MarsArtis
31-05-12, 19:08
Ok mates It seems I've found the solution for the OpenVPN issue. Reading previous posts above I noticed that they were reffering to a multi user configuration.
I mean one OpenVPN server and many different OpenVPN clients.
My discoveries applies to a p2p OpenVPN connection. So further implementation may be necessary.
------------------------------------------
OPENVPN SERVER CONFIGURATION
------------------------------------------
Let's go:
For what I've discovered it's essential to generate the *.key file right from the enigma2 receiver (In this case I own a Vu+DUO).
To do this here are the steps:
Make sure OpenVPN is installed (starting from Vix 2.4 you have to go to Network Configuration, choose OpenVPN and it'll ask to install) then
1 - telnet to you receiver
2 - type and send: cd /etc/init.d
3 - issue the following: openvpn -- genkey --secret /var/etc/openvpn/keys/name.key
at this point your .key file is generated
Time to set up the server .conf file. (put it via FTP in /etc/openvpn/)
Make sure that for a p2p OpenVpn connection you have only the *.key in the /keys subfolder, nothing else is needed.
So edit the server.conf like this:
dev tun0
ifconfig 10.8.0.1 10.8.0.2
port 1150
keepalive 10 120
verb 5
secret /etc/openvpn/keys/name.key
log /etc/openvpn/openvpn.log
notes:
A-the ip address can be assigned as you wish in a private range. Just note the colours of the two ips. They'll be switched in the client configuration.
B-the port number has to be opened for port forwarding on you router.
C-the log file is useful to understand if anything is not workin. Be careful it can get huge and fill up the flash memory. So after everyting is ok just delete it and disble the line in the config file (just put a # at the beginning of it)
Is now time to make the openvpn start:
make sure to be in the cd /etc/init.d directory:
issue: /etc/init.d/openvpn start
at this point your openVPN should be running, and in telnet if you issue ps command you'll get the process list and it should write near the end the following something like this line:
1134 root 4180 S /usr/sbin/openvpn --daemon --writepid /var/run/openv
Infact, if you go in the OpenVPN panel, this time you'll see the GREEN label saying: Running
17185
------------------------------------------
OPENVPN CLIENT CONFIGURATION
------------------------------------------
For the client side, make sure OpenVPN is installed, then you shoud ftp in it and place the client.conf file in /etc/openvpn/) and the .key file generated previously on the server in the /etc/openvpn/key folder.
The client config file should be like this:
dev tun0
remote ip-address
port 1150
ifconfig 10.8.0.2 10.8.0.1
resolv-retry infinite
persist-tun
persist-key
verb 5
secret /etc/openvpn/keys/name.key
log /etc/openvpn/openvpn.log
notes:
D- ip-address is the actual ip address of the server box. If you don't have a static ip you should use a dyndns or similar service.
E- as you can se the openvpn ips are inverted here.
F- since this is a client conf the port number just tells the client on which port to contact the server. If the client is behind a firewall you don't need to forward this port.
---------------------------------------------
---------------------------------------------
A suggestion/request for VIX developers:
could be possible to add the feature to automatically generate the *.key as a script within the openvpn panel?
Maybe just after the installation take place.
Or better structure the panel to execute the script to generate a .key file or a basic .conf file.
I mean one OpenVPN server and many different OpenVPN clients.
My discoveries applies to a p2p OpenVPN connection. So further implementation may be necessary.
------------------------------------------
OPENVPN SERVER CONFIGURATION
------------------------------------------
Let's go:
For what I've discovered it's essential to generate the *.key file right from the enigma2 receiver (In this case I own a Vu+DUO).
To do this here are the steps:
Make sure OpenVPN is installed (starting from Vix 2.4 you have to go to Network Configuration, choose OpenVPN and it'll ask to install) then
1 - telnet to you receiver
2 - type and send: cd /etc/init.d
3 - issue the following: openvpn -- genkey --secret /var/etc/openvpn/keys/name.key
at this point your .key file is generated
Time to set up the server .conf file. (put it via FTP in /etc/openvpn/)
Make sure that for a p2p OpenVpn connection you have only the *.key in the /keys subfolder, nothing else is needed.
So edit the server.conf like this:
dev tun0
ifconfig 10.8.0.1 10.8.0.2
port 1150
keepalive 10 120
verb 5
secret /etc/openvpn/keys/name.key
log /etc/openvpn/openvpn.log
notes:
A-the ip address can be assigned as you wish in a private range. Just note the colours of the two ips. They'll be switched in the client configuration.
B-the port number has to be opened for port forwarding on you router.
C-the log file is useful to understand if anything is not workin. Be careful it can get huge and fill up the flash memory. So after everyting is ok just delete it and disble the line in the config file (just put a # at the beginning of it)
Is now time to make the openvpn start:
make sure to be in the cd /etc/init.d directory:
issue: /etc/init.d/openvpn start
at this point your openVPN should be running, and in telnet if you issue ps command you'll get the process list and it should write near the end the following something like this line:
1134 root 4180 S /usr/sbin/openvpn --daemon --writepid /var/run/openv
Infact, if you go in the OpenVPN panel, this time you'll see the GREEN label saying: Running
17185
------------------------------------------
OPENVPN CLIENT CONFIGURATION
------------------------------------------
For the client side, make sure OpenVPN is installed, then you shoud ftp in it and place the client.conf file in /etc/openvpn/) and the .key file generated previously on the server in the /etc/openvpn/key folder.
The client config file should be like this:
dev tun0
remote ip-address
port 1150
ifconfig 10.8.0.2 10.8.0.1
resolv-retry infinite
persist-tun
persist-key
verb 5
secret /etc/openvpn/keys/name.key
log /etc/openvpn/openvpn.log
notes:
D- ip-address is the actual ip address of the server box. If you don't have a static ip you should use a dyndns or similar service.
E- as you can se the openvpn ips are inverted here.
F- since this is a client conf the port number just tells the client on which port to contact the server. If the client is behind a firewall you don't need to forward this port.
---------------------------------------------
---------------------------------------------
A suggestion/request for VIX developers:
could be possible to add the feature to automatically generate the *.key as a script within the openvpn panel?
Maybe just after the installation take place.
Or better structure the panel to execute the script to generate a .key file or a basic .conf file.