OpenVPN Over RackForce VPS
May 2, 2007I am planning to install a VPN software, probably OpenVPN over my VPS at RackForce. However, I am not much a VPN professional so that I would need some tutorials on it.
View 4 RepliesI am planning to install a VPN software, probably OpenVPN over my VPS at RackForce. However, I am not much a VPN professional so that I would need some tutorials on it.
View 4 RepliesDoes anyone have any coupons for rackforce.com or any reviews?
View 4 Replies View RelatedI've come across lots of entries here regarding RackForce in the VPS & Dedicated server forums, but none really within the colocation area.
I was wondering if there is anyone who uses (or has used) RackForce for their colocation services, and wouldn't mind commenting on them.
I'm creating a web app using ASP.NET and SQL Server 2005, with lots of AJAX. I want to use a VPS to improve performance (compared to shared hosting) and I've narrowed my choices down to SolarVPS (NeptuneX Unmanaged) and RackForce (DDS 200-W). I've been lurking for a while and have read every post regarding Windows VPS services from the last few months, but I have several questions I'm hoping people can help with.
 
1. I'd been considering shared hosting at CrystalTech.com, but I'm not impressed with their VPS offering. I was, however, very impressed with their ping results - about 40ms compared to 80ms for SolarVPS and RackForce. Since I'm using AJAX, I'm assuming response time is important. Am I reading this correctly, or should I not be too concerned about that?
 
2. RackForce allocates its bandwidth as unmetered shared 10Mbps. At 5 accounts per server, that's down to 2Mbps. I assume it can burst as needed up to the 10Mbps rate, but if I get a heavy period of use, am I going to be in trouble? Would it be better to have SolarVPS's burstable (up to 100Mbps) bandwidth, even though it's metered?
 
3. RackForce advertises that they only have 5 accounts per server, which seems really good. I'm awaiting a response from SolarVPS on the number of accounts per server they have. But RackForce seems to be a smoking deal for that performance. Am I missing something?
I have installed OpenVPN on my VPS and I don't know how can i login on that and create client and configuration.
Support from Datacenter have installed on my VPS.
this is my details:
OpenVPN 2.0 x86_64-unknown-linux [SSL] [LZO] [EPOLL] built on Dec 27 2007
Developed by James Yonan
Copyright (C) 2002-2005 OpenVPN Solutions LLC <info@openvpn.net> ,
How can i login on OpenVPN? i'm very beginner.
Can you Please tell me , how can i access to OpenVPN and Create Account?
I have Cpanel/WHM on my VPS.
need some one to install OpenVPN ....
View 5 Replies View Relatedi try running on centos 5.2 : yum install -y openvpn
-bash-3.1# yum install -y openvpn
Loading "installonlyn" plugin
Setting up Install Process
Setting up repositories
Reading repository metadata in from local files
Parsing package install arguments
Nothing to do
i want install openvpn by yum
Currently trying to get OpenVPN to work on my CentOS VPS, however not getting very far with it. I have followed the guide here:  [url]
No problems with the guide, everything worked well! However when i goto start the openVPN service it fails with the following output in the log:
Sep 4 18:01:07 alpha openvpn[3137]: OpenVPN 2.0.9 i386-redhat-linux [SSL] [LZO] [EPOLL] built on Sep 4 2008
Sep 4 18:01:07 alpha openvpn[3137]: Diffie-Hellman initialized with 1024 bit key
Sep 4 18:01:07 alpha openvpn[3137]: TLS-Auth MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sep 4 18:01:07 alpha openvpn[3137]: Note: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)
Sep 4 18:01:07 alpha openvpn[3137]: Note: Attempting fallback to kernel 2.2 TUN/TAP interface
Sep 4 18:01:07 alpha openvpn[3137]: Cannot allocate TUN/TAP dev dynamically
Sep 4 18:01:07 alpha openvpn[3137]: Exiting
I then heard that i need to check the tun adapter, so ran the command "openvpn --dev tun0" which gave this output:
Thu Sep 4 18:24:57 2008 OpenVPN 2.0.9 i386-redhat-linux [SSL] [LZO] [EPOLL] built on Sep 4 2008
Thu Sep 4 18:24:57 2008 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Thu Sep 4 18:24:57 2008 ******* WARNING *******: all encryption and authentication features disabled -- all data will be tunnelled as cleartext
Thu Sep 4 18:24:57 2008 Note: Cannot open TUN/TAP dev /dev/net/tun: Permission denied (errno=13)
Thu Sep 4 18:24:57 2008 Note: Attempting fallback to kernel 2.2 TUN/TAP interface
Thu Sep 4 18:24:57 2008 Cannot open TUN/TAP dev /dev/tun0: No such file or directory (errno=2)
Thu Sep 4 18:24:57 2008 Exiting
===============================================================
Here's what I'm trying to do:
Use OpenVPN running on a virtual server (Debian) to allow clients to access the Web.  I am purchasing additional IP addresses from the host and want to assign one per client.
I'm pretty sure that OpenVPN will do this based upon what sites like AnonymousChannel and FindNot do.
how come I can't route all traffic through openvpn.
1. I was able to ping my client and server ip no problem. So the tunnel connection is fine.
The problem is i can't route internet traffic through openvpn.
I was able to ping from tun0 interface after i add below command
iptables -t nat -A PREROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
root@host188 [/etc/openvpn/config]# ping -I tun0 4.2.2.2
PING 4.2.2.2 (4.2.2.2) from 10.8.0.1 tun0: 56(84) bytes of data.
64 bytes from 4.2.2.2: icmp_seq=1 ttl=55 time=8.94 ms
64 bytes from 4.2.2.2: icmp_seq=2 ttl=55 time=8.65 ms
64 bytes from 4.2.2.2: icmp_seq=3 ttl=55 time=8.90 ms
However, my client can't ping 4.2.2.2 from vpn tunnel and I use tcpdump I saw the traffic coming. 
Someone knows how I can limit the bandwidth every user gets? E.g. user1 gets 1mbit, user2 3mbit etc.
View 4 Replies View RelatedIf I wanted to install OpenVPN to create a personal VPN (low bandwith/CPU) what kind of minimum specs should I be looking into?
I contacted Panix.com to enquiry about their $10/month shell account I asked them about getting OpenVPN installed and they replied something like they do not allow it in the shell because it needs a server with a higher spec, which is odd to me.
Can anyone who is a security expert recommend the most secure option for choosing what type of "cipher" to use with our OpenVPN setup?
(I bolded the one I think might be best?  Let me know what you think.  We are currently using "BF-CBC", but I want to be sure it's not breakable...) ...
we installed openvz on openvz(hypervm)
but serveral port are closed
for example port :  11033
11055
11171
11011
11022
11044
22277
how may open this port?
i`m manager full server( full root)
I have spent the last few days setting up a low-end VPS server as a VPN host, using OpenVPN on CentOS 5.
I've got everything set up, but one last (and most critical) component is still not working correctly.
Basically what I need, is that once users are on the VPN, they should be able to browse the internet through the VPN under that server's IP address rather than their own dynamic address. I was told that this VPN set up was the way to do it. However, right now when I connect into my VPN I can browse that specific server, but cannot access any other websites at all.
If it would help to see my config files, please let me know and I'll post.
I'm really itching to have this up and running, 
I have a customer who wants to have *all* their computer internet activity routed through a server in our datacenter.
They want MSN, email, ftp, browser, ping from the command line, and even DNS lookups that initiate from any software running on the computer...
... they want everything to be routed through the datacenter server.  
None of it should go through the ISP. Not even DNS lookups.
I'm thinking that a VPN setup is the way to do this.  (ie: Run openVPN on the server and use openVPN client on the remote computers.)
So the idea is that as long as they are connected to the VPN server in our datacenter, which creates an encrypted "tunnel", then all traffic will be routed through the datacenter VPN server. The ISP will not be able to see anything at all, except the connection to the VPN server.
In the /var/log/messages snippet posted below, I see this (see below snippet)
Is this bad? Are the highlighted parts bad? Do they show an incorrect or inefficient configuration?  I tried to find out what it means, but google isn't being too helpful in this instance.
(The VPN is used only as an "internet gateway" for about 5 users who need to browse the internet from within a foreign country.)
Here is the logfile snippet from /var/log/messages.  (I changed he vpn username and client IP for privacy.)
Quote:
Nov 20 09:28:07 vpn openvpn[13712]: MULTI: multi_create_instance called
Nov 20 09:28:07 vpn openvpn[13712]: Re-using SSL/TLS context
Nov 20 09:28:07 vpn openvpn[13712]: LZO compression initialized
Nov 20 09:28:07 vpn openvpn[13712]: Control Channel MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ]
Nov 20 09:28:07 vpn openvpn[13712]: Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Nov 20 09:28:07 vpn openvpn[13712]: Local Options hash (VER=V4): 'b695cb4a'
Nov 20 09:28:07 vpn openvpn[13712]: Expected Remote Options hash (VER=V4): 'bc07730e'
Nov 20 09:28:07 vpn openvpn[13712]: TCP connection established with 91.186.11.226:52093
Nov 20 09:28:07 vpn openvpn[13712]: TCPv4_SERVER link local: [undef]
Nov 20 09:28:07 vpn openvpn[13712]: TCPv4_SERVER link remote: 91.186.11.226:52093
Nov 20 09:28:07 vpn openvpn[13712]: user1/1.1.1.1:3861 MULTI: packet dropped due to output saturation (multi_process_incoming_tun)
Nov 20 09:28:18 vpn last message repeated 31 times
Nov 20 09:28:21 vpn openvpn[13712]: 91.186.11.226:52093 Connection reset, restarting [-1]
Nov 20 09:28:21 vpn openvpn[13712]: 91.186.11.226:52093 SIGUSR1[soft,connection-reset] received, client-instance restarting
Nov 20 09:28:21 vpn openvpn[13712]: TCP/UDP: Closing socket
Nov 20 09:28:26 vpn openvpn[13712]: user1/1.1.1.1:3861 MULTI: packet dropped due to output saturation (multi_process_incoming_tun)
Nov 20 09:28:57 vpn last message repeated 38 times
Nov 20 09:29:03 vpn last message repeated 9 times
Nov 20 09:29:07 vpn openvpn[13712]: MULTI: multi_create_instance called
Nov 20 09:29:07 vpn openvpn[13712]: Re-using SSL/TLS context
Nov 20 09:29:07 vpn openvpn[13712]: LZO compression initialized
Nov 20 09:29:07 vpn openvpn[13712]: Control Channel MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ]
Nov 20 09:29:07 vpn openvpn[13712]: Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Nov 20 09:29:07 vpn openvpn[13712]: Local Options hash (VER=V4): 'b695cb4a'
Nov 20 09:29:07 vpn openvpn[13712]: Expected Remote Options hash (VER=V4): 'bc07730e'
Nov 20 09:29:07 vpn openvpn[13712]: TCP connection established with 91.186.11.226:52687
Nov 20 09:29:07 vpn openvpn[13712]: TCPv4_SERVER link local: [undef]
Nov 20 09:29:07 vpn openvpn[13712]: TCPv4_SERVER link remote: 91.186.11.226:52687
Nov 20 09:29:08 vpn openvpn[13712]: user1/1.1.1.1:3861 MULTI: packet dropped due to output saturation (multi_process_incoming_tun)
Nov 20 09:29:21 vpn last message repeated 16 times
Nov 20 09:29:21 vpn openvpn[13712]: 91.186.11.226:52687 Connection reset, restarting [-1]
Nov 20 09:29:21 vpn openvpn[13712]: 91.186.11.226:52687 SIGUSR1[soft,connection-reset] received, client-instance restarting
Nov 20 09:29:21 vpn openvpn[13712]: TCP/UDP: Closing socket
Nov 20 09:29:21 vpn openvpn[13712]: user1/1.1.1.1:3861 MULTI: packet dropped due to output saturation (multi_process_incoming_tun)
Nov 20 09:29:34 vpn last message repeated 144 times
Nov 20 09:30:06 vpn openvpn[13712]: MULTI: multi_create_instance called
Nov 20 09:30:06 vpn openvpn[13712]: Re-using SSL/TLS context
Nov 20 09:30:06 vpn openvpn[13712]: LZO compression initialized
Nov 20 09:30:06 vpn openvpn[13712]: Control Channel MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ]
Nov 20 09:30:06 vpn openvpn[13712]: Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Nov 20 09:30:06 vpn openvpn[13712]: Local Options hash (VER=V4): 'b695cb4a'
Nov 20 09:30:06 vpn openvpn[13712]: Expected Remote Options hash (VER=V4): 'bc07730e'
Nov 20 09:30:06 vpn openvpn[13712]: TCP connection established with 91.186.11.226:53285
Nov 20 09:30:06 vpn openvpn[13712]: TCPv4_SERVER link local: [undef]
Nov 20 09:30:06 vpn openvpn[13712]: TCPv4_SERVER link remote: 91.186.11.226:53285
Nov 20 09:30:21 vpn openvpn[13712]: 91.186.11.226:53285 Connection reset, restarting [-1]
Nov 20 09:30:21 vpn openvpn[13712]: 91.186.11.226:53285 SIGUSR1[soft,connection-reset] received, client-instance restarting
Nov 20 09:30:21 vpn openvpn[13712]: TCP/UDP: Closing socket
It goes on like this, with this pattern repeating every 20 seconds or so.  Is this normal?
Recently i have bought an Centos 5 vpsserver.  I have installed openvpn with this code in Putty: # yum install openvpn.
Now i want to copy easy-rsa to /etc/openvpn.
I used this code:
# cp -R /usr/share/openvpn/easy-rsa /etc/openvpn
Unfortunuatly this error appears:
cp: missing destination file operand after '/usr/share/openvpn/easy-rsa'
Does anyone know the solution for this problem?
I have installed openvpn in my vps.
OS:Centos
CP:Virtuozzo
Now the main problem is that I was never able to login to admin after installation/configuration i.e
[url]
This is admin url, 
I have contact the openvpn but they have not yet supported much they say I have to enter root password. But I dont know what are default login for that.
One more thing I guess root is the username and should I need to enter my Virtuozzo password or what?
How do go about discovering where your bottleneck is with an openvpn setup?
Ive setup openvpn on my remote server and have setup everything so that my desktop clients (vista and ubuntu) at home can connect and have all internet traffic directed successfully through the tunnel. 
Im using it to stream video that would normally be inaccessible outside of the UK whilst im in Japan i.e. iplayer. 
The problem is its oftenvery choppy and unplayable. Though its good when england is sleeping.
Im new to servers (not to stuff like programming though) so dont know where the problem lies, how to find it out or even where to start looking. For example things ging through my head 
Is it the limitations of the vps? How do i find that out? my plan:- vps1
Is it the location of the actual server in the uk? How do i know if there are any better coming from japan?
Is it my configurations? How do i pinpoint that?
Or is it working as good as it can be? How do i know that for sure?
etc etc
What would be your process of elimantion? Quick checks that would tell you which direction to move forward in?
I want to make vpn server beside hosting server .
how can i install openvpn in centos server?
i havent touched the config on my vps box for months and it has been running OpenVPN without any problems.
All of a sudden it is complaining it cant find /dev/net/tun
Nov 15 06:45:18 gizmo openvpn[23616]: Note: Cannot open TUN/TAP dev /dev/net/tun: No such device (errno=19)
Nov 15 06:45:18 gizmo openvpn[23616]: Note: Attempting fallback to kernel 2.2 TUN/TAP interface
Nov 15 06:45:18 gizmo openvpn[23616]: Cannot allocate TUN/TAP dev 
ls -l /dev/net/tun
crwxrwxrwx  1 root root 10, 200 Jul  4 21:55 /dev/net/tun
any reason why it would stop working? i am on a VPS i have asked if the host machine parameters have been changed but in the meantime anything else i can check?
I have had great difficulty in setting up OpenVPN, so I thought, when I finally do get it to work, I will write a HOWTO, so other can hopefully benefit…
This guide was done using a FC4 VPS, running on Xen, it will work on OpenVZ, all you need to do is ask your VPS provider to install “tun support”.
1.First of all get a few additional repos, If you already have your repos setup, skip this step
If you have Fedora 3, follow these steps,
[url]
If you have Fedora 4, follow these steps,
[url]
If you have Fedora 5, follow these steps,
[url]
If you have CentOS, follow the “additional third party CentOS repos”
[url]
Then issue these commands, each line is a new command, anything beginning with "#" are comments so dont try to execute those.
Code:
yum update
yum install openssl openssl-devel
# openssl and openssl-devel may be installed already… so don’t worry
2.  Right, now you want to install OpenVPN, here are the commands,
Code:
yum install openvpn -y
#Now check that it works
service openvpn start
service openvpn stop
3. A few things to setup before you can make certificates, issue these commands,
Code:
find / -name "easy-rsa"
#you should get an output like this…
/usr/share/doc/openvpn-2.0.7/easy-rsa
#Now, make a copy of the easy-rsa directory, to /etc/openvpn/ ( make sure you #have put the right version number in i.e. mine was -2.0.7, change if needed)
cp -R /usr/share/doc/openvpn-2.0.7/easy-rsa /etc/openvpn/
cd /etc/openvpn/easy-rsa
chmod 777 *
mkdir /etc/openvpn/keys
4.  You need to edit the vars file, located in /etc/openvpn/easy-rsa
You can use any editor you like, I used vi.
Change the line
Code:
export KEY_DIR=$D/keys
to 
Code:
export KEY_DIR=/etc/openvpn/keys
Also at the bottom of this file you will see something similar to this,
Code:
export KEY_COUNTRY=US
export KEY_PROVINCE=CA
export KEY_CITY=SOMEWHERE
export KEY_ORG="My Org"
export KEY_EMAIL=me@mydomain.com
Change this to your own values.
5. Now its time to make the certificates, enter these commands
Code:
. ./vars
Code:
./clean-all
Code:
./build-ca
# just hit enter to the defaults apart from Common Name, this must be unique
# call it something like mydomain-ca
Code:
./build-key-server server
Code:
./build-key client1
# remember that common name must be unique e.g. use mydomain-client1
# and YES you want to sign the keys
Code:
./build-key client2
# do this step for as many clients as you need.
Code:
./build-dh
6. We are almost done now… right we need to create a few config files, you can download my template from here,
Code:
cd /etc/openvpn
Code:
wget www.designpc.co.uk/downloads/server.conf
# make sure you change a few things in the server.conf file, like DNS   
# servers
Code:
touch server-tcp.log
~ this makes the log file..
Code:
touch ipp.txt
this makes the IP reservation list.
7. You need to make a few changes to OpenVPN itself. Go to..
Code:
cd /etc/init.d/
edit the openvpn file
#Uncomment this line (line 119)
Code:
echo 1 > /proc/sys/net/ipv4/ip_forward
Add these lines below it, changing 123.123.123.123 to your public IP address,
Code:
iptables -t nat -A POSTROUTING -s 192.168.2.3 -j SNAT --to 123.123.123.123
iptables -t nat -A POSTROUTING -s 192.168.2.4 -j SNAT --to 123.123.123.123
iptables -t nat -A POSTROUTING -s 192.168.2.5 -j SNAT --to 123.123.123.123
iptables -t nat -A POSTROUTING -s 192.168.2.6 -j SNAT --to 123.123.123.123
iptables -t nat -A POSTROUTING -s 192.168.2.7 -j SNAT --to 123.123.123.123
iptables -t nat -A POSTROUTING -s 192.168.2.8 -j SNAT --to 123.123.123.123
iptables -t nat -A POSTROUTING -s 192.168.2.9 -j SNAT --to 123.123.123.123
iptables -t nat -A POSTROUTING -s 192.168.2.10 -j SNAT --to 123.123.123.123
Now install iptables if you don’t have it already,
Code:
yum install iptables
#test it
service iptables start
service iptables stop
8. Now for the client config files. If your client is a Windows machine, make sure you have installed OpenVPN, use the gui version, downloadable from here;
[url]
You need to copy a few files from the server to your client machine, here is the list, located in /etc/openvpn/keys/
## WARNING ## Use a secure way of transferring these files off the server, something like WinSCP.
ca.crt
client1.csr
client1.key
client1.crt
Put these files in this directory C:Program FilesOpenVPNconfig
Now you need to make a client config, here is an example..
PHP Code:
clientdev tunproto tcp#Change my.publicdomain.com to your public domain or IP addressremote my.publicdomain.com 1194resolv-retry infinitenobindpersist-keypersist-tunca ca.crtcert client1.crtkey client1.keyns-cert-type server#DNS Options here, CHANGE THESE !!push "dhcp-option DNS 123.123.123.123"push "dhcp-option DNS 123.123.123.124"comp-lzoverb 3 
Make sure you edit any of the lines with comments above them.
Call this file client1.opvn and put it in C:Program FilesOpenVPNconfig
Make sure the file extension is .opvn not .txt
To connect right click on OpenVPN in the taskbar >> Connect
To test ping 192.168.2.1
to setup a OpenVPN server on a Trixbox Server I'm running and tell us how to setup a Linksys router running DD-WRT Firmware to connect as a client. We need to make it so remote Cisco IP phones can connect to Trixbox.
View 0 Replies View Related