[CentOS] OpenVPN problem

Sun Feb 9 19:33:49 UTC 2014
Timothy Murphy <gayleard at eircom.net>

Ken Smith wrote:

>> But I am genuinely interested in the best way to use OpenVPN.
>> All the documents I looked at online spent their time
>> explaining at inordinate length how to setup OpenVPN.
>> If anyone knows of a site with a simple explanation
>> of how to use OpenVPN (preferably with the commands and responses
>> during an actual session) I should be very grateful.
> Its down to the question about what you are needing to do. If you just
> need SSH access then SSH direct without VPN is just fine. SSH itself is
> encrypted and the VPN just encrypts the already encrypted traffic again
> and just slows things down.

Thank you for your response.
But I'm not really asking whether to use VPN or ssh (directly),
I'm just asking the best way to use OpenVPN.

> If you want other kinds of access to the remote machine, for example
> using protocols that don't use SSL themselves, such as legacy ones like
> telnet or ftp, then I'd put that traffic through a VPN.

I don't want to use telnet or ftp - does anyone use ftp nowadays?

> The OpenVPN documentation has a quick setup section, or at least it used
> to. I found that a good way to get it going.

I have OpenVPN set up; I found the brief instructions 
that come with CentOS openvpn (eg /etc/openvpn/2.0/README)
perfectly adequate - what I'm asking about is the _use_ of OpenVPN.

> But from your original post
> you were asking about MTU, suggesting that you are having network
> problems getting a reliable connection.

I've found that reducing the MTU to 1000 has solved this problem.

> Is a direct SSH connection
> reliable? From what you said it isn't.

It is perfectly reliable when it can be established.
But occasionally there is a problem establishing it,
essentially because the remote machine has a dynamic IP address.

> Is the remote machine at a datacentre somewhere? Is your
> local network and its internet connection solid?

The remote machine is under my control (in a house in Italy).
The internet connection there is rather slow (around 6Mb/s),
but is pretty reliable (except during electric storms).
The local network at my home in Ireland is fine,
and the internet connection is good too (around 50Mb/s).

Timothy Murphy  
e-mail: gayleard /at/ eircom.net
School of Mathematics, Trinity College, Dublin 2, Ireland