Knowledgebase

Portal Home > Knowledgebase > Articles Database > openVPN help needed - is there a problem with my setup/config?


openVPN help needed - is there a problem with my setup/config?




Posted by mrzippy, 11-20-2007, 01:41 PM
In the /var/log/messages snippet posted below, I see this (see below snippet) Is this bad? Are the highlighted parts bad? Do they show an incorrect or inefficient configuration? I tried to find out what it means, but google isn't being too helpful in this instance. Any thoughts? (The VPN is used only as an "internet gateway" for about 5 users who need to browse the internet from within a foreign country.) Thanks for any comments. Here is the logfile snippet from /var/log/messages. (I changed he vpn username and client IP for privacy.) It goes on like this, with this pattern repeating every 20 seconds or so. Is this normal?
Posted by bhaputi, 11-20-2007, 02:03 PM
I would assume it is not a good thing - are you saturating your uplink? Do you see errors on your ethernet interface?
Posted by mrzippy, 11-20-2007, 02:19 PM
How can I test for errors on the ethernet interface or if I'm saturating the uplink?
Posted by Adam-AEC, 11-21-2007, 09:16 AM
Is there a specific reason why you chose to use TCP for the OpenVPN transport method? As a general rule, TCP over TCP is a bad idea (see http://sites.inka.de/sites/bigred/devel/tcp-tcp.html). I can't say that is the problem, but could be a contributing factor.
Posted by bhaputi, 11-21-2007, 02:03 PM
What OS are you on? I assume linux. If so, just run ifconfig and look for errors: eth0 Link encap:Ethernet HWaddr 00:18:8B:B7:C2:F2 inet addr:192.168.1.40 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:3802764 errors:0 dropped:0 overruns:0 frame:0 TX packets:162613 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:455752426 (434.6 MB) TX bytes:23717442 (22.6 MB) Interrupt:18 As for saturating your uplink, you need to check your usage versus what you pay for.
Posted by mrzippy, 11-21-2007, 02:59 PM
Thanks. I have changed it to use the UDP protocol. Here is the output. Does this look ok?


Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
calling resellers, Unlimited/Unmetered (Views: 706)
Editing DNS zone and nameservers [Newbie] (Views: 714)
Reseller Needed | Capable of hosting large forums. (Views: 740)
HTTP/1.1 403 Forbidden [googlebot] (Views: 3643)
Disk full/child transfer failed (Views: 682)

Language: