and the client machines.
So regarding my system for vpn I have the following: home network which is on 192.168.1.0 subnet. I DON'T HAVE server on my router (Which is some TPLINK). I am running the openvpn server form one of my "clients" namely desktop which runs Kubuntu. I am accessing this home network with Acer netbook. The connection can be ppp0 (3G modem) or the network at my office at the Univerisity where, in order to "get out" to the internet, you must set up a proxy.
Meanwhile I ran into this
I think that this procedure is exactly what you were talking about.
I went on to set up the configs as described in this post on askubuntu.
The present state:
I have set up certificates and keys successfully.
I try to connect from my office via proxy:
borivoje@borivoje-AOD270 /etc/openvpn $ sudo openvpn client.conf
[sudo] password for borivoje:
Mon Nov 19 10:06:43 2012 OpenVPN 2.2.1 i686-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Mar 30 2012
Mon Nov 19 10:06:43 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Nov 19 10:06:43 2012 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Mon Nov 19 10:06:43 2012 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Nov 19 10:06:43 2012 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Nov 19 10:06:43 2012 LZO compression initialized
Mon Nov 19 10:06:43 2012 Control Channel MTU parms [ L:1576 D:168 EF:68 EB:0 ET:0 EL:0 ]
Mon Nov 19 10:06:43 2012 Socket Buffers: R=[87380->131072] S=[16384->131072]
Mon Nov 19 10:06:43 2012 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Mon Nov 19 10:06:43 2012 Local Options hash (VER=V4): 'e39a3273'
Mon Nov 19 10:06:43 2012 Expected Remote Options hash (VER=V4): '3c14feac'
Mon Nov 19 10:06:43 2012 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Mon Nov 19 10:06:43 2012 Attempting to establish TCP connection with [AF_INET]147.x.x.x:8080 [nonblock]
Mon Nov 19 10:06:44 2012 TCP connection established with [AF_INET]147.x.x.x:8080
Mon Nov 19 10:06:44 2012 Send to HTTP proxy: 'CONNECT 188.x.x.x:443 HTTP/1.0'
Mon Nov 19 10:06:49 2012 recv_line: TCP port read timeout expired: Operation now in progress (errno=115)
Mon Nov 19 10:06:49 2012 TCP/UDP: Closing socket
Mon Nov 19 10:06:49 2012 SIGUSR1[soft,init_instance] received, process restarting
Mon Nov 19 10:06:49 2012 Restart pause, 5 second(s)
My client config
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1"
keepalive 60 300
tls-auth ta.key 0
# Compress data to save bandwidth
# Logs are useful for debugging
I switched form the standard 1194 port to 443, since, it seems, that proxy does not allow the connection to the 1194, giving the Forbidden 403 errror.
# replace 220.127.116.11 by your server IP
remote 188.x.x.x 443
http-proxy 147.x.x.x 8080
tls-auth ta.key 1
I think that it is much more clear now.
Thanks for your patience!