And now I have a more complete solution. Things I did that ended up working:
* Change my Verizon plan to allow a fixed/public IP
* Add a single firewall rule: Allow incoming packets with a source port of 1194 (VPN)
* Use the “Custom” OpenVPN tunnel configuration
** I started this configuration from a throwaway “Server” OpenVPN configuration — used “Preview” to get the config file.
* Add a line in the custom config file to enable logging. (Custom OpenVPN configs don’t automatically get logging, but I didn’t know this until later.)
* Added a missing close quote in the push “route xxx.xxx.etc.etc” of my custom configuration (This is a fatal error! It will kill your OpenVPN dead!)
** Since I didn’t have logging turned on at the time, I discovered I had a problem via SSH: ps -A listed OpenVPN as <defunct>
** This in turn prompted me to figure out how to turn on logging.
** And to figure out how to get to the log (which, for “custom” configs, is not displayed in the web admin console.)
** The rest was reasonably straightforward, pretty much in line with my original expectations.
Stuff I did NOT need to do:
* I did NOT need to configure both a VPN server AND a client on the rCell. (I did, of course, have to configure a client on my office computer.)
* Set up port forwarding in the firewall. (The push “route xxxx” was sufficient)
* Set up outbound firewall rules by hand.
-
This reply was modified 6 hours, 39 minutes ago by
William Wicker.
-
This reply was modified 6 hours, 37 minutes ago by
William Wicker.
