OpenVPN Test cases - devops

I am looking for the answer: how can I auto disconnect connection of VPN Client after specific idle time or specific connection duration?
There are many clients connected to my OpenVPN server but they forgot to disconnect VPN client or they connect for a long time but do nothing.
I am using OpenVPN Access Server v2.4.12

Related

Port forwarding, DMZ, turning off firewall and adding port doesn't work to reach out port

I am using Windows 10 with IIS 10.0
I am publishing website on IIS and I need to reach it with public ip.
What I did;
* Port forwarding through router
* Adding DMZ with my local IP
* Turning off firewall
* Adding port to firewall inbound rules with allow edge traversal
I can connect with internal IP like 192.168.1.75:81
I get "System.Net.Sockets.SocketException A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond from [MYPUBLICIP]" when I try to reach it like MYPUBLICIP:81
What are the possible scenarios that blocks to port?
Thanks.
As far as I know, the error message means there is no server listening at specified ip/port that you are trying to connect to.
In my opinion, you should firstly make sure your client machine could access your server by using this MYPUBLICIP address.
Then I suggest you could try to make sure the port 81 is your IIS web application port.
Besides, I suggest you could try to open your event viewer to find out the details error message.

How get access to LAN IOT devices with DO + OpenVPN?

I've fake IP in local network for some IOT, like 192.168.1.11, 192.168.1.15 etc. My LAN connect to Internet via provider with fake IP too, like 10.10.10.15. I've task connecting (REST) to my IOT-device through Internet. For that I want use DO droplet with real IP(for sample 178.62.209.11) and setup OpenVPN on it. For my home LAN I've buy the Mikrotik Router RB951Ui-2HnD which must allow setup the OpenVPN client. So, my LAN with DO Droplet must be VPN.
And now my question is how to do traffic translation from MY SERVER 178.62.209.11 to LOCAL device IOT 192.168.1.11? I understand that my server have only one IP, but I look that may be port forwording! For sample, if I want send request to my IOT device by 80 port, then I can use for that port forwards, like 178.62.209.11:1234 <=> 192.168.1.11:80, and for second IOT device 178.62.209.11:1235 <=> 192.168.1.15:80, and etc.
I found how to set OpenVPN to DO Droplet, I found how adjust OpenVPN client on the router, but can not found how get simple access to my device. Can you help?

Cannot Connect to a Firebird 2.5 database remotely

I currently have a Firebird 2.5 database at a client premises, installed on a Windows 7 Pro machine (32 bit), that has multiple stations in their local network that can connect to the database, along with the local machine being able to connect with our application and IBExpert.
However, for some of our software packages, a remote connection is required (outside of the local network). This previously was working but no longer works.
When I connect with FlameRobin from my office (I'm located in a different city / different network), I receive the following error message:
IBPP::SQLException
Context: Database::Connect
Message: isc_attach_database failed
SQL Message: -923
Connection not established
Engine Code : 335544421
Engine Message :
connection rejected by remote interface.
Performing this connection attempt with IBExpert, both from my office and from other external networks fail with a same message.
However, I am getting TCP/IP communication from what I can see. Here are the details of my troubleshooting steps for the last week:
Originally, I was receiving the following error when connecting from outside the network:
"Connection not established
Connection refused by remote interface"
Since that time, we have done a restart of the router and now have the current "connection rejected by remote interface." error message.
I can telnet to the public IP through port 3050 from my office and other outside networks.
I tested port 3050 on sites like YouGetSignal.com or CanYouSeeMe.org and they appear as open.
Other ports that we communicate on publicly are open and communicating.
The site has Kaspersky antivirus installed but all tests to connect via IBExpert while Kaspersky was in sleep mode behaved the same.
Installation of Firebird 2.5 to another workstation in the same local network, pointing to port 3051 (both in Firebird.conf and in the Windows Firewall and Router) show up as being open through Telnet and CanYouSeeMe.org but again, cannot be communicated on from outside via port 3051.
IBExpert works from a workstation in the network to the server
The server currently has no entry for RemoteBindAddress in the Firebird.conf
Wireshark shows that when a connecting from outside, there are packets coming through.
The TCP/IP test in IBexpert under Communication Diagnostics for the public IP as the host and the Service show the following Test Results:
Attempt connecting to XX.YY.ZZ.AAA.
Socket for connection obtained.
Found service 'GDS_DB' at port '3050'
Connection established to host 'XX.YY.ZZ.AAA',
on port 3050.
TCP/IP Communication Test Passed!
Database path, username, and password have all been checked multiple times.
locally on the server, I've changed security of the database.FDB and the security2.FDB to have Everyone, Full Control
At this point, we have a scheduled restart of the ISP's modem happening soon, although the fact that we have full TCP/IP communication over the port makes me doubtful that this is the issue.
If anyone can lead me down any recommended next steps to debug or to any tools that are available to help in this situation, that would be greatly appreciated.
This turns out to be a networking issue. We performed the following tests:
We performed a power cycle on the ISP's modem which showed no change in behavior
We connected a laptop directly to the ISP's modem but couldn't communicate to FB even with proper port forwarding rules in place on the machine and firewall.
We ran wireshark on both sides and on connection attempts, we found many attempts to connect with retransmissions that failed.
The technical team at the client side decided to install a VPN capable router and now we're good to go. From what we found there may be some kind of ISP blocking occurring as many of the tech teams remote services were failing to connect with similar behavior.
Hopefully this post helps people in the future with remote connectivity debugging, and all of the places you can look at when you're running into this problem.

Paho-mqtt connect via ppp0

I am working on an embedded linux based device that runs ubuntu. Now the device driver for the wifi is really crappy so I cannot create a hotspot so this device connects to another device which is running a hotspot. Now I am connecting to that device for some input but at the same time connecting to internet to send mqtt message using paho mqtt in python via a gsm modem. The modem connect to internet using pon command and it works nicely. But when both connections are running, paho-mqtt cannot connect to internet anymore. pinging using -I ppp0 works fine. I tried to bind ppp0 ip address to paho-mqtt client using the bind_address argument but it does not work. How to resolve this issue?

Socket connection with different ports

I'm trying to run a socket connection from my iOS app to a bespoke server.
The iOS communicates via UDP to the server on port 12345. The request needs to come from socket 54321 on the device.
How do I open up a socket connection on iOS that communicates to a server on one port but listens via a different port.
I have followed the example on:
https://www.raywenderlich.com/3932/networking-tutorial-for-ios-how-to-create-a-socket-based-iphone-app-and-server
But this does not cover the local port
I have also looked at the documentation on https://developer.apple.com/library/ios/documentation/NetworkingInternet/Conceptual/NetworkingTopics/Articles/UsingSocketsandSocketStreams.html but I am finding it unclear due to my limited knowledge of socket connections.
I am currently attempting to use https://github.com/robbiehanson/CocoaAsyncSocket/wiki/Reference_GCDAsyncSocket
But I don't seem to be able to control the local port.
Thanks in advance
Normally you don't care about the sending socket, but when you create your AsyncUDPSocket you can use bindToPort: to set its port. Then use sendData:toHost:port:timeout:tag: to send the data

Resources