Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME 7.x Contribs
  4. Topic: smeserver-openvpn-bridge - server only
« previous next »
Pages: [1]   Go Down

smeserver-openvpn-bridge - server only

  • 2 Replies
  • 1935 Views

Offline jvels

  • ****
  • 130
  • +0/-0
    • http://vels.dk
smeserver-openvpn-bridge - server only
« on: December 27, 2006, 02:07:09 PM »
Hi

I run a SME in "server only" at IP: 192.168.0.10

i have read something about I can run openvpn in server only mode right?

I have install smeserver-openvpn-bridge last stable with this config:
http://vels.dk/tmp/sme.jpg

My laptop (winxp) have ip 192.168.0.199 there is install openvpn.se client on.

My laptop are connect to the server on the local lan. WHen I try to connect (still on locallan) the client says "You got IP 192.168.0.200" but in ipconfig i have not get a ip?????

Firewall i winxp are disabled

Code: [Select]

Ethernet adapter VelsVPN:

        Connection-specific DNS Suffix  . :
        Autoconfiguration IP Address. . . : 169.254.19.35
        Subnet Mask . . . . . . . . . . . : 255.255.0.0
        Default Gateway . . . . . . . . . :



My log from openvpn:
Code: [Select]

Wed Dec 27 13:44:35 2006 192.168.0.199:4395 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Dec 27 13:44:35 2006 192.168.0.199:4395 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Dec 27 13:44:35 2006 192.168.0.199:4395 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Wed Dec 27 13:44:35 2006 192.168.0.199:4395 [admin] Peer Connection Initiated with 192.168.0.199:4395
Wed Dec 27 13:44:35 2006 admin/192.168.0.199:4395 OPTIONS IMPORT: reading client specific options from: ccd-bridge/admin
Wed Dec 27 13:44:36 2006 admin/192.168.0.199:4395 PUSH: Received control message: 'PUSH_REQUEST'
Wed Dec 27 13:44:36 2006 admin/192.168.0.199:4395 SENT CONTROL [admin]: 'PUSH_REPLY,ping 10,ping-restart 120,dhcp-option DOMAIN net.vels.dk,dhcp-option DNS 192.168.0.10,dhcp-option WINS 192.168.0.10,route-gateway 192.168.0.10,ping 10,ping-restart 120,ifconfig 192.168.0.200 255.255.255.0' (status=1)
Wed Dec 27 13:45:36 2006 admin/192.168.0.199:4395 MULTI: Learn: 00:ff:9e:19:e8:e6 -> admin/192.168.0.199:4395
Wed Dec 27 13:48:05 2006 event_wait : Interrupted system call (code=4)
Wed Dec 27 13:48:05 2006 TCP/UDP: Closing socket
Wed Dec 27 13:48:05 2006 Closing TUN/TAP interface
Wed Dec 27 13:48:05 2006 PLUGIN_CLOSE: /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so
Wed Dec 27 13:48:05 2006 SIGTERM[hard,] received, process exiting
Wed Dec 27 13:48:15 2006 OpenVPN 2.0.7 i386-redhat-linux-gnu [SSL] [LZO] [EPOLL] built on Apr 29 2006
Wed Dec 27 13:48:15 2006 PLUGIN_INIT: POST /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so 'login' intercepted=PLUGIN_AUTH_USER_PASS_VERIFY
Wed Dec 27 13:48:15 2006 Diffie-Hellman initialized with 1024 bit key
Wed Dec 27 13:48:15 2006 Control Channel Authentication: using 'easy-rsa/keys/bridge/ta.key' as a OpenVPN static key file
Wed Dec 27 13:48:15 2006 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Dec 27 13:48:15 2006 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Dec 27 13:48:15 2006 TLS-Auth MTU parms [ L:1574 D:166 EF:66 EB:0 ET:0 EL:0 ]
Wed Dec 27 13:48:15 2006 TUN/TAP device tap0 opened
Wed Dec 27 13:48:15 2006 Data Channel MTU parms [ L:1574 D:1400 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
Wed Dec 27 13:48:15 2006 chroot to '/etc/openvpn' and cd to '/' succeeded
Wed Dec 27 13:48:15 2006 GID set to nobody
Wed Dec 27 13:48:15 2006 UID set to nobody
Wed Dec 27 13:48:15 2006 UDPv4 link local (bound): [undef]:1194
Wed Dec 27 13:48:15 2006 UDPv4 link remote: [undef]
Wed Dec 27 13:48:15 2006 MULTI: multi_init called, r=256 v=256
Wed Dec 27 13:48:15 2006 IFCONFIG POOL: base=192.168.0.200 size=51
Wed Dec 27 13:48:15 2006 Initialization Sequence Completed
Wed Dec 27 13:48:28 2006 MULTI: multi_create_instance called
Wed Dec 27 13:48:28 2006 192.168.0.199:4428 Re-using SSL/TLS context
Wed Dec 27 13:48:28 2006 192.168.0.199:4428 LZO compression initialized
Wed Dec 27 13:48:28 2006 192.168.0.199:4428 Control Channel MTU parms [ L:1578 D:166 EF:66 EB:0 ET:0 EL:0 ]
Wed Dec 27 13:48:28 2006 192.168.0.199:4428 Data Channel MTU parms [ L:1578 D:1400 EF:46 EB:135 ET:32 EL:0 AF:3/1 ]
Wed Dec 27 13:48:28 2006 192.168.0.199:4428 Fragmentation MTU parms [ L:1578 D:1400 EF:45 EB:135 ET:33 EL:0 AF:3/1 ]
Wed Dec 27 13:48:28 2006 192.168.0.199:4428 Local Options hash (VER=V4): '8f3da10b'
Wed Dec 27 13:48:28 2006 192.168.0.199:4428 Expected Remote Options hash (VER=V4): 'a257ef04'
Wed Dec 27 13:48:28 2006 192.168.0.199:4428 TLS: Initial packet from 192.168.0.199:4428, sid=6124d139 2b2fcd22
Wed Dec 27 13:48:28 2006 192.168.0.199:4428 CRL CHECK OK: /C=DK/ST=VelsNET/L=Hobro/O=VelsNET/OU=VPN/CN=server-bridge/emailAddress=net@vels.dk
Wed Dec 27 13:48:28 2006 192.168.0.199:4428 VERIFY OK: depth=1, /C=DK/ST=VelsNET/L=Hobro/O=VelsNET/OU=VPN/CN=server-bridge/emailAddress=net@vels.dk
Wed Dec 27 13:48:28 2006 192.168.0.199:4428 CRL CHECK OK: /C=DK/ST=VelsNET/O=VelsNET/OU=VPN/CN=admin/emailAddress=net@vels.dk
Wed Dec 27 13:48:28 2006 192.168.0.199:4428 VERIFY OK: depth=0, /C=DK/ST=VelsNET/O=VelsNET/OU=VPN/CN=admin/emailAddress=net@vels.dk
Wed Dec 27 13:48:28 2006 192.168.0.199:4428 PLUGIN_CALL: POST /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so/PLUGIN_AUTH_USER_PASS_VERIFY status=0
Wed Dec 27 13:48:28 2006 192.168.0.199:4428 TLS: Username/Password authentication succeeded for username 'admin'
Wed Dec 27 13:48:28 2006 192.168.0.199:4428 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Dec 27 13:48:28 2006 192.168.0.199:4428 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Dec 27 13:48:28 2006 192.168.0.199:4428 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Dec 27 13:48:28 2006 192.168.0.199:4428 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Dec 27 13:48:28 2006 192.168.0.199:4428 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Wed Dec 27 13:48:28 2006 192.168.0.199:4428 [admin] Peer Connection Initiated with 192.168.0.199:4428
Wed Dec 27 13:48:28 2006 admin/192.168.0.199:4428 OPTIONS IMPORT: reading client specific options from: ccd-bridge/admin
Wed Dec 27 13:48:29 2006 admin/192.168.0.199:4428 PUSH: Received control message: 'PUSH_REQUEST'
Wed Dec 27 13:48:29 2006 admin/192.168.0.199:4428 SENT CONTROL [admin]: 'PUSH_REPLY,ping 10,ping-restart 120,dhcp-option DOMAIN net.vels.dk,dhcp-option DNS 192.168.0.10,dhcp-option WINS 192.168.0.10,route-gateway 192.168.0.10,ping 10,ping-restart 120,ifconfig 192.168.0.200 255.255.255.0' (status=1)
Wed Dec 27 13:49:33 2006 admin/192.168.0.199:4428 MULTI: Learn: 00:ff:9e:19:e8:e6 -> admin/192.168.0.199:4428
Wed Dec 27 13:54:06 2006 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Wed Dec 27 13:54:07 2006 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Wed Dec 27 13:54:08 2006 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Wed Dec 27 13:54:09 2006 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Wed Dec 27 13:54:09 2006 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Wed Dec 27 13:54:09 2006 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Wed Dec 27 13:54:09 2006 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Wed Dec 27 13:54:11 2006 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Wed Dec 27 13:54:11 2006 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Wed Dec 27 13:54:12 2006 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Wed Dec 27 13:54:13 2006 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Wed Dec 27 13:54:13 2006 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Wed Dec 27 13:54:13 2006 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Wed Dec 27 13:54:13 2006 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Wed Dec 27 13:54:13 2006 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Wed Dec 27 13:54:14 2006 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Wed Dec 27 13:54:14 2006 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Wed Dec 27 13:54:15 2006 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Wed Dec 27 13:54:15 2006 MULTI: multi_create_instance called
Wed Dec 27 13:54:15 2006 192.168.0.199:4480 Re-using SSL/TLS context
Wed Dec 27 13:54:15 2006 192.168.0.199:4480 LZO compression initialized
Wed Dec 27 13:54:15 2006 192.168.0.199:4480 Control Channel MTU parms [ L:1578 D:166 EF:66 EB:0 ET:0 EL:0 ]
Wed Dec 27 13:54:15 2006 192.168.0.199:4480 Data Channel MTU parms [ L:1578 D:1400 EF:46 EB:135 ET:32 EL:0 AF:3/1 ]
Wed Dec 27 13:54:15 2006 192.168.0.199:4480 Fragmentation MTU parms [ L:1578 D:1400 EF:45 EB:135 ET:33 EL:0 AF:3/1 ]
Wed Dec 27 13:54:15 2006 192.168.0.199:4480 Local Options hash (VER=V4): '8f3da10b'
Wed Dec 27 13:54:15 2006 192.168.0.199:4480 Expected Remote Options hash (VER=V4): 'a257ef04'
Wed Dec 27 13:54:15 2006 192.168.0.199:4480 TLS: Initial packet from 192.168.0.199:4480, sid=fda62424 ab56a999
Wed Dec 27 13:54:15 2006 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Wed Dec 27 13:54:15 2006 192.168.0.199:4480 CRL CHECK OK: /C=DK/ST=VelsNET/L=Hobro/O=VelsNET/OU=VPN/CN=server-bridge/emailAddress=net@vels.dk
Wed Dec 27 13:54:15 2006 192.168.0.199:4480 VERIFY OK: depth=1, /C=DK/ST=VelsNET/L=Hobro/O=VelsNET/OU=VPN/CN=server-bridge/emailAddress=net@vels.dk
Wed Dec 27 13:54:15 2006 192.168.0.199:4480 CRL CHECK OK: /C=DK/ST=VelsNET/O=VelsNET/OU=VPN/CN=admin/emailAddress=net@vels.dk
Wed Dec 27 13:54:15 2006 192.168.0.199:4480 VERIFY OK: depth=0, /C=DK/ST=VelsNET/O=VelsNET/OU=VPN/CN=admin/emailAddress=net@vels.dk
Wed Dec 27 13:54:15 2006 192.168.0.199:4480 PLUGIN_CALL: POST /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so/PLUGIN_AUTH_USER_PASS_VERIFY status=0
Wed Dec 27 13:54:15 2006 192.168.0.199:4480 TLS: Username/Password authentication succeeded for username 'admin'
Wed Dec 27 13:54:15 2006 192.168.0.199:4480 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Dec 27 13:54:15 2006 192.168.0.199:4480 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Dec 27 13:54:15 2006 192.168.0.199:4480 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Dec 27 13:54:15 2006 192.168.0.199:4480 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Dec 27 13:54:15 2006 192.168.0.199:4480 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Wed Dec 27 13:54:15 2006 192.168.0.199:4480 [admin] Peer Connection Initiated with 192.168.0.199:4480
Wed Dec 27 13:54:15 2006 MULTI: new connection by client 'admin' will cause previous active sessions by this client to be dropped.  Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Wed Dec 27 13:54:15 2006 OPTIONS IMPORT: reading client specific options from: ccd-bridge/admin
Wed Dec 27 13:54:16 2006 admin/192.168.0.199:4480 PUSH: Received control message: 'PUSH_REQUEST'
Wed Dec 27 13:54:16 2006 admin/192.168.0.199:4480 SENT CONTROL [admin]: 'PUSH_REPLY,ping 10,ping-restart 120,dhcp-option DOMAIN net.vels.dk,dhcp-option DNS 192.168.0.10,dhcp-option WINS 192.168.0.10,route-gateway 192.168.0.10,ping 10,ping-restart 120,ifconfig 192.168.0.200 255.255.255.0' (status=1)
Wed Dec 27 13:55:19 2006 admin/192.168.0.199:4480 MULTI: Learn: 00:ff:9e:19:e8:e6 -> admin/192.168.0.199:4480



Log from client:

Code: [Select]

Wed Dec 27 13:54:32 2006 us=687572 Current Parameter Settings:
Wed Dec 27 13:54:32 2006 us=687663   config = 'VPN.ovpn'
Wed Dec 27 13:54:32 2006 us=687684   mode = 0
Wed Dec 27 13:54:32 2006 us=687703   show_ciphers = DISABLED
Wed Dec 27 13:54:32 2006 us=687721   show_digests = DISABLED
Wed Dec 27 13:54:32 2006 us=687747   show_engines = DISABLED
Wed Dec 27 13:54:32 2006 us=687765   genkey = DISABLED
Wed Dec 27 13:54:32 2006 us=687784   key_pass_file = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=687802   show_tls_ciphers = DISABLED
Wed Dec 27 13:54:32 2006 us=687821   proto = 0
Wed Dec 27 13:54:32 2006 us=687839   local = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=687860   remote_list[0] = {'192.168.0.10', 1194}
Wed Dec 27 13:54:32 2006 us=687879   remote_random = DISABLED
Wed Dec 27 13:54:32 2006 us=687900   local_port = 1194
Wed Dec 27 13:54:32 2006 us=687919   remote_port = 1194
Wed Dec 27 13:54:32 2006 us=687938   remote_float = DISABLED
Wed Dec 27 13:54:32 2006 us=687958   ipchange = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=687977   bind_local = DISABLED
Wed Dec 27 13:54:32 2006 us=687995   dev = 'tap'
Wed Dec 27 13:54:32 2006 us=688014   dev_type = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=688033   dev_node = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=688051   tun_ipv6 = DISABLED
Wed Dec 27 13:54:32 2006 us=688071   ifconfig_local = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=688091   ifconfig_remote_netmask = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=688110   ifconfig_noexec = DISABLED
Wed Dec 27 13:54:32 2006 us=688130   ifconfig_nowarn = DISABLED
Wed Dec 27 13:54:32 2006 us=688149   shaper = 0
Wed Dec 27 13:54:32 2006 us=688167   tun_mtu = 1500
Wed Dec 27 13:54:32 2006 us=688186   tun_mtu_defined = ENABLED
Wed Dec 27 13:54:32 2006 us=688205   link_mtu = 1500
Wed Dec 27 13:54:32 2006 us=688223   link_mtu_defined = DISABLED
Wed Dec 27 13:54:32 2006 us=688243   tun_mtu_extra = 32
Wed Dec 27 13:54:32 2006 us=688262   tun_mtu_extra_defined = ENABLED
Wed Dec 27 13:54:32 2006 us=688281   fragment = 1400
Wed Dec 27 13:54:32 2006 us=688300   mtu_discover_type = -1
Wed Dec 27 13:54:32 2006 us=688319   mtu_test = 0
Wed Dec 27 13:54:32 2006 us=688337   mlock = DISABLED
Wed Dec 27 13:54:32 2006 us=688356   keepalive_ping = 0
Wed Dec 27 13:54:32 2006 us=688375   keepalive_timeout = 0
Wed Dec 27 13:54:32 2006 us=688395   inactivity_timeout = 0
Wed Dec 27 13:54:32 2006 us=688414   ping_send_timeout = 0
Wed Dec 27 13:54:32 2006 us=688433   ping_rec_timeout = 120
Wed Dec 27 13:54:32 2006 us=688453   ping_rec_timeout_action = 2
Wed Dec 27 13:54:32 2006 us=688473   ping_timer_remote = DISABLED
Wed Dec 27 13:54:32 2006 us=688492   remap_sigusr1 = 0
Wed Dec 27 13:54:32 2006 us=688512   explicit_exit_notification = 0
Wed Dec 27 13:54:32 2006 us=688531   persist_tun = DISABLED
Wed Dec 27 13:54:32 2006 us=688551   persist_local_ip = DISABLED
Wed Dec 27 13:54:32 2006 us=688571   persist_remote_ip = DISABLED
Wed Dec 27 13:54:32 2006 us=688590   persist_key = DISABLED
Wed Dec 27 13:54:32 2006 us=688609   mssfix = 1450
Wed Dec 27 13:54:32 2006 us=688630   resolve_retry_seconds = 1000000000
Wed Dec 27 13:54:32 2006 us=688650   connect_retry_seconds = 5
Wed Dec 27 13:54:32 2006 us=688669   username = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=688688   groupname = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=688707   chroot_dir = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=688733   cd_dir = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=688752   writepid = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=688780   up_script = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=688802   down_script = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=688821   down_pre = DISABLED
Wed Dec 27 13:54:32 2006 us=688840   up_restart = DISABLED
Wed Dec 27 13:54:32 2006 us=688859   up_delay = DISABLED
Wed Dec 27 13:54:32 2006 us=688877   daemon = DISABLED
Wed Dec 27 13:54:32 2006 us=688896   inetd = 0
Wed Dec 27 13:54:32 2006 us=688914   log = DISABLED
Wed Dec 27 13:54:32 2006 us=688933   suppress_timestamps = DISABLED
Wed Dec 27 13:54:32 2006 us=688952   nice = 0
Wed Dec 27 13:54:32 2006 us=688970   verbosity = 4
Wed Dec 27 13:54:32 2006 us=688987   mute = 0
Wed Dec 27 13:54:32 2006 us=694179   gremlin = 0
Wed Dec 27 13:54:32 2006 us=694210   status_file = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=694228   status_file_version = 1
Wed Dec 27 13:54:32 2006 us=694246   status_file_update_freq = 60
Wed Dec 27 13:54:32 2006 us=694264   occ = ENABLED
Wed Dec 27 13:54:32 2006 us=694280   rcvbuf = 0
Wed Dec 27 13:54:32 2006 us=694297   sndbuf = 0
Wed Dec 27 13:54:32 2006 us=694316   socks_proxy_server = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=694349   socks_proxy_port = 0
Wed Dec 27 13:54:32 2006 us=694368   socks_proxy_retry = DISABLED
Wed Dec 27 13:54:32 2006 us=694386   fast_io = DISABLED
Wed Dec 27 13:54:32 2006 us=694545   comp_lzo = ENABLED
Wed Dec 27 13:54:32 2006 us=694565   comp_lzo_adaptive = ENABLED
Wed Dec 27 13:54:32 2006 us=694590   route_script = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=694608   route_default_gateway = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=694627   route_noexec = DISABLED
Wed Dec 27 13:54:32 2006 us=694645   route_delay = 0
Wed Dec 27 13:54:32 2006 us=770615   route_delay_window = 30
Wed Dec 27 13:54:32 2006 us=770649   route_delay_defined = ENABLED
Wed Dec 27 13:54:32 2006 us=770668   management_addr = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=770687   management_port = 0
Wed Dec 27 13:54:32 2006 us=770705   management_user_pass = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=770725   management_log_history_cache = 250
Wed Dec 27 13:54:32 2006 us=770751   management_echo_buffer_size = 100
Wed Dec 27 13:54:32 2006 us=770772   management_query_passwords = DISABLED
Wed Dec 27 13:54:32 2006 us=770792   management_hold = DISABLED
Wed Dec 27 13:54:32 2006 us=770810   shared_secret_file = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=770829   key_direction = 2
Wed Dec 27 13:54:32 2006 us=770847   ciphername_defined = ENABLED
Wed Dec 27 13:54:32 2006 us=770866   ciphername = 'BF-CBC'
Wed Dec 27 13:54:32 2006 us=770884   authname_defined = ENABLED
Wed Dec 27 13:54:32 2006 us=770903   authname = 'SHA1'
Wed Dec 27 13:54:32 2006 us=770919   keysize = 0
Wed Dec 27 13:54:32 2006 us=830767   engine = DISABLED
Wed Dec 27 13:54:32 2006 us=830788   replay = ENABLED
Wed Dec 27 13:54:32 2006 us=830797   mute_replay_warnings = DISABLED
Wed Dec 27 13:54:32 2006 us=830806   replay_window = 64
Wed Dec 27 13:54:32 2006 us=830815   replay_time = 15
Wed Dec 27 13:54:32 2006 us=830824   packet_id_file = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=830832   use_iv = ENABLED
Wed Dec 27 13:54:32 2006 us=830840   test_crypto = DISABLED
Wed Dec 27 13:54:32 2006 us=830848   tls_server = DISABLED
Wed Dec 27 13:54:32 2006 us=830857   tls_client = ENABLED
Wed Dec 27 13:54:32 2006 us=830865   key_method = 2
Wed Dec 27 13:54:32 2006 us=830874   ca_file = 'ca.crt'
Wed Dec 27 13:54:32 2006 us=830883   dh_file = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=830891   cert_file = 'admin.crt'
Wed Dec 27 13:54:32 2006 us=830900   priv_key_file = 'admin.key'
Wed Dec 27 13:54:32 2006 us=830908   pkcs12_file = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=830917   cryptoapi_cert = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=838500   cipher_list = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=838520   tls_verify = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=838529   tls_remote = 'server'
Wed Dec 27 13:54:32 2006 us=838537   crl_file = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=838546   ns_cert_type = 64
Wed Dec 27 13:54:32 2006 us=838554   tls_timeout = 2
Wed Dec 27 13:54:32 2006 us=838563   renegotiate_bytes = 0
Wed Dec 27 13:54:32 2006 us=838571   renegotiate_packets = 0
Wed Dec 27 13:54:32 2006 us=838580   renegotiate_seconds = 3600
Wed Dec 27 13:54:32 2006 us=838589   handshake_window = 60
Wed Dec 27 13:54:32 2006 us=838597   transition_window = 3600
Wed Dec 27 13:54:32 2006 us=838606   single_session = DISABLED
Wed Dec 27 13:54:32 2006 us=838615   tls_exit = DISABLED
Wed Dec 27 13:54:32 2006 us=838623   tls_auth_file = 'ta.key'
Wed Dec 27 13:54:32 2006 us=838652   server_network = 0.0.0.0
Wed Dec 27 13:54:32 2006 us=838663   server_netmask = 0.0.0.0
Wed Dec 27 13:54:32 2006 us=847762   server_bridge_ip = 0.0.0.0
Wed Dec 27 13:54:32 2006 us=847782   server_bridge_netmask = 0.0.0.0
Wed Dec 27 13:54:32 2006 us=847793   server_bridge_pool_start = 0.0.0.0
Wed Dec 27 13:54:32 2006 us=847803   server_bridge_pool_end = 0.0.0.0
Wed Dec 27 13:54:32 2006 us=847813   ifconfig_pool_defined = DISABLED
Wed Dec 27 13:54:32 2006 us=847822   ifconfig_pool_start = 0.0.0.0
Wed Dec 27 13:54:32 2006 us=847832   ifconfig_pool_end = 0.0.0.0
Wed Dec 27 13:54:32 2006 us=847841   ifconfig_pool_netmask = 0.0.0.0
Wed Dec 27 13:54:32 2006 us=847851   ifconfig_pool_persist_filename = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=847860   ifconfig_pool_persist_refresh_freq = 600
Wed Dec 27 13:54:32 2006 us=847870   ifconfig_pool_linear = DISABLED
Wed Dec 27 13:54:32 2006 us=847879   n_bcast_buf = 256
Wed Dec 27 13:54:32 2006 us=847887   tcp_queue_limit = 64
Wed Dec 27 13:54:32 2006 us=847904   real_hash_size = 256
Wed Dec 27 13:54:32 2006 us=847912   virtual_hash_size = 256
Wed Dec 27 13:54:32 2006 us=856142   client_connect_script = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=856162   learn_address_script = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=856172   client_disconnect_script = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=856181   client_config_dir = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=856189   ccd_exclusive = DISABLED
Wed Dec 27 13:54:32 2006 us=856197   tmp_dir = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=856206   push_ifconfig_defined = DISABLED
Wed Dec 27 13:54:32 2006 us=856218   push_ifconfig_local = 0.0.0.0
Wed Dec 27 13:54:32 2006 us=856228   push_ifconfig_remote_netmask = 0.0.0.0
Wed Dec 27 13:54:32 2006 us=856237   enable_c2c = DISABLED
Wed Dec 27 13:54:32 2006 us=856246   duplicate_cn = DISABLED
Wed Dec 27 13:54:32 2006 us=856254   cf_max = 0
Wed Dec 27 13:54:32 2006 us=856262   cf_per = 0
Wed Dec 27 13:54:32 2006 us=856270   max_clients = 1024
Wed Dec 27 13:54:32 2006 us=856279   max_routes_per_client = 256
Wed Dec 27 13:54:32 2006 us=864621   client_cert_not_required = DISABLED
Wed Dec 27 13:54:32 2006 us=864641   username_as_common_name = DISABLED
Wed Dec 27 13:54:32 2006 us=864651   auth_user_pass_verify_script = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=864661   auth_user_pass_verify_script_via_file = DISABLED
Wed Dec 27 13:54:32 2006 us=864670   client = DISABLED
Wed Dec 27 13:54:32 2006 us=864678   pull = ENABLED
Wed Dec 27 13:54:32 2006 us=864687   auth_user_pass_file = 'stdin'
Wed Dec 27 13:54:32 2006 us=864699   show_net_up = DISABLED
Wed Dec 27 13:54:32 2006 us=864708   route_method = 0
Wed Dec 27 13:54:32 2006 us=864717   ip_win32_defined = DISABLED
Wed Dec 27 13:54:32 2006 us=864725   ip_win32_type = 3
Wed Dec 27 13:54:32 2006 us=864734   dhcp_masq_offset = 0
Wed Dec 27 13:54:32 2006 us=864744   dhcp_lease_time = 31536000
Wed Dec 27 13:54:32 2006 us=864752   tap_sleep = 0
Wed Dec 27 13:54:32 2006 us=864761   dhcp_options = DISABLED
Wed Dec 27 13:54:32 2006 us=864769   dhcp_renew = DISABLED
Wed Dec 27 13:54:32 2006 us=877618   dhcp_pre_release = DISABLED
Wed Dec 27 13:54:32 2006 us=877638   dhcp_release = DISABLED
Wed Dec 27 13:54:32 2006 us=877647   domain = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=877655   netbios_scope = '[UNDEF]'
Wed Dec 27 13:54:32 2006 us=877664   netbios_node_type = 0
Wed Dec 27 13:54:32 2006 us=877672   disable_nbt = DISABLED
Wed Dec 27 13:54:32 2006 us=877696 OpenVPN 2.0.7 Win32-MinGW [SSL] [LZO] built on Apr 12 2006
Wed Dec 27 13:54:38 2006 us=260599 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Wed Dec 27 13:54:38 2006 us=260665 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Dec 27 13:54:38 2006 us=260699 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Dec 27 13:54:38 2006 us=260749 LZO compression initialized
Wed Dec 27 13:54:38 2006 us=260925 Control Channel MTU parms [ L:1578 D:166 EF:66 EB:0 ET:0 EL:0 ]
Wed Dec 27 13:54:38 2006 us=297833 Data Channel MTU parms [ L:1578 D:1450 EF:46 EB:135 ET:32 EL:0 AF:3/1 ]
Wed Dec 27 13:54:38 2006 us=297887 Fragmentation MTU parms [ L:1578 D:1400 EF:45 EB:135 ET:33 EL:0 AF:3/1 ]
Wed Dec 27 13:54:38 2006 us=297965 Local Options String: 'V4,dev-type tap,link-mtu 1578,tun-mtu 1532,proto UDPv4,comp-lzo,mtu-dynamic,keydir 1,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Wed Dec 27 13:54:38 2006 us=297994 Expected Remote Options String: 'V4,dev-type tap,link-mtu 1578,tun-mtu 1532,proto UDPv4,comp-lzo,mtu-dynamic,keydir 0,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Wed Dec 27 13:54:38 2006 us=298046 Local Options hash (VER=V4): 'a257ef04'
Wed Dec 27 13:54:38 2006 us=298088 Expected Remote Options hash (VER=V4): '8f3da10b'
Wed Dec 27 13:54:38 2006 us=298153 Socket Buffers: R=[8192->8192] S=[8192->8192]
Wed Dec 27 13:54:38 2006 us=303748 UDPv4 link local: [undef]
Wed Dec 27 13:54:38 2006 us=303781 UDPv4 link remote: 192.168.0.10:1194
Wed Dec 27 13:54:38 2006 us=314727 TLS: Initial packet from 192.168.0.10:1194, sid=2b1e2ceb b46bf599
Wed Dec 27 13:54:38 2006 us=396312 VERIFY OK: depth=1, /C=DK/ST=VelsNET/L=Hobro/O=VelsNET/OU=VPN/CN=server-bridge/emailAddress=net@vels.dk
Wed Dec 27 13:54:38 2006 us=397605 VERIFY OK: nsCertType=SERVER
Wed Dec 27 13:54:38 2006 us=397629 VERIFY X509NAME OK: /C=DK/ST=VelsNET/O=VelsNET/OU=VPN/CN=server/emailAddress=net@vels.dk
Wed Dec 27 13:54:38 2006 us=397650 VERIFY OK: depth=0, /C=DK/ST=VelsNET/O=VelsNET/OU=VPN/CN=server/emailAddress=net@vels.dk
Wed Dec 27 13:54:38 2006 us=632896 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Dec 27 13:54:38 2006 us=632930 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Dec 27 13:54:38 2006 us=633002 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Dec 27 13:54:38 2006 us=633015 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Dec 27 13:54:38 2006 us=633273 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Wed Dec 27 13:54:38 2006 us=633300 [server] Peer Connection Initiated with 192.168.0.10:1194
Wed Dec 27 13:54:39 2006 us=65243 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Wed Dec 27 13:54:39 2006 us=67765 PUSH: Received control message: 'PUSH_REPLY,ping 10,ping-restart 120,dhcp-option DOMAIN net.vels.dk,dhcp-option DNS 192.168.0.10,dhcp-option WINS 192.168.0.10,route-gateway 192.168.0.10,ping 10,ping-restart 120,ifconfig 192.168.0.200 255.255.255.0'
Wed Dec 27 13:54:39 2006 us=68357 OPTIONS IMPORT: timers and/or timeouts modified
Wed Dec 27 13:54:39 2006 us=68370 OPTIONS IMPORT: --ifconfig/up options modified
Wed Dec 27 13:54:39 2006 us=68379 OPTIONS IMPORT: route options modified
Wed Dec 27 13:54:39 2006 us=68388 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed Dec 27 13:54:39 2006 us=68409 WARNING: --remote address [192.168.0.10] conflicts with --ifconfig subnet [192.168.0.200, 255.255.255.0] -- local and remote addresses cannot be inside of the --ifconfig subnet. (silence this warning with --ifconfig-nowarn)
Wed Dec 27 13:54:39 2006 us=73012 TAP-WIN32 device [VelsVPN] opened: \\.\Global\{9E19E8E6-D2F5-44C0-A84B-1024B0D17F2C}.tap
Wed Dec 27 13:54:39 2006 us=73118 TAP-Win32 Driver Version 8.1
Wed Dec 27 13:54:39 2006 us=73134 TAP-Win32 MTU=1500
Wed Dec 27 13:54:39 2006 us=73152 Notified TAP-Win32 driver to set a DHCP IP/netmask of 192.168.0.200/255.255.255.0 on interface {9E19E8E6-D2F5-44C0-A84B-1024B0D17F2C} [DHCP-serv: 192.168.0.0, lease-time: 31536000]
Wed Dec 27 13:54:39 2006 us=73175 DHCP option string: 0f0b6e65 742e7665 6c732e64 6b0604c0 a8000a2c 04c0a800 0a
Wed Dec 27 13:54:39 2006 us=113784 Successful ARP Flush on interface [65542] {9E19E8E6-D2F5-44C0-A84B-1024B0D17F2C}
Wed Dec 27 13:54:39 2006 us=231825 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:54:39 2006 us=231869 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:54:39 2006 us=962420 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:54:39 2006 us=962448 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:54:41 2006 us=462446 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:54:41 2006 us=462475 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:54:42 2006 us=67410 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:54:42 2006 us=67452 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:54:42 2006 us=966119 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:54:42 2006 us=966163 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:54:44 2006 us=464116 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:54:44 2006 us=464158 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:54:45 2006 us=215964 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:54:45 2006 us=216003 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:54:46 2006 us=276568 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:54:46 2006 us=276618 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:54:47 2006 us=629802 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:54:47 2006 us=629845 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:54:48 2006 us=614069 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:54:48 2006 us=614111 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:54:49 2006 us=742718 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:54:49 2006 us=742761 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:54:51 2006 us=777812 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:54:51 2006 us=777854 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:54:53 2006 us=816859 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:54:53 2006 us=816901 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:54:54 2006 us=736491 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:54:54 2006 us=736544 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:54:55 2006 us=866116 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:54:55 2006 us=866158 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:54:56 2006 us=773551 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:54:56 2006 us=773595 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:54:57 2006 us=902557 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:54:57 2006 us=902599 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:54:58 2006 us=813329 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:54:58 2006 us=813372 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:54:59 2006 us=961345 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:54:59 2006 us=961387 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:55:01 2006 us=108844 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:55:01 2006 us=108887 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:55:01 2006 us=760261 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:55:01 2006 us=760304 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:55:02 2006 us=893093 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:55:02 2006 us=893136 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:55:04 2006 us=40509 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:55:04 2006 us=40539 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:55:04 2006 us=932874 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:55:04 2006 us=932918 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:55:06 2006 us=81250 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:55:06 2006 us=81293 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:55:06 2006 us=972197 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:55:06 2006 us=972226 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:55:08 2006 us=150169 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:55:08 2006 us=150212 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 27 13:55:08 2006 us=982757 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Dec 27 13:55:08 2006 us=982787 Initialization Sequence Completed With Errors ( see http://openvpn.net/faq.html#dhcpclientserv )

Logged

Offline meanpenguin

  • ****
  • 138
  • +0/-0
smeserver-openvpn-bridge - server only
« Reply #1 on: December 27, 2006, 08:51:24 PM »
Quote

Wed Dec 27 13:54:39 2006 us=68409 WARNING: --remote address [192.168.0.10] conflicts with --ifconfig subnet [192.168.0.200, 255.255.255.0] -- local and remote addresses cannot be inside of the --ifconfig subnet. (silence this warning with --ifconfig-nowarn)


I would think this is the problem.
In general, it would be very hard to test a VPN from within the network.

If would also be a problem if your subnet (192.168.0) happens to be the same as the one you are using at your friends house/external site.

Ed
Logged

Offline del

  • *
  • 765
  • +0/-0
smeserver-openvpn-bridge - server only
« Reply #2 on: December 28, 2006, 01:26:06 AM »
Hi jvels,

I had the same problem and it is all to do with the IP and Subnet being the same on the LAN and the remote.  :D VIP-ire pointed out that there are routing issues if you use the same IP and Subnet for both LAN and Remote see here:
http://forums.contribs.org/index.php?topic=33043.0  :wink:

Regards,
Del
Logged
If at first you don't succeed, then sky-diving is not for you!
"Life is like a coin. You can spend it anyway you wish, but you can only spend it once." --Author Unknown
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME 7.x Contribs
  4. Topic: smeserver-openvpn-bridge - server only