[bglug] Openvpn server win e client ubuntu

Giuliano Cortinovis edicola.giuliano@gmail.com
Dom 20 Mar 2011 15:45:47 CET 

scusate ancora a tutti ma ma ho fatto casino con la mailing list e scusate
se apro un altro topic con piu' o meno lo stesso oggetto.
Io dovrei configurare un server con openvpn su win xp e collegarmi da client
ubuntu ma
non ne vengo pių fuori.allora riepilogo come ho provato a creare un server
vpn con openvpn.

link dove ho seguito la guida:
http://returncode.wordpress.com/2007/10/24/openvpn-1-scenario-installazione-e-creazione-delle-chiavi/

file conf. server dopo aver creato le varie chiavi e certificati: nome file
:server.ovpn

port 1194
proto tcp
dev tun
dev-node OpenVPN
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3


file conf client.ovpn (nella cartella /etc/openvpn/ ci sono tutti i cert. e
le chiavi):

client
dev tun
dev-node OpenVPN
proto tcp
remote 192.168.1.230 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
ns-cert-type server
comp-lzo
verb 3
mute 20

quando mi collego da ubuntu tramite gui gopenvpn ottengo questo log:

Sun Mar 20 10:16:09 2011: MANAGEMENT: CMD 'state on'
Sun Mar 20 10:16:09 2011: MANAGEMENT: CMD 'auth-retry interact'
Sun Mar 20 10:16:09 2011: MANAGEMENT: CMD 'hold release'
Sun Mar 20 10:16:09 2011: NOTE: the current --script-security setting may
allow this configuration to call user-defined scripts
Sun Mar 20 10:16:09 2011: WARNING: file 'client.key' is group or others
accessible
Sun Mar 20 10:16:09 2011: /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus
omitted>
Sun Mar 20 10:16:10 2011: LZO compression initialized
Sun Mar 20 10:16:10 2011: Control Channel MTU parms [ L:1544 D:140 EF:40
EB:0 ET:0 EL:0 ]
Sun Mar 20 10:16:10 2011: Data Channel MTU parms [ L:1544 D:1450 EF:44
EB:135 ET:0 EL:0 AF:3/1 ]
Sun Mar 20 10:16:10 2011: Local Options hash (VER=V4): '69109d17'
Sun Mar 20 10:16:10 2011: Expected Remote Options hash (VER=V4): 'c0103fa8'
Sun Mar 20 10:16:10 2011: Attempting to establish TCP connection with
[AF_INET]192.168.1.230:1194 [nonblock]
Sun Mar 20 10:16:10 2011: MANAGEMENT: >STATE:1300612570,TCP_CONNECT,
>
> ,,
> Sun Mar 20 10:16:11 2011: TCP connection established with [AF_INET]
> 192.168.1.230:1194
> Sun Mar 20 10:16:11 2011: Socket Buffers: R=[87380->131072]
> S=[16384->131072]
> Sun Mar 20 10:16:11 2011: TCPv4_CLIENT link local: [undef]
> Sun Mar 20 10:16:11 2011: TCPv4_CLIENT link remote: [AF_INET]
> 192.168.1.230:1194
> Sun Mar 20 10:16:11 2011: MANAGEMENT: >STATE:1300612571,WAIT,,,
> Sun Mar 20 10:16:11 2011: MANAGEMENT: >STATE:1300612571,AUTH,,,
> Sun Mar 20 10:16:11 2011: TLS: Initial packet from [AF_INET]
> 192.168.1.230:1194, sid=b72d064f f67ef50e
> Sun Mar 20 10:16:11 2011: VERIFY OK: depth=1,
> /C=IT/ST=IT/L=Bergamo/O=EdicolaCortinovis/CN=OpenVPN-CA/emailAddress=
> edicolacortinovis@email.it
> Sun Mar 20 10:16:11 2011: VERIFY OK: nsCertType=SERVER
> Sun Mar 20 10:16:11 2011: VERIFY OK: depth=0,
> /C=IT/ST=IT/O=EdicolaCortinovis/CN=OpenVPN-CA/emailAddress=
> edicolacortinovis@email.it
> Sun Mar 20 10:16:11 2011: Data Channel Encrypt: Cipher 'BF-CBC' initialized
> with 128 bit key
> Sun Mar 20 10:16:11 2011: Data Channel Encrypt: Using 160 bit message hash
> 'SHA1' for HMAC authentication
> Sun Mar 20 10:16:11 2011: Data Channel Decrypt: Cipher 'BF-CBC' initialized
> with 128 bit key
> Sun Mar 20 10:16:11 2011: Data Channel Decrypt: Using 160 bit message hash
> 'SHA1' for HMAC authentication
> Sun Mar 20 10:16:11 2011: Control Channel: TLSv1, cipher TLSv1/SSLv3
> DHE-RSA-AES256-SHA, 1024 bit RSA
> Sun Mar 20 10:16:11 2011: [OpenVPN-CA] Peer Connection Initiated with
> [AF_INET]192.168.1.230:1194
> Sun Mar 20 10:16:12 2011: MANAGEMENT: >STATE:1300612572,GET_CONFIG,,,
> Sun Mar 20 10:16:14 2011: SENT CONTROL [OpenVPN-CA]: 'PUSH_REQUEST'
> (status=1)
> Sun Mar 20 10:16:14 2011: PUSH: Received control message: 'PUSH_REPLY,route
> 10.8.0.1,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
> Sun Mar 20 10:16:14 2011: OPTIONS IMPORT: timers and/or timeouts modified
> Sun Mar 20 10:16:14 2011: OPTIONS IMPORT: --ifconfig/up options modified
> Sun Mar 20 10:16:14 2011: OPTIONS IMPORT: route options modified
> Sun Mar 20 10:16:14 2011: ROUTE default_gateway=192.168.1.1
> Sun Mar 20 10:16:14 2011: Note: Cannot open TUN/TAP dev OpenVPN: No such
> file or directory (errno=2)
> Sun Mar 20 10:16:14 2011: Note: Attempting fallback to kernel 2.2 TUN/TAP
> interface
> Sun Mar 20 10:16:14 2011: Cannot open TUN/TAP dev OpenVPN: No such file or
> directory (errno=2)
>
> secondo me sbaglio qualche indirizzo ip o a settare sul server scheda
> OpenVPN o ip.
> le ho provate tutte anche a disattivare firewall router e firewill win.
>
   Da windows 7 client riesco a connettermi quindi penso che i file di
conf.siano ok

>
> spero di non avervi rotto le scatole ma ho proprio bisogno del vostro aiuto
> grazie ancora a tutti
>
>
-------------- parte successiva --------------
Un allegato HTML č stato rimosso...
URL: <http://lists.linux.it/pipermail/bglug/attachments/20110320/a3813367/attachment.htm>

Maggiori informazioni sulla lista bglug