View unanswered posts    View active topics

All times are UTC - 6 hours





Post new topic Reply to topic  [ 30 posts ] 
Go to page Previous  1, 2

Print view Previous topic   Next topic  
Author Message
Search for:
PostPosted: Thu Sep 06, 2018 7:19 am 
Offline
Joined: Tue Mar 27, 2018 12:02 pm
Posts: 31
Thank you very much. That worked.

#sudo modprobe tun

#sudo ls -l /dev/net/tun
crw-rw-rw- 1 root root 10, 200 Sep 6 07:51 /dev/net/tun

#sudo openvpn --config myvpn.ovpn

I run the command manually....
sudo openvpn --config myvpn.ovpn

This ran and i got vpn IP address
However, i am not getting my command line back.

.......
Thu Sep 6 09:12:51 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
....
....
Thu Sep 6 09:12:53 2018 /usr/bin/ip route add 10.x.y.0/32 via 10.x.y.25
Thu Sep 6 09:12:53 2018 Initialization Sequence Completed

(Here the cursor just waits forever)
If i hit Ctrl-D, it kills the VPN conection

Question 1> When running this command manually, how do i get my command line back

Question 2> I tried to run this during boot up but i am not being successful as per the article below.
(https://wiki.archlinux.org/index.php/OpenVPN)

# sudo systemctl start openvpn-client@myvpn.service
(myvpn is the config file located at /etc/openvpn/client/myvpn.ovpn)

Failed to get D-Bus connection: Operation not permitted

Any thoughts?

Many thanks!
jim


Top
 Profile  
 
PostPosted: Thu Sep 06, 2018 9:06 pm 
Offline
Joined: Thu Sep 27, 2007 5:44 pm
Posts: 537
caymann,

I think I have an easy answer to your first question. Just append "&" to the end of the command and it will launch in the background, leaving your shell script available:

"sudo openvpn --config myvpn.ovpn &"

I don't have a good answer on the auto launching. Hopefully someone else can help you with that. I've also just noticed that brfransen has pushed the updates from testing to the production repos. If you update, you will likely need to go back to the first openvpn package that I linked because the dependency packages will have changed.


Top
 Profile  
 
PostPosted: Fri Sep 07, 2018 2:39 pm 
Offline
Joined: Tue Mar 27, 2018 12:02 pm
Posts: 31
Thanks for that.
I figured out how to use runit
So i am using runit and works fine during bootup
It is running as a service now

I created:
#sudo nano /etc/sv/openvpn/run

And added the following contents

!/bin/sh
echo "Starting ExpressVPN"
exec 2>&1
sudo modprobe tun
sudo /usr/bin/openvpn --config /etc/openvpn/client/vpn.conf


I made it executible
#chmod +x run

#sudo add_service.sh openvpn
#sudo sv stop openvpn
#sudo sv start openvpn
# sudo sv status openvpn
run: openvpn: (pid 863) 20257s
reboot


Top
 Profile  
 
PostPosted: Fri Sep 07, 2018 7:31 pm 
Offline
Joined: Thu Sep 27, 2007 5:44 pm
Posts: 537
That's terrific. Sorry I wasn't able to get the compiled file to you quicker. I suggest requesting OpenVPN be added to the repos here:
http://linhes.org/projects/linhes/issues

Otherwise we are tampering with the system and you could have some issues as dependencies are updated, etc.


Top
 Profile  
 
PostPosted: Mon Apr 29, 2019 1:40 pm 
Offline
Joined: Mon Apr 10, 2006 3:48 pm
Posts: 986
Location: Lexington, Ky
Was going to add the request to issues but don't see a way to do that.
Also will the package you created work with R8.6.1 ?

Thanks


Top
 Profile  
 
PostPosted: Mon Apr 29, 2019 9:11 pm 
Offline
Joined: Thu Sep 27, 2007 5:44 pm
Posts: 537
tscholl, I really don't know. I installed everything per the post for 8.5.2 on my 8.6.0 system and I don't see any errors, but I do not have a way to test it. Here is the post with the link and install info if you want to try. I will try to add an issue as well.

http://forums.linhes.org/viewtopic.php? ... 22#p142222


Top
 Profile  
 
PostPosted: Tue Apr 30, 2019 3:24 pm 
Offline
Joined: Mon Apr 10, 2006 3:48 pm
Posts: 986
Location: Lexington, Ky
Thanks for adding that as a feature. I finally figured out why I couldn't add it. I wasn't logged into LinHES Home.
:( Sigh..............


Top
 Profile  
 
PostPosted: Sat May 18, 2019 11:31 am 
Offline
Joined: Mon Apr 10, 2006 3:48 pm
Posts: 986
Location: Lexington, Ky
I finally had time to try and install the packages, both installed without any errors.
Code:
[2019-05-18 13:10] [PACMAN] Running 'pacman -U pkcs11-helper-1.23-1-x86_64.pkg.t           ar.xz'
[2019-05-18 13:10] [ALPM] transaction started
[2019-05-18 13:10] [ALPM] installed pkcs11-helper (1.23-1)
[2019-05-18 13:10] [ALPM] transaction completed
[2019-05-18 13:10] [ALPM] running 'systemd-update.hook'...
[2019-05-18 13:10] [PACMAN] Running 'pacman -U openvpn-2.4.6-1-x86_64.pkg.tar.xz           '
[2019-05-18 13:10] [ALPM] transaction started
[2019-05-18 13:10] [ALPM] installed openvpn (2.4.6-1)
[2019-05-18 13:10] [ALPM] transaction completed
[2019-05-18 13:10] [ALPM] running 'systemd-tmpfiles.hook'...
[2019-05-18 13:10] [ALPM] running 'systemd-update.hook'...

Then I ran the following:
Code:
modprobe tun
[root@mythtv tmp]#  ls -l /dev/net/tun
crw-rw-rw- 1 root root 10, 200 May 18 13:11 /dev/net/tun
sudo openvpn --config myvpn.ovpn  returns
In [CMD-LINE]:1: Error opening configuration file: myvpn.ovpn

My question is where do I get the information for the the config file? And where should it be located.

Any suggestions?
Thanks


Top
 Profile  
 
PostPosted: Mon May 20, 2019 6:48 pm 
Offline
Joined: Thu Sep 27, 2007 5:44 pm
Posts: 537
I assume you would create the config file for your vpn. I have not investigated openvpn, though...


Top
 Profile  
 
PostPosted: Tue May 21, 2019 7:41 am 
Offline
Joined: Sat Jan 06, 2007 7:08 pm
Posts: 96
i am not running openvpn on linhes, however, i am running an openvpn server on a rpi. hopefully some of this info will be be of use.

upon installation, a startup script was created for me. the startup procedures between arch and rpi are different, but be that as it may, the startup script sets some things up for us. one of those items is the server config file

the startup script looks for server side .conf files in /etc/default/openvpn and /etc/openvpn/.*conf

the command line you are using to launch openvpn:

Code:
sudo openvpn --config myvpn.ovpn


you indicate that the command returns "error opening config file". this could be as simple as not providing the correct path to the myvpn.opvn file you are trying to use. you may have to fully qualify the path to the myvpn.opvn file. however, when using the server side startup script the path and name of the conf file is setup for you (/etc/openvpn/server.conf).

my /etc/openvpn/server.conf file also adds "--daemon" to the startup, to push it into the background. you could add this to your command line or continue to use the standard unix "&" to push it in the background when running it via command line

the server.conf file is initially set up by the installation script, but can be hand edited if you need to change settings later. there are very many settings.

the daemon option, along with many other options can be found here:

Code:
https://openvpn.net/community-resources/reference-manual-for-openvpn-2-4/


this server.conf file sets up configurations for the server in addition to containing information used to generate client config (opvn) files

in order to create a client opvn file on a openvpn server running on my rpi, i reran the openvpn installation script and selected the option to add a new user.

the instructions i used are here:

Code:
https://docs.pi-hole.net/guides/vpn/setup-openvpn-server/


these instructions have you run the openvpn-install.sh script. this script gave me several options, one of which was to create a new user, which will result in the creation of a new client config (opvn) file. however, a client opvn file was also created for me on the rpi upon initial install. as i am using an rpi, and do not have openvpn installed on linhes, i do not know where the openvpn-install.sh would be located on arch.

once you get the client.opvn file created, then you copy it to the client and cross your fingers and hope it works.

logs can be checked in the /etc/openvpn/openvpn-status.log file

hope this answers some of your questions

_________________
DH87MC i7-4770 16GB ram Xonar Essence ST geforce 710 LinHes 8.6


Top
 Profile  
 
PostPosted: Tue May 21, 2019 8:03 am 
Offline
Joined: Sat Jan 06, 2007 7:08 pm
Posts: 96
tscholl,

sorry, but i just reread the title of your post, where it clearly states that you want to connect to an openvpn server as a client, and you are not attempting to use your linhes as an openvpn server. my previous response incorrectly assumed you were trying to run an openvpn server on your linhes box

be that as it may, your basic question of where to get the client opvn config file is that you get it from the server that you are trying to connect to. the process to generate the client opvn file is mentioned in my previous post. you would then run

Code:
openvpn --client client.opvn


be sure to fully qualify the client file if it is not located in your current working directory

_________________
DH87MC i7-4770 16GB ram Xonar Essence ST geforce 710 LinHes 8.6


Top
 Profile  
 
PostPosted: Tue May 21, 2019 11:15 am 
Offline
Joined: Mon Apr 10, 2006 3:48 pm
Posts: 986
Location: Lexington, Ky
Thanks for the information provided, it did point me to running openvpn-install.sh
The bad news is that this file is not in any of the openvpn install directories.
Arggggg ... I'am still looking.


Top
 Profile  
 
PostPosted: Tue May 21, 2019 12:17 pm 
Offline
Joined: Mon Apr 10, 2006 3:48 pm
Posts: 986
Location: Lexington, Ky
Ok I am making progress I was able to create a client.conf using
Code:
/usr/share/openvpn/examples/client.conf

as a starting point and following this.
Code:
https://openvpn.net/community-resources/static-key-mini-howto/

That was very helpful and it also helped to create the myvpn.ovpn.
Ran the following and got this result.
Code:
[root@mythtv ~]# openvpn --config myvpn.ovpn &
[1] 30307
[root@mythtv ~]# Tue May 21 14:12:11 2019 disabling NCP mode (--ncp-disable) because not in P2MP client or server mode
Tue May 21 14:12:11 2019 WARNING: file 'static.key' is group or others accessible
Tue May 21 14:12:11 2019 OpenVPN 2.4.6 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Aug 25 2018
Tue May 21 14:12:11 2019 library versions: OpenSSL 1.1.1a  20 Nov 2018, LZO 2.09
Tue May 21 14:12:11 2019 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Tue May 21 14:12:11 2019 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Tue May 21 14:12:11 2019 TUN/TAP device tun0 opened
Tue May 21 14:12:11 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]209.95.52.21:1194
Tue May 21 14:12:11 2019 UDP link local (bound): [AF_INET][undef]:1194
Tue May 21 14:12:11 2019 UDP link remote: [AF_INET]209.95.52.21:1194

So I'm making progress. Not quite sure if I really need to do anything about using something other than the static key.

Also I'm really no sure that it is working. After I start openvpn and I go to whatsmyip.org it is still showing the same ip address as before.

Thanks welner for pointing me in the right direction.


Top
 Profile  
 
PostPosted: Tue May 21, 2019 1:31 pm 
Offline
Joined: Sat Jan 06, 2007 7:08 pm
Posts: 96
based on the output, it appears that you are attempting to connect to a hosted server at midphase.com that is running an openvpn server, and your linhes box is the client.

if you want to redirect all traffic coming to/from the client and have "whatsmyipaddress" return the ip address of the server try this:

https://openvpn.net/community-resources/how-to/#routing-all-client-traffic-including-web-traffic-through-the-vpn

however, please note that the example shows this being set at the server level and being pushed out to the client. i don't know if you can force this setting at the client level without the server being set up for it (there is a warning in the section)

if you did connect using the current configuration, you should have access to boxes on the network the server is on and ifconfig -a will show a tun0 device

_________________
DH87MC i7-4770 16GB ram Xonar Essence ST geforce 710 LinHes 8.6


Top
 Profile  
 
PostPosted: Tue May 28, 2019 7:57 pm 
Offline
Joined: Mon Apr 10, 2006 3:48 pm
Posts: 986
Location: Lexington, Ky
Sorry for the delay in getting back to you, I looked over your post and ran

ifconfig -a
Code:
[root@mythtv ~]# ifconfig -a
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.20.52  netmask 255.255.255.0  broadcast 192.168.20.255
        inet6 fe80::96de:80ff:fe3a:2cc4  prefixlen 64  scopeid 0x20<link>
        ether 94:de:80:3a:2c:c4  txqueuelen 1000  (Ethernet)
        RX packets 74940272  bytes 101926078097 (94.9 GiB)
        RX errors 0  dropped 723  overruns 0  frame 0
        TX packets 322052  bytes 63689523 (60.7 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1  (Local Loopback)
        RX packets 7226413  bytes 101328126359 (94.3 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 7226413  bytes 101328126359 (94.3 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

It does not return anything for a tun0 device so I thinking I still have a configuration issue somewhere.


Top
 Profile  
 

Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 30 posts ] 
Go to page Previous  1, 2



All times are UTC - 6 hours




Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group

Theme Created By ceyhansuyu