Can't connect TCP 443

[danmit]

Hello guys,


I'm a newbie at linux trying to set up my Amahi server. After three reinstalls I apparently got it and things are starting to become more fun.
Right now I did setup my VNC and I'm trying to get VPN up.

The first try to get it working I was running it on the default port but had trouble connecting to it from my workplace (403 Forbidden).
So I tried redirecting it to TCP 443 port, forwarding it in my DD-WRT router:



And here is the console output from the running service (everything seems ok):

Code: Select all

[dan@localhost ~]$ systemctl status openvpn@amahi.service openvpn@amahi.service - OpenVPN Robust And Highly Flexible Tunneling Application On amahi Loaded: loaded (/usr/lib/systemd/system/openvpn@.service; disabled) Active: active (running) since Sun 2015-01-25 21:20:41 BRST; 1 day 15h ago Process: 11355 ExecStart=/usr/sbin/openvpn --daemon --writepid /var/run/openvpn/%i.pid --cd /etc/openvpn/ --config %i.conf (code=exited, status=0/SUCCESS) Main PID: 11376 (openvpn) CGroup: name=systemd:/system/openvpn@.service/openvpn@amahi.service ├─11356 /usr/sbin/openvpn --daemon --writepid /var/run/openvpn/amahi.pid --cd /etc/openvpn/ --config amahi.conf └─11376 /usr/sbin/openvpn --daemon --writepid /var/run/openvpn/amahi.pid --cd /etc/openvpn/ --config amahi.conf Jan 25 21:20:41 localhost.localdomain openvpn[11355]: /usr/sbin/ip route add 10.8.0.0/24 via 10.8.0.2 Jan 25 21:20:41 localhost.localdomain systemd[1]: Started OpenVPN Robust And Highly Flexible Tunneling Application On amahi. Jan 25 21:20:41 localhost.localdomain openvpn[11376]: Listening for incoming TCP connection on [undef] Jan 25 21:20:41 localhost.localdomain openvpn[11376]: TCPv4_SERVER link local (bound): [undef] Jan 25 21:20:41 localhost.localdomain openvpn[11376]: TCPv4_SERVER link remote: [undef] Jan 25 21:20:41 localhost.localdomain openvpn[11376]: MULTI: multi_init called, r=256 v=256 Jan 25 21:20:41 localhost.localdomain openvpn[11376]: IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0 Jan 25 21:20:41 localhost.localdomain openvpn[11376]: IFCONFIG POOL LIST Jan 25 21:20:41 localhost.localdomain openvpn[11376]: MULTI: TCP INIT maxclients=1024 maxevents=1028 Jan 25 21:20:41 localhost.localdomain openvpn[11376]: Initialization Sequence Completed

When I try to connect with TCP I get a timeout. Anyone have any tips that can help me?


Thanks


Edit
-------------------------------
Here is a log of the connection attempt from my work (proxy):

Code: Select all

Tue Jan 27 11:11:42 2015 OpenVPN 2.1_rc15 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Nov 19 2008 Tue Jan 27 11:11:42 2015 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Tue Jan 27 11:11:42 2015 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Tue Jan 27 11:11:42 2015 LZO compression initialized Tue Jan 27 11:11:42 2015 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ] Tue Jan 27 11:11:42 2015 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ] Tue Jan 27 11:11:42 2015 Local Options hash (VER=V4): '69109d17' Tue Jan 27 11:11:42 2015 Expected Remote Options hash (VER=V4): 'c0103fa8' Tue Jan 27 11:11:42 2015 Attempting to establish TCP connection with 10.209.0.13:3128 Tue Jan 27 11:11:42 2015 TCP connection established with 10.209.0.13:3128 Tue Jan 27 11:11:42 2015 Send to HTTP proxy: 'CONNECT [removed]:443 HTTP/1.0' Tue Jan 27 11:11:48 2015 recv_line: TCP port read timeout expired Tue Jan 27 11:11:48 2015 TCP/UDP: Closing socket Tue Jan 27 11:11:48 2015 SIGTERM[soft,init_instance] received, process exiting

[bigfoot65]

If you can't connect from work, then there is a firewall blocking it most likely. Changing the port to 443 probably will not help.

The OpenVPN troubleshooting guidance in the wiki might help.

[danmit]

If you can't connect from work, then there is a firewall blocking it most likely. Changing the port to 443 probably will not help.

The OpenVPN troubleshooting guidance in the wiki might help.

But if I can login to https:// sites, shouldn't I be able to use it?

[bigfoot65]

In theory, you should be able to access via 443 based on that point. I noticed you have DD-WRT set to both. Maybe try it with just TCP and see if that helps.

[danmit]

Ok, I'll try that

Btw, found this looking at old logs, dunno if can be something related to busybox or something (that's what I would think if it was Android )

Code: Select all

Thanks

[bigfoot65]

That is odd. Never saw those errors before. You do have only one network card and not using wireless for the HDA, correct?

[danmit]

I think it might be something related to my router (TP-Link TL-WR941ND) having only 4 MB flash so it won't support OpenVPN in DD-WRT, at least this is what I read here http://www.dd-wrt.com/phpBB2/viewtopic. ... 98f32dd484

I'll give one last try from my brother's place and see what are the results.

Maybe I'll have to find another use for my old laptop =/

[bigfoot65]

That stinks. Please let us know how it goes. I presume we can close this thread.