Questions tagged [vpn]
VPN is the acronym for Virtual Private Network - a network type that uses a the Internet to provide remote networks or single machines with secure access to their organization's network avoiding expensive leased lines.
5,087
questions
117
votes
11
answers
278k
views
Should I use tap or tun for openvpn?
What are the differences between using dev tap and dev tun for openvpn? I know the different modes cannot inter-operate. What is the technical differences, other then just layer 2 vs 3 operation. ...
- 3,092
47
votes
16
answers
126k
views
64-bit Cisco VPN client (IPsec)?
Cisco VPN client (IPsec) does not support 64bit Windows.
Worse, Cisco does not even plan to release a 64-bit version, instead they say that
"For x64 (64-bit) Windows support, you must utilize Cisco's ...
- 1,466
47
votes
3
answers
119k
views
telnet counterpart for UDP
Is there anything that enables a "telnet-like" functionality for UDP? I know the difference between TCP and UDP, and why telnet itself won't work - but I'm wondering if there is something similar to ...
- 607
47
votes
9
answers
133k
views
Connecting to a remote server through a VPN when the local network subnet address conflicts with a remote network
This is a Canonical Question about solving IPv4 subnet conflicts between a VPN client's local network and one across the VPN link from it.
After connecting to a remote location via OpenVPN, clients ...
- 573
47
votes
6
answers
74k
views
How do you avoid network conflict with VPN internal networks?
While there's a wide variety of private non-routable networks across 192.168/16 or even 10/8, sometimes in being thoughtful of potential conflict, it still occurs. For example, I set up an ...
- 7,597
34
votes
7
answers
112k
views
30
votes
5
answers
62k
views
Very low TCP OpenVPN throughput (100Mbit port, low CPU utilization)
I am experiencing extremely slow OpenVPN transfer rates between two servers. For this question, I'll call the servers Server A and Server B.
Both Server A and Server B are running CentOS 6.6. Both ...
- 1,356
30
votes
2
answers
7k
views
Under what circumstances is TCP-over-TCP performing significantly worse than TCP alone (2014)?
Many admins keep perpetuating - on ServerFault and elsewhere - how bad of an idea TCP-over-TCP is, e.g. in VPNs. That even the slightest packet loss will make one suffer from at least severe ...
- 3,412
28
votes
3
answers
81k
views
OpenVPN client-to-client
When using a TUN (layer 3) OpenVPN server with client-to-client disabled, my clients can still talk to each other.
The client-to-client config should prevent this according to the documentation:
...
- 1,093
27
votes
4
answers
79k
views
Windows Advanced Firewall: What does "Edge Traversal" mean?
this should be a really simple one:
In Advanced Windows Firewall on Windows Server 2008+, Properties > Advanced, what does "Edge Traversal" mean?
I Googled it, of course, and was unable to come up ...
- 2,296
27
votes
1
answer
58k
views
IPsec for Linux - strongSwan vs Openswan vs Libreswan vs other(?) [closed]
Searching for IPSec and Linux one inevitably will be confronted with different solutions (see below) which all seem quite similar. The question is: where is the difference?
I found these projects. All ...
- 433
25
votes
2
answers
32k
views
openconnect cannot connect to Anyconnect VPN group using -g
I am using openconnect to connect to a VPN. When starting the client as sudo openconnect -v -u anaphory vpn-gw1.somewhere.net, I am able to connect after entering the GROUP and Password.
# ...
- 351
24
votes
3
answers
4k
views
Mysterious misdirected Chinese traffic : How can I find out what DNS server an HTTP request used?
For the past week I've been getting a huge stream of traffic from a wide range of Chinese IP addresses. This traffic appears to be from normal people and their HTTP requests indicate that they think I'...
- 343
24
votes
3
answers
64k
views
Connect to OpenVPN using Windows 10 built-in VPN
I have an OpenVPN network with a pretty much standard configuration:
auth.txt file with user and password
ca.crt file with the certificate
my-nat.pem file with the identity for my VPC
and the ...
- 341
24
votes
6
answers
29k
views
Prevent SSH connection lost after logging into VPN on server machine
I encountered an issue that I can't deal with.
When I'm logged onto an VPS over SSH and try to estabilish VPN connection on that VPS, the SSH connection between VPS and my machine get lost. I assume ...
- 341
23
votes
4
answers
34k
views
How do I prevent TCP connection freezes over an OpenVPN network?
New details added at the end of this question; it's possible that I'm zeroing in on the cause.
I have a UDP OpenVPN-based VPN set up in tap mode (I need tap because I need the VPN to pass multicast ...
- 438
22
votes
7
answers
78k
views
How to connect to a Juniper VPN from Linux
The Windows users have a new client "Juniper Pulse" to connect to the Juniper VPN server.
On Linux, what VPN client do we have to connect to that Juniper VPN, with maximum compatibility?
Please ...
- 5,566
22
votes
4
answers
60k
views
VPN client connect/disconnect via command line in XP
In an XP Pro workstation, is there a way to start the native Windows VPN client and open/close a connection from the command line so it can be scripted in a batch file?
- 5,660
21
votes
5
answers
33k
views
Auto Reconnect VPN on Disconnection due to any reason - Persistent VPN
On windows server 2008,2012 or above I need to re-connect VPN automatically once it is disconnected due to any reason.
It may be server restart, Manual command to Disconnect. Persistent VPN ...
- 631
21
votes
2
answers
69k
views
Connect to a Fortinet VPN with Ubuntu
I don't know a lot about VPNs but I'd like to connect to a Fortinet VPN with Ubuntu.
I can connect on Windows using Forticlient just by entering the policy server (vpn.theserver.com) and then it asks ...
- 343
21
votes
10
answers
134k
views
VPN Connection causes DNS to use wrong DNS server
I have a Windows 7 PC on our company network (which is a member of our Active Directory). Everything works fine until I open a VPN connection to a customer's site.
When I do connect, I lose network ...
- 7,638
21
votes
1
answer
46k
views
How to set up strongswan or openswan for pure IPSEC with iPhone client?
I'm having trouble finding concrete, up-to-date information for how to set up strongswan or openswan to be used by the iphone's VPN client. My server is behind a budget linksys NAT router.
I found ...
- 567
20
votes
2
answers
41k
views
Is it possible for L2TP VPN to do auto route configuration for client during connected?
We've setup a L2TP VPN server with this tutorial, everything works like a charm.
The only issue is
We don't want client to route all traffic using this VPN, only a particular subnet, e.g. 10.0.0.0/...
- 2,145
20
votes
5
answers
22k
views
20
votes
3
answers
64k
views
Multiple openvpn clients on one openvpn server
Can I have multiple openvpn clients connecting to a single openvpn server? The following setting works well for a single user
This is the server configuration (openvpn.conf)
port 1194
proto udp
dev ...
- 372
20
votes
13
answers
65k
views
VPN within a Remote Desktop session
I connect to a server on my local network via Remote Desktop. I then need to make a VPN connection out to the internet from within that Remote Desktop session. However that immediately disconnects my ...
- 521
20
votes
5
answers
16k
views
How to set up a VPN Incoming connection with Windows to tunnel Internet traffic?
I want to set up a VPN on a remote server to route all my Internet traffic for privacy reasons. I can set up an incoming connection and connect to it successfully. The problem is, I can just see the ...
- 492
19
votes
8
answers
90k
views
Can Wake on LAN work on VPN connection?
Is it true that we can’t allow any machine to sleep that may need to be accessed via a VPN connection?
(I am asking this on server fault as it is as much about VPN servers than about the end-user PCs ...
- 870
19
votes
1
answer
120k
views
VPN: ERROR: Linux route add command failed
I have configured a VPN server
local 192.168.0.250
dev tun
proto udp
port 1194
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server-vpn.crt
key /etc/openvpn/easy-rsa/keys/...
- 995
17
votes
2
answers
27k
views
stunnel vpn traffic and ensure it looks like SSL traffic on port 443
I am trying to make my outgoing and incoming traffic look as legitimate as close to SSL traffic as possible. Is there a way to DPI my own traffic to ensure it looks like SSL traffic and not OpenVPN ...
- 3,941
17
votes
3
answers
45k
views
Force SSH connection through a different interface
I want to connect remotely using SSH.
However, I'm not able to while my VPN is active, so I disconnect from the VPN and then connect using the other connection.
How can I force the connection ...
- 343
17
votes
3
answers
44k
views
OpenVPN and DNS. How to?
I'm using OpenVPN to set up a VPN to connect my laptop at home to my workplace LAN. I want to be able to refer my workplace computers by their name and not by their IP but I can't.
This is my ...
- 401
17
votes
7
answers
180k
views
How to resolve a "driver failure" error in the Cisco VPN client connecting from a Windows 7 client
I have recently upgraded my laptop from Windows Vista SP1 to Windows 7 Professional.
After the upgrade, if I try to use the Cisco VPN client to connect to a network, I get this message:
Secure VPN ...
- 421
16
votes
2
answers
28k
views
Is the Windows VPN secure?
I have used a few VPN solutions over the years. Most are hard to set up, slow to connect and/or rather ill-behaved (replacing system drivers, disrupting each other etc).
One solution I have never ...
- 449
16
votes
6
answers
17k
views
Problems with SCP stalling during file copy over VPN
I have a series of files I need to copy via SCP over a VPN to a remote linux server each night. The files are not large, we're talking about tens of megabytes here, but the file copy almost always ...
- 377
16
votes
1
answer
9k
views
High throughput meshed VPN to connect datacenter hosts
We're renting a number of hosts in a public datacenter. The datacenter does not offer private VLANs; all hosts receive one (or more) public IPv4/IPv6 addresses. The hosts come with very modern CPUs (...
- 379
16
votes
5
answers
11k
views
Are there any Distributed/mesh-like/P2P VPNs?
I have my personal VPN, connecting several devices so they can have fixed IP addresses on an always-reachable network (as long as they are connected to the Internet). This is necessary for me, since ...
16
votes
2
answers
8k
views
How to start setting up a VPN server for smart phone clients?
I have a Ubuntu Lucid Lynx VM which I've been tinkering with. I want to set up a VPN and I am happy to learn how to do it on my own but the vastness of options makes my head spin, so I'm just looking ...
- 754
15
votes
3
answers
3k
views
Can you recommend a good intro to iptables? [closed]
I have to setup a firewall on a Linux server (all my previous experience is with Windows). My rules are meant to be pretty simple - forbid all, allow some ports with all, allow some ports for specific ...
- 3,398
15
votes
2
answers
75k
views
How to set up OpenVPN to let the VPN clients to access all the servers inside the server LAN?
My server LAN IP is 192.168.1.1 and there is an intranet web server on 192.168.1.2
The OpenVPN daemon is configured to give clients 192.168.2.* addresses.
There is push "route 192.168.1.0 255.255.255....
- 3,398
15
votes
2
answers
47k
views
Strongswan vpn tunnel connected but the traffic is not routed through it
I have just set up a vpn tunnel site-to-site with strongswan (4.5). The tunnel looks fine and connected to the other side, but seems there is a problem routing traffic through the tunnel.
Any idea?
...
- 251
15
votes
8
answers
64k
views
Is it possible to use VPN for only one Program?
Is it possible to use VPN connection for only one program and the rest of the traffic go through the local network?
More specifically, I am using the Official Cisco Client.
- 263
14
votes
3
answers
9k
views
What is the difference between AWS site-to-site VPN and AWS client VPN?
I know that site-to-site is using IPSec (layer 3), but client is using TLS (application layer). It seems like both are actually site to site vpns after reading articles/ docs online.
I guess the ...
- 572
14
votes
1
answer
71k
views
SSH over VPN connection
We have an AWS EC2 server that we've configured to be only accessible (via SSH) from within our office network. Obviously this isn't ideal for remote arrangements where someone has to connect to the ...
- 243
14
votes
2
answers
5k
views
When would you use MPLS?
After having just spent months setting up a fairly complex VPN, I'm beginning to look at alternatives for the future. Some of my network providers use MPLS to connect to us, and I suppose it works ...
- 1,869
14
votes
2
answers
24k
views
Ubuntu Connect To SSTP VPN
Does anyone have any experience with connecting an Ubuntu 10.10 machine to a SSTP VPN server? I haven't found anything too great of information on how to do it.
- 811
14
votes
6
answers
13k
views
Hyper-V Cut-n-Paste
I use Hyper-V on a development machine for multiple reasons and one of my biggest annoyances is that I can't cut and paste to/from the virtual machines.
I've been through all the options and can't ...
- 768
13
votes
5
answers
105k
views
Fortinet SSL VPN Client Setup Without GUI on Linux (centos)
How can I install and setup a fortinet SSL VPN client on a VPS that's running on Centos?
I have problem to do it because all guide I have are all using GUI which is not installed on the VPS to save ...
- 131
13
votes
4
answers
83k
views
Improving OpenVPN Performance
I've been trying to improve my OpenVPN performance and this is my current setup:
cat /etc/openvpn/server.conf
port 443 #- port
proto tcp #- protocol
dev tun
#tun-mtu 1500
tun-mtu-extra 32
#mssfix ...
user192680
13
votes
3
answers
28k
views
MULTI: bad source address from client - any one-off solutions?
Setup:
I have the an openvpn client/server setup (config files at bottom), and I get the infamous MULTI: bad source address from client [192.168.x.x], packet dropped message at server. The server has ...
- 440