to setup a OpenVPN server on a Trixbox Server I'm running and tell us how to setup a Linksys router running DD-WRT Firmware to connect as a client. We need to make it so remote Cisco IP phones can connect to Trixbox.
if anybody in the community looks for trixbox as the os to be installed on a dedicated server. I am looking for a new line of servers to provide and i am thinking that Trixbox could be one of them.
In the /var/log/messages snippet posted below, I see this (see below snippet)
Is this bad? Are the highlighted parts bad? Do they show an incorrect or inefficient configuration? I tried to find out what it means, but google isn't being too helpful in this instance.
(The VPN is used only as an "internet gateway" for about 5 users who need to browse the internet from within a foreign country.)
Here is the logfile snippet from /var/log/messages. (I changed he vpn username and client IP for privacy.)
Quote:
Nov 20 09:28:07 vpn openvpn[13712]: MULTI: multi_create_instance called Nov 20 09:28:07 vpn openvpn[13712]: Re-using SSL/TLS context Nov 20 09:28:07 vpn openvpn[13712]: LZO compression initialized Nov 20 09:28:07 vpn openvpn[13712]: Control Channel MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ] Nov 20 09:28:07 vpn openvpn[13712]: Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ] Nov 20 09:28:07 vpn openvpn[13712]: Local Options hash (VER=V4): 'b695cb4a' Nov 20 09:28:07 vpn openvpn[13712]: Expected Remote Options hash (VER=V4): 'bc07730e' Nov 20 09:28:07 vpn openvpn[13712]: TCP connection established with 91.186.11.226:52093 Nov 20 09:28:07 vpn openvpn[13712]: TCPv4_SERVER link local: [undef] Nov 20 09:28:07 vpn openvpn[13712]: TCPv4_SERVER link remote: 91.186.11.226:52093 Nov 20 09:28:07 vpn openvpn[13712]: user1/1.1.1.1:3861 MULTI: packet dropped due to output saturation (multi_process_incoming_tun) Nov 20 09:28:18 vpn last message repeated 31 times Nov 20 09:28:21 vpn openvpn[13712]: 91.186.11.226:52093 Connection reset, restarting [-1] Nov 20 09:28:21 vpn openvpn[13712]: 91.186.11.226:52093 SIGUSR1[soft,connection-reset] received, client-instance restarting Nov 20 09:28:21 vpn openvpn[13712]: TCP/UDP: Closing socket Nov 20 09:28:26 vpn openvpn[13712]: user1/1.1.1.1:3861 MULTI: packet dropped due to output saturation (multi_process_incoming_tun) Nov 20 09:28:57 vpn last message repeated 38 times Nov 20 09:29:03 vpn last message repeated 9 times Nov 20 09:29:07 vpn openvpn[13712]: MULTI: multi_create_instance called Nov 20 09:29:07 vpn openvpn[13712]: Re-using SSL/TLS context Nov 20 09:29:07 vpn openvpn[13712]: LZO compression initialized Nov 20 09:29:07 vpn openvpn[13712]: Control Channel MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ] Nov 20 09:29:07 vpn openvpn[13712]: Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ] Nov 20 09:29:07 vpn openvpn[13712]: Local Options hash (VER=V4): 'b695cb4a' Nov 20 09:29:07 vpn openvpn[13712]: Expected Remote Options hash (VER=V4): 'bc07730e' Nov 20 09:29:07 vpn openvpn[13712]: TCP connection established with 91.186.11.226:52687 Nov 20 09:29:07 vpn openvpn[13712]: TCPv4_SERVER link local: [undef] Nov 20 09:29:07 vpn openvpn[13712]: TCPv4_SERVER link remote: 91.186.11.226:52687 Nov 20 09:29:08 vpn openvpn[13712]: user1/1.1.1.1:3861 MULTI: packet dropped due to output saturation (multi_process_incoming_tun) Nov 20 09:29:21 vpn last message repeated 16 times Nov 20 09:29:21 vpn openvpn[13712]: 91.186.11.226:52687 Connection reset, restarting [-1] Nov 20 09:29:21 vpn openvpn[13712]: 91.186.11.226:52687 SIGUSR1[soft,connection-reset] received, client-instance restarting Nov 20 09:29:21 vpn openvpn[13712]: TCP/UDP: Closing socket Nov 20 09:29:21 vpn openvpn[13712]: user1/1.1.1.1:3861 MULTI: packet dropped due to output saturation (multi_process_incoming_tun) Nov 20 09:29:34 vpn last message repeated 144 times Nov 20 09:30:06 vpn openvpn[13712]: MULTI: multi_create_instance called Nov 20 09:30:06 vpn openvpn[13712]: Re-using SSL/TLS context Nov 20 09:30:06 vpn openvpn[13712]: LZO compression initialized Nov 20 09:30:06 vpn openvpn[13712]: Control Channel MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ] Nov 20 09:30:06 vpn openvpn[13712]: Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ] Nov 20 09:30:06 vpn openvpn[13712]: Local Options hash (VER=V4): 'b695cb4a' Nov 20 09:30:06 vpn openvpn[13712]: Expected Remote Options hash (VER=V4): 'bc07730e' Nov 20 09:30:06 vpn openvpn[13712]: TCP connection established with 91.186.11.226:53285 Nov 20 09:30:06 vpn openvpn[13712]: TCPv4_SERVER link local: [undef] Nov 20 09:30:06 vpn openvpn[13712]: TCPv4_SERVER link remote: 91.186.11.226:53285 Nov 20 09:30:21 vpn openvpn[13712]: 91.186.11.226:53285 Connection reset, restarting [-1] Nov 20 09:30:21 vpn openvpn[13712]: 91.186.11.226:53285 SIGUSR1[soft,connection-reset] received, client-instance restarting Nov 20 09:30:21 vpn openvpn[13712]: TCP/UDP: Closing socket
It goes on like this, with this pattern repeating every 20 seconds or so. Is this normal?
How do go about discovering where your bottleneck is with an openvpn setup?
Ive setup openvpn on my remote server and have setup everything so that my desktop clients (vista and ubuntu) at home can connect and have all internet traffic directed successfully through the tunnel.
Im using it to stream video that would normally be inaccessible outside of the UK whilst im in Japan i.e. iplayer.
The problem is its oftenvery choppy and unplayable. Though its good when england is sleeping.
Im new to servers (not to stuff like programming though) so dont know where the problem lies, how to find it out or even where to start looking. For example things ging through my head
Is it the limitations of the vps? How do i find that out? my plan:- vps1
Is it the location of the actual server in the uk? How do i know if there are any better coming from japan?
Is it my configurations? How do i pinpoint that?
Or is it working as good as it can be? How do i know that for sure? etc etc
What would be your process of elimantion? Quick checks that would tell you which direction to move forward in?
I have had great difficulty in setting up OpenVPN, so I thought, when I finally do get it to work, I will write a HOWTO, so other can hopefully benefit…
This guide was done using a FC4 VPS, running on Xen, it will work on OpenVZ, all you need to do is ask your VPS provider to install “tun support”.
1.First of all get a few additional repos, If you already have your repos setup, skip this step
If you have Fedora 3, follow these steps,
[url]
If you have Fedora 4, follow these steps,
[url]
If you have Fedora 5, follow these steps,
[url]
If you have CentOS, follow the “additional third party CentOS repos”
[url]
Then issue these commands, each line is a new command, anything beginning with "#" are comments so dont try to execute those.
Code: yum update
yum install openssl openssl-devel # openssl and openssl-devel may be installed already… so don’t worry
2. Right, now you want to install OpenVPN, here are the commands,
Code: yum install openvpn -y
#Now check that it works
service openvpn start service openvpn stop
3. A few things to setup before you can make certificates, issue these commands,
Code:
find / -name "easy-rsa"
#you should get an output like this…
/usr/share/doc/openvpn-2.0.7/easy-rsa
#Now, make a copy of the easy-rsa directory, to /etc/openvpn/ ( make sure you #have put the right version number in i.e. mine was -2.0.7, change if needed)
4. You need to edit the vars file, located in /etc/openvpn/easy-rsa You can use any editor you like, I used vi.
Change the line
Code: export KEY_DIR=$D/keys to
Code: export KEY_DIR=/etc/openvpn/keys Also at the bottom of this file you will see something similar to this,
Code: export KEY_COUNTRY=US export KEY_PROVINCE=CA export KEY_CITY=SOMEWHERE export KEY_ORG="My Org" export KEY_EMAIL=me@mydomain.com Change this to your own values.
5. Now its time to make the certificates, enter these commands
Code: . ./vars
Code: ./clean-all
Code: ./build-ca # just hit enter to the defaults apart from Common Name, this must be unique # call it something like mydomain-ca
Code: ./build-key-server server
Code: ./build-key client1 # remember that common name must be unique e.g. use mydomain-client1 # and YES you want to sign the keys
Code: ./build-key client2 # do this step for as many clients as you need.
Code: ./build-dh
6. We are almost done now… right we need to create a few config files, you can download my template from here,
Code: cd /etc/openvpn
Code: wget www.designpc.co.uk/downloads/server.conf # make sure you change a few things in the server.conf file, like DNS # servers
Code: touch server-tcp.log ~ this makes the log file..
Code: touch ipp.txt this makes the IP reservation list.
7. You need to make a few changes to OpenVPN itself. Go to..
Code: cd /etc/init.d/ edit the openvpn file
#Uncomment this line (line 119)
Code: echo 1 > /proc/sys/net/ipv4/ip_forward Add these lines below it, changing 123.123.123.123 to your public IP address,
Code: iptables -t nat -A POSTROUTING -s 192.168.2.3 -j SNAT --to 123.123.123.123 iptables -t nat -A POSTROUTING -s 192.168.2.4 -j SNAT --to 123.123.123.123 iptables -t nat -A POSTROUTING -s 192.168.2.5 -j SNAT --to 123.123.123.123 iptables -t nat -A POSTROUTING -s 192.168.2.6 -j SNAT --to 123.123.123.123 iptables -t nat -A POSTROUTING -s 192.168.2.7 -j SNAT --to 123.123.123.123 iptables -t nat -A POSTROUTING -s 192.168.2.8 -j SNAT --to 123.123.123.123 iptables -t nat -A POSTROUTING -s 192.168.2.9 -j SNAT --to 123.123.123.123 iptables -t nat -A POSTROUTING -s 192.168.2.10 -j SNAT --to 123.123.123.123 Now install iptables if you don’t have it already,
Code: yum install iptables
#test it
service iptables start service iptables stop
8. Now for the client config files. If your client is a Windows machine, make sure you have installed OpenVPN, use the gui version, downloadable from here;
[url]
You need to copy a few files from the server to your client machine, here is the list, located in /etc/openvpn/keys/
## WARNING ## Use a secure way of transferring these files off the server, something like WinSCP.
ca.crt client1.csr client1.key client1.crt
Put these files in this directory C:Program FilesOpenVPNconfig
Now you need to make a client config, here is an example..
PHP Code:
clientdev tunproto tcp#Change my.publicdomain.com to your public domain or IP addressremote my.publicdomain.com 1194resolv-retry infinitenobindpersist-keypersist-tunca ca.crtcert client1.crtkey client1.keyns-cert-type server#DNS Options here, CHANGE THESE !!push "dhcp-option DNS 123.123.123.123"push "dhcp-option DNS 123.123.123.124"comp-lzoverb 3
Make sure you edit any of the lines with comments above them.
Call this file client1.opvn and put it in C:Program FilesOpenVPNconfig
Make sure the file extension is .opvn not .txt
To connect right click on OpenVPN in the taskbar >> Connect
I just want to use a server for file sharing, it will have nginx and that's it. I'm looking at centos, or freebsd, but I been using centos forever now and I'm not sure how to use freebsd, should I just stay with centos?
Do I tell my hosting provider to just install the OS and give me ssh action and that's it? Don't install any control panels or any other stuff? I want one domain and one subdomain on it though and ftp action.
for setup and configuration instructions for setting up mail server on a Fedora Core 6 server. I googled it and most of the links are described with steps while installing OS, but i need to configure a mail server on a server where my site is already running.
I have 1 server so I setup dns as ns1.mydomain.com, ns2.mydomain.com ip address pointed to server1. So, now I just bought another server. Can I setup ns2.mydomain.com pointed to 2nd server. Also how to setup more servers ie. 10, 20 server because I can only set up to 6 dns in one domain name.
I have been shooting away a lot of questions on these forums lately, but you guys have been very helpful. Thanks.
My problem is this. We are going to get rackspace. Then we are going to purchase two servers. The first (WEB) is a httpd, dns, ftp, smtp, pop3 server. The second (DB) is purely a database server which will run mysql and mssql.
The first server (WEB) runs a asp/php applications that need to connect and talk with the database (DB) server.
I was thinking of only connection the WEB server to the physical internet through the co-location drop. Then connecting the WEB and DB server directly via a CAT6 cable. Both servers will have gigabit NIC cards. Then in theory in the asp/php applications all I have to do, is point them to the local ip address of the DB server as this should work.
Is this a good solution? Will speed be an issue, the delay from talking to the WEB server and talking to the DB server?
I was thinking this is more secure, because the WEB server is the only machine physically connected to the internet, the DB server is not. Though, is it true, if hackers compromise the web server, they then would be able to compromise the DB server as well via the WEB server?
I am open to suggestions though, and better ways of setting this up.
I've registered a new domain name and 'hired' a Virtual Private Server (not managed) to host it. I know 'some things' in php and web design but I'm newbie with configuring servers (especially remotely on a Linux server.... )...
This is what I've done so far :
1. registered domain name at namecheap.com and set up DNS there (my VPS server names)
2. I've installed Linux Ubuntu 8.04 on my VPS
3. I've downloaded and installed XAMPP 1.7.1 on my VPS
I've registered my domain name yesterday and it is still 'invisible' when I type in the address... BUT when I type in my VPS's IP address, the XAMPP welcome screen appears (MySql isn't running though...).
I know this is a child's play for a Linux expert, please if someone knows a good tutorial, step-by-step guide on how do I set up everything to work properly....
I've registered a new domain name and 'hired' a Virtual Private Server (not managed) to host it. I know 'some things' in php and web design but I'm newbie with configuring servers (especially remotely on a Linux server.... )...
This is what I've done so far : 1. registered domain name at namecheap.com and set up DNS there (my VPS server names)
2. I've installed Linux Ubuntu 8.04 on my VPS
3. I've downloaded and installed XAMPP 1.7.1 on my VPS
I've registered my domain name yesterday and it is still 'invisible' when I type in the address... BUT when I type in my VPS's IP address, the XAMPP welcome screen appears (MySql isn't running though...).
i recently bought a Dell SC440, quite basic configured, the thing is that it came without (OS) so i downloaded (CentsOS) as my OS.
My question here is, i want to setup my server in order to host 15 of my domains and would like to have it setup like the (Lunarpages) account that i have at the moment with them is that possible?
if I could assist his small company in setting up an FTP server. What they are looking to do is provide a way for people to login and access files. They can either bring down the files that are left for them or they can upload files. Is setting up an FTP server difficult? Is it time consuming? Can you customize it so that certain files can only be seen for specific usernames?
I've been charged with setting up a new Dell PowerEdge server, but it arrived with no default OS and no CD/DVD bay! Any ideas on how I can get an OS on here? Are there any linux builts suitable for booting off of a USB thumb drive for this purpose?
I installed Windows Server 2003 on a spare computer, Pentium 4 2.00GHz 760 MB of Ram. I have been looking allover google on how to setup a DNS server so that I can run my Clothing Companies website from home. Are there any guides that can help me from setting up DNS server to having the website appear online? I have been trying to set up this server for about a week now and still no luck. when I ping 68.109.88.131 it comes back successful and when I enter that in, in a url, the "Under Construction" page comes up.
lot of questions about a server setup i whant to now some things if you can tell me fanks it is a systeem with linux os
1 if you have 2 cpu's in your server and one is broken, can i replace it easy? do the server still work on one cpu? can i take the broken cpu out and put a new one in and still the server work when i do this?
2 What for backup option i have when the raid card is broken? can i install software there for that the software take over. or must i put 2 raid cards in the server?
3 wich software i need when i whant raid software ( not a raid card )? raid 5 with hotspar and for linux os or raid 1 with hotspar
4 when a raid card have a cpu with the speed 566 mhz and i have 2 cpu 2.0 ghz and i only whant to work with raid software can i than fink that i take about 566 mhz from the 2 cpu and the rest is for the server or to the software need to take more from my cpu's
What do you think of this setup? The only thing I am unsure about is the case/motherboard. I want the best case/motherboard (1u) so i can upgrade it more in the future.
We had the server management company setup name servers on the new server but SSH shows different results from the old versus new server. Here is the output:
Old Server: root@host [~]# cat /etc/nameserverips xx.xx.xxx.xx1=ns1.domain.com xx.xx.xxx.xx2=ns2.domain.com xx.xx.xxx.xx3=0 xx.xx.xxx.xx4=0
New Server: root@www1 [~]# cat /etc/nameserverips xx.xx.xx.x=0
They do not seem to match. Can someone provide some instructions as to how we can check within WHM to make sure name servers are setup corretly?
i am setting up a new server and am not sure what some of this is,i have just copies part of the page. Its a bit messed up but it will do.
What does Business Continuance Insurance What does Host Ping and TCP Service Monitoring 24x7x365 NOC Monitoring, Notification, and Response McAfee Host Intrusion Protection w/Reporting 10Mbps Hardware Firewall
Most explain themselves, but for the firewall ive already got mcaffec total protection does that have a fire wall and are any of these worth using.
does aynone know how to modify the file /etc/network/interfaces (using debian linux) in order to have 2 different 8 IP - Blocks on one server? I guess one needs somehow 2 gateways, but I am not really sure how to set it up. So I did try it that way, which didn´t work: ....
I wanna host my website from home.But i dont know to much about it.Can you help me or give me some link where i can find Guides?Im using Uniform Server btw...but i dont know what next? Main goal for me is to setup server,,and i need definitive guide!
So when you setup a new server, what should I do. I will only be running 1 site for now (vbulletin forum site), should I just install Apache, MySQL, Php, setup the DNS, etc.
Or Should I just Install Plesk, and let that do it.
Most Likely will just be running a 2.53Ghz Core2Duo, 4GB 250GB. I have setup a webserver before just basically though but think I could manage. I think that Plesk would make it easier but would also eat up resources, on the other hand though not having it would use less resources but require more configuration.
I want to setup a dedicated within my home based business, what is the easiest and cheapest way to do this, I understand I would need a static Ip address from my Internet provider (is that right?) also Do i need a spare PC to do this or can I run my main PC and still be able to run it when it's switched off?
I own a file hosting and delivery site, and am looking for new/better way (that involves the use of a large storage array, such as the Dell PowerVault MD1000) to store and serve user files. I currently have many separate file servers that store and serve user files, and each server has roughly the following specs:
Quad core processor 4-8GB RAM 8x750GB RAID-10
I know with the large storage array, I will need front-end servers to retrieve files from it, but wasn't really sure how this works. Also, would this new method be more optimal/cost-effective than my current method (I probably think the answer is yes).