Date: Wed, 11 May 2011 08:21:47 -0700 (PDT) From: Bill Tillman <btillman99@yahoo.com> To: Kevin Wilcox <kevin.wilcox@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: OpenVPN Setup Message-ID: <207183.59415.qm@web36504.mail.mud.yahoo.com>
next in thread | raw e-mail | index | archive | help
=0A=A0=0A=0A________________________________=0AFrom: Kevin Wilcox <kevin.wi= lcox@gmail.com>=0ATo: Bill Tillman <btillman99@yahoo.com>=0ACc: freebsd-que= stions@freebsd.org=0ASent: Wed, May 11, 2011 9:28:08 AM=0ASubject: Re: Open= VPN Setup=0A=0AOn Wed, May 11, 2011 at 09:11, Bill Tillman <btillman99@yaho= o.com> wrote:=0A=0A> 2. I have my OpenVPN process running on my FreeBSD ser= ver and wish to test it=0A> with the OpenVPN client for Windows on my lapto= p from an outside location. But=0A> the only outside locations I have acces= s to right now are the local McDonalds=0A> and Starbucks which offer free W= iFi via AT&T's network. The trouble with this =0A>is=0A> they appear to be = blocking almost everything at these locations with the=0A> exception of HTT= P traffic. I can't make the connection and I cannot acces my =0A>LAN=0A> vi= a SSH either. I don't think they are blocking any particular ports on these= =0A> systems as much as they are just blocking everything except those port= s which=0A> allow users to surf the web. The only thing which appears in th= e status window=0A> is that's it trying to make the handshake but then fail= s. I can ping my home=0A> server from these outside locations so I know my = server is reachable.=0A=0AIt's not uncommon for guest/visitor/unsponsored/p= ortal wireless to=0Aonly have ports 80 and 443 (sometimes only port 80) ope= n. You can=0Amodify your server's config to use port 80 instead of 1194 (as= suming=0Ayou aren't running a webserver on that machine). Keep in mind that= if=0Ayou do that then before you can connect you'll have to:=0A=0Ao change= the config on the server=0Ao restart openvpn on the server=0Ao change the = config on the client=0A=0Akmw=0A___________________________________________= ____=0Afreebsd-questions@freebsd.org mailing list=0Ahttp://lists.freebsd.or= g/mailman/listinfo/freebsd-questions=0ATo unsubscribe, send any mail to "fr= eebsd-questions-unsubscribe@freebsd.org"=0A=0AThanks again. Setting the pro= to to tcp, port 443 is working at least. I'm =0Asitting comfortably in a St= arbucks with a cup of java and smooth jazz playing =0Aand with a powered co= nnection so I won't have to worry about battery in this =0Alaptop which onl= y lasts about 20 minutes these days. So I can run the VPN client =0Ahere an= d it makes connection and grabs an IP address 10.8.0.6, and I can ping =0At= he tunnel device on the other end 10.8.0.1 but I cannot access the other si= de =0Aof the VPN server at home, 10.0.0.0/24. Nothing will reply to pings a= nd my =0Aattempts to do remote desktop with one of my windows machines fail= s and I cannot =0Aaccess the Samba shares on the VPN server. I guess this m= ust be a routing issue =0Abut I thought the OpenVPN server set this up when= it started. Any additional =0Aadvice will be appreciated. I'm going to sta= y here and hack at it until they run =0Ame off.=0A=0A=0AJust cleared one mo= re hurdle. Turns out the PUSH line in server.conf was still =0Acommented ou= t. A quick change there and it's off and running. I can now ping =0Ainside = my LAN from this remote connection and just completed a successful Remote = =0ADesktop session with one of the Windows clients inside as well. I'm stil= l =0Asomewhat confused on the routes needed and several of my tests are sti= ll in =0Aplace on the home LAN servers so I'm not sure what actually worked= and what can =0Abe removed if any. The PUSH line though seemed to be all i= t needed but I think =0Athere is something on the inside which needs to be = set as well.=0A=0ASorry for all the traffic, but I have the time this week = to hack at this until I =0Aget it right.=0A
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?207183.59415.qm>