1
Web Proxy Filtering and Caching / Re: OpenConnect (ocserv) Connected on client side, But NO INTERNET
« on: February 21, 2019, 11:36:17 am »
Hi mimugmail,
There is no opnsense.
There is no opnsense.
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
Web Proxy Filtering and Caching / OpenConnect (ocserv) Connected on client side, But NO INTERNET
« on: February 20, 2019, 10:15:47 pm »
Please take a look at these links :
openconnect / ocserv
openconnect / ocserv Installation - CentOS, RHEL, Fedora
I have centos 7.6 as server with public ip.
Also in client machine i have windows 7 os with wireless internet.
I followed these commands to install openconnect on server machine :
And here is ocserv.conf file :
After editing ocserv.conf i did these commands :
Client machine can connect to openconnect with username test successfully.
But the problem is that i can not open any web page on client machine & it seems there is NO INTERNET.
What should i do on server machine to fix this problem?
ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ
P.S.
Firewall is off on both server & client.
I did nothing about routing or forwarding.
I am not familiar with them.
1-routing
Can you explain about #route = parts in ocserv.config file? Should i create line(s) about that(them) or not?
2-ip forwarding
Also can you explain about IP Forwarding >
I have one network adapter on server machine? how many network adapter(s) is needed for openconnect vpn? 1 or 2?
Also i found this link about my situation. But not satisfy.
MY GOAL FROM THIS VPN SERVER IS : LET MY CLIENT TO BYPASS INTERNET CENSORSHIP(FILTERING)
openconnect / ocserv
openconnect / ocserv Installation - CentOS, RHEL, Fedora
I have centos 7.6 as server with public ip.
Also in client machine i have windows 7 os with wireless internet.
I followed these commands to install openconnect on server machine :
Code: [Select]
sudo yum -y install gnutls-devel libev-devel tcp_wrappers-devel pam-devel lz4-devel libseccomp-devel readline-devel libnl3-devel krb5-devel radcli-devel
sudo yum -y install epel-release
sudo yum repolist enabled
sudo yum info ocserv
sudo yum -y install ocserv
sudo ocpasswd -c /etc/ocserv/ocpasswd test
123
nano -K /etc/ocserv/ocserv.confAnd here is ocserv.conf file :
Code: [Select]
auth = "plain[passwd=/etc/ocserv/ocpasswd]"
tcp-port = 8090
udp-port = 8090
run-as-user = ocserv
run-as-group = ocserv
socket-file = ocserv.sock
chroot-dir = /var/lib/ocserv
isolate-workers = true
max-clients = 5
max-same-clients = 1
keepalive = 32400
dpd = 90
mobile-dpd = 1800
switch-to-tcp-timeout = 25
try-mtu-discovery = true
server-cert = /etc/pki/ocserv/public/server.crt
server-key = /etc/pki/ocserv/private/server.key
ca-cert = /etc/pki/ocserv/cacerts/ca.crt
cert-user-oid = 0.9.2342.19200300.100.1.1
tls-priorities = "NORMAL:%SERVER_PRECEDENCE:%COMPAT:-VERS-SSL3.0"
auth-timeout = 240
min-reauth-time = 300
max-ban-score = 50
ban-reset-time = 300
cookie-timeout = 300
deny-roaming = false
rekey-time = 172800
rekey-method = ssl
use-occtl = true
pid-file = /var/run/ocserv.pid
device = vpns
predictable-ips = true
default-domain = example.com
ipv4-network = 192.168.102.0
ipv4-netmask = 255.255.255.0
dns = 8.8.8.8
dns = 8.8.4.4
ping-leases = false
cisco-client-compat = true
dtls-legacy = true
user-profile = profile.xml
# Routes to be forwarded to the client. If you need the
# client to forward routes to the server, you may use the
# config-per-user/group or even connect and disconnect scripts.
#
# To set the server as the default gateway for the client just
# comment out all routes from the server, or use the special keyword
# 'default'.
#route = 10.10.10.0/255.255.255.0
#route = 192.168.0.0/255.255.0.0
#route = fef4:db8:1000:1001::/64After editing ocserv.conf i did these commands :
Code: [Select]
sudo systemctl start ocserv
sudo systemctl enable ocserv
sudo systemctl status ocservNow i downloaded gui software from here on client machine. Client machine can connect to openconnect with username test successfully.
But the problem is that i can not open any web page on client machine & it seems there is NO INTERNET.
What should i do on server machine to fix this problem?
ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ
P.S.
Firewall is off on both server & client.
I did nothing about routing or forwarding.
I am not familiar with them.
1-routing
Can you explain about #route = parts in ocserv.config file? Should i create line(s) about that(them) or not?
2-ip forwarding
Also can you explain about IP Forwarding >
Code: [Select]
net.ipv4.ip_forward = 13-network adapterI have one network adapter on server machine? how many network adapter(s) is needed for openconnect vpn? 1 or 2?
Also i found this link about my situation. But not satisfy.
MY GOAL FROM THIS VPN SERVER IS : LET MY CLIENT TO BYPASS INTERNET CENSORSHIP(FILTERING)
Pages: [1]