OpenVPN throughput / CPU Power ?

[BeNe]

Hello,

can a Packet Squirrel owner please test and post the OpenVPN throughput (maybe in combination with the CPU usage) ?

Since it has the same Hardware specs as the WiFi Pineapple Nano, i´m sure the CPU has not enough power for a good, stabil connection. My Nano for example has not enough power for the encryption.

Thanks!

 

[UnLo]

I'm surprised to hear you say this. I've not actually tried VPN over my nano just yet. But I've got it set up. And i've tested using my gl-AR150 which has similar chipset and i'm seeing roughly 6mbps throughput. More than enough for my needs. 

[Dave-ee Jones]

I would be surprised if that CPU couldn't handle a decent VPN connection - unless Hak5 just chucked OpenVPN on there thinking it would be cool idea and not even test it?

Also..Does this mean the PS can act as a router as well..? Be nice if it had a WiFi card..

First the Bash Bunny now the Packet Squirrel - I sound like an old broken record, haha. Put a WiFi card on everything!

[Darren Kitchen]

It's what you'd expect from a low power embedded Linux box. About 5-6 Mbps.

Initially the OpenVPN connection was just for remote access, but after nailing down that feature we figured, why not let the client tunnel through instead of just using it as a backdoor?

Means you could setup any number of MITM frameworks/exploits on your VPS pentest box and sniff/meddle with the target's connection from afar. Or - ya know - use it to secure your own connection.

Guess it depends on your hat

[th3l0b3_]

so maybe i have missed the convo, but does this mean the tunneling all traffic through PS is possible atm?  i seem to be having a hard time with it.  modified the payload by adding the "1" value to clients.  the "config.ovpn" file is the same content as the one i use for my VPN provider.  i eventually just see it flash yellow, and my connection appears, same as my main internet source.

curious if anyone got it working or not.  cheers.

[jchisholm]

On 10/31/2017 at 11:03 PM, th3l0b3_ said:

so maybe i have missed the convo, but does this mean the tunneling all traffic through PS is possible atm?  i seem to be having a hard time with it.  modified the payload by adding the "1" value to clients.  the "config.ovpn" file is the same content as the one i use for my VPN provider.  i eventually just see it flash yellow, and my connection appears, same as my main internet source.

curious if anyone got it working or not.  cheers.

Well this is a "me too".

I have configured it EXACTLY as per the video but all it's apparently doing is just passing all traffic straight through.

in position 3, the attached PC is obtaining it's regular DHCP address, not 172.16.32.1

I can not ssh into it, and the vpn connection from an Ubuntu openvpn ser to 10.8.0.2 goes nowhere and times out.

Very frustrating.

[Dave-ee Jones]

3 hours ago, jchisholm said:

Well this is a "me too".

I have configured it EXACTLY as per the video but all it's apparently doing is just passing all traffic straight through.

in position 3, the attached PC is obtaining it's regular DHCP address, not 172.16.32.1

I can not ssh into it, and the vpn connection from an Ubuntu openvpn ser to 10.8.0.2 goes nowhere and times out.

Very frustrating.

What's your NETMODE set as? I suspect it is currently NETMODE TRANSPARENT?

NETMODE TRANSPARENT turns the PS into a data-passer, not giving or receiving any IPs.

I believe you're looking for NETMODE NAT if you want to give your client an IP..can someone confirm (sorry, @Sebkinne).

[Foxtrot]

1 hour ago, Dave-ee Jones said:

What's your NETMODE set as? I suspect it is currently NETMODE TRANSPARENT?

NETMODE TRANSPARENT turns the PS into a data-passer, not giving or receiving any IPs.

I believe you're looking for NETMODE NAT if you want to give your client an IP..can someone confirm (sorry, @Sebkinne).

NAT, Bridge and VPN all provide the client with an IP.

[Dave-ee Jones]

5 minutes ago, Foxtrot said:

NAT, Bridge and VPN all provide the client with an IP.

Yes, but he doesn't necessarily need a VPN for his situation, haha. Not sure of the differences between NAT and Bridge though.

[Foxtrot]

https://www.hak5.org/gear/packet-squirrel/docs

[Dave-ee Jones]

1 hour ago, Foxtrot said:

https://www.hak5.org/gear/packet-squirrel/docs

 Mmm, I'd read those after I posted my comment. Thanks, though.

[jchisholm]

15 hours ago, Dave-ee Jones said:

What's your NETMODE set as? I suspect it is currently NETMODE TRANSPARENT?

NETMODE TRANSPARENT turns the PS into a data-passer, not giving or receiving any IPs.

I believe you're looking for NETMODE NAT if you want to give your client an IP..can someone confirm (sorry, @Sebkinne).

This is a stock configuration, I've done nothing other than upgrade the firmware, imported the config.ovpn and followed the posted directions to the letter.

I did change the 0 to 1 in the bash script to allow client connections.

[jchisholm]

1 minute ago, jchisholm said:

This is a stock configuration, I've done nothing other than upgrade the firmware, imported the config.ovpn and followed the posted directions to the letter.

I did change the 0 to 1 in the bash script to allow client connections.

Edit: Changed the 1 back to 0, no difference.

There is also no openvpn process or daemon running as one would expect from the /etc/init.d/openvpn startup script.

[jchisholm]

4 minutes ago, jchisholm said:

Edit: Changed the 1 back to 0, no difference.

There is also no openvpn process or daemon running as one would expect from the /etc/init.d/openvpn startup script.

OK sorry folks disregard, boy am I stoopid.

I typo'ed when renaming the config.ovpn (had named it config.ovpv)

All is working properly now.

Cheers