You are not logged in.
Pages: 1
Topic closed
hi archfriends,
i want to use a vpn-connection and installed openvpn from the official rep.
i downloaded the configfiles from the vpn-website and typed
sudo openvpn --config VPN.Germany.conf
Wed Nov 12 00:14:22 2014 OpenVPN 2.3.5 x86_64-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Oct 30 2014
Wed Nov 12 00:14:22 2014 library versions: OpenSSL 1.0.1j 15 Oct 2014, LZO 2.08
Enter Auth Username: ************
Enter Auth Password: ************
Wed Nov 12 00:14:33 2014 WARNING: No server certificate verification method has been enabled. See [url]http://openvpn.net/howto.html#mitm[/url] for more info.
Wed Nov 12 00:14:33 2014 Socket Buffers: R=[212992->131072] S=[212992->131072]
Wed Nov 12 00:14:33 2014 UDPv4 link local: [undef]
Wed Nov 12 00:14:33 2014 UDPv4 link remote: [AF_INET]176.9.146.132:443
Wed Nov 12 00:14:33 2014 TLS: Initial packet from [AF_INET]176.9.146.132:443, sid=c20d4c0d 85d37b94
Wed Nov 12 00:14:33 2014 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Wed Nov 12 00:14:33 2014 VERIFY OK: depth=1, C=US, ST=FL, L=Orlando, O=TorGuard, OU=VPN, CN=TG-OVPN-CA, name=TorGuard, emailAddress=sysadmin@torguard.net
Wed Nov 12 00:14:33 2014 VERIFY OK: depth=0, C=US, ST=FL, L=Orlando, O=TorGuard, OU=VPN, CN=TG-OVPN-CA, name=TorGuard, emailAddress=sysadmin@torguard.net
Wed Nov 12 00:14:33 2014 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Nov 12 00:14:33 2014 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Nov 12 00:14:33 2014 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Nov 12 00:14:33 2014 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Nov 12 00:14:33 2014 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Wed Nov 12 00:14:33 2014 [TG-OVPN-CA] Peer Connection Initiated with [AF_INET]176.9.146.132:443
Wed Nov 12 00:14:36 2014 SENT CONTROL [TG-OVPN-CA]: 'PUSH_REQUEST' (status=1)
Wed Nov 12 00:14:36 2014 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route 10.9.0.1,topology net30,ping 5,ping-restart 30,ifconfig 10.9.0.38 10.9.0.37'
Wed Nov 12 00:14:36 2014 OPTIONS IMPORT: timers and/or timeouts modified
Wed Nov 12 00:14:36 2014 OPTIONS IMPORT: --ifconfig/up options modified
Wed Nov 12 00:14:36 2014 OPTIONS IMPORT: route options modified
Wed Nov 12 00:14:36 2014 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed Nov 12 00:14:36 2014 ROUTE_GATEWAY 192.168.0.1/255.255.255.0 IFACE=enp3s0 HWADDR=74:d4:35:83:f8:59
Wed Nov 12 00:14:36 2014 TUN/TAP device tun0 opened
Wed Nov 12 00:14:36 2014 TUN/TAP TX queue length set to 100
Wed Nov 12 00:14:36 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Nov 12 00:14:36 2014 /usr/bin/ip link set dev tun0 up mtu 1500
Wed Nov 12 00:14:36 2014 /usr/bin/ip addr add dev tun0 local 10.9.0.38 peer 10.9.0.37
Wed Nov 12 00:14:41 2014 /usr/bin/ip route add 176.9.146.132/32 via 192.168.0.1
Wed Nov 12 00:14:41 2014 /usr/bin/ip route add 0.0.0.0/1 via 10.9.0.37
Wed Nov 12 00:14:41 2014 /usr/bin/ip route add 128.0.0.0/1 via 10.9.0.37
Wed Nov 12 00:14:41 2014 /usr/bin/ip route add 10.9.0.1/32 via 10.9.0.37
Wed Nov 12 00:14:41 2014 Initialization Sequence Completed
everythings fine but it wont give me internet.. did i miss something to configure?
there is not actualy much to configure as a CLIENT..
did somebody do OpenVpn already, who can help me pls?
Last edited by xabit (2014-11-13 15:33:22)
Offline
Please use code tags when pasting to the boards: https://wiki.archlinux.org/index.php/Fo … s_and_Code
Offline
hi archfriends,
after many hours i figure out that the OpenVpn can ping ips but no names like www.archlinux.org.
that means my openvpn cant deal with DNS,but cant figure out why!?
i hope this helps a bit
Offline
dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4
To use those 2, the usual way is with a --up script.
Although there's no point, if the VPN is only pushing public servers anyway, which won't contain any company-specific DNS entries.
What is in your /etc/resolv.conf?
Offline
thank you very much for your reply brebs. im very disapointed already.
my etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.1.1
the --up script is very interessting didnt find this before, i will try this later.
Offline
It works now, i figured out that you need to configure the DNS - https://wiki.archlinux.org/index.php/OpenVPN#DNS
Thank you, for supporting me brebs
Offline
thank you! it is useful to me!
Offline
Glad to hear, please note that this is a old thread that shouldn't be necrobumped: https://wiki.archlinux.org/title/Genera … bumping%22
Closing.
Last edited by V1del (2021-09-23 13:08:25)
Offline
Pages: 1
Topic closed