Jump to content
Hak5 Forums

Search the Community

Showing results for tags 'openvpn'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • WiFi Pineapple
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapple University
    • WiFi Pineapples Mark I, II, III
  • Hak5 Gear
    • Bash Bunny
    • Packet Squirrel
    • LAN Turtle
    • USB Rubber Ducky
  • Hak5 Shows
    • Hak5
    • HakTip
    • Metasploit Minute
    • Threatwire
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Found 20 results

  1. I am maybe a little crazy but I am trying to forward network traffic from two differents SSID to two different vps running openvpn. Why ? Because I have two VPS and I woud like to able to browse the Internet from all my device just selecting a WiFi network. Sorry for this dirty hack ; the pineapple is a cool offensive device that I love use but I am trying to configure it as something like a smart defensive device :) Well, my setup is working well with only one wifi / tun interface. It seems impossible to work that with the two VPN at the same time (openvpn client). I don't understand why :/ I think it's not a very complicate setup I hope somebody could help me here since you're network experts. I think it's a routing issue but I am not sure. So my question is the following : - How can I forward correctly forward the network traffic from my two wifi subnets to each tun / vpn interface at the same time ? Anyone can help me to fix this please ? Below few details about my setup : To simplify this, my setup looks like : eth0 (internet link) <===== tun0 <==== wifi-A eth0 (internet link) <===== tun1 <==== wifi-B Note the following statements : 1. My openwrt device get the Internet link with the eth0 interface using DHCP 2. I created a bridge on my wlan0 interface to be able to broadcast two SSID : (wifi-a & wifi-b) 3. On wifi-a : a DHCP server is running pool 172.17.42.100-200 gw 172.18.42.1 4. On wifi-b : a DHCP server is running pool 172.18.42.100-200 gw 172.18.42.1 5. I have two VPS where I installed openvpn : PublicIP-1 & PublicIP-2 6. I run on my device two openvpn client to public-IP-1 (tun0) and to public-IP-2 (tun1) 7. Finally I nated wifi-a subnet to tun0 and wifi-b subnet to tun1 with the following iptables rules : iptables -t nat -A POSTROUTING -s 172.17.42.0/24 -o tun0 -j MASQUERADE iptables -A FORWARD -s 172.17.42.0/24 -o tun0 -j ACCEPT iptables -A FORWARD -d 172.17.42.0/24 -m state --state ESTABLISHED,RELATED -i tun0 -j ACCEPT iptables -t nat -A POSTROUTING -s 172.18.42.0/24 -o tun1 -j MASQUERADE iptables -A FORWARD -s 172.18.42.0/24 -o tun1 -j ACCEPT iptables -A FORWARD -d 172.18.42.0/24 -m state --state ESTABLISHED,RELATED -i tun1 -j ACCEPT Below my interface details : eth0 inet addr:192.168.0.10 Bcast:192.168.0.255 Mask:255.255.255.0 br-wifi-a inet addr:172.17.42.1 Bcast:172.17.42.255 Mask:255.255.255.0 br-wifi-b inet addr:172.18.42.1 Bcast:172.18.42.255 Mask:255.255.255.0 tun0 inet addr:10.8.0.6 P-t-P:10.8.0.5 Mask:255.255.255.255 tun1 inet addr:10.9.0.6 P-t-P:10.9.0.5 Mask:255.255.255.255 My route table : Destination Gateway Genmask Flags Metric Ref Use Iface default 192.168.0.1 0.0.0.0 UG 0 0 0 eth0 10.8.0.1 10.8.0.5 255.255.255.255 UGH 0 0 0 tun0 10.8.0.5 * 255.255.255.255 UH 0 0 0 tun0 10.9.0.1 10.9.0.5 255.255.255.255 UGH 0 0 0 tun1 10.9.0.5 * 255.255.255.255 UH 0 0 0 tun1 [PublicIP-VPS-1] 192.168.0.1 255.255.255.255 UGH 0 0 0 eth0 [PublicIP-VPS-2] 192.168.0.1 255.255.255.255 UGH 0 0 0 eth0 172.17.42.0 * 255.255.255.0 U 0 0 0 br-wifiA 172.17.42.0 * 255.255.255.0 U 0 0 0 br-wifiB 172.22.42.0 * 255.255.255.0 U 0 0 0 br-lan 192.168.0.0 * 255.255.255.0 U 0 0 0 eth0 **Quick debug :** ping google.com -I tun1 PING google.fr (108.177.119.94): 56 data bytes 64 bytes from 108.177.119.94: seq=0 ttl=43 time=29.665 ms ping google.com -I tun0 PING google.fr (108.177.119.94): 56 data bytes 64 bytes from 108.177.119.94: seq=0 ttl=43 time=30.277 ms ping google.com -I eth0 PING google.fr (108.177.119.94): 56 data bytes 64 bytes from 108.177.119.94: seq=0 ttl=42 time=17.860 ms ^C Again, I think it's routing issue but I am maybe to much tired to see my mistake. Can you help me to debug this ? Thanks for your help guys,
  2. So I have been working on this Server/VPN project for about a month now and I'm supper happy i finally have everything together, setup and boxed up. A quick rundown on what is in there and what i have done. The top black box is clearly just my router and the bottom hosing is an electronic project box i picked up for my local electronics store (Jaycar). The actual internals consist of 3 raspberry pi 3's, a TP 5 port switch which i removed the housing from as the board by itself takes up significantly less room, a 70 watt powered USB hub to power the pi's, 3 micro USB power cables, 3 cat 5e Ethernet cables, and a 2TB external hard drive. The standalone raspberry pi with the 2TB external drive is a self contained, fully functional, and port forwarded for external access, OwnCloud server which i have found myself using on a dally basis. The other 2 that are stack, are VPN related. The bottom pi is my own OpenVPN household server which is port forwarded for external access and it is what i actually connect all of my devices to. The top pi is my NordVPN client that i have also set up as a local internet gateway for my local network. So the config currently works and is setup as follows. My OwnCloud server stands allow with internal pi encryption, https, and encrypted storage. The OpenVPN local server runs all of its encrypted traffic through the NordVPN pi gateway, then through to my router, while still encrypted out to the NordVPN servers and then finally decrypted and out to the internet with a change of location and ip address. Device --> OpenVPN pi Server --> NordVPN pi Client --> Router --> NordVPN Server --> Internet The theory behind this is now i can create and revoke as many client keys as I want and keep track of all of my devices with my own OpenVPN server as well as encrypting my traffic while i am way from home without setting up all of my devices with NordVPN (its all most as simple as drag and drop a ovpn file for most devices using OpenVPN plus OpenVPN can be setup in may different ways and has loads more configuration options), but then also tunnel them out through the internet while maintaining the encryption (instead of decrypt all of my traffic before it leaves my router) as well as changing my geo-location, hiding my traffic from my ISP and also avoiding the 8 device limit that NordVPN sets. Thought? Hope i Have sparked some creativity in everyone.
  3. PIA Open VPN

    Alright, so I've managed to get OpenVPN to work on the Nano.. I even managed to get it to connect to PIA. However the moment the connection establishes I lose the internet. I'm pretty sure this is a routing issue. But I'm unsure of what I need to add to the config file to fix the issue upon connecting. This is the result of the IP config table after it establishes a connection. Destination Gateway Genmask Flags Metric Ref Use Iface default 10.24.10.5 128.0.0.0 UG 0 0 0 tun0 default 192.168.2.5 0.0.0.0 UG 0 0 0 wlan1 10.24.10.1 10.24.10.5 255.255.255.255 UGH 0 0 0 tun0 10.24.10.5 * 255.255.255.255 UH 0 0 0 tun0 128.0.0.0 10.24.10.5 128.0.0.0 UG 0 0 0 tun0 162.216.46.86 192.168.2.5 255.255.255.255 UGH 0 0 0 wlan1 172.16.42.0 * 255.255.255.0 U 0 0 0 br-lan 192.168.2.0 * 255.255.255.0 U 0 0 0 wlan1 192.168.2.5 * 255.255.255.255 UH 0 0 0 wlan1 I would like to connect to the router using Wan1, and then connect to Wan0 with my laptop or other internet devices during traveling and still run my traffic over an encrypted VPN. any suggestions?
  4. OpenVPN does not start on boot

    I have configured my openvpn on my turtle lan. The openvpn works fine if I manually start it in the menu or issue a /etc/init.d/openvpn start command. I have set the Bootup Status to Enabled. I reboot the turtlelan and openvpn does not start, viewing the menu it confirms that Bootup Status is Enabled and the Current Status is stopped. If I click on Start the openvpn starts up and works as expected. But I cannot get openvpn to start on bootup even though it is configured to. Side note: If you click on stop after start you get "Command failed: Not found" for an error and the openvpn is still started.
  5. If you click on stop once openvpn is running you get "Command failed: Not found" for an error and the openvpn is still started. I am on v2 and no updates are available as of today.
  6. Hello All, I am considering to install my own VPN server to surf anonymously and change my IP to an American one. This tutorial explains how to setup Open VPN on a VPS (DO) i am wondering is OpenVPN necessary or i could go for an L2TP installation as it seems to be much easier to install and easier to maintain. Is L2TP really unsafe as I could read it around online? Thanks for your inputs.
  7. Hi All I own a Raspberry PI B+ running the latest version of Dietpi. I would like to setup my pi as an OpenVPN server so all my internet traffic at home and from my smartphone will go through the pi. I have been unsuccessful with the installation using the instructions from the dietpi website. http://dietpi.com/phpbb/viewtopic.php?f=8&t=5&p=613#p613 I have also tried this blog post with no luck. http://ruudabma.com/archives/6 So I was think of thing an episode of hak5 a go, but which episode would do the trick as OpenVPN has been quiet a popular top on the show. Or if anyone has any other solutions to my problem that would be greatly appreciated. Cheers
  8. I install openvpn to my rasberry pi from scratch and the VPN is working inside my house i can connect to it from my phone but i can not access it from outside my house. What is that i have to do to be able to access the VPN from outside my house is there a file to edit or a setting in my router I have to change I am kinda loss any tips of what i should do to that be amazing.
  9. So the latest YouTube video (https://www.youtube.com/watch?v=04EmeXSZo_0&t=1156s) on easily setting up OpenVPN on a Raspberry Pi using the StarshipEngineer script is super useful. But I'm wondering if the Raspberry Pi can also be turned into a WiFi Access Point (assuming onboard wifi available, or appropriate wifi dongle connected), thus allowing any devices to connect to the RPi AP and automatically be routed through the VPN for encrypted onward connection to the ISP and public internet. Is this even possible?
  10. I've been excited to see the results for the past few months when they announced an audit. https://www.privateinternetaccess.com/blog/2017/05/openvpn-2-4-evaluation-summary-report/ Theres a section on insecure settings which have some good suggestions.
  11. So I really need help, I though I had everything squared up and ready but I tried to connected externally this afternoon and found a large hole in my plan (a little cranky) . I have everything working great but external access to my OpenVPN server. For more information please read the below link https://forums.hak5.org/index.php?/topi ... vpn-build/ Long story short I need to access my server from outside the network. The setup is my open VPN server on a raspberry pi running raspbian which is on local ip 10.1.1.101 and I run all of its traffic through another raspberry pi configured as a gateway with the ip of 10.1.1.102 then out to the Internet. Everything is working great internally I just need to know what I have to do to access it external. The default gateway for the gateway pi is 10.1.1.1
  12. OpenVPN From Scratch - Hak5 2019

    Hello dear Hak5 team. The Hak5 2019 episode is just what I was looking for and I thank you for your hard work. I'm running Ubuntu 16.04, OpenVPN 2.3.10 I follow the instructions and configure the OpenVPN as root. I get it to work to "Initialization Sequence Completed". OpenVPN is enabled with "service openvpn start"... so far so good. My PC is server (configured as root) and client, I copy the .ovpn to the user home folder. At this point I can surf the web but not through the VPN. If I do (from /home/user/) "$ sudo openvpn pinneaple.ovpn" then I'm not able to surf any webpage and "There is no internet connection" is displayed on the browser. The network icon didn't show warning mesasges so I guess the internet is fine and the pinneaple.ovpn is causing the problem. I read some other sites that refers to tcpdump, change default gateway, etc... but can't find a solution to be able to surf the web through OpenVPN. Thanks in advance.
  13. I recently got a WiFi PineApple and managed to setup a working openvpn connection. My issue is when i go to http://dnsleaktest.com what is shown as my resolver is my default's internet connection when on the VPN connection I use google's DNS resolvers 8.8.8.8 and 8.8.4.4.With this known I can not seem to create a up script that will allow me to get the right DNS servers to be shown and used. I know this is not just a openvpn/openwrt issue so there must be some way to write a script that will force the use of the passed DNS servers from openvpn. I noticed the "issue" is also with my Ubuntu system that I'm using. with the Ubuntu system I know how to fix that issue but not with the WiFi PineApple
  14. I have to travel a lot for work, so I am looking for a travel router that will be able to act as an OpenVPN client. I have considered purchasing a WIFI Pineapple nano for this application, but it seems to be a bit of an overkill for what I need. What would you suggest I get?
  15. OpenVPN

    What is easiest free way to setup OpenVPN with a Raspberry Pi? I want to use it with my Linux VM, MacBook Pro, iPhone, and iPad.
  16. Hi, I am a mark V owner thinking of purchasing a TETRA. If I were to use it as a normal router with an OpenVPN tunnel (i.e. TETRA is the client) what kind of speeds can I expect to get? It seems most routers max out at ~ 20Mb/s. Am I correct in assuming TETRA will not be able to handle a 100Mb/s connection ?
  17. VPN Giving internal IP?

    Hey guys! Just followed the Hak5 Episode on making an OpenVPN server from scratch on Linux. I can connect to the VPN as long as I am connected to my own internal network... I thought the whole purpose was to be able to connect from the outside?
  18. OpenVPN with PIA

    I'm trying to put OpenVPN on the pineapple nano using Private internet Access as the VPN service, but I'm having issues getting the ovpn to load properly while following along with Darren's video https://www.hak5.org/frontpage/hak5-2018-how-to-build-an-openvpn-access-point-pt-2. I listed below the script errors that I'm getting and also the text file for the ovpn that I'm trying to load. Here is the text file for the ovpn that I'm trying to load on the nano: client dev tun remote us-east.privateinternetaccess.com 1198 udp remote us-east.privateinternetaccess.com 502 tcp resolv-retry infinite nobind persist-key persist-tun setenv CLIENT_CERT 0 <ca> -----BEGIN CERTIFICATE----- MIIFqzCCBJOgAwIBAgIJAKZ7D5Yv87qDMA0GCSqGSIb3DQEBDQUAMIHoMQswCQYD VQQGEwJVUzELMAkGA1UECBMCQ0ExEzARBgNVBAcTCkxvc0FuZ2VsZXMxIDAeBgNV BAoTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQLExdQcml2YXRlIElu dGVybmV0IEFjY2VzczEgMB4GA1UEAxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3Mx IDAeBgNVBCkTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMS8wLQYJKoZIhvcNAQkB FiBzZWN1cmVAcHJpdmF0ZWludGVybmV0YWNjZXNzLmNvbTAeFw0xNDA0MTcxNzM1 MThaFw0zNDA0MTIxNzM1MThaMIHoMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0Ex EzARBgNVBAcTCkxvc0FuZ2VsZXMxIDAeBgNVBAoTF1ByaXZhdGUgSW50ZXJuZXQg QWNjZXNzMSAwHgYDVQQLExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UE AxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBCkTF1ByaXZhdGUgSW50 ZXJuZXQgQWNjZXNzMS8wLQYJKoZIhvcNAQkBFiBzZWN1cmVAcHJpdmF0ZWludGVy bmV0YWNjZXNzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPXD L1L9tX6DGf36liA7UBTy5I869z0UVo3lImfOs/GSiFKPtInlesP65577nd7UNzzX lH/P/CnFPdBWlLp5ze3HRBCc/Avgr5CdMRkEsySL5GHBZsx6w2cayQ2EcRhVTwWp cdldeNO+pPr9rIgPrtXqT4SWViTQRBeGM8CDxAyTopTsobjSiYZCF9Ta1gunl0G/ 8Vfp+SXfYCC+ZzWvP+L1pFhPRqzQQ8k+wMZIovObK1s+nlwPaLyayzw9a8sUnvWB /5rGPdIYnQWPgoNlLN9HpSmsAcw2z8DXI9pIxbr74cb3/HSfuYGOLkRqrOk6h4RC OfuWoTrZup1uEOn+fw8CAwEAAaOCAVQwggFQMB0GA1UdDgQWBBQv63nQ/pJAt5tL y8VJcbHe22ZOsjCCAR8GA1UdIwSCARYwggESgBQv63nQ/pJAt5tLy8VJcbHe22ZO sqGB7qSB6zCB6DELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRMwEQYDVQQHEwpM b3NBbmdlbGVzMSAwHgYDVQQKExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4G A1UECxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAMTF1ByaXZhdGUg SW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQpExdQcml2YXRlIEludGVybmV0IEFjY2Vz czEvMC0GCSqGSIb3DQEJARYgc2VjdXJlQHByaXZhdGVpbnRlcm5ldGFjY2Vzcy5j b22CCQCmew+WL/O6gzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBDQUAA4IBAQAn a5PgrtxfwTumD4+3/SYvwoD66cB8IcK//h1mCzAduU8KgUXocLx7QgJWo9lnZ8xU ryXvWab2usg4fqk7FPi00bED4f4qVQFVfGfPZIH9QQ7/48bPM9RyfzImZWUCenK3 7pdw4Bvgoys2rHLHbGen7f28knT2j/cbMxd78tQc20TIObGjo8+ISTRclSTRBtyC GohseKYpTS9himFERpUgNtefvYHbn70mIOzfOJFTVqfrptf9jXa9N8Mpy3ayfodz 1wiqdteqFXkTYoSDctgKMiZ6GdocK9nMroQipIQtpnwd4yBDWIyC6Bvlkrq5TQUt YDQ8z9v+DMO6iwyIDRiU -----END CERTIFICATE----- </ca> cipher aes-128-cbc auth sha1 tls-client remote-cert-tls server auth-user-pass comp-lzo verb 1 reneg-sec 0 <crl-verify> -----BEGIN X509 CRL----- MIICWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQI EwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRl cm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAw HgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0 ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRl aW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZa MCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG 9w0BAQ0FAAOCAQEAQZo9X97ci8EcPYu/uK2HB152OZbeZCINmYyluLDOdcSvg6B5 jI+ffKN3laDvczsG6CxmY3jNyc79XVpEYUnq4rT3FfveW1+Ralf+Vf38HdpwB8EW B4hZlQ205+21CALLvZvR8HcPxC9KEnev1mU46wkTiov0EKc+EdRxkj5yMgv0V2Re ze7AP+NQ9ykvDScH4eYCsmufNpIjBLhpLE2cuZZXBLcPhuRzVoU3l7A9lvzG9mjA 5YijHJGHNjlWFqyrn1CfYS6koa4TGEPngBoAziWRbDGdhEgJABHrpoaFYaL61zqy MR6jC0K2ps9qyZAN74LEBedEfK7tBOzWMwr58A== -----END X509 CRL----- </crl-verify>
  19. Testing IP Tables on OpenVPN

    On my nano I have set it up to auto connect to my open vpn server upon internet connection. I did all this in rc.local my question is how do i test that the iptable settings are correct with all connections going through tun0? My other question is how to I configure the connection to autoconnect if the connection gets dropped? -M
  20. I really loved the last two episodes on creating a VPN. I have a Wifi Pineapple Nano and have setup a VPN server and can manually connect . I used the forwarding 'foo' code in the video to get client forwarding working. Now I wanted to make it so that the openvpn client and the forwarding script works on startup but I cannot seem to get it working. I've done some searching but cannot think of where to go from here. I've put this in /etc/init.d/ #!/bin/sh # Start the openvpn service openvpn client.ovpn #Setup forwarding for clients iptables -t nat -A POSTROUTING -s 172.16.42.0/24 -o tun0 -j MASQUERADE iptables -A FORWARD -s 172.16.42.0/24 -o tun0 -j ACCEPT iptables -A FORWARD -d 172.16.42.0/24 -m state --state ESTABLISHED,RELATED -i tun0 -j ACCEPT And created a symlink to /etc/rc.d/ If I run the commands separately it all works however I cannot get it to run on boot. Should they be run as two different processes? Is it because openvpn is running the second won't trigger. Not sure if it's my lack of understanding of Unix/bash scripting or something else. Thanks for your time guys.
×