September 22, 2011 at 11:12 am #43126
Hi i’m trying to set up zeroshell as a vpn server. The goal is to get acces to lan1 from the internet. I have followed the guides vpn server and vpn client on zeroshell.net. I’m using KVpnc as the client but get following error on the client:
debug: [openvpn] Thu Sep 22 11:29:03 2011 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
debug: [openvpn] Thu Sep 22 11:29:03 2011 NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
debug: [openvpn] Thu Sep 22 11:29:03 2011 LZO compression initialized
debug: [openvpn] Thu Sep 22 11:29:03 2011 Attempting to establish TCP connection with [AF_INET]SERVER_IP:1194 [nonblock]
debug: [openvpn] Thu Sep 22 11:29:13 2011 TCP: connect to [AF_INET]SERVER_IP:1194 failed, will try again in 5 seconds: Connection timed out
error: Connection has been timed out. Terminate.
debug: There is a reason to stop connecting, terminating “openvpn” process.
debug: Disconnect requested
debug: Disconnect requested, status connecting
debug: Killing process while connecting.
success: Successful connect try canceled.
And the output of nmap SERVER_IP -p 1194
PORT STATE SERVICE
1194/tcp filtered unknown
Although I have input deny rules disabled and Openvpn host to lan status=Active
Hope someone can help hereOctober 4, 2011 at 8:34 pm #51959
Just a bad firewall ruleJanuary 26, 2012 at 9:42 am #51960
I have the same situation, but I for vpn server I use PPTP. I manage to make modification for this, but I’m stuck at firewall rules:
Seq Input Output Description Log Active
1 ETH00 * ACCEPT all opt — in ETH00 out * 0.0.0.0/0 -> 0.0.0.0/0 no
2 * * ACCEPT all opt — in * out * 0.0.0.0/0 -> 0.0.0.0/0 state RELATED,ESTABLISHED no
3 ETH01 * ACCEPT 115 opt — in ETH01 out * 0.0.0.0/0 -> 192.168.x.x no
4 ETH01 * ACCEPT tcp opt — in ETH01 out * 0.0.0.0/0 -> 192.168.x.x tcp dpt:1723 no
5 ETH01 * ACCEPT 47 opt — in ETH01 out * 0.0.0.0/0 -> 192.168.x.x no
Where 192.168.x.x is ip of zs.
Default input policy is set to DROP
ZS has two network interface: etho connected to my lan, eth1 (static ip) to wan
DHCP enable and use another default gateway and DNS (not zs)June 23, 2015 at 2:58 pm #51961
You must be logged in to reply to this topic.