Active Topics
-
Maemo repository (13)
to Community by nieldk - 18 hrs, 18 mins ago -
Error after installing Leste on sdcard (18)
to Maemo 7 / Leste by Maemish - 2 days, 18 hrs ago -
Maemo 20th Anniversary (4)
to Brainstorm by teroyk - 4 days, 13 hrs ago -
Nokia Booklet 3G (RX-75) Drivers (64)
to Alternatives by teroyk - 4 days, 13 hrs ago -
Porting apps to Leste (46)
to Maemo 7 / Leste by teroyk - 6 days, 17 hrs ago - more...
|
2007-07-04
, 15:20
|
|
Posts: 5 |
Thanked: 1 time |
Joined on Jul 2007
|
#2
|
I was half asleep by the time I wrote that last night, so, some additional info...
Openvpn itself seems to be working fine. I accidentally clicked on the .p12 file and was surprised to find that it opened. The N800 treated it as a normal cert, asked for some passwords and I guess stored it. I could see this being a problem or a solution.... if I could convince openvpn to use it as stored on the device that would work. I've tried commenting it out of the ovpn file and it just tells me that it needs a key, basically.
I took a closer look at my Ipcop settings, and it seems to favor this auth method. Admittedly I don't know a ton about vpn, but I didn't see any option to key it a different way. I'm sure I could convince it at the command line or something, but I've had success with this auth type on "normal" systems, it doesn't seem too much of a stretch to have it work on the n800, especially since it was able to load the cert by itself.
Openvpn itself seems to be working fine. I accidentally clicked on the .p12 file and was surprised to find that it opened. The N800 treated it as a normal cert, asked for some passwords and I guess stored it. I could see this being a problem or a solution.... if I could convince openvpn to use it as stored on the device that would work. I've tried commenting it out of the ovpn file and it just tells me that it needs a key, basically.
I took a closer look at my Ipcop settings, and it seems to favor this auth method. Admittedly I don't know a ton about vpn, but I didn't see any option to key it a different way. I'm sure I could convince it at the command line or something, but I've had success with this auth type on "normal" systems, it doesn't seem too much of a stretch to have it work on the n800, especially since it was able to load the cert by itself.
|
|
2007-07-05
, 18:09
|
|
Posts: 5 |
Thanked: 1 time |
Joined on Jul 2007
|
#3
|
Alright, for anyone who might stumble into this problem in the future, here's the answer.
I had used the command "openvpn --config /media/mmc1/file.ovpn" to open the config file on the external memory card. The same directory contains the .p12 certificate file. The result was "error opening file.p12". Turns out that for whatever reason, openvpn was unable to see the p12 file, requiring it to be specified at the command line with the config file, in this form:
openvpn --config /media/mmc1/file.ovpn --pkcs12 /media/mmc1/file.p12
This could simply be me missing something completely stupid, but the command above has solved it for me.
I had used the command "openvpn --config /media/mmc1/file.ovpn" to open the config file on the external memory card. The same directory contains the .p12 certificate file. The result was "error opening file.p12". Turns out that for whatever reason, openvpn was unable to see the p12 file, requiring it to be specified at the command line with the config file, in this form:
openvpn --config /media/mmc1/file.ovpn --pkcs12 /media/mmc1/file.p12
This could simply be me missing something completely stupid, but the command above has solved it for me.
|
|
2007-07-14
, 20:39
|
|
Posts: 17 |
Thanked: 1 time |
Joined on Jul 2007
|
#4
|
Could you please post instructions on you got openvpn installed and working on the N800, please? Thanks!
 |
|
2007-07-14
, 21:37
|
|
Posts: 91 |
Thanked: 25 times |
Joined on Mar 2007
@ Marlow, Bucks
|
#5
|
I'm working on an Open VPN howto if you are interested. Should be up on my blog by tomorrow or Monday at the latest.
|
|
2007-07-16
, 16:51
|
|
Posts: 91 |
Thanked: 25 times |
Joined on Mar 2007
@ Marlow, Bucks
|
#6
|
OK - I've got a howto guide to getting OpenVPN running on the N800 if anyone is interested.
You'll find it on my N800 blog. It's kind of work in progress - if anyone has any comments or corrections they'd be gratefully received.
Cheers,
You'll find it on my N800 blog. It's kind of work in progress - if anyone has any comments or corrections they'd be gratefully received.
Cheers,
 |
|
2007-07-18
, 21:53
|
|
Posts: 641 |
Thanked: 27 times |
Joined on Apr 2007
|
#7
|
This is how I have it set up. The openvpn.conf file and the p12 file are in the /etc/openvpn/ folder. My openvpn.conf file looks mostly like this,
The command to get it working is
This works for me.
Last edited by barry99705; 2007-07-18 at 21:55.
Code:
#OpenVPN Server conf tls-client client dev tun proto udp tun-mtu 1500 remote (ipcop address here) 1194 #Comment the above line and uncoment the next line, if you want to connect on the Blue interface #remote (wifi access point address here) 1194 pkcs12 Nokia.p12 cipher BF-CBC comp-lzo verb 3 ns-cert-type server
Code:
openvpn --config /etc/openvpn/openvpn.conf
Originally Posted by mfresh
I am having problems with the vpn script you wrote. When I do a ./vpn , it does the whole gainroot thing, but stops there. Then when I exit out of root, it trys to finish and can't find the openvpn command.
OK - I've got a howto guide to getting OpenVPN running on the N800 if anyone is interested.
You'll find it on my N800 blog. It's kind of work in progress - if anyone has any comments or corrections they'd be gratefully received.
Cheers,
__________________
Just because you are online, doesn't mean you don't have to form a full sentence.
SEARCH! It's probably already been answered.
Just because you are online, doesn't mean you don't have to form a full sentence.
SEARCH! It's probably already been answered.
Last edited by barry99705; 2007-07-18 at 21:55.
|
|
2007-07-18
, 22:35
|
|
Posts: 91 |
Thanked: 25 times |
Joined on Mar 2007
@ Marlow, Bucks
|
#8
|
It may be a dumb question, but have you edited the vpn shell script?
As downloaded, it looks like this:
#!/bin/sh
sudo gainroot
cd /etc/openvpn
openvpn --config n800remote.ovpn
which will work using the config file created in the howto.
Since you are using a different setup, it looks to me like at the very least you would need to edit it. Try this:
#!/bin/sh
sudo gainroot
cd /usr/sbin/
openvpn --config /etc/openvpn/openvpn.conf
Then, from /home/user, (which is where vpn should be stored) try running ./vpn
That shoud make you root, move you to the folder in which openvpn is located, and finally run openvpn, with the config file openvpn.conf located in /etc/openvpn/
Does that work?
As downloaded, it looks like this:
#!/bin/sh
sudo gainroot
cd /etc/openvpn
openvpn --config n800remote.ovpn
which will work using the config file created in the howto.
Since you are using a different setup, it looks to me like at the very least you would need to edit it. Try this:
#!/bin/sh
sudo gainroot
cd /usr/sbin/
openvpn --config /etc/openvpn/openvpn.conf
Then, from /home/user, (which is where vpn should be stored) try running ./vpn
That shoud make you root, move you to the folder in which openvpn is located, and finally run openvpn, with the config file openvpn.conf located in /etc/openvpn/
Does that work?
|
|
2007-07-18
, 22:37
|
|
Posts: 641 |
Thanked: 27 times |
Joined on Apr 2007
|
#9
|
Originally Posted by mfresh
Nope, I already edited the script. It just stops running it after gainroot.
It may be a dumb question, but have you edited the vpn shell script?
As downloaded, it looks like this:
#!/bin/sh
sudo gainroot
cd /etc/openvpn
openvpn --config n800remote.ovpn
which will work using the config file created in the howto.
Since you are using a different setup, it looks to me like at the very least you would need to edit it. Try this:
#!/bin/sh
sudo gainroot
cd /usr/sbin/
openvpn --config /etc/openvpn/openvpn.conf
Then, from /home/user, (which is where vpn should be stored) try running ./vpn
That shoud make you root, move you to the folder in which openvpn is located, and finally run openvpn, with the config file openvpn.conf located in /etc/openvpn/
Does that work?
__________________
Just because you are online, doesn't mean you don't have to form a full sentence.
SEARCH! It's probably already been answered.
Just because you are online, doesn't mean you don't have to form a full sentence.
SEARCH! It's probably already been answered.
|
|
2007-07-19
, 08:06
|
|
Posts: 91 |
Thanked: 25 times |
Joined on Mar 2007
@ Marlow, Bucks
|
#10
|
Sorry for suggesting the obvious. You have got me stumped. The script runs, does the gainroot line, and then doesn't start openvpn? Yet it works fine if you run the command openvpn --config blah blah blah from an xterm?
I don't understand why the script won't run the exact same command. And there are definately no typos in your edited script?
I don't understand why the script won't run the exact same command. And there are definately no typos in your edited script?
openvpn_2.0-1maemo2_armel
and
liblzo1_1.08-3_armel
I already had an ipcop machine running openvpn, so I generated a config file from it and copied it to the n800. I think my problem is the choice of auth type... when I run the config on the n800 I get an error opening the .p12 file with OpenSSL in parentheses.
What I'm wondering, is the openssl build on the n800 unable to parse a p12 file? In the .ovpn file it includes a line "pkcs filename.p12", from the error I'm guessing this is where it's failing. If anyone has any ideas on how I can fix this, I'd love to hear them, I've been staring at this all night with no real luck.
Thanks