ok so here here is the config for the openVPN server daemon
Code:
port 5000
# TCP or UDP server?
proto tcp
dev tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key # This file should be kept secret
dh /etc/openvpn/dh2048.pem
ifconfig-pool-persist ipp.txt
push "route 192.168.0.0 255.255.0.0"
client-to-client
keepalive 10 120
cipher DES-EDE3-CBC # Triple-DES
comp-lzo
max-clients 10
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
client config:
Code:
client
dev tun
proto tcp
remote a.b.c.d 5000
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert netskay.crt
key netskay.key
ns-cert-type server
cipher DES-EDE3-CBC
comp-lzo
verb 3
current iptables ive been using to troubleshoot; all connections to the host are allowed:
Code:
*nat
:PREROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -s 192.168.3.0/255.255.255.0 -j MASQUERADE
COMMIT
*mangle
:PREROUTING ACCEPT [213:219554]
:INPUT ACCEPT [213:219554]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [155:35616]
:POSTROUTING ACCEPT [155:35616]
COMMIT
*filter
:FORWARD ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED -j ACCEPT
-A INPUT -m state --state RELATED -j ACCEPT
# VPN - LAN (5000)
-A INPUT -p udp -m udp --dport 5000 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 10000 # webmin, i can access fine
# router/local
-A INPUT -s 192.168.2.0/255.255.255.0 -i eth0 -j ACCEPT
# VPN - redirect
-A INPUT -s 192.168.3.0/255.255.255.0 -i tun1 -j ACCEPT
# VPN - LAN
-A INPUT -s 192.168.4.0/255.255.255.0 -i tun0 -j ACCEPT
# macbook
-A INPUT -m mac --mac-source XX:XX:XX:XX:XX:XX -j ACCEPT
COMMIT
Bookmarks