Good morning, Greetings from Argentina.
I am new to Clearos, I am implementing OpenVPN (client to server) to connect users from their homes or remote offices to our headquarters and I have a problem ..... I can connect from some places but not from others ... and I can't find the mistake ... could someone help me ???
Thank you!!
Ruben
I am new to Clearos, I am implementing OpenVPN (client to server) to connect users from their homes or remote offices to our headquarters and I have a problem ..... I can connect from some places but not from others ... and I can't find the mistake ... could someone help me ???
Thank you!!
Ruben
In OpenVPN
Share this post:
Responses (5)
-
Accepted Answer
-
Accepted Answer
Hello!! Thank you for your answers.
I tell you,
the server has ip 10.10.10.2, I have created two users, support 02 and support03, both with their corresponding certificates.
The strange thing is that from my house I connect without problems .. from another place I cannot ...
I'm going to reinstall ....
Saludos!! Ruben -
Accepted Answer
Life is never straightforward. Each user should have the same ca-cert, but their own user cert and key and this should be in the same folder as the ovpn file (unless you create a unified ovpn with the certificates and key embedded in it - instructions in the docs). In reality, any user can use any valid cert/key pair. It does not have to be their own, but OpenVPN, the way it is configured in ClearOS, will only allow a single connection from any certificate. This behaviour can be changed but it is not recommended to do so. It has the knock on effect that if a second user logs on with the same certificate, the first user gets kicked off. The first user's system will notice this and try to reconnect, kicking off the second user and so on. -
Accepted Answer
May be a silly question...you are putting the individual user certificates in the OpenVPN config folder on each of their computers, right? What I mean to say is, they each have a certificates with their username in the filename that have to be put on their computers. They don't all share the same certificates. -
Accepted Answer
Check the client and server connection logs. Is the connection getting through to ClearOS or is the Client ISP or LAN blocking it?
Also try not to use the LAN subnets 192.168.0.0/24 and 192.168.1.0/24 in ClearOS as from a lot of places you may be able to connect but you won't be able to pass any traffic (unless, perhaps, you use the Force all traffic over VPN option).
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »