[ previous ] [ next ] [ threads ]
 
 From:  "Brent Cook" <bcook at networklogistic dot com>
 To:  "Fernando Costa" <cusquinho at gmail dot com>, <m0n0wall dash dev at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall-dev] Problem regarding OpenVpn on b9 version
 Date:  Thu, 11 Aug 2005 08:21:45 -0500
I recompiled the OpenVPN executable to write to log to a certain syslog facility. Then fixed up the
logging page in m0n0wall and the syslog ini file to catch the logs. Otherwise, it all goes into the
main system log.

-----Original Message-----
From: Fernando Costa [mailto:cusquinho at gmail dot com] 
Sent: Thursday, August 11, 2005 8:09 AM
To: m0n0wall dash dev at lists dot m0n0 dot ch
Subject: Re: [m0n0wall-dev] Problem regarding OpenVpn on b9 version

Hello all,



one in the list mentioned that. The problem I was having is a bug in b9 openvpn.inc file, which wont
set the TCP option. Changing that file and rewriting the iso file got it working, even with windows
openvpn 2.0 client.

There is one thing that I still need to solve. How about openvpn logs?
How can I find out who is connected? As far as I checked, it wont redirect openvpn logs to any file.
I think we could do that very easily, and also, add a TAB in Diagnostics.

Thanks

Fernando Costa

>Michael,
>
>  Thanks for you fast response. I&#180;ll build a new version with that 
>fix for my personal use. Wondering, have you tried to support openvpn2? 
>I saw it is on freebsd port list. The problem is that Windows xp SP2 
>only works with version 2 protocol. Any luck on openvpn2?
>
>Thanks
>
>Fernando

On 8/3/05, M. G. (Michael) de Bruin <mg dot debruin at buum dot nl> wrote:
> Fernando Costa wrote:
> > Hello All,
> >
> >     I'm new to m0n0wall project but I think I have found a bug in 
> > OpenVPN support (lastest beta version). I know most VPNs would run 
> > using UDP but I can't use because it is blocked in my University 
> > firewall. The thing is, whenever I turn TCP option on, it still 
> > accepts connection on UDP port only. I've tested it, rebooting and 
> > stuff, and even when I click TCP it only listens on UDP port.
> >
> > nc -u 192.168.200.1 1976 -v (UDP Test) cusco.mine.nu [192.168.200.1] 
> > 1976 (?) open
> >
> > nc 192.168.200.1 1976 -v (TCP Test)
> > cusco.mine.nu [192.168.200.1] 1976 (?): connection refused
> >
> >   The logs also tells me that it's waiting for UDP connections:
> >
> > Aug 3 00:03:21 openvpn[319]: UDPv4 link local (bound): [undef]:1976 
> > Aug 3 00:03:21 openvpn[319]: UDPv4 link local (bound): [undef]:1976 
> > Aug 3 00:03:21 openvpn[319]: UDPv4 link remote: [undef] Aug 3 
> > 00:03:21 openvpn[319]: UDPv4 link remote: [undef]
> >
> > Guess it's something pretty simple regarding the config file parser.
> >
> > Thanks
> >
> > Fernando Costa
> >
> > --------------------------------------------------------------------
> > - To unsubscribe, e-mail: m0n0wall dash dev dash unsubscribe at 
> > lists dot m0n0 dot ch For additional commands, e-mail: m0n0wall dash 
> > dev dash help at lists dot m0n0 dot ch
> >
> Fernando,
> 
> you are correct, this is indeed a bug in m0n0wall. I actually 
> mentioned this 18th of february, but apparently Manual hasn't come 
> around to fixing it.
> 
> I have pasted the entire mail (including the solution) below, hope 
> that helps you.
> 
> Cheers,
> 
> Michael
> 
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> All,
> 
> I am either going nuts (hey, almost weekend) or there is a bug in the 
> OpenVPN configuration. What I am trying to do, is get OpenVPN to 
> listen on a tcp port, so I can connect  to it through any firewall. 
> However, even when I select TCP in the OpenVPN config, it still starts 
> up as an UDP service (long live syslog):
> 
> Feb 18 16:57:40 mercury openvpn[678]: OpenVPN 2.0_beta11 
> i386-unknown-freebsd4.10 [SSL] built on Oct 23 2004 Feb 18 16:57:40 
> mercury openvpn[678]: OpenVPN 2.0_beta11 i386-unknown-freebsd4.10 
> [SSL] built on Oct 23 2004 <snip uninteresting stuff> Feb 18 16:57:40 
> mercury openvpn[683]: UDPv4 link local (bound): x.x.x.x:8000 Feb 18 
> 16:57:40 mercury openvpn[683]: UDPv4 link local (bound): x.x.x.x:8000 
> Feb 18 16:57:40 mercury openvpn[683]: UDPv4 link remote: [undef] Feb 
> 18 16:57:40 mercury openvpn[683]: UDPv4 link remote: [undef]
> 
> If I check the process page, this seems logical, since the option 
> '--proto tcp-server' is missing.
> 
> Now, if I check /etc/inc/openvpn.inc (more specifically, the function 
> ovpn_config_server()), I can't find the option proto being set 
> anywhere, which would explain UDP (which is default) being used as a protocol.
> 
> If I am not mistaking, the following section should be added:
> 
> /* Set protocol being used (TCP or UDP)
>    if ($server['proto'] == 'TCP') {
>      $ovpn_config .= "--proto tcp-server";
>      }
> 
> 
> Cheers,
> 
> Michael de Bruin
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.6 (FreeBSD)
> 
> iD8DBQFCFhbHQ9cfgf1E1Y4RAs7AAKDTo0E25Qvs9Qy1vPMNaH2XU3aDTQCg/nzG
> E7z5PyrpKORDMnfdc9e0CbE=
> =oNnE
> -----END PGP SIGNATURE-----
> 
> 
>

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash dev dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash dev dash help at lists dot m0n0 dot ch