Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Technical

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 24th July 2013, 13:48
NovaDecker NovaDecker is offline
Junior Member
 
Join Date: Jul 2013
Posts: 3
Thanks: 0
Thanked 1 Time in 1 Post
Default OpenVPN server does not assign IP-addresses.

Hi!
I have a VPS with these public IP-addresses:
xx.xx.xx.192 (This IP-address is assigned to eth0)
xx.xx.xx.193
xx.xx.xx.194
xx.xx.xx.195
xx.xx.xx.196
xx.xx.xx.197
xx.xx.xx.198
xx.xx.xx.200
xx.xx.xx.201
xx.xx.xx.202

eth0 is configured with static IP. Gateway is xx.xx.xx.254, netmask is 255.255.255.0
ipv4_forward is 1.
I have no iptables rules yet. This server is not standing behind a NAT-restricted network.
(I don't need to open ports for services anywhere, just set up the service and connect to the server via the port.)

I want to make that the OpenVPN server assigns all the public IPs to the clients, except .192, of course.

But when I connect to the OpenVPN server, I does not get a IP-address. Windows just set IP-address to the 169.xx.xx.xx address (local only)

I tried to make the TAP-adapter to have a static IP-address, xx.xx.xx.194 with xx.xx.xx.192 as gateway, and 255.255.255.0 as netmask.
Now I can't connect something with this IP. My computer tries to reach the destination with the TAP-adapter first, then it gives up and use my default network connection instead. (WLAN)

This is the config of OpenVPN server, do I miss something?
Code:
mode server
dev tap
port 1197
proto udp
local xx.xx.xx.192

tls-server
dh /etc/openvpn/ssl/dh1024.pem
cert /etc/openvpn/ssl/server.crt
key /etc/openvpn/ssl/server.key
ca /etc/openvpn/ssl/ca.crt
reneg-sec 216000

ifconfig xx.xx.xx.193 255.255.255.0
push "route xx.xx.xx.194 255.255.255.0 net_gateway"
push "route-gateway xx.xx.xx.192"
push "redirect-gateway def1"

push "dhcp-option DNS 195.159.0.100"
push "dhcp-option DNS 195.159.0.200"

keepalive 5 60
comp-lzo
user nobody
group nogroup
persist-key
persist-tun

log /var/log/openvpn/main204.log

verb 1
mute 10
username-as-common-name

tun-mtu 1500
tun-mtu-extra 32
max-clients 30

auth-user-pass-verify "/etc/openvpn/script/login.sh" via-env

script-security 3
tmp-dir "/tmp"

tcp-queue-limit 128
txqueuelen 200
tcp-nodelay
inactive 600
client-connect /etc/openvpn/script/connect.sh
client-disconnect /etc/openvpn/script/disconnect.sh

#engine aesni
cipher aes-128-cbc
I'm using MySQL authentication, so this is the login.sh script:
Code:
#!/bin/bash
. /etc/openvpn/script/config.sh
##Authentication
user_id=$(mysql -h$HOST -P$PORT -u$USER -p$PASS $DB -sN -e "select user_id from ovpnuser where user_id = '$username' AND user_pass = '$password' AND user_enable=1 AND user_start_date != user_end_d$
##Check user
[ "$user_id" != '' ] && [ "$user_id" = "$username" ] && echo "user : $username" && echo 'authentication ok.' && exit 0 || echo 'authentication failed.'; exit 1
This is connect.sh script:
Code:
#!/bin/bash
. /etc/openvpn/script/config.sh
##insert data connection to table log
mysql -h$HOST -P$PORT -u$USER -p$PASS $DB -e "INSERT INTO ovpnlog (log_id,user_id,log_trusted_ip,log_trusted_port,log_remote_ip,log_remote_port,log_start_time,log_end_time,log_received,log_send) V$
##set status online to user connected
mysql -h$HOST -P$PORT -u$USER -p$PASS $DB -e "UPDATE ovpnuser SET user_online=1 WHERE user_id='$common_name'"
Help, please?
Reply With Quote
The Following User Says Thank You to NovaDecker For This Useful Post:
pittymaarleya9893 (6th October 2013)
Sponsored Links
  #2  
Old 24th July 2013, 21:10
Denny Denny is offline
HowtoForge Supporter
 
Join Date: Jul 2013
Posts: 7
Thanks: 0
Thanked 5 Times in 4 Posts
Default

Quote:
Originally Posted by NovaDecker View Post
Hi!
I have a VPS with these public IP-addresses:
xx.xx.xx.192 (This IP-address is assigned to eth0)
xx.xx.xx.193
xx.xx.xx.194
xx.xx.xx.195
xx.xx.xx.196
xx.xx.xx.197
xx.xx.xx.198
xx.xx.xx.200
xx.xx.xx.201
xx.xx.xx.202

eth0 is configured with static IP. Gateway is xx.xx.xx.254, netmask is 255.255.255.0
ipv4_forward is 1.
I have no iptables rules yet. This server is not standing behind a NAT-restricted network.
(I don't need to open ports for services anywhere, just set up the service and connect to the server via the port.)

I want to make that the OpenVPN server assigns all the public IPs to the clients, except .192, of course.

But when I connect to the OpenVPN server, I does not get a IP-address. Windows just set IP-address to the 169.xx.xx.xx address (local only)

I tried to make the TAP-adapter to have a static IP-address, xx.xx.xx.194 with xx.xx.xx.192 as gateway, and 255.255.255.0 as netmask.
Now I can't connect something with this IP. My computer tries to reach the destination with the TAP-adapter first, then it gives up and use my default network connection instead. (WLAN)

This is the config of OpenVPN server, do I miss something?
Code:
mode server
dev tap
port 1197
proto udp
local xx.xx.xx.192

tls-server
dh /etc/openvpn/ssl/dh1024.pem
cert /etc/openvpn/ssl/server.crt
key /etc/openvpn/ssl/server.key
ca /etc/openvpn/ssl/ca.crt
reneg-sec 216000

ifconfig xx.xx.xx.193 255.255.255.0
push "route xx.xx.xx.194 255.255.255.0 net_gateway"
push "route-gateway xx.xx.xx.192"
push "redirect-gateway def1"

push "dhcp-option DNS 195.159.0.100"
push "dhcp-option DNS 195.159.0.200"

keepalive 5 60
comp-lzo
user nobody
group nogroup
persist-key
persist-tun

log /var/log/openvpn/main204.log

verb 1
mute 10
username-as-common-name

tun-mtu 1500
tun-mtu-extra 32
max-clients 30

auth-user-pass-verify "/etc/openvpn/script/login.sh" via-env

script-security 3
tmp-dir "/tmp"

tcp-queue-limit 128
txqueuelen 200
tcp-nodelay
inactive 600
client-connect /etc/openvpn/script/connect.sh
client-disconnect /etc/openvpn/script/disconnect.sh

#engine aesni
cipher aes-128-cbc
I'm using MySQL authentication, so this is the login.sh script:
Code:
#!/bin/bash
. /etc/openvpn/script/config.sh
##Authentication
user_id=$(mysql -h$HOST -P$PORT -u$USER -p$PASS $DB -sN -e "select user_id from ovpnuser where user_id = '$username' AND user_pass = '$password' AND user_enable=1 AND user_start_date != user_end_d$
##Check user
[ "$user_id" != '' ] && [ "$user_id" = "$username" ] && echo "user : $username" && echo 'authentication ok.' && exit 0 || echo 'authentication failed.'; exit 1
This is connect.sh script:
Code:
#!/bin/bash
. /etc/openvpn/script/config.sh
##insert data connection to table log
mysql -h$HOST -P$PORT -u$USER -p$PASS $DB -e "INSERT INTO ovpnlog (log_id,user_id,log_trusted_ip,log_trusted_port,log_remote_ip,log_remote_port,log_start_time,log_end_time,log_received,log_send) V$
##set status online to user connected
mysql -h$HOST -P$PORT -u$USER -p$PASS $DB -e "UPDATE ovpnuser SET user_online=1 WHERE user_id='$common_name'"
Help, please?

Hey,

you forget to define the VPN Subnet. Define in your server.conf something like
Code:
server 192.168.100.0 255.255.255.0
This will assign 192.168.100.1 to the openvpn server and all other IPs (192.168.100.2-192.168.100.255) to clients who connected to the server.



Try this out and if this doesn't help provide us some more information like errors in /var/log/openvpn/main204.log

Last edited by Denny; 24th July 2013 at 23:01.
Reply With Quote
  #3  
Old 5th October 2013, 13:47
ioFlare ioFlare is offline
Junior Member
 
Join Date: Oct 2013
Posts: 2
Thanks: 0
Thanked 1 Time in 1 Post
Default

TUN is a bit easier to setup in regards to networking you might want to try that if Dennys suggestion does not work for you.

Another way that greatly simplifies things is to use Webmin + the openvpn module. I have written a good guide with video on this and it takes less than 15 minutes to setup.

Install Webmin And OpenVPN On Your Ubuntu Cloud Server
__________________
ioFlare SSD Cloud Servers The future of Cloud Computing.

Last edited by ioFlare; 5th October 2013 at 13:49.
Reply With Quote
  #4  
Old 4th November 2013, 11:29
haiduongfun haiduongfun is offline
Junior Member
 
Join Date: Nov 2013
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

Quote:
Originally Posted by ioFlare View Post
TUN is a bit easier to setup in regards to networking you might want to try that if Dennys suggestion does not work for you.

Another way that greatly simplifies things is to use Webmin + the openvpn module. I have written a good guide with video on this and it takes less than 15 minutes to setup.

Install Webmin And OpenVPN On Your Ubuntu Cloud Server
Thank you it is very useful for me
__________________
Xem phim những người thừa kế một bộ phim hn quốc đang gy sốt hiện nay
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPConfig 3 system installation script Mark_NL Tips/Tricks/Mods 12 7th March 2014 06:30
Can't receive mails baicunko Server Operation 12 3rd August 2011 22:02
Not working emails (DNS and postfix problem?) shekiman Installation/Configuration 9 1st March 2011 16:25
Can't Ping over VPN RoMiONeT Server Operation 2 4th July 2010 00:19
Sending mail ISPConfig 3 but not receivind catza Installation/Configuration 20 19th May 2010 12:47


All times are GMT +2. The time now is 22:25.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.