The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]

форумы  помощь  поиск  регистрация  майллист  ВХОД  слежка  RSS
"openvpn"
Вариант для распечатки  
Пред. тема | След. тема 
Форумы OpenNET: Виртуальная конференция (Public)
Изначальное сообщение [Проследить за развитием треда]

"openvpn" 
Сообщение от logadus Искать по авторуВ закладки(ok) on 01-Дек-05, 00:25  (MSK)
установил openvpn 2.0.5 на дедике (linux ветка 2.4) и на хр, пробовал и tun и tap, не хочет работать, пример для tun: (209.x.x.30 - апишник дедика, 81.x.x.40 - мой)
server.conf на дедике:
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
server 192.168.0.0 255.255.255.0
tls-server
client-config-dir ccd
route 192.168.0.0 255.255.255.252
keepalive 10 120
comp-lzo
verb 3

ifconfig:
eth0 inet addr:209.x.x.30  Bcast:209.x.x.255  Mask:255.255.255.0
lo      inet addr:127.0.0.1  Mask:255.0.0.0
tun0 inet addr:192.168.0.1  P-t-P:192.168.0.2  Mask:255.255.255.255

route:
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.0.2     *                     255.255.255.255 UH    0      0        0 tun0
192.168.0.0     192.168.0.2     255.255.255.252 UG    0      0        0 tun0
192.168.0.0     192.168.0.2     255.255.255.0    UG    0      0        0 tun0
209.x.x.0         *                     255.255.255.0      U     0      0        0 eth0
169.254.0.0     *                     255.255.0.0          U     0      0        0 eth0
127.0.0.0         *                     255.0.0.0              U     0      0        0 lo
default           proxy1.sample   0.0.0.0           UG    0      0        0 eth0

openvpn.log:
Wed Nov 30 15:58:58 2005 OpenVPN 2.0.5 i686-pc-linux [SSL] [LZO] built on Nov 29 2005
Wed Nov 30 15:58:58 2005 Diffie-Hellman initialized with 1024 bit key
Wed Nov 30 15:58:58 2005 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed Nov 30 15:58:58 2005 TUN/TAP device tun0 opened
Wed Nov 30 15:58:58 2005 /sbin/ifconfig tun0 192.168.0.1 pointopoint 192.168.0.2 mtu 1500
Wed Nov 30 15:58:58 2005 /sbin/route add -net 192.168.0.0 netmask 255.255.255.252 gw 192.168.0.2
Wed Nov 30 15:58:58 2005 /sbin/route add -net 192.168.0.0 netmask 255.255.255.0 gw 192.168.0.2
Wed Nov 30 15:58:58 2005 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Nov 30 15:58:58 2005 UDPv4 link local (bound): [undef]:1194
Wed Nov 30 15:58:58 2005 UDPv4 link remote: [undef]
Wed Nov 30 15:58:58 2005 MULTI: multi_init called, r=256 v=256
Wed Nov 30 15:58:58 2005 IFCONFIG POOL: base=192.168.0.4 size=62
Wed Nov 30 15:58:58 2005 Initialization Sequence Completed

после моего подключения:
Wed Nov 30 16:04:46 2005 MULTI: multi_create_instance called
Wed Nov 30 16:04:46 2005 81.x.x.40:1194 Re-using SSL/TLS context
Wed Nov 30 16:04:46 2005 81.x.x.40:1194 LZO compression initialized
Wed Nov 30 16:04:46 2005 81.x.x.40:1194 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed Nov 30 16:04:46 2005 81.x.x.40:1194 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Nov 30 16:04:46 2005 81.x.x.40:1194 Local Options hash (VER=V4): '530fdded'
Wed Nov 30 16:04:46 2005 81.x.x.40:1194 Expected Remote Options hash (VER=V4): '41690919'
Wed Nov 30 16:04:46 2005 81.x.x.40:1194 TLS: Initial packet from 81.x.x.40:1194, sid=0f20b4f1 84f66b1f
Wed Nov 30 16:04:56 2005 81.x.x.40:1194 VERIFY OK: depth=1, ...
Wed Nov 30 16:04:56 2005 81.x.x.40:1194 VERIFY OK: depth=0, ...
Wed Nov 30 16:05:01 2005 81.x.x.40:1194 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Nov 30 16:05:01 2005 81.x.x.40:1194 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Nov 30 16:05:01 2005 81.x.x.40:1194 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Nov 30 16:05:01 2005 81.x.x.40:1194 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Nov 30 16:05:01 2005 81.x.x.40:1194 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Wed Nov 30 16:05:01 2005 81.x.x.40:1194 [client] Peer Connection Initiated with 81.x.x.40:1194
Wed Nov 30 16:05:01 2005 client/81.x.x.40:1194 MULTI: Learn: 192.168.0.6 -> client/81.x.x.40:1194
Wed Nov 30 16:05:01 2005 client/81.x.x.40:1194 MULTI: primary virtual IP for client/81.x.x.40:1194: 192.168.0.6
Wed Nov 30 16:05:02 2005 client/81.x.x.40:1194 PUSH: Received control message: 'PUSH_REQUEST'
Wed Nov 30 16:05:02 2005 client/81.x.x.40:1194 SENT CONTROL [client]: 'PUSH_REPLY,route 192.168.0.1,ping 10,ping-restart 120,ifconfig 192.168.0.6 192.168.0.5' (status=1)
Wed Nov 30 16:05:38 2005 client/81.x.x.40:1194 MULTI: bad source address from client [81.x.x.40], packet dropped
...
Wed Nov 30 16:11:09 2005 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
...

client.conf на xp:
client
dev tun
proto udp
remote 209.x.x.30 1194
ns-cert-type server
tls-client
ca ca.crt
cert client.crt
key client.key
comp-lzo
verb 3
mute 10

связь устанавливается нормально, весь траф должен идти через опенвпн
C:\OpenVPN\bin>openvpn --config client.cfg --redirect-gateway
Thu Dec 01 01:58:48 2005 OpenVPN 2.0.5 Win32-MinGW [SSL] [LZO] built on Nov  2 2005
Thu Dec 01 01:58:48 2005 IMPORTANT: OpenVPN's default port number is now 1194, ...
Thu Dec 01 01:58:48 2005 LZO compression initialized
Thu Dec 01 01:58:48 2005 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Thu Dec 01 01:58:48 2005 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Thu Dec 01 01:58:48 2005 Local Options hash (VER=V4): '41690919'
Thu Dec 01 01:58:48 2005 Expected Remote Options hash (VER=V4): '530fdded'
Thu Dec 01 01:58:48 2005 UDPv4 link local (bound): [undef]:1194
Thu Dec 01 01:58:48 2005 UDPv4 link remote: 209.x.x.30:1194
Thu Dec 01 01:58:48 2005 TLS: Initial packet from 209.x.x.30:1194, sid=95b157a3 2d1b9b20
Thu Dec 01 01:58:52 2005 VERIFY OK: depth=1, ...
Thu Dec 01 01:58:52 2005 VERIFY OK: nsCertType=SERVER
Thu Dec 01 01:58:52 2005 VERIFY OK: depth=0, ...
Thu Dec 01 01:59:03 2005 Data Channel Encrypt: Cipher 'BF-CBC' initialized with128 bit key
Thu Dec 01 01:59:03 2005 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Dec 01 01:59:03 2005 Data Channel Decrypt: Cipher 'BF-CBC' initialized with128 bit key
Thu Dec 01 01:59:03 2005 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Dec 01 01:59:03 2005 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Dec 01 01:59:03 2005 [server] Peer Connection Initiated with 209.x.x.30:1194
Thu Dec 01 01:59:04 2005 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Thu Dec 01 01:59:04 2005 PUSH: Received control message: 'PUSH_REPLY,route 192.168.0.1,ping 10,ping-restart 120, ifconfig 192.168.0.6 192.168.0.5'
Thu Dec 01 01:59:04 2005 OPTIONS IMPORT: timers and/or timeouts modified
Thu Dec 01 01:59:04 2005 OPTIONS IMPORT: --ifconfig/up options modified
Thu Dec 01 01:59:04 2005 OPTIONS IMPORT: route options modified
Thu Dec 01 01:59:04 2005 TAP-WIN32 device [OpenVPN] opened: \\.\Global\{D66394B1-C021-4620-BF11-9357DD438858}.tap
Thu Dec 01 01:59:04 2005 TAP-Win32 Driver Version 8.1
Thu Dec 01 01:59:04 2005 TAP-Win32 MTU=1500
Thu Dec 01 01:59:04 2005 Notified TAP-Win32 driver to set a DHCP IP/netmask of 192.168.0.6/255.255.255.252 on interface
{D66394B1-C021-4620-BF11-9357DD438858} [DHCP-serv: 192.168.0.5, lease-time: 31536000]
Thu Dec 01 01:59:04 2005 Successful ARP Flush on interface [131077] {D66394B1-C021-4620-BF11-9357DD438858}
Thu Dec 01 01:59:04 2005 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
Thu Dec 01 01:59:04 2005 Route: Waiting for TUN/TAP interface to come up...
Thu Dec 01 01:59:05 2005 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
Thu Dec 01 01:59:05 2005 Route: Waiting for TUN/TAP interface to come up...
Thu Dec 01 01:59:06 2005 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
Thu Dec 01 01:59:06 2005 Route: Waiting for TUN/TAP interface to come up...
Thu Dec 01 01:59:08 2005 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
Thu Dec 01 01:59:08 2005 route ADD 209.x.x.30 MASK 255.255.255.255 81.x.x.40
Thu Dec 01 01:59:08 2005 Route addition via IPAPI succeeded
Thu Dec 01 01:59:08 2005 route DELETE 0.0.0.0 MASK 0.0.0.0 81.x.x.40
Thu Dec 01 01:59:08 2005 Route deletion via IPAPI succeeded
Thu Dec 01 01:59:08 2005 route ADD 0.0.0.0 MASK 0.0.0.0 192.168.0.5
Thu Dec 01 01:59:08 2005 Route addition via IPAPI succeeded
Thu Dec 01 01:59:08 2005 route ADD 192.168.0.1 MASK 255.255.255.255 192.168.0.5
Thu Dec 01 01:59:08 2005 Route addition via IPAPI succeeded
Thu Dec 01 01:59:08 2005 Initialization Sequence Completed

я в инет хожу через впн провайдера 10.8.0.1, локалка 10.40.x.x, хотя и
дилапом пробовал, тоже самое, ниче никуда не идет, только инет перестает работать, че не так? че намудил с роутингом? хелп !!!
---
icq#7665599

  Правка | Высказать мнение | Ответить | Рекомендовать в FAQ | Cообщить модератору | Наверх

 Оглавление

  • openvpn, logadus, 17:03 , 01-Дек-05, (1)  

Сообщения по теме [Сортировка по времени, UBB]

1. "openvpn" 
Сообщение от logadus Искать по авторуВ закладки(ok) on 01-Дек-05, 17:03  (MSK)
не ужели никто так и не разобрался? я почитал форум, много постов с проблемой openvpn без ответов, прочитал что winxp sp2 с openvpn работает без особого энтузиазма, но все же должен работать. гуру хелп !!!
  Удалить Правка | Высказать мнение | Ответить | Рекомендовать в FAQ | Cообщить модератору | Наверх


Архив | Удалить

Индекс форумов | Темы | Пред. тема | След. тема
Оцените тред (1=ужас, 5=супер)? [ 1 | 2 | 3 | 4 | 5 ]




Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей 		Created 1996-2025 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру