Windows 7 client fails to connect to Debian OpenVPN server












0















I have set up an OpenVPN server on my Debian Wheezy machine.
When I try to connect from my Windows 7 client machine, I receive some message
which I am not able to decipher.



I would be very grateful if someone can give me tips necessary for solving my connection problem.
What is the reason that causes my client to fail ? :?



Please note that my router which my Debian machine is connected to has enabled Virtual Server NAT and port
forward 443 to my local eth0 ip address 192.168.1.5 .



This is my OpenGUI message



Sun Sep 15 23:52:07 2013 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340

Sun Sep 15 23:52:07 2013 Need hold release from management interface, waiting...

Sun Sep 15 23:52:08 2013 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340

Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'state on'

Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'log all on'

Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'hold off'

Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'hold release'

Sun Sep 15 23:52:08 2013 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

Sun Sep 15 23:52:08 2013 Socket Buffers: R=[8192->8192] S=[8192->8192]

Sun Sep 15 23:52:08 2013 Attempting to establish TCP connection with
[AF_INET]100.72.58.214:443
Sun Sep 15 23:52:08 2013 MANAGEMENT: >STATE:1379260328,TCP_CONNECT,,,

Sun Sep 15 23:52:29 2013 TCP: connect to [AF_INET]100.72.58.214:443 failed, will try again in 5 seconds: Connection timed out (WSAETIMEDOUT)

Sun Sep 15 23:52:34 2013 MANAGEMENT: >STATE:1379260354,TCP_CONNECT,,,



My server.conf



local 192.168.1.5

port 443

proto tcp-server

dev tun0



ca /etc/openvpn/ca.crt

cert /etc/openvpn/server.crt

key /etc/openvpn/server.key

dh /etc/openvpn/dh1024.pem



server 10.9.8.0 255.255.255.0



keepalive 10 120



comp-lzo
persist-key
persist-tun



verb 3
client-to-client
log-append /var/log/openvpn



My client.ovnp



client
dev tun0
proto tcp



lport 51
rport 443



remote 100.72.58.214



resolv-retry infinite



ca ca.crt
cert client.crt
key client.key



comp-lzo
persist-key
persist-tun



verb 3



rc.local



iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT

iptables -A FORWARD -s 10.9.8.0/24 -j ACCEPT

iptables -A FORWARD -j REJECT

iptables -t nat -A POSTROUTING -s 10.9.8.0/24 -o eth0 -j MASQUERADE



/etc/init.d/dnsmasq restart



exit 0



I have added to the end of dnsmasq.conf file:



listen-address 127.0.0.1,10.9.8.0

bind-interfaces










share|improve this question





























    0















    I have set up an OpenVPN server on my Debian Wheezy machine.
    When I try to connect from my Windows 7 client machine, I receive some message
    which I am not able to decipher.



    I would be very grateful if someone can give me tips necessary for solving my connection problem.
    What is the reason that causes my client to fail ? :?



    Please note that my router which my Debian machine is connected to has enabled Virtual Server NAT and port
    forward 443 to my local eth0 ip address 192.168.1.5 .



    This is my OpenGUI message



    Sun Sep 15 23:52:07 2013 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340

    Sun Sep 15 23:52:07 2013 Need hold release from management interface, waiting...

    Sun Sep 15 23:52:08 2013 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340

    Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'state on'

    Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'log all on'

    Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'hold off'

    Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'hold release'

    Sun Sep 15 23:52:08 2013 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

    Sun Sep 15 23:52:08 2013 Socket Buffers: R=[8192->8192] S=[8192->8192]

    Sun Sep 15 23:52:08 2013 Attempting to establish TCP connection with
    [AF_INET]100.72.58.214:443
    Sun Sep 15 23:52:08 2013 MANAGEMENT: >STATE:1379260328,TCP_CONNECT,,,

    Sun Sep 15 23:52:29 2013 TCP: connect to [AF_INET]100.72.58.214:443 failed, will try again in 5 seconds: Connection timed out (WSAETIMEDOUT)

    Sun Sep 15 23:52:34 2013 MANAGEMENT: >STATE:1379260354,TCP_CONNECT,,,



    My server.conf



    local 192.168.1.5

    port 443

    proto tcp-server

    dev tun0



    ca /etc/openvpn/ca.crt

    cert /etc/openvpn/server.crt

    key /etc/openvpn/server.key

    dh /etc/openvpn/dh1024.pem



    server 10.9.8.0 255.255.255.0



    keepalive 10 120



    comp-lzo
    persist-key
    persist-tun



    verb 3
    client-to-client
    log-append /var/log/openvpn



    My client.ovnp



    client
    dev tun0
    proto tcp



    lport 51
    rport 443



    remote 100.72.58.214



    resolv-retry infinite



    ca ca.crt
    cert client.crt
    key client.key



    comp-lzo
    persist-key
    persist-tun



    verb 3



    rc.local



    iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT

    iptables -A FORWARD -s 10.9.8.0/24 -j ACCEPT

    iptables -A FORWARD -j REJECT

    iptables -t nat -A POSTROUTING -s 10.9.8.0/24 -o eth0 -j MASQUERADE



    /etc/init.d/dnsmasq restart



    exit 0



    I have added to the end of dnsmasq.conf file:



    listen-address 127.0.0.1,10.9.8.0

    bind-interfaces










    share|improve this question



























      0












      0








      0








      I have set up an OpenVPN server on my Debian Wheezy machine.
      When I try to connect from my Windows 7 client machine, I receive some message
      which I am not able to decipher.



      I would be very grateful if someone can give me tips necessary for solving my connection problem.
      What is the reason that causes my client to fail ? :?



      Please note that my router which my Debian machine is connected to has enabled Virtual Server NAT and port
      forward 443 to my local eth0 ip address 192.168.1.5 .



      This is my OpenGUI message



      Sun Sep 15 23:52:07 2013 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340

      Sun Sep 15 23:52:07 2013 Need hold release from management interface, waiting...

      Sun Sep 15 23:52:08 2013 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340

      Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'state on'

      Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'log all on'

      Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'hold off'

      Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'hold release'

      Sun Sep 15 23:52:08 2013 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

      Sun Sep 15 23:52:08 2013 Socket Buffers: R=[8192->8192] S=[8192->8192]

      Sun Sep 15 23:52:08 2013 Attempting to establish TCP connection with
      [AF_INET]100.72.58.214:443
      Sun Sep 15 23:52:08 2013 MANAGEMENT: >STATE:1379260328,TCP_CONNECT,,,

      Sun Sep 15 23:52:29 2013 TCP: connect to [AF_INET]100.72.58.214:443 failed, will try again in 5 seconds: Connection timed out (WSAETIMEDOUT)

      Sun Sep 15 23:52:34 2013 MANAGEMENT: >STATE:1379260354,TCP_CONNECT,,,



      My server.conf



      local 192.168.1.5

      port 443

      proto tcp-server

      dev tun0



      ca /etc/openvpn/ca.crt

      cert /etc/openvpn/server.crt

      key /etc/openvpn/server.key

      dh /etc/openvpn/dh1024.pem



      server 10.9.8.0 255.255.255.0



      keepalive 10 120



      comp-lzo
      persist-key
      persist-tun



      verb 3
      client-to-client
      log-append /var/log/openvpn



      My client.ovnp



      client
      dev tun0
      proto tcp



      lport 51
      rport 443



      remote 100.72.58.214



      resolv-retry infinite



      ca ca.crt
      cert client.crt
      key client.key



      comp-lzo
      persist-key
      persist-tun



      verb 3



      rc.local



      iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT

      iptables -A FORWARD -s 10.9.8.0/24 -j ACCEPT

      iptables -A FORWARD -j REJECT

      iptables -t nat -A POSTROUTING -s 10.9.8.0/24 -o eth0 -j MASQUERADE



      /etc/init.d/dnsmasq restart



      exit 0



      I have added to the end of dnsmasq.conf file:



      listen-address 127.0.0.1,10.9.8.0

      bind-interfaces










      share|improve this question
















      I have set up an OpenVPN server on my Debian Wheezy machine.
      When I try to connect from my Windows 7 client machine, I receive some message
      which I am not able to decipher.



      I would be very grateful if someone can give me tips necessary for solving my connection problem.
      What is the reason that causes my client to fail ? :?



      Please note that my router which my Debian machine is connected to has enabled Virtual Server NAT and port
      forward 443 to my local eth0 ip address 192.168.1.5 .



      This is my OpenGUI message



      Sun Sep 15 23:52:07 2013 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340

      Sun Sep 15 23:52:07 2013 Need hold release from management interface, waiting...

      Sun Sep 15 23:52:08 2013 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340

      Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'state on'

      Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'log all on'

      Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'hold off'

      Sun Sep 15 23:52:08 2013 MANAGEMENT: CMD 'hold release'

      Sun Sep 15 23:52:08 2013 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

      Sun Sep 15 23:52:08 2013 Socket Buffers: R=[8192->8192] S=[8192->8192]

      Sun Sep 15 23:52:08 2013 Attempting to establish TCP connection with
      [AF_INET]100.72.58.214:443
      Sun Sep 15 23:52:08 2013 MANAGEMENT: >STATE:1379260328,TCP_CONNECT,,,

      Sun Sep 15 23:52:29 2013 TCP: connect to [AF_INET]100.72.58.214:443 failed, will try again in 5 seconds: Connection timed out (WSAETIMEDOUT)

      Sun Sep 15 23:52:34 2013 MANAGEMENT: >STATE:1379260354,TCP_CONNECT,,,



      My server.conf



      local 192.168.1.5

      port 443

      proto tcp-server

      dev tun0



      ca /etc/openvpn/ca.crt

      cert /etc/openvpn/server.crt

      key /etc/openvpn/server.key

      dh /etc/openvpn/dh1024.pem



      server 10.9.8.0 255.255.255.0



      keepalive 10 120



      comp-lzo
      persist-key
      persist-tun



      verb 3
      client-to-client
      log-append /var/log/openvpn



      My client.ovnp



      client
      dev tun0
      proto tcp



      lport 51
      rport 443



      remote 100.72.58.214



      resolv-retry infinite



      ca ca.crt
      cert client.crt
      key client.key



      comp-lzo
      persist-key
      persist-tun



      verb 3



      rc.local



      iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT

      iptables -A FORWARD -s 10.9.8.0/24 -j ACCEPT

      iptables -A FORWARD -j REJECT

      iptables -t nat -A POSTROUTING -s 10.9.8.0/24 -o eth0 -j MASQUERADE



      /etc/init.d/dnsmasq restart



      exit 0



      I have added to the end of dnsmasq.conf file:



      listen-address 127.0.0.1,10.9.8.0

      bind-interfaces







      openvpn






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Sep 16 '13 at 6:39









      BlueBerry - Vignesh4303

      5,498205078




      5,498205078










      asked Sep 16 '13 at 5:26









      Nikola RadakovicNikola Radakovic

      112




      112






















          1 Answer
          1






          active

          oldest

          votes


















          0














          There are some added security settings in Windows 7 that makes it difficult to conner with openvpn. What I did was to run the openvpn client as admin.






          share|improve this answer























            Your Answer








            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "3"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });














            draft saved

            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f645910%2fwindows-7-client-fails-to-connect-to-debian-openvpn-server%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            0














            There are some added security settings in Windows 7 that makes it difficult to conner with openvpn. What I did was to run the openvpn client as admin.






            share|improve this answer




























              0














              There are some added security settings in Windows 7 that makes it difficult to conner with openvpn. What I did was to run the openvpn client as admin.






              share|improve this answer


























                0












                0








                0







                There are some added security settings in Windows 7 that makes it difficult to conner with openvpn. What I did was to run the openvpn client as admin.






                share|improve this answer













                There are some added security settings in Windows 7 that makes it difficult to conner with openvpn. What I did was to run the openvpn client as admin.







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Mar 23 '14 at 7:42









                SifunguruxSifungurux

                1




                1






























                    draft saved

                    draft discarded




















































                    Thanks for contributing an answer to Super User!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f645910%2fwindows-7-client-fails-to-connect-to-debian-openvpn-server%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    Plaza Victoria

                    Puebla de Zaragoza

                    Musa