Znalazłem opis błędu na stronie dostawcy TV, może on coś pomoże?
"EP14 - Wystąpił problem z połączeniem TLS (do https://eboo-cache-fnd.evio.pl/abox-dev/provisioning?mac=TESTSSL)"
Strony 1
Nie jesteś zalogowany. Proszę się zalogować lub zarejestrować.
eko.one.pl → Posty przez aro84
Strony 1
Znalazłem opis błędu na stronie dostawcy TV, może on coś pomoże?
"EP14 - Wystąpił problem z połączeniem TLS (do https://eboo-cache-fnd.evio.pl/abox-dev/provisioning?mac=TESTSSL)"
Nic nie grzebałem więcej w routerze oprócz zmian w /etc/config/network
Na Archer C6 z OpenWrt EPG działa, a konfiguracja jest taka:
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd27:70fa:5c1d::/48'
config interface 'lan'
option type 'bridge'
option ifname 'eth0.1'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option igmp_snooping '1'
option mtu '1480'
option ipaddr '192.168.0.1'
config interface 'wan'
option proto 'pppoe'
option password 'XXXXX'
option ipv6 'auto'
option username 'XXXXX'
option ifname 'eth0.74'
option mtu '1480'
config interface 'wan6'
option proto 'dhcpv6'
option ifname 'eth0.74'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option vid '1'
option ports '0t 2 3 4'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '0t 2t 3t 4t 1t'
option vid '74'
config switch_vlan
option device 'switch0'
option vlan '3'
option ports '0t 5 1t'
option vid '95'Dziękuję.
Telewizja działa, tylko nie chce wyświetlać mi EPG. Jak robię diagnostykę sieci na dekoderze to mam błąd: "Wystąpił problem z połączeniem TLS. (EP14)"
Masz jakiś pomysł?
Witam,
Udało mi się ustawić VLAN dla internetu.
cat /etc/config/network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config switch
option name 'switch0'
config interface 'lan'
option ifname 'eth2 eth3 eth4'
option force_link '1'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.0.1'
option netmask '255.255.255.0'
option ipv6 '0'
option multicast_querier '0'
option igmp_snooping '1'
config interface 'eth1'
option ifname 'eth1'
option keepup '1'
config interface 'wan'
option proto 'pppoe'
option password 'xxxxx'
option ipv6 'auto'
option username 'xxxxx'
option ifname 'eth1.74'
option mtu '1480'
config interface 'internet_wan'
option ifname 'eth1.74'W jaki sposób mogę dodać na jednym z portów LAN IPTV, która jest na VLAN: 95
Z góry dziękuję za pomoc.
Jakby ktoś chciał kupić to jest za 337,48zł
https://www.pepper.pl/promocje/xiaomi-m … nii-359620
Witam na forum.
Chciałbym zapytać czy da się wyłączyć najlepiej na noc diody ?
Za pomocą apki Mi WiFi możesz wyłączyc diody (Settings > Hardware & system > LED Light).
Zapomniałem jeszcze dodać, że każdy klient ma inne certyfikaty i po prostu ten jeden klient na lede generuje więcej niż jedną sesję.
To świeżo postawiony system i od razu wziąłem się za konfigurację openvpn.
root@LEDE:~# ls -al /sbin/ifconfig
lrwxrwxrwx 1 root root 14 Aug 9 23:20 /sbin/ifconfig -> ../bin/busyboxWitam,
Problem wygląda następująco. Klient łączy się co na kilka sekund do serwera i zrywa połączenie.
Do serwera podłączonych jest kilka innych klientów (raspberry pi) i w ich przypadku nie ma problemu z ustanowieniem połączenia.
Przedstawiam logi:
Klient
Thu Aug 24 13:21:08 2017 daemon.notice openvpn(lede)[7632]: OpenVPN 2.4.3 mips-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Thu Aug 24 13:21:08 2017 daemon.notice openvpn(lede)[7632]: library versions: OpenSSL 1.0.2k 26 Jan 2017, LZO 2.09
Thu Aug 24 13:21:08 2017 daemon.warn openvpn(lede)[7632]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Thu Aug 24 13:21:08 2017 daemon.notice openvpn(lede)[7632]: TCP/UDP: Preserving recently used remote address: [AF_INET]XX.X.XXX.XXX:1194
Thu Aug 24 13:21:08 2017 daemon.notice openvpn(lede)[7632]: UDP link local: (not bound)
Thu Aug 24 13:21:08 2017 daemon.notice openvpn(lede)[7632]: UDP link remote: [AF_INET]XX.X.XXX.XXX:1194
Thu Aug 24 13:21:09 2017 daemon.notice openvpn(lede)[7632]: VERIFY OK: depth=1, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=MyOrganizationalUnit, CN=Fort-Funston CA, name=server, emailAddress=me@myhost.mydomain
Thu Aug 24 13:21:09 2017 daemon.notice openvpn(lede)[7632]: VERIFY OK: depth=0, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=MyOrganizationalUnit, CN=server, name=server, emailAddress=me@myhost.mydomain
Thu Aug 24 13:21:10 2017 daemon.warn openvpn(lede)[7632]: WARNING: 'keydir' is present in local config but missing in remote config, local='keydir 0'
Thu Aug 24 13:21:10 2017 daemon.notice openvpn(lede)[7632]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Thu Aug 24 13:21:10 2017 daemon.notice openvpn(lede)[7632]: [server] Peer Connection Initiated with [AF_INET]XX.X.XXX.XXX:1194
Thu Aug 24 13:21:12 2017 daemon.notice openvpn(lede)[7632]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Aug 24 13:21:12 2017 daemon.warn openvpn(lede)[7632]: WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Thu Aug 24 13:21:12 2017 daemon.notice openvpn(lede)[7632]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Aug 24 13:21:12 2017 daemon.notice openvpn(lede)[7632]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Aug 24 13:21:12 2017 daemon.warn openvpn(lede)[7632]: WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Thu Aug 24 13:21:12 2017 daemon.notice openvpn(lede)[7632]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Aug 24 13:21:12 2017 daemon.warn openvpn(lede)[7632]: WARNING: cipher with small block size in use, reducing reneg-bytes to 64MB to mitigate SWEET32 attacks.
Thu Aug 24 13:21:12 2017 daemon.warn openvpn(lede)[7632]: WARNING: Since you are using --dev tun with a point-to-point topology, the second argument to --ifconfig must be an IP address. You are using something (255.255.255.0) that looks more like a netmask. (silence this warning with --ifconfig-nowarn)
Thu Aug 24 13:21:12 2017 daemon.notice openvpn(lede)[7632]: TUN/TAP device tun0 opened
Thu Aug 24 13:21:12 2017 daemon.notice openvpn(lede)[7632]: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Thu Aug 24 13:21:12 2017 daemon.notice openvpn(lede)[7632]: /sbin/ifconfig tun0 10.8.0.6 pointopoint 255.255.255.0 mtu 1500
Thu Aug 24 13:21:12 2017 daemon.err openvpn(lede)[7632]: Linux ifconfig failed: external program exited with error status: 1Serwer (logi dotyczące tylko tego klienta)
Thu Aug 24 13:30:42 2017 XX.XXX.XXX.XX:62568 VERIFY OK: depth=0, C=pl, ST=mz, L=xxxxxxx, O=na, OU=na, CN=lede, name=server, emailAddress=xxxxxxx@gmail.com
Thu Aug 24 13:30:42 2017 XX.XXX.XXX.XX:62568 [lede] Peer Connection Initiated with [AF_INET]XX.XXX.XXX.XX:62568
Thu Aug 24 13:30:42 2017 MULTI: new connection by client 'lede' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Thu Aug 24 13:30:42 2017 OPTIONS IMPORT: reading client specific options from: /etc/openvpn/staticclients/lede
Thu Aug 24 13:30:42 2017 MULTI: Learn: 10.8.0.6 -> lede/XX.XXX.XXX.XX:62568
Thu Aug 24 13:30:42 2017 MULTI: primary virtual IP for lede/XX.XXX.XXX.XX:62568: 10.8.0.6
Thu Aug 24 13:30:43 2017 lede/XX.XXX.XXX.XX:62568 PUSH: Received control message: 'PUSH_REQUEST'
Thu Aug 24 13:30:43 2017 lede/XX.XXX.XXX.XX:62568 send_push_reply(): safe_cap=940
Thu Aug 24 13:30:43 2017 lede/XX.XXX.XXX.XX:62568 SENT CONTROL [lede]: 'PUSH_REPLY,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route 10.8.0.0 255.255.255.0,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 255.255.255.0' (status=1)Konfiguracja wygląda następująco:
Serwer
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
client-config-dir /etc/openvpn/staticclients
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
log-append openvpn.log
verb 3
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "route 10.8.0.0 255.255.255.0"Klient
config openvpn 'lede'
option nobind '1'
option client '1'
option comp_lzo 'yes'
option dev 'tun'
option proto 'udp'
option persist_tun '1'
option persist_key '1'
option verb '2'
list remote 'XX.X.XXX.XXX 1194'
option auth_nocache '1'
option key_direction '1'
option ca '/etc/easy-rsa/keys/ca.crt'
option cert '/etc/easy-rsa/keys/lede.crt'
option key '/etc/easy-rsa/keys/lede.key'Strony 1
eko.one.pl → Posty przez aro84
Forum oparte o PunBB, wspierane przez Informer Technologies, Inc