OpenVPN Gateway Builder

The Schapiro Center

Personal

Other Sites

← Back to Projects

OpenVPN Gateway Builder

Support

Troubleshooting

If the debugging and logging ideas do not solve your problem, then you might to find a solution by (please in this order)

reading the FAQ below
asking on the mailing list (Sorry, the mailing list is down at the moment)
ask the maintainer at ogb @ schlomo . schapiro . org for help. I will answer emails as well and soon as I can. For urgent cases, there is also commercial support available, please mail to ogb-commercial @ schlomo . schapiro . org for inquiries.

F.A.Q.

OGB works, but my OpenVPN tunnels don't work !
Make sure that your OpenVPN tunnels work before using OGB. OGB does not help or hinder your tunnels anyhow differently than a "normal" Linux system, though you have to do all the network setup like IP adresses or routing yourself. There is - so far - no known case where OGB made OpenVPN not work, it was always a configuration error.

How can I create the SSL certificates to use with OGB and OpenVPN ?
I oftenly use the very nice TinyCA for this purpose. One could also use the eaysrsa package included with OpenVPN.

What about a GUI ?
A GUI is one of the TODOs for OGB, it makes most sense in a large scale environment where one has to manage lots of OpenVPN gateways. A Web-GUI would be also the best way to let people make their own personalised OGB system according to some standards.

If you are interested in this, please contact me to exchange ideas. I could also develop the GUI as a project for you.

What about CRL management ?
This is also on the TODO list. Basically one would make a package that would download CRLs regularly as OpenVPN rereads the CRL at each new connection. If you decide to write such a package, please submit it for inclusion. I can also provide some ideas how to do it.

What about OpenVPN plugins ?
Make a package for them as you need them. Most modules need other software (like radius or PAM) which is currently not part of OGB and most people do very site-specific stuff with modules.

How do I enable remote Logging ?
Create a syslog-ng.conf in the gateway directory that reads like this:

destination loghost { tcp("192.168.1.2" port(51415) ); };
log { source("src"); destination("loghost"); };

This would send all log data via TCP to my log host. Consult the syslog-ng manual on the build system for more information about the syslog-ng configuration.

How can I testdrive an OGB system ?
Put the CD into a computer and boot it up :-). One can of course also use a VMware virtual machine and now there is the free VMware Player which one can use for this purpose. Simply use this simple virtual machine. You might also include the vmware package and the pcnet32 module in this case.

send feedback to webmaster @ schapiro . org
last modified 2007-09-18 09:28:12

Leave your mark at Frappr Logo