Messages

It is very strange.
The phone can connect via RDP always, but it does not work from another computer.
In the rules, the source is set as "*"!
What could be the problem?

My openvpn doesn't work even with direct network subnet in source.

I set Source on OPENVPN tab equal my Tunnel Network, but I still can't connect to LAN resorse and the Internet.

if you go to VPN -> OpenVPN -> Servers you see a network listed in column "Tunnel Network". Remember this network.
Then go to Firewall -> Rules - OPENVPN. There should be a rule to let the traffic pass from the OpenVPN network to the destinations  you desire. Make sure that in the column "Source" the network from above is listed.

Source and target sets as "*", I set source to "OpenVPN net" but nothing changed.

Make sure the source is set to your tunnel subnet or * as well.

I don't understand you(

a missing pass rule in the firewall?

I see rule for OpenVPN with destination value "*".

The connection is normal, but I can not connect to internal network resources and the Internet.
What could be the reason?

I solved the problem, I used server ca before instead client ca.

For what used parametr "Use a password to protect the pkcs12 file contents or key in Viscosity bundle", when I configured vpn on android I used user password?

Sorry, I was a bit cryptic. Check out VPN -> OpenVPN -> Log File and see if you can spot any errors there.

I have this strings in logs:

Code Select Expand


Apr 11 03:17:24 openvpn[64982]: 192.168.3.36:55542 TLS Error: TLS handshake failed
Apr 11 03:17:24 openvpn[64982]: 192.168.3.36:55542 TLS Error: TLS object -> incoming plaintext read error
Apr 11 03:17:24 openvpn[64982]: 192.168.3.36:55542 TLS_ERROR: BIO read tls_read_plaintext error
Apr 11 03:17:24 openvpn[64982]: 192.168.3.36:55542 OpenSSL: error:14089086:SSL routines:ssl3_get_client_certificate:certificate verify failed
Apr 11 03:17:24 openvpn[64982]: 192.168.3.36:55542 VERIFY ERROR: depth=0, error=unsupported certificate purpose: C=RU, ST=SPb, L=SPb, O=InfinityNet, emailAddress=admin@infinitynet, CN=Server Certificate for my OpenVPN


What error messages and log entries do you see?

No errors, only certiicate verification or connection timeout.

I configur Authoriti server, create Certificate and user with this certificate.
I create OpenVPN server with this authiriti server and this certificate.
Then I export client install package for Android or OpenVPN connect, but I can't connect!
What could be the problem?

Port forwarding work fine only first a few minutes after rebooting forwarding rules.
After that there is no ways to connect.

Looking at the port forward rules screenshot a bit closer, the problem is that you have the destination address set to "LAN Address" when it must be set to "WAN address"

Thank you, now it's work, sometimes, but sometimes not, it's very strange (may be is android MS RDP client is buggy). But it's better then was!
I use sysctl net.pf.share_forward=1
And I can't connect through LAN.

are you trying to RDP over the internet ? don't see a firewall hit on the logs ?

Yes, over Internet.
I can't find information about this connection in firewall logs :(

Make sure you are on 17.1.1 first, then run this command in shell / console as root:
sysctl net.pf.share_forward=0

Yes, I on 17.1.1.
I do this command, but nothing changed. For what this command?
After reboot value back to 1.