How can I configure vpn server?

Dear,

I want to configure VPN in our Nethserver and wants to connect clients from internet through this vpn server.

Thanks
Hitesh

http://docs.nethserver.org/en/latest/vpn.html

Dear Giacomo,

Thanks for reply

i have read this manual but i couldn’t solve this issue, i would request you to please make me understand How to connect client machine with this VPN server, what will be firewall policy and VPN configuration.

@Hitesh_Dubey what do you want to achieve ? Drow some picture or net topology… I’ll try to help :slight_smile:

Dear Nas,

I have one Nethserver 6.6 —> I have one static IP ----> Static IP is natted with local private ip —> server is configured with PDC+OWNCLOUD+ Mail Server + DHCP&DNS + File Server -------> this is our Office environment ----------> i want to connect my office from my Home through VPN ---------> Now i want to configure OpenVPN in nethserver —> i have internet at my home.

SO please guide me How to configure VPN in Netherver . This all about my scenario .

Thanks
Hitesh

Your case is preaty simple :
1 Go to Configuration -> VPN -> create new user
2 Go to OpenVPN :

3 Then back to Accounts - Push Download :

4 Select OpenVpn configuration :

5 Download and install OpenVpn client for your Home PC:

6 Install OpenVPN client :

Copy downloaded from step4 config file to C:\Program Files\OpenVPN\config\

7 Run :

8 Than in Tray double click on :

1 Like

That’s a good quick guide with screenshots, you should create a FAQ :smile:

Yep, and it is One of the most common case for people :slight_smile:

Maybe you should make some screenshots of such part

Dear Nas,

Thanks for your Valuable Reply

I am facing some issues after configuration - when i try to connect any user profile from VPN client it only runs connecting but not connected.

-

created Users

Admin is — System User

Hitesh ---- System
User

Tommy ----- VPN Only

Configuration

OUR INTERNAL NETWORK IS - 192.168.1.0/24

IMPORTED PROFILE IN OPEN VPN CLIENT

**STUCK ON THIS SCREEN

With NO result _______-- Please Help on this

Thanks
Hitesh

Updated Instruction :

1 Like

@Hitesh_Dubey you don’t need to write Network Address to your OpenVPN Accounts and your Home network could not be like your office Range 192.168.1.0/24.

Dear Nas,

Are you talking about Network Address in New User tab or in Open VPN configuration Tab, Please let me know .

Please also tell me, VPN ONLY or SYSTEM USER

Dear Nas,

Sorry to bothered you again and again, But i am in trouble, i have to solve this

i have created system user without any network, i downloaded open vpn config file and deployed in OpenVpn Client, But its continuous in connecting mode

Senario is - I have one public ip ( without DNS ) natted with local ip 192.168.1.0 Range

All settings i have sent you in previous Reply with all snap.

Even i tried to connect with linux system But i got following Error

tommy@phoenix:~$ openvpn --config test.ovpn

Mon Aug 24 20:52:04 2015 OpenVPN 2.3.4 i586-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Dec 1 2014

Mon Aug 24 20:52:04 2015 library versions: OpenSSL 1.0.1k 8 Jan 2015, LZO 2.08

Mon Aug 24 20:52:04 2015 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

Mon Aug 24 20:52:04 2015 Socket Buffers: R=[163840->131072] S=[163840->131072]

Mon Aug 24 20:52:04 2015 UDPv4 link local: [undef]

Mon Aug 24 20:52:04 2015 UDPv4 link remote: [AF_INET]95.224.30.122:1194

Mon Aug 24 20:52:04 2015 TLS: Initial packet from [AF_INET]95.224.30.122:1194, sid=698c649b 784ace4e

Mon Aug 24 20:52:05 2015 VERIFY OK: depth=0, CN=NethServer, O=Example Org, ST=SomeState, OU=Main, emailAddress=root@localhost.localdomain, C=–, L=Hometown

Mon Aug 24 20:53:04 2015 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

Mon Aug 24 20:53:04 2015 TLS Error: TLS handshake failed

Mon Aug 24 20:53:04 2015 SIGUSR1[soft,tls-error] received, process restarting

Mon Aug 24 20:53:04 2015 Restart pause, 2 second(s)

Mon Aug 24 20:53:06 2015 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

Mon Aug 24 20:53:06 2015 Socket Buffers: R=[163840->131072] S=[163840->131072]

Mon Aug 24 20:53:06 2015 UDPv4 link local: [undef]

Mon Aug 24 20:53:06 2015 UDPv4 link remote: [AF_INET]95.224.30.122:1194

Mon Aug 24 20:53:06 2015 TLS: Initial packet from [AF_INET]95.224.30.122:1194, sid=a16558a2 55a93331

Mon Aug 24 20:53:06 2015 VERIFY OK: depth=0, CN=NethServer, O=Example Org, ST=SomeState, OU=Main, emailAddress=root@localhost.localdomain, C=–, L=Hometown

Mon Aug 24 20:54:06 2015 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

Mon Aug 24 20:54:06 2015 TLS Error: TLS handshake failed

Mon Aug 24 20:54:06 2015 SIGUSR1[soft,tls-error] received, process restarting

Mon Aug 24 20:54:06 2015 Restart pause, 2 second(s)

Mon Aug 24 20:54:08 2015 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

Mon Aug 24 20:54:08 2015 Socket Buffers: R=[163840->131072] S=[163840->131072]

Mon Aug 24 20:54:08 2015 UDPv4 link local: [undef]

Mon Aug 24 20:54:08 2015 UDPv4 link remote: [AF_INET]95.224.30.122:1194

Mon Aug 24 20:54:08 2015 TLS: Initial packet from [AF_INET]95.224.30.122:1194, sid=c5602054 5b91d87f

Mon Aug 24 20:54:08 2015 VERIFY OK: depth=0, CN=NethServer, O=Example Org, ST=SomeState, OU=Main, emailAddress=root@localhost.localdomain, C=–, L=Hometown

Mon Aug 24 20:55:08 2015 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

Mon Aug 24 20:55:08 2015 TLS Error: TLS handshake failed

Mon Aug 24 20:55:08 2015 SIGUSR1[soft,tls-error] received, process restarting

Mon Aug 24 20:55:08 2015 Restart pause, 2 second(s)

Mon Aug 24 20:55:10 2015 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

Mon Aug 24 20:55:10 2015 Socket Buffers: R=[163840->131072] S=[163840->131072]

Mon Aug 24 20:55:10 2015 UDPv4 link local: [undef]

Mon Aug 24 20:55:10 2015 UDPv4 link remote: [AF_INET]95.224.30.122:1194

Mon Aug 24 20:55:10 2015 TLS: Initial packet from [AF_INET]95.224.30.122:1194, sid=255296c6 de50c4b2

Mon Aug 24 20:55:11 2015 VERIFY OK: depth=0, CN=NethServer, O=Example Org, ST=SomeState, OU=Main, emailAddress=root@localhost.localdomain, C=–, L=Hometown

Mon Aug 24 20:56:10 2015 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

Mon Aug 24 20:56:10 2015 TLS Error: TLS handshake failed

Mon Aug 24 20:56:10 2015 SIGUSR1[soft,tls-error] received, process restarting

Mon Aug 24 20:56:10 2015 Restart pause, 2 second(s)

Mon Aug 24 20:56:12 2015 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

Mon Aug 24 20:56:12 2015 Socket Buffers: R=[163840->131072] S=[163840->131072]

Mon Aug 24 20:56:12 2015 UDPv4 link local: [undef]

Mon Aug 24 20:56:12 2015 UDPv4 link remote: [AF_INET]95.224.30.122:1194

Mon Aug 24 20:56:13 2015 TLS: Initial packet from [AF_INET]95.224.30.122:1194, sid=2baa96f6 e0b6d170

Mon Aug 24 20:56:14 2015 VERIFY OK: depth=0, CN=NethServer, O=Example Org, ST=SomeState, OU=Main, emailAddress=root@localhost.localdomain, C=–, L=Hometown

Mon Aug 24 20:57:12 2015 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

Mon Aug 24 20:57:12 2015 TLS Error: TLS handshake failed

Mon Aug 24 20:57:12 2015 SIGUSR1[soft,tls-error] received, process restarting

Mon Aug 24 20:57:12 2015 Restart pause, 2 second(s)

Mon Aug 24 20:57:14 2015 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

Mon Aug 24 20:57:14 2015 Socket Buffers: R=[163840->131072] S=[163840->131072]

Mon Aug 24 20:57:14 2015 UDPv4 link local: [undef]

Mon Aug 24 20:57:14 2015 UDPv4 link remote: [AF_INET]95.224.30.122:1194

Mon Aug 24 20:57:14 2015 TLS: Initial packet from [AF_INET]95.224.30.122:1194, sid=7930d96d 0b95ac06

Mon Aug 24 20:57:16 2015 VERIFY OK: depth=0, CN=NethServer, O=Example Org, ST=SomeState, OU=Main, emailAddress=root@localhost.localdomain, C=–, L=Hometown

CN

I Would request to you please provide me some resolution on this,
Is there any Firewall Role in this ??

Thanks—

That is the problem

Starting Nmap 5.51 ( http://nmap.org ) at 2015-08-25 00:12 EEST
Nmap scan report for host122-30-static.224-95-b.business.telecomitalia.it (95.224.30.122)
Host is up (0.075s latency).
PORT STATE SERVICE
1194/udp open|filtered openvpn

show please :
iptables -L | grep 1194

Dear Nas

we have only router firewall enabled, There is vpn ports are enable,
But on server no iptable or any firewall enabled,

Thanks

Write me to skype nassir_911

Dear Nas,

Thanksssss a lot for your great Help !

It is Solved by your instructions.

Thanksss
Hitesh .

Please @Nas @Hitesh_Dubey, can you show us how did you resolved?