[bglug] server vpn win e client vpn ubuntu

Giuliano Cortinovis edicola.giuliano@gmail.com
Dom 20 Mar 2011 15:37:32 CET


2011/3/20 Giuliano Cortinovis <edicola.giuliano@gmail.com>

>
>
> scusate ancora a tutti ma non ne vengo pių fuori.allora riepilogo come ho
> provato a creare un server vpn con openvpn.
>
> link dove ho seguito la guida:
>
> http://returncode.wordpress.com/2007/10/24/openvpn-1-scenario-installazione-e-creazione-delle-chiavi/
>
> file conf server dopo aver creato le varie chiavi e certificati: nome file
> :server.ovpn
>
> port 1194
>  # TCP or UDP server?
> proto tcp
> dev tun
> dev-node OpenVPN
> ca ca.crt
> cert server.crt
> key server.key  # This file should be kept secret
> dh dh1024.pem
> server 10.8.0.0 255.255.255.0
> ifconfig-pool-persist ipp.txt
> keepalive 10 120
> comp-lzo
> persist-key
> persist-tun
> status openvpn-status.log
> verb 3
>
>
> file conf client.ovpn (nella cartella /etc/openvpn/ ci sono tutti i cert. e
> le chiavi):
>
> client
> dev tun
> dev-node OpenVPN
> proto tcp
> remote 192.168.1.230 1194
> resolv-retry infinite
> nobind
> persist-key
> persist-tun
> ca ca.crt
> cert client.crt
> key client.key
> ns-cert-type server
> comp-lzo
> verb 3
> mute 20
>
> quando mi collego da ubuntu tramite gui gopenvpn ottengo questo log:
>
> Sun Mar 20 10:16:09 2011: MANAGEMENT: CMD 'state on'
> Sun Mar 20 10:16:09 2011: MANAGEMENT: CMD 'auth-retry interact'
> Sun Mar 20 10:16:09 2011: MANAGEMENT: CMD 'hold release'
> Sun Mar 20 10:16:09 2011: NOTE: the current --script-security setting may
> allow this configuration to call user-defined scripts
> Sun Mar 20 10:16:09 2011: WARNING: file 'client.key' is group or others
> accessible
> Sun Mar 20 10:16:09 2011: /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus
> omitted>
> Sun Mar 20 10:16:10 2011: LZO compression initialized
> Sun Mar 20 10:16:10 2011: Control Channel MTU parms [ L:1544 D:140 EF:40
> EB:0 ET:0 EL:0 ]
> Sun Mar 20 10:16:10 2011: Data Channel MTU parms [ L:1544 D:1450 EF:44
> EB:135 ET:0 EL:0 AF:3/1 ]
> Sun Mar 20 10:16:10 2011: Local Options hash (VER=V4): '69109d17'
> Sun Mar 20 10:16:10 2011: Expected Remote Options hash (VER=V4): 'c0103fa8'
>
> Sun Mar 20 10:16:10 2011: Attempting to establish TCP connection with
> [AF_INET]192.168.1.230:1194 [nonblock]
> Sun Mar 20 10:16:10 2011: MANAGEMENT: >STATE:1300612570,TCP_CONNECT,,,
> Sun Mar 20 10:16:11 2011: TCP connection established with [AF_INET]
> 192.168.1.230:1194
> Sun Mar 20 10:16:11 2011: Socket Buffers: R=[87380->131072]
> S=[16384->131072]
> Sun Mar 20 10:16:11 2011: TCPv4_CLIENT link local: [undef]
> Sun Mar 20 10:16:11 2011: TCPv4_CLIENT link remote: [AF_INET]
> 192.168.1.230:1194
> Sun Mar 20 10:16:11 2011: MANAGEMENT: >STATE:1300612571,WAIT,,,
> Sun Mar 20 10:16:11 2011: MANAGEMENT: >STATE:1300612571,AUTH,,,
> Sun Mar 20 10:16:11 2011: TLS: Initial packet from [AF_INET]
> 192.168.1.230:1194, sid=b72d064f f67ef50e
> Sun Mar 20 10:16:11 2011: VERIFY OK: depth=1,
> /C=IT/ST=IT/L=Bergamo/O=EdicolaCortinovis/CN=OpenVPN-CA/emailAddress=
> edicolacortinovis@email.it
> Sun Mar 20 10:16:11 2011: VERIFY OK: nsCertType=SERVER
> Sun Mar 20 10:16:11 2011: VERIFY OK: depth=0,
> /C=IT/ST=IT/O=EdicolaCortinovis/CN=OpenVPN-CA/emailAddress=
> edicolacortinovis@email.it
> Sun Mar 20 10:16:11 2011: Data Channel Encrypt: Cipher 'BF-CBC' initialized
> with 128 bit key
> Sun Mar 20 10:16:11 2011: Data Channel Encrypt: Using 160 bit message hash
> 'SHA1' for HMAC authentication
> Sun Mar 20 10:16:11 2011: Data Channel Decrypt: Cipher 'BF-CBC' initialized
> with 128 bit key
> Sun Mar 20 10:16:11 2011: Data Channel Decrypt: Using 160 bit message hash
> 'SHA1' for HMAC authentication
> Sun Mar 20 10:16:11 2011: Control Channel: TLSv1, cipher TLSv1/SSLv3
> DHE-RSA-AES256-SHA, 1024 bit RSA
> Sun Mar 20 10:16:11 2011: [OpenVPN-CA] Peer Connection Initiated with
> [AF_INET]192.168.1.230:1194
> Sun Mar 20 10:16:12 2011: MANAGEMENT: >STATE:1300612572,GET_CONFIG,,,
> Sun Mar 20 10:16:14 2011: SENT CONTROL [OpenVPN-CA]: 'PUSH_REQUEST'
> (status=1)
> Sun Mar 20 10:16:14 2011: PUSH: Received control message: 'PUSH_REPLY,route
> 10.8.0.1,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
> Sun Mar 20 10:16:14 2011: OPTIONS IMPORT: timers and/or timeouts modified
> Sun Mar 20 10:16:14 2011: OPTIONS IMPORT: --ifconfig/up options modified
> Sun Mar 20 10:16:14 2011: OPTIONS IMPORT: route options modified
> Sun Mar 20 10:16:14 2011: ROUTE default_gateway=192.168.1.1
> Sun Mar 20 10:16:14 2011: Note: Cannot open TUN/TAP dev OpenVPN: No such
> file or directory (errno=2)
> Sun Mar 20 10:16:14 2011: Note: Attempting fallback to kernel 2.2 TUN/TAP
> interface
> Sun Mar 20 10:16:14 2011: Cannot open TUN/TAP dev OpenVPN: No such file or
> directory (errno=2)
>
> secondo me sbaglio qualche indirizzo ip o a settare sul server ip scheda
> OpenVPN.
> le ho provate tutte anche a disattivare firewall router e firewill win.
>
> spero di non avervi rotto le scatole ma ho proprio bisogno del vostro aiuto
> grazie ancora a tutti
>
>
-------------- parte successiva --------------
Un allegato HTML č stato rimosso...
URL: <http://lists.linux.it/pipermail/bglug/attachments/20110320/adb91e1a/attachment.htm>


Maggiori informazioni sulla lista bglug