VPN WON"T GO!

[roblu001]

I am running my HDA in a VM environment (for the time being) and I'm trying to work the bugs out while I wait to assemble the hardware for a stanalone box. My end goal will be to establish a personal "cloud server" that is to say have VPN access to my hardware for myself and at least one other user. I purchased the IPSec-VPN app and it installed but I cannot start it! also, there is no way for me to get the PSK to set up the connection on my android (as per the wiki page). In true diagnostic form, where/how can I Isolate and Identify to find the problem so I can fix it.

1. where/how can I test the port forwarding?
2. how can I ensure all of the software is installed correctly?
3. how can I ensure I've got the server configured correctly?

Lucas

[bigfoot65]

Hello,

I purchased the IPSec-VPN app and it installed but I cannot start it!

It should have started on its own. Ensure you have "Advanced Settings" enabled in the dashboard. Go to "Settings" tab and check the box. Then select the link that says "Servers" and it should be running there. Look for something that says "Raccoon".

As for working with Android, it will not unless your phone is rooted and you install OpenVPN on it. If you do not have a rooted phone, recommend you try the manual install method which is a little different, but works.

[url]http://wiki.amahi.org/index.php/IP ... VPN_Server[/url]

1. where/how can I test the port forwarding?
2. how can I ensure all of the software is installed correctly?
3. how can I ensure I've got the server configured correctly?

To test port forwarding, try forwarding port 80 to your HDA. Then try using your free dynamic DNS to test, i.e. http://username.yourhda.com (replace user name with the hda name in your Amahi HDA profile.

THere is no simple way to ensure it installed correctly other than if you did not get any errors, it should be working. You will have to try things out to see if its all working.

If it's configured correctly, you will be able to access it and web apps via clients in your network. As with anything, there is no magic button to push that says all is well.

Hope this helps.

[roblu001]

Thank you very much for your reply!

I have advanced settings on and when I find the IPSec-VPN in the server listings, it has a red "not started" beside it. when I click "start" it just has the loading circle for 30 seconds or so and then it does nothing. when I go to roblu001.yourhda.com it takes me to my internet modem's page (even externally), this leads me to indicate that I need to have my internet modem configured, I would do it myself but my ISP locks it down pretty tight, but they are super easy going I'll see what solution we can come up with.

as per my android I am running a rooted 4.0.3 mod and have had the OpenVPN apps installed, but when I saw that I could setup the IPSec from within the settings I opted for that, the only problem is that I never got the 4 character PSK to use with it.

I think at this point the the hold-up is currently in my dsl modem and my ISP, a while back, I was talking with them and they had offered to bridge the connections, offering me a PPPoE which I may take them up on. other than that all seems well, and I'm liking it. I do have some major lag but that is because of the temporary VM I've got setup.

I have another connected problem. when I try to get to the IPSec-VPN app page, it directs me to ipsec-vpn.home.com which takes me externally to a domain that is unregistered. that being said I was under the impression that, that page (http://ipsec-vpn.home.com) would contain the psk and would take me to a local page on my server with the configuration. I am now wondering if this has anything to do with it at all.

Lucas

[bigfoot65]

Hello,

Yes it sounds like your ISP could be the problem. As for the IPsec VPN, you must use OpenVPN on your android phone or it will not work with the Amahi app. The wiki tells you how to set it up I believe.

http://wiki.amahi.org/index.php/IPsec_VPN

The IPsec VPN URL only tells you about the secret and group name, no settings can be changed via that page. If you want to make any configuration changes, you need to follow the wiki guidance.

Obviously until you can get past your ISP block, nothing will work outside your network. Hope you are successful in getting around it.

[roblu001]

thank you very much, I have contacted my ISP and they are working on my request for port forwarding and/or lan/vlan bridging etc. and as per my android, I'll fight with it when such a time as it appears to be working everywhere else.

re: the ipsec-vpn page, I'm going to hope that when I get the issue resolved with my ISP then I will be able to get to the page to see the secret key and the group name. but, if for some reason my ISP resolves the problem and I am not able to get to the page, how else can I get the information that is normally there?

Lucas

also thank you so much for your work on this with/for me! I appreciate all of it

[bigfoot65]

No problem. You should be able to get to that page. Are other apps working? It should display just like any app. If not, we can give it to you via a PM.

[roblu001]

Thank you! I'll keep you posted. At the moment I'm having trouble getting to phpsysinfo as well, but it did work when I installed amahi on my ubuntu system. I'm running it now under a virtual machine, with the express CD install. I'm waiting for a part to come in to fix a netbook, and I want to use that as my hda with vpn. My end goal is to provide remote access to shares to 5-10 clients (no more than 2/3 simultaneous - I understand network load), this also is to provide remote network administration (adding computers to my wifi mac filter etc.). I hope to establish the ability to share files with friends without needing vpn setup (aka working with a friend on a project and allowing them access to files via a web-browser or some other simple connection for temporary purposes). I hope that amahi will allow me to do this, if not entirely I'm friendly with terminal if I need to do any extra with fedora, even though I'm more familiar with debian based (ubuntu) systems.

[bigfoot65]

Hope you get it all sorted out. As for VPN, you could use the OpenVPN ALS app. It is a client-less VPN that works well for files. It would require that you forward a port on your router to the HDA and port the app uses which is 4443.

http://www.amahi.org/apps/openvpn-als

This is a nice app and offers full user control. It it is pre-configured with the default Amahi shares, but you can add pretty much any location on the server.

[roblu001]

Phase one has SUCCEEDED!!!!! I have VPN access from my android, and from my netbook! this is great! my phone times out from time to time, but I am happy thus far with how things are going!

Phase two! I need to be able to have access via a web browser to my shares. but the problem is this (and feel free to access this site) http://roblu-2.yourhda.com should take me to my HDA but instead it takes me to my DSL modem's login page. My ISP has forwarded UDP 1194, 500, 4500 and port 8080 to my HDA address. Yet I still can't access the page I need to get to from the web. anyone able to help me? also where should this post go?

[bigfoot65]

Glad to hear VPN is working now.

Key point to note is the 1194 is UDP, but the 80 and 443 needs to be TCP. Since you used 8080, maybe that is why it when to your DSL login page. Although 80 and 8080 typically yield the same result.

Also, is there a way to change the port for the DSL login page? If not, then you are in a spot. Only way around it is to change your HDA access port. This is clearly an ISP issue, so best to get with them.