Page 2 of 3 1 2 3
Reply
Thread Tools
Tu13es is offline Tu13es
2007-09-13 , 04:27
Posts: 61 | Thanked: 1 time | Joined on Jul 2007
#11
Originally Posted by rrwright View Post
Under the "Administration" tab, go to "Commands". Put in something like the following and click "Save Startup":

You will of course put your own information in there for the public key, private key, CA certificate, and Diffie-Hellman parameters in place of the "....................". Just cut and paste out of your cert/key files and past the text in. You will also need to change any of the particulars in that config file to fit your own setup--things like setting your own IPs/netmask in the "server-bridge" section and whatever. The "172.31.1.1" address refers to my router throughout. You can also add and delete other options if you want.

If you're paying attention, this method echos all the important information (certificates, keys, config files) into new files each time the router boots. This is because there is no good place to save the actual files on the router--no persistent memory that's accessible. The last little bit about creating a symlink and running your VPN process from the symlink is to address a problem that DD-WRT has (or used to have?) where the process would mysteriously hang.

Then after you've done that, you need to configure the router's firewall to accept packets on port 1194 (unless you changed the port for some reason, of course). Put the following into the same box on that page (now empty) and click "Save Firewall":


After that, you're done. Reboot the router and you should have a live OpenVPN server. If you don't know how to create certificate/key pairs, CA certs/keys or DH params, then read the man page for openssl. You can even install openssl on your N800 and do all this without a full-size computer. But if you have a desktop handy, there are good programs for managing your Certificate Authorities, as that can get messy if you have more than just a few clients connecting.

Also, keep in mind that the "redirect-gateway def1" option is something that goes in the client config file, not on the server side. The server doesn't care if you're routing your internet traffic through it or not--at least as far as the openvpn config file goes.

Alright, to forstall another question asking for it, here's an example client config file that I have on my N800:


Ok, that's all for now. I hope it all works for you.


Ryan Wright
Whew, thanks for all that. I have a DD-WRT router which I upgraded to the VPN firmware. I did everything above and also used http://mfresh-n800.blogspot.com/2007...-on-nokia.html to help me set this up. I'll test it out in class tomorrow.

 
Tu13es is offline Tu13es
2007-09-13 , 16:08
Posts: 61 | Thanked: 1 time | Joined on Jul 2007
#12
Hm, so when I run openvpn --config n800remote.ovpn, it just hangs. Nothing happens.

Any ideas?
 
rrwright is offline rrwright
2007-09-14 , 14:56
Posts: 17 | Thanked: 1 time | Joined on Jul 2007
#13
Originally Posted by Tu13es View Post
Hm, so when I run openvpn --config n800remote.ovpn, it just hangs. Nothing happens.

Any ideas?
What does your log say? probably in /var/log/openvpn.log or something. (You do specify a log location in your config file, right?
 
psb777 is offline psb777
2007-09-16 , 10:17
Posts: 4 | Thanked: 0 times | Joined on Sep 2007
#14
OpenVPN on N800

I downloaded the .deb file from http://www.rahkonen.org/openvpn.html but it will not install. dpkg -i reports that the architecture is wrong.

There is no N800 version and elsewhere I am told the 770 version installs.

What now?
 
Tu13es is offline Tu13es
2007-09-16 , 12:22
Posts: 61 | Thanked: 1 time | Joined on Jul 2007
#15
Originally Posted by psb777 View Post
OpenVPN on N800

I downloaded the .deb file from http://www.rahkonen.org/openvpn.html but it will not install. dpkg -i reports that the architecture is wrong.

There is no N800 version and elsewhere I am told the 770 version installs.

What now?
http://www.rubens.org/n800/openvpn_2...emo2_armel.deb
 
Tu13es is offline Tu13es
2007-09-17 , 21:52
Posts: 61 | Thanked: 1 time | Joined on Jul 2007
#16
Originally Posted by rrwright View Post
What does your log say? probably in /var/log/openvpn.log or something. (You do specify a log location in your config file, right?
I seem to be getting a bunch of "read UPDv4 [ECONNREFUSED]: Connection refused (code=111)

Any ideas?
 
Tu13es is offline Tu13es
2007-09-18 , 19:24
Posts: 61 | Thanked: 1 time | Joined on Jul 2007
#17
Bueller? Bueller?
 
Nealson is offline Nealson
2007-09-18 , 21:24
Posts: 1 | Thanked: 0 times | Joined on Sep 2007
#18
I know I'm very close to getting this set up... I'd appreciate any help. BTW, I'm a linux noob. I'm using xterm. I have root access. Here's what I get after running openvpn --config n800.ovpn

Peer Connection Initiated with 192.168.1.100:1194
Tue Sep 18 17:09:23 2007 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Tue Sep 18 17:09:25 2007 PUSH: Received control message:
'PUSH_REPLY,route 10.8.0.1,ping 10,ping-restart 120,ifconfig 10.8.0.10
10.8.0.9'
Tue Sep 18 17:09:25 2007 OPTIONS IMPORT: timers and/or timeouts
modifiedTue Sep 18 17:09:25 2007 OPTIONS IMPORT: --ifconfig/up options
modified
Tue Sep 18 17:09:25 2007 OPTIONS IMPORT: route options modified
Tue Sep 18 17:09:25 2007 Preserving previous TUN/TAP instance: tun3
Tue Sep 18 17:09:25 2007 Initialization Sequence Completed

Now, the "Initialization Sequence Completed" should be good news, right? However, I don't have a '#' prompt after this. Anything I type in has no effect. Is this normal?
I haven't opened the n800 firewall for the tun/tap interface as I did on my server machine (windows). Is there a firewall built into linux or the n800 that I need to do this for? If so, how do I do that?
Also, what is 'tun3'?
Thanks for any help!
 
psb777 is offline psb777
2007-09-18 , 22:26
Posts: 4 | Thanked: 0 times | Joined on Sep 2007
#19
Originally Posted by Tu13es View Post
http://www.rubens.org/n800/openvpn_2...emo2_armel.deb
Thanks. Once installed it configured just like OpenVPN on any other Linux platforms so I am happy. Well, nearly! But I'll start another thread about that. Thanks again.
 
psb777 is offline psb777
2007-09-18 , 22:31
Posts: 4 | Thanked: 0 times | Joined on Sep 2007
#20
If you need basic and general OpenVPN help (as opposed to advice with a N800/Maemo problem) the best place to read *good* online documentation, trouble-shooting guides etc is http://www.openvpn.net

I can confirm that OpenVPN works and configures on Maemo *exactly* as it does on my other Linux platforms.
 
Reply
Page 2 of 3 1 2 3

« Previous Thread | Next Thread »

 
Forum Jump


All times are GMT. The time now is 10:19.

Contact Us - Home - Archive - Top