![]() Remember to use the -duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect. Nov 16 22:45:11 vpn ovpn-server: MULTI: new connection by client 'gerard' will cause previous active sessions by this client to be dropped. Nov 16 22:45:11 vpn ovpn-server: x.x.x.x:40795 Data Channel Decrypt: Using 512 bit message hash 'SHA512' for HMAC authentication Nov 16 22:45:11 vpn ovpn-server: x.x.x.x:40795 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key ![]() Nov 16 22:45:11 vpn ovpn-server: x.x.x.x:40795 Data Channel Encrypt: Using 512 bit message hash 'SHA512' for HMAC authentication Nov 16 22:45:11 vpn ovpn-server: x.x.x.x:40795 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key When on sever i look into /var/log/syslog i find: Nov 16 22:45:11 vpn ovpn-server: x.x.x.x:40795 TLS: Initial packet from x.x.x.x:40795, sid=0fbd888b 778a14e6 When i connect with this configuration, all traffic from client goes via vpn server. I just need to configure clients in way that they can see each other, but using local gateways.Īnd nf file on server: ifconfig-push 10.8.0.99Īnd here is client.ovpn on client pc: client I want to configure clients to use local gateway, not server's one. ![]() ![]() OpenVPN 2.0-beta16 and earlier used 5000 as the default port.Wed Jan 28 09:51:07 2009 Re-using SSL/TLS contextWed Jan 28 09:51:07 2009 LZO compression initializedWed Jan 28 09:51:07 2009 UDPv4 link local: Wed Jan 28 09:51:07 2009 UDPv4 link remote: 79.180.221.95:1194-This is how I configured the Fortigate policy route:Protocol: 0Incoming interface: wan2 (this is the actual wan)Source address: 0.0.0.0.Destination address: 79.x.x.x (the static IP we have, even though I tried 0.0.0.0 and it also didn't work)Destination ports: from 1194 to 1194Force traffic to:outgoing interface: internalGateway address: 192.168.0.113-Can anyone help ?This FortiGate 60 can works as a VPN server, but I coudln't make it work.Sorry for this question, i tried to find a solution but nothing. (silence this warning with -ifconfig-nowarn)Tue Jan 27 15:57:01 2009 TAP-WIN32 device opened: \\.\Global\Tue Jan 27 15:57:11 2009 UDPv4 link local (bound): 192.168.0.113:1194Tue Jan 27 15:57:11 2009 UDPv4 link remote: Tue Jan 27 15:57:11 2009 Initialization Sequence Completed-This is the log from the VPN client:Wed Jan 28 09:51:05 2009 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)Wed Jan 28 09:51:05 2009 TLS Error: TLS handshake failedWed Jan 28 09:51:05 2009 SIGUSR1 received, process restartingWed Jan 28 09:51:07 2009 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. I have the impression that the Fortigate is not forwarding well the port 1194 to the server computer, even though I configured it in the Fortigate's Policy Route.The router's IP is 192.168.0.1 and the VPN server sits on 192.168.0.113-This is the log from the VPN server:Tue Jan 27 15:57:01 2009 OpenVPN 2.0.9 Win32-MinGW built on Oct 1 2006Tue Jan 27 15:57:01 2009 WARNING: -local address conflicts with -ifconfig subnet - local and remote addresses cannot be inside of the -ifconfig subnet. ![]() I tried to make fortigate 60 to work as a vpn server, since i didn't succeed (in the firewall -> policy, I don't have a service of "VPN", and in the VPN Tunnel I have nothing (only -autokey- and -manual key-), and therefore i cannot continue.), i'm trying to make a openvpn connection over the fortigate router.Hello,I'm trying to make OpenVPN to work in my company's network.We have Fortigate 60 router, which is also the firewall for the network.Basically, on the server side it looks as though it's working, but clients can't connect. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |