Notices

Originally Posted by mikkov

it seems that ivacy-tls.key wasn't imported. Apparently there is still problems in openvpn-applet (I am the author).

Easiest is to copy the file manually. Install rootsh, open X terminal, type sudo gainroot, copy with cp ivacy-tls.key /etc/openvpn

Originally Posted by icbolsh

Okay sorry it took so long to get this step done. I got the file moved into the right directory. I don't get an error when I test....the light turns green when I start the client. The only problem is nothing has changed on the internet. Some sights are still blocked and Mauku still cannot connect with Twitter. I can't go to it through the browser either. I am missing something? An obvious step? Do I need to change something else?
Again thank you for all your help.

Here is the current log when I run a test:
"Sun Oct 18 01:23:08 2009 OpenVPN 2.1_rc19 arm-unknown-linux-gnueabi [SSL] [LZO2] [EPOLL] built on Sep 7 2009
Enter Auth Username:Enter Auth Password:Sun Oct 18 01:23:08 2009 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sun Oct 18 01:23:08 2009 /usr/bin/openssl-vulnkey -q -b 2048 -m <modulus omitted>
Sun Oct 18 01:23:08 2009 ******* WARNING *******: '(null)' is a known vulnerable key. See 'man openvpn-vulnkey' for details.
Sun Oct 18 01:23:08 2009 WARNING: file 'ivacy-tls.key' is group or others accessible
Sun Oct 18 01:23:08 2009 Control Channel Authentication: using 'ivacy-tls.key' as a OpenVPN static key file
Sun Oct 18 01:23:08 2009 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Oct 18 01:23:08 2009 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Oct 18 01:23:08 2009 LZO compression initialized
Sun Oct 18 01:23:08 2009 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Sun Oct 18 01:23:08 2009 RESOLVE: NOTE: openvpn.ivacy.com resolves to 3 addresses, choosing one by random
Sun Oct 18 01:23:08 2009 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Sun Oct 18 01:23:08 2009 Local Options hash (VER=V4): '504e774e'
Sun Oct 18 01:23:08 2009 Expected Remote Options hash (VER=V4): '14168603'
Sun Oct 18 01:23:08 2009 Socket Buffers: R=[105472->131072] S=[105472->131072]
Sun Oct 18 01:23:08 2009 UDPv4 link local: [undef]
Sun Oct 18 01:23:08 2009 UDPv4 link remote: 85.249.223.27:1194
Sun Oct 18 01:23:13 2009 TLS: Initial packet from 85.249.223.27:1194, sid=a20c53ca dcb26178
Sun Oct 18 01:23:13 2009 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sun Oct 18 01:23:25 2009 VERIFY OK: depth=1, /C=RU/ST=MR/L=Moscow/O=ivacy.com/CN=ivacy.com_CA/emailAddress=admin@ivacy.com
Sun Oct 18 01:23:26 2009 VERIFY OK: nsCertType=SERVER
Sun Oct 18 01:23:26 2009 VERIFY OK: depth=0, /C=RU/ST=MR/L=Moscow/O=ivacy.com/CN=openvpn.ivacy.com/emailAddress=admin@ivacy.com
Sun Oct 18 01:23:37 2009 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sun Oct 18 01:23:37 2009 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Oct 18 01:23:37 2009 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sun Oct 18 01:23:37 2009 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Oct 18 01:23:38 2009 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Sun Oct 18 01:23:38 2009 [openvpn.ivacy.com] Peer Connection Initiated with 85.249.223.27:1194
Sun Oct 18 01:23:39 2009 SENT CONTROL [openvpn.ivacy.com]: 'PUSH_REQUEST' (status=1)
Sun Oct 18 01:23:41 2009 PUSH: Received control message: 'PUSH_REPLY,route 1.0.0.0 255.0.0.0,dhcp-option DNS 1.254.2.2,dhcp-option DNS 1.254.2.3,dhcp-option DOMAIN vpn,explicit-exit-notify 2,route-gateway 1.2.124.1,topology subnet,ping 10,ping-restart 60,ifconfig 1.2.124.106 255.255.255.0'
Sun Oct 18 01:23:41 2009 OPTIONS IMPORT: timers and/or timeouts modified
Sun Oct 18 01:23:41 2009 OPTIONS IMPORT: explicit notify parm(s) modified
Sun Oct 18 01:23:41 2009 OPTIONS IMPORT: --ifconfig/up options modified
Sun Oct 18 01:23:41 2009 OPTIONS IMPORT: route options modified
Sun Oct 18 01:23:41 2009 OPTIONS IMPORT: route-related options modified
Sun Oct 18 01:23:41 2009 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sun Oct 18 01:23:41 2009 ROUTE default_gateway=192.168.15.1
Sun Oct 18 01:23:41 2009 TUN/TAP device tun0 opened
Sun Oct 18 01:23:41 2009 TUN/TAP TX queue length set to 100
Sun Oct 18 01:23:41 2009 /sbin/ifconfig tun0 1.2.124.106 netmask 255.255.255.0 mtu 1500 broadcast 1.2.124.255
Sun Oct 18 01:23:41 2009 /sbin/route add -net 85.249.223.27 netmask 255.255.255.255 gw 192.168.15.1
Sun Oct 18 01:23:42 2009 /sbin/route add -net 1.0.0.0 netmask 255.0.0.0 gw 1.2.124.1
Sun Oct 18 01:23:42 2009 Initialization Sequence Completed"

Hope that helps.

Originally Posted by icbolsh

not to have you do all the work for me, but what would that code look like in the terminal?

Originally Posted by allnameswereout

Its ok. I could help better if had N8x0/N900 device cause maybe the applet allows this.

The command would look like something like this:

sudo openvpn --config /etc/openvpn/config/Ivacy-client.ovpn --redirect-gateway def1

Two notes:

1) Might instead execute rootsh and ditch sudo
2) I don't know where your config file resides

After this authentication, going to http://ip.help.me.uk will say probably 85.249.223.27 (your VPN endpoint). If it does, it works. If not, I suggest running a tracepath.

PS: Instead of using --redirect-gateway you can also set up routing manually!!

Originally Posted by mikkov

Add "redirect-gateway def1" to your .ovpn file (remember to reimport it)