trying to access hda by vpn

dumbledore
Posts: 46
Joined: Wed Jul 06, 2011 4:01 am

trying to access hda by vpn

Postby dumbledore » Sun Jul 31, 2011 4:13 am

I recently setup amahi on a plug and I'm no trying to access my hda from outside my LAN by VPN.

From the amahi.org/user control panel, it shows that my vpn connection is active. When I go to a Linux client and try to access the hda following (I hope) the instructions on http://wiki.amahi.org/index.php/VPNLinux, and after entering "openvpn --config myvpn.conf", I get through five lines of messages and then:

<date> RESOLVE: Cannot resolve host address: <hda>.<home.com>: [HOST_NOT_FOUND] The specified host is unknown.

(Obviously using my Dynamic DNS address.)

Any ideas what's wrong?
Paul

sag47
Posts: 43
Joined: Sun Feb 13, 2011 9:27 am

Re: trying to access hda by vpn

Postby sag47 » Mon Aug 01, 2011 9:04 pm

Post your myvpn.conf file omitting any passwords (if any) so that we can see the setup you're using. What is the domain of your local network at home?

Also, are you attempting to test this from inside your own network? Because you can't VPN into a network if you're already in that network.

See also troubleshooting in the wiki.
http://wiki.amahi.org/index.php/VPN#Troubleshooting

dumbledore
Posts: 46
Joined: Wed Jul 06, 2011 4:01 am

Re: trying to access hda by vpn

Postby dumbledore » Tue Aug 02, 2011 7:08 am

kappa01@WLSDEV18b:~$ cat myvpn.conf
remote dumbledore.oakwoodroad.net 1194
client
dev tun
proto udp
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca-cert.crt
cert AmahiHDAClient.crt
key AmahiHDAClient.key
comp-lzo
verb 3
auth-user-pass
kappa01@WLSDEV18b:~$

The crt and key files are in the same directory.

The failure is from outside my LAN and the troubleshooting issues are not relevant.
Last edited by dumbledore on Tue Aug 02, 2011 1:15 pm, edited 1 time in total.

dumbledore
Posts: 46
Joined: Wed Jul 06, 2011 4:01 am

Re: trying to access hda by vpn

Postby dumbledore » Tue Aug 02, 2011 1:14 pm

Thought I'd add the complete response to the openvpn command.


kappa01@WLSDEV18b:~$ openvpn --config myvpn.conf
Tue Aug 2 16:09:39 2011 OpenVPN 2.1.3 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Mar 11 2011
Enter Auth Username:admin
Enter Auth Password:
Tue Aug 2 16:09:47 2011 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue Aug 2 16:09:47 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Tue Aug 2 16:09:47 2011 WARNING: file 'AmahiHDAClient.key' is group or others accessible
Tue Aug 2 16:09:47 2011 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Tue Aug 2 16:09:48 2011 LZO compression initialized
Tue Aug 2 16:09:48 2011 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Aug 2 16:09:48 2011 Socket Buffers: R=[126976->131072] S=[126976->131072]
Tue Aug 2 16:09:48 2011 RESOLVE: Cannot resolve host address: dumbledore.oakwoodroad.net: [HOST_NOT_FOUND] The specified host is unknown.
Tue Aug 2 16:09:48 2011 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Aug 2 16:09:48 2011 Local Options hash (VER=V4): '41690919'
Tue Aug 2 16:09:48 2011 Expected Remote Options hash (VER=V4): '530fdded'
Tue Aug 2 16:09:48 2011 RESOLVE: Cannot resolve host address: dumbledore.oakwoodroad.net: [HOST_NOT_FOUND] The specified host is unknown.
.
.
.
until I kill the command

dumbledore
Posts: 46
Joined: Wed Jul 06, 2011 4:01 am

Re: trying to access hda by vpn

Postby dumbledore » Fri Aug 05, 2011 3:12 am

Anybody?

I reinstalled amahi from scratch. Everything else is running normally, but I can't vpn to my box from outside my LAN...the key error is that after running openvpn, I get

RESOLVE: Cannot resolve host address: dumbledore.oakwoodroad.net: [HOST_NOT_FOUND] The specified host is unknown.

I thought this was supposed to work out of the box. Do I have to do something to enable the host address to be resolved outside my LAN?

User avatar
bigfoot65
Project Manager
Posts: 11679
Joined: Mon May 25, 2009 4:31 pm

Re: trying to access hda by vpn

Postby bigfoot65 » Fri Aug 05, 2011 4:55 am

Hello,

The plug can be stubborn. Do you have port 1194 forwarded on your router. Is there a firewall associated with your ISP or router that could be blocking access?

I do not believe there are many plug users currently, so that may indicate why you do not see responses often. It might be worth the time to stop by the IRC for live help. Usually there is someone there who can help.
ßîgƒσστ65
Applications Manager

dumbledore
Posts: 46
Joined: Wed Jul 06, 2011 4:01 am

Re: trying to access hda by vpn

Postby dumbledore » Fri Aug 05, 2011 6:31 am

I tried both ports 1194 and 443.

I'm not sure about the firewall, but I tried from two different places outside my LAN and get the same response. Maybe I need to try Charbucks.

I'm curious though about the nature of the "error".

If amahi.org/users is detecting my domain (is it really detecting or simply reading a line in a database) and knows that my hda is connected, why is the address not resolving? Isn't the domain name registered on some server somewhere outside my LAN that should redirect my openvpn request to my hda? It would appear from your comment that that is not the case; the domain exists only in my hda and that may not be accessible because my vpn client is behind a firewall.

dumbledore
Posts: 46
Joined: Wed Jul 06, 2011 4:01 am

Re: trying to access hda by vpn

Postby dumbledore » Tue Aug 09, 2011 5:11 pm

I may have gotten a connection, but I'm not sure.

First I had to use the IP address reported on the amahi control panel since the name isn't resolving either within my LAN or from outside (even though http://hda and http://<appname> work in the LAN).

Second, I had to
sudo openvpn --config myvpn.conf
to get it to work.

However, after the username and pwd prompt and a slew of messages, the console stops at "Initialization Sequence Completed" and nothing more. This seems normal, but is it?

I can't use a browser to go to http://hda, which I didn't expect to work since I was getting DNS from the router I was connected to.

Am I connected or am I not connected? How do I access the hda at this point?

User avatar
bigfoot65
Project Manager
Posts: 11679
Joined: Mon May 25, 2009 4:31 pm

Re: trying to access hda by vpn

Postby bigfoot65 » Wed Aug 10, 2011 4:44 am

Have you checked out the wiki for help?

What client and software are you using to connect VPN to your plug device?

In future, I might be best if you post plug related stuff in the Plug Computer area.

http://forums.amahi.org/viewforum.php?f=40

Reason being is those with the plug devices are most likely monitoring that topic area versus this one. You may get more help that way. I know we have categories for specific topics, but those are typically geared towards PCs.

Just a suggestion :)
ßîgƒσστ65
Applications Manager

sag47
Posts: 43
Joined: Sun Feb 13, 2011 9:27 am

Re: trying to access hda by vpn

Postby sag47 » Fri Sep 02, 2011 9:44 am

When you say you forwarded port 1194 did you specify UDP or TCP (or both). OVPN uses UDP on port 1194.

Who is online

Users browsing this forum: No registered users and 1 guest