Windows 7 client fails to connect to Debian OpenVPN server
I have set up an OpenVPN server on my Debian Wheezy machine.
When I try to connect from my Windows 7 client machine, I receive some message
which I am not able to decipher.
I would be very grateful if someone can give me tips necessary for solving my connection problem.
What is the reason that causes my client to fail ? :?
Please note that my router which my Debian machine is connected to has enabled Virtual Server NAT and port
forward 443 to my local eth0 ip address 192.168.1.5 .
This is my OpenGUI message
Sun Sep 15 23:52:07 2013 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Sun Sep 15 23:52:07 2013 Need hold release from management interface, waiting...
Sun Sep 15 23:52:08 2013 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'state on'
Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'log all on'
Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'hold off'
Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'hold release'
Sun Sep 15 23:52:08 2013 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sun Sep 15 23:52:08 2013 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sun Sep 15 23:52:08 2013 Attempting to establish TCP connection with
[AF_INET]100.72.58.214:443
Sun Sep 15 23:52:08 2013 MANAGEMENT: >STATE:1379260328,TCP_CONNECT,,,
Sun Sep 15 23:52:29 2013 TCP: connect to [AF_INET]100.72.58.214:443 failed, will try again in 5 seconds: Connection timed out (WSAETIMEDOUT)
Sun Sep 15 23:52:34 2013 MANAGEMENT: >STATE:1379260354,TCP_CONNECT,,,
My server.conf
local 192.168.1.5
port 443
proto tcp-server
dev tun0
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh1024.pem
server 10.9.8.0 255.255.255.0
keepalive 10 120
comp-lzo
persist-key
persist-tun
verb 3
client-to-client
log-append /var/log/openvpn
My client.ovnp
client
dev tun0
proto tcp
lport 51
rport 443
remote 100.72.58.214
resolv-retry infinite
ca ca.crt
cert client.crt
key client.key
comp-lzo
persist-key
persist-tun
verb 3
rc.local
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 10.9.8.0/24 -j ACCEPT
iptables -A FORWARD -j REJECT
iptables -t nat -A POSTROUTING -s 10.9.8.0/24 -o eth0 -j MASQUERADE
/etc/init.d/dnsmasq restart
exit 0
I have added to the end of dnsmasq.conf file:
listen-address 127.0.0.1,10.9.8.0
bind-interfaces
openvpn
add a comment |
I have set up an OpenVPN server on my Debian Wheezy machine.
When I try to connect from my Windows 7 client machine, I receive some message
which I am not able to decipher.
I would be very grateful if someone can give me tips necessary for solving my connection problem.
What is the reason that causes my client to fail ? :?
Please note that my router which my Debian machine is connected to has enabled Virtual Server NAT and port
forward 443 to my local eth0 ip address 192.168.1.5 .
This is my OpenGUI message
Sun Sep 15 23:52:07 2013 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Sun Sep 15 23:52:07 2013 Need hold release from management interface, waiting...
Sun Sep 15 23:52:08 2013 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'state on'
Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'log all on'
Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'hold off'
Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'hold release'
Sun Sep 15 23:52:08 2013 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sun Sep 15 23:52:08 2013 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sun Sep 15 23:52:08 2013 Attempting to establish TCP connection with
[AF_INET]100.72.58.214:443
Sun Sep 15 23:52:08 2013 MANAGEMENT: >STATE:1379260328,TCP_CONNECT,,,
Sun Sep 15 23:52:29 2013 TCP: connect to [AF_INET]100.72.58.214:443 failed, will try again in 5 seconds: Connection timed out (WSAETIMEDOUT)
Sun Sep 15 23:52:34 2013 MANAGEMENT: >STATE:1379260354,TCP_CONNECT,,,
My server.conf
local 192.168.1.5
port 443
proto tcp-server
dev tun0
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh1024.pem
server 10.9.8.0 255.255.255.0
keepalive 10 120
comp-lzo
persist-key
persist-tun
verb 3
client-to-client
log-append /var/log/openvpn
My client.ovnp
client
dev tun0
proto tcp
lport 51
rport 443
remote 100.72.58.214
resolv-retry infinite
ca ca.crt
cert client.crt
key client.key
comp-lzo
persist-key
persist-tun
verb 3
rc.local
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 10.9.8.0/24 -j ACCEPT
iptables -A FORWARD -j REJECT
iptables -t nat -A POSTROUTING -s 10.9.8.0/24 -o eth0 -j MASQUERADE
/etc/init.d/dnsmasq restart
exit 0
I have added to the end of dnsmasq.conf file:
listen-address 127.0.0.1,10.9.8.0
bind-interfaces
openvpn
add a comment |
I have set up an OpenVPN server on my Debian Wheezy machine.
When I try to connect from my Windows 7 client machine, I receive some message
which I am not able to decipher.
I would be very grateful if someone can give me tips necessary for solving my connection problem.
What is the reason that causes my client to fail ? :?
Please note that my router which my Debian machine is connected to has enabled Virtual Server NAT and port
forward 443 to my local eth0 ip address 192.168.1.5 .
This is my OpenGUI message
Sun Sep 15 23:52:07 2013 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Sun Sep 15 23:52:07 2013 Need hold release from management interface, waiting...
Sun Sep 15 23:52:08 2013 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'state on'
Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'log all on'
Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'hold off'
Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'hold release'
Sun Sep 15 23:52:08 2013 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sun Sep 15 23:52:08 2013 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sun Sep 15 23:52:08 2013 Attempting to establish TCP connection with
[AF_INET]100.72.58.214:443
Sun Sep 15 23:52:08 2013 MANAGEMENT: >STATE:1379260328,TCP_CONNECT,,,
Sun Sep 15 23:52:29 2013 TCP: connect to [AF_INET]100.72.58.214:443 failed, will try again in 5 seconds: Connection timed out (WSAETIMEDOUT)
Sun Sep 15 23:52:34 2013 MANAGEMENT: >STATE:1379260354,TCP_CONNECT,,,
My server.conf
local 192.168.1.5
port 443
proto tcp-server
dev tun0
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh1024.pem
server 10.9.8.0 255.255.255.0
keepalive 10 120
comp-lzo
persist-key
persist-tun
verb 3
client-to-client
log-append /var/log/openvpn
My client.ovnp
client
dev tun0
proto tcp
lport 51
rport 443
remote 100.72.58.214
resolv-retry infinite
ca ca.crt
cert client.crt
key client.key
comp-lzo
persist-key
persist-tun
verb 3
rc.local
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 10.9.8.0/24 -j ACCEPT
iptables -A FORWARD -j REJECT
iptables -t nat -A POSTROUTING -s 10.9.8.0/24 -o eth0 -j MASQUERADE
/etc/init.d/dnsmasq restart
exit 0
I have added to the end of dnsmasq.conf file:
listen-address 127.0.0.1,10.9.8.0
bind-interfaces
openvpn
I have set up an OpenVPN server on my Debian Wheezy machine.
When I try to connect from my Windows 7 client machine, I receive some message
which I am not able to decipher.
I would be very grateful if someone can give me tips necessary for solving my connection problem.
What is the reason that causes my client to fail ? :?
Please note that my router which my Debian machine is connected to has enabled Virtual Server NAT and port
forward 443 to my local eth0 ip address 192.168.1.5 .
This is my OpenGUI message
Sun Sep 15 23:52:07 2013 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Sun Sep 15 23:52:07 2013 Need hold release from management interface, waiting...
Sun Sep 15 23:52:08 2013 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'state on'
Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'log all on'
Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'hold off'
Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'hold release'
Sun Sep 15 23:52:08 2013 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sun Sep 15 23:52:08 2013 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sun Sep 15 23:52:08 2013 Attempting to establish TCP connection with
[AF_INET]100.72.58.214:443
Sun Sep 15 23:52:08 2013 MANAGEMENT: >STATE:1379260328,TCP_CONNECT,,,
Sun Sep 15 23:52:29 2013 TCP: connect to [AF_INET]100.72.58.214:443 failed, will try again in 5 seconds: Connection timed out (WSAETIMEDOUT)
Sun Sep 15 23:52:34 2013 MANAGEMENT: >STATE:1379260354,TCP_CONNECT,,,
My server.conf
local 192.168.1.5
port 443
proto tcp-server
dev tun0
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh1024.pem
server 10.9.8.0 255.255.255.0
keepalive 10 120
comp-lzo
persist-key
persist-tun
verb 3
client-to-client
log-append /var/log/openvpn
My client.ovnp
client
dev tun0
proto tcp
lport 51
rport 443
remote 100.72.58.214
resolv-retry infinite
ca ca.crt
cert client.crt
key client.key
comp-lzo
persist-key
persist-tun
verb 3
rc.local
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 10.9.8.0/24 -j ACCEPT
iptables -A FORWARD -j REJECT
iptables -t nat -A POSTROUTING -s 10.9.8.0/24 -o eth0 -j MASQUERADE
/etc/init.d/dnsmasq restart
exit 0
I have added to the end of dnsmasq.conf file:
listen-address 127.0.0.1,10.9.8.0
bind-interfaces
openvpn
openvpn
edited Sep 16 '13 at 6:39
BlueBerry - Vignesh4303
5,498205078
5,498205078
asked Sep 16 '13 at 5:26
Nikola RadakovicNikola Radakovic
112
112
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
There are some added security settings in Windows 7 that makes it difficult to conner with openvpn. What I did was to run the openvpn client as admin.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f645910%2fwindows-7-client-fails-to-connect-to-debian-openvpn-server%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
There are some added security settings in Windows 7 that makes it difficult to conner with openvpn. What I did was to run the openvpn client as admin.
add a comment |
There are some added security settings in Windows 7 that makes it difficult to conner with openvpn. What I did was to run the openvpn client as admin.
add a comment |
There are some added security settings in Windows 7 that makes it difficult to conner with openvpn. What I did was to run the openvpn client as admin.
There are some added security settings in Windows 7 that makes it difficult to conner with openvpn. What I did was to run the openvpn client as admin.
answered Mar 23 '14 at 7:42
SifunguruxSifungurux
1
1
add a comment |
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f645910%2fwindows-7-client-fails-to-connect-to-debian-openvpn-server%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown