FAQ o OpenWrt | Sprzedam różne routery | Oddam

2020-01-09 22:29:46

sugnuf napisał/a:

2) Dla uproszczenia, w firewall'u dodaj sobie network wg0 do strefy lan,

Dzięki teraz zaczyna działać prawie tak jak chcę,

W jaki sposób mogę regulować u klientów dostęp lub brak dostepu do sieci lokalnych innych klientów lub serwera?

kofec napisał/a:

Po co w ogóle wireguard ? - Nie masz adresu zewnętrznego - bazując na powyższym opisie

nie rozumiem, mam publiczne IP tam gdzie serwer wireguard, działa, łączą się klienci tylko ma problem z ruchem między klientami

2020-01-08 14:45:55

serwer i klient na tym samym sprzęcie i wersji (OpenWrt 19.07-SNAPSHOT r10731-e68d589e7b)

serwer - Wan tvkablowa zew IP (192.168.1.0)
klient1 - router openwrt z LTE modem hilink (192.168.11.0)
klient2 - android
klient3 - WAN od kablówki (192.168.5.0)
Wireguard działa, klient połączony z serwerem.
Chciałbym mieć dostęp do wszystkich urządzeń w dowolnej sieci z dowolnego miejsca w sieci.

później dołączyłbym dodatkowych klientów (routery z openwrt)

jak mam routing ustawić?

/etc/config/network SERWERA:

 

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd2c:25b8:f5f1::/48'

config interface 'lan'
        option type 'bridge'
        option ifname 'eth0.1'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'
        option ip6assign '60'

config device 'lan_dev'
        option name 'eth0.1'
        option macaddr '20:28:18:a1:24:8a'

config interface 'wan'
        option ifname 'eth0.2'
        option proto 'dhcp'

config device 'wan_dev'
        option name 'eth0.2'
        option macaddr '20:28:18:a1:24:8b'

config interface 'wan6'
        option ifname 'eth0.2'
        option proto 'dhcpv6'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option ports '4 6t'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option ports '0 6t'

config interface 'wg0'
        option proto 'wireguard'
        option private_key 'ddddd'
        option listen_port '55055'
        list addresses '10.9.0.1/28'

config wireguard_wg0
        option public_key ddddd'
        option description 'telefon'
        option route_allowed_ips '1'
        option persistent_keepalive '25'
        list allowed_ips '10.9.0.2/32'

config wireguard_wg0
        option public_key 'ddddd'
        option description 'nexx'
        option route_allowed_ips '1'
        option persistent_keepalive '25'
        list allowed_ips '10.9.0.3/32'
        list allowed_ips '192.168.11.0/24'

klient z LTE hilink

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd1d:485c:b208::/48'

config interface 'lan'
        option type 'bridge'
        option ifname 'eth0.1'
        option proto 'static'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option ipaddr '192.168.11.1'

config device 'lan_dev'
        option name 'eth0.1'
        option macaddr '20:28:18:a1:1f:6a'

config device 'wan_dev'
        option name 'eth0.2'
        option macaddr '20:28:18:a1:1f:6b'

config interface 'wan6'
        option ifname 'eth0.2'
        option proto 'dhcpv6'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option ports '4 6t'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option ports '0 6t'

config interface 'wan'
        option proto 'dhcp'
        option ifname 'eth1'

config interface 'wg0'
        option proto 'wireguard'
        option private_key 'dddddddd'
        option delegate '0'
        list addresses '10.9.0.3/24'

config wireguard_wg0
        option public_key 'ddddddd'
        option route_allowed_ips '1'
        option endpoint_host 'adres ip serwera'
        option endpoint_port '55055'
        option persistent_keepalive '25'
        option description 'openwrt'
        list allowed_ips '192.168.0.0/16'
        list allowed_ips '10.9.0.1/32'

2019-04-30 18:24:17

Sieć składa się z serwera openvpn na tomato kilku klientów również na tomato i ten jeden na openwrt (modem qmi LTE) t-mobile z zewn IP z którym mam problem.
serwer na TOMATO

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
89.42.239.1     *               255.255.255.255 UH    0      0        0 vlan2
10.6.0.2        *               255.255.255.255 UH    0      0        0 tun21
192.168.4.0     10.6.0.2        255.255.255.0   UG    0      0        0 tun21
192.168.3.0     10.6.0.2        255.255.255.0   UG    0      0        0 tun21
10.6.0.0        10.6.0.2        255.255.255.0   UG    0      0        0 tun21
192.168.2.0     10.6.0.2        255.255.255.0   UG    0      0        0 tun21
89.42.239.0     *               255.255.255.0   U     0      0        0 vlan2
192.168.1.0     10.6.0.2        255.255.255.0   UG    0      0        0 tun21
192.168.0.0     10.6.0.2        255.255.255.0   UG    0      0        0 tun21
192.168.30.0    10.6.0.2        255.255.255.0   UG    0      0        0 tun21
192.168.10.0    *               255.255.255.0   U     0      0        0 br0
127.0.0.0       *               255.0.0.0       U     0      0        0 lo
default         89.42.239.1.tvk 0.0.0.0         UG    0      0        0 vlan2

klient Openwrt D-LINK DWR-921

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         83.220.117.93.u 0.0.0.0         UG    0      0        0 wwan0
10.6.0.0        10.6.0.17       255.255.255.0   UG    0      0        0 tun0
10.6.0.17       *               255.255.255.255 UH    0      0        0 tun0
83.220.117.88   *               255.255.255.248 U     0      0        0 wwan0
192.168.0.0     10.6.0.17       255.255.255.0   UG    0      0        0 tun0
192.168.1.0     10.6.0.17       255.255.255.0   UG    0      0        0 tun0
192.168.2.0     10.6.0.17       255.255.255.0   UG    0      0        0 tun0
192.168.3.0     10.6.0.17       255.255.255.0   UG    0      0        0 tun0
192.168.4.0     *               255.255.255.0   U     0      0        0 br-lan
192.168.10.0    10.6.0.17       255.255.255.0   UG    0      0        0 tun0
192.168.30.0    10.6.0.17       255.255.255.0   UG    0      0        0 tun0

klient nie pinguje serwera i pozostałych routerów w sieci openvpn
Gdzie jest błąd?

2017-11-30 07:49:26

Chyba znalazłem przyczynę.
Problem występował z kartą od a2mobile, sprawdziłem z kartą od ORANGE i działa jak powinno. Nie mam innych operatorów kart więc nie wiem jak z pozostałymi.
Zrobiłem jak Cezary napisał, MONITOR POŁĄCZENIA i gargoyle sam restartuje sprzęt.

2017-11-28 23:57:06

Instalowałem LEDE, jest identyczny problem. Wolałbym GARGOYLE bo na nim nie ma problemu z USSD kodami. Pod LEDE coś mi to nie działa.

W wersji HILINK USSD działa?

2017-11-28 23:24:34

wersja
1.10.0.1

monitor jakieś to jest rozwiązanie, ale co jest przyczyną? zmienić FW w modemie? Jeżeli tak to na jakie?

2017-11-28 22:42:52

Mam problem z łączeniem się modemu czy routera po resecie urządzania czyli po odłączeniu od zasilania.
Po podłączeniu do zasilania, router uruchamia się z wpiętym pod USB modemem i poprawnie uzupełnionym APN itd modem nie łączy się z internetem.
ALE
po restarcie routera poprzez WEBGUI po uruchomieniu się modemu wszystko działa jak należy, modem łączy się z internetem.

taki mam log po podłączaniu zasilania:

Tue Nov 28 21:51:47 2017 kern.debug kernel: [   23.990000] option1 ttyUSB0: no of_node; not parsing pinctrl DT
Tue Nov 28 21:51:47 2017 kern.info kernel: [   23.990000] usb 1-1: GSM modem (1-port) converter now attached to ttyUSB0
Tue Nov 28 21:51:47 2017 kern.debug kernel: [   24.010000] option 1-1:1.1: no of_node; not parsing pinctrl DT
Tue Nov 28 21:51:47 2017 kern.info kernel: [   24.010000] option 1-1:1.1: GSM modem (1-port) converter detected
Tue Nov 28 21:51:47 2017 kern.debug kernel: [   24.020000] option1 ttyUSB1: no of_node; not parsing pinctrl DT
Tue Nov 28 21:51:47 2017 kern.info kernel: [   24.020000] usb 1-1: GSM modem (1-port) converter now attached to ttyUSB1
Tue Nov 28 21:51:47 2017 kern.debug kernel: [   24.140000] huawei_cdc_ncm 1-1:1.2: no of_node; not parsing pinctrl DT
Tue Nov 28 21:51:47 2017 kern.info kernel: [   24.190000] huawei_cdc_ncm 1-1:1.2: MAC-Address: 00:1e:10:1f:00:00
Tue Nov 28 21:51:47 2017 kern.info kernel: [   24.200000] huawei_cdc_ncm 1-1:1.2: setting rx_max = 16384
Tue Nov 28 21:51:47 2017 kern.info kernel: [   24.250000] huawei_cdc_ncm 1-1:1.2: NDP will be placed at end of frame for this device.
Tue Nov 28 21:51:47 2017 kern.info kernel: [   24.270000] huawei_cdc_ncm 1-1:1.2: cdc-wdm0: USB WDM device
Tue Nov 28 21:51:47 2017 kern.info kernel: [   24.280000] huawei_cdc_ncm 1-1:1.2 wwan0: register 'huawei_cdc_ncm' at usb-101c0000.ehci-1, Huawei CDC NCM device, 00:1e:10:1f:00:00
Tue Nov 28 21:51:47 2017 kern.debug kernel: [   24.340000] usb-storage 1-1:1.3: no of_node; not parsing pinctrl DT
Tue Nov 28 21:51:47 2017 kern.info kernel: [   24.340000] usb-storage 1-1:1.3: USB Mass Storage device detected
Tue Nov 28 21:51:47 2017 kern.info kernel: [   24.350000] scsi host1: usb-storage 1-1:1.3
Tue Nov 28 21:51:47 2017 kern.debug kernel: [   24.370000] usb-storage 1-1:1.4: no of_node; not parsing pinctrl DT
Tue Nov 28 21:51:47 2017 kern.info kernel: [   24.370000] usb-storage 1-1:1.4: USB Mass Storage device detected
Tue Nov 28 21:51:47 2017 kern.info kernel: [   24.380000] scsi host2: usb-storage 1-1:1.4
Tue Nov 28 21:51:47 2017 kern.notice kernel: [   25.660000] scsi 1:0:0:0: CD-ROM            HUAWEI   Mass Storage     2.31 PQ: 0 ANSI: 2
Tue Nov 28 21:51:47 2017 kern.debug kernel: [   25.680000] sd 1:0:0:0: no of_node; not parsing pinctrl DT
Tue Nov 28 21:51:47 2017 kern.notice kernel: [   25.680000] scsi 2:0:0:0: Direct-Access     HUAWEI   TF CARD Storage  2.31 PQ: 0 ANSI: 2
Tue Nov 28 21:51:47 2017 kern.debug kernel: [   25.700000] sd 2:0:0:0: no of_node; not parsing pinctrl DT
Tue Nov 28 21:51:47 2017 kern.notice kernel: [   25.700000] sd 2:0:0:0: [sda] Attached SCSI removable disk
Tue Nov 28 21:51:51 2017 user.emerg syslog: this file has been obseleted. please call "/sbin/block mount" directly
Tue Nov 28 21:51:53 2017 daemon.err block: /dev/mtdblock6 is already mounted
Tue Nov 28 21:51:56 2017 authpriv.info dropbear[1629]: Not backgrounding
Tue Nov 28 21:51:57 2017 kern.info kernel: [   36.590000] 8021q: adding VLAN 0 to HW filter on device eth0
Tue Nov 28 21:51:57 2017 kern.info kernel: [   36.600000] device eth0.1 entered promiscuous mode
Tue Nov 28 21:51:57 2017 kern.info kernel: [   36.610000] device eth0 entered promiscuous mode
Tue Nov 28 21:51:57 2017 kern.info kernel: [   36.670000] br-lan: port 1(eth0.1) entered forwarding state
Tue Nov 28 21:51:57 2017 kern.info kernel: [   36.680000] br-lan: port 1(eth0.1) entered forwarding state
Tue Nov 28 21:51:57 2017 daemon.notice netifd: Interface 'lan' is enabled
Tue Nov 28 21:51:57 2017 daemon.notice netifd: Interface 'lan' is setting up now
Tue Nov 28 21:51:57 2017 daemon.notice netifd: Interface 'lan' is now up
Tue Nov 28 21:51:57 2017 daemon.notice netifd: Interface 'loopback' is enabled
Tue Nov 28 21:51:57 2017 daemon.notice netifd: Interface 'loopback' is setting up now
Tue Nov 28 21:51:57 2017 daemon.notice netifd: Interface 'loopback' is now up
Tue Nov 28 21:51:57 2017 daemon.notice netifd: Interface 'wan' is setting up now
Tue Nov 28 21:51:57 2017 daemon.notice netifd: Interface 'wan6' is enabled
Tue Nov 28 21:51:57 2017 daemon.notice netifd: Bridge 'br-lan' link is up
Tue Nov 28 21:51:57 2017 daemon.notice netifd: Interface 'lan' has link connectivity 
Tue Nov 28 21:51:57 2017 daemon.notice netifd: Network device 'eth0' link is up
Tue Nov 28 21:51:57 2017 daemon.notice netifd: VLAN 'eth0.1' link is up
Tue Nov 28 21:51:57 2017 daemon.notice netifd: Network device 'lo' link is up
Tue Nov 28 21:51:57 2017 daemon.notice netifd: Interface 'loopback' has link connectivity 
Tue Nov 28 21:51:57 2017 daemon.notice netifd: VLAN 'eth0.2' link is up
Tue Nov 28 21:51:57 2017 daemon.notice netifd: Interface 'wan6' has link connectivity 
Tue Nov 28 21:51:57 2017 daemon.notice netifd: Interface 'wan6' is setting up now
Tue Nov 28 21:51:57 2017 daemon.notice netifd: Interface 'wan6' is now up
Tue Nov 28 21:51:59 2017 user.err syslog: error starting threads: errno 89 (Function not implemented)
Tue Nov 28 21:51:59 2017 user.notice firewall: Reloading firewall due to ifup of lan (br-lan)
Tue Nov 28 21:51:59 2017 user.emerg syslog: exportfs: could not open /var/lib/nfs/.etab.lock for locking: errno 2 (No such file or directory)
Tue Nov 28 21:51:59 2017 user.emerg syslog: exportfs: can't lock /var/lib/nfs/etab for writing
Tue Nov 28 21:51:59 2017 user.emerg syslog: exportfs: could not open /var/lib/nfs/.xtab.lock for locking: errno 2 (No such file or directory)
Tue Nov 28 21:51:59 2017 user.emerg syslog: exportfs: can't lock /var/lib/nfs/xtab for writing
Tue Nov 28 21:51:59 2017 user.emerg syslog: Command failed: Not found
Tue Nov 28 21:51:59 2017 kern.info kernel: [   38.680000] br-lan: port 1(eth0.1) entered forwarding state
Tue Nov 28 21:52:00 2017 daemon.notice netifd: radio0 (1687): command failed: Operation not supported (-122)
Tue Nov 28 21:52:02 2017 daemon.notice netifd: wan (1685): sending -> AT
Tue Nov 28 21:52:04 2017 daemon.notice netifd: wan (1685): sending -> ATZ
Tue Nov 28 21:52:04 2017 daemon.notice netifd: radio0 (1687): Configuration file: /var/run/hostapd-phy0.conf
Tue Nov 28 21:52:05 2017 daemon.notice netifd: wan (1685): sending -> ATQ0
Tue Nov 28 21:52:05 2017 kern.info kernel: [   44.450000] device wlan0 entered promiscuous mode
Tue Nov 28 21:52:05 2017 kern.info kernel: [   44.460000] br-lan: port 2(wlan0) entered forwarding state
Tue Nov 28 21:52:05 2017 kern.info kernel: [   44.470000] br-lan: port 2(wlan0) entered forwarding state
Tue Nov 28 21:52:05 2017 daemon.notice netifd: radio0 (1687): wlan0: interface state UNINITIALIZED->COUNTRY_UPDATE
Tue Nov 28 21:52:05 2017 daemon.notice netifd: radio0 (1687): Using interface wlan0 with hwaddr 20:28:18:a2:58:06 and ssid "Gargoyle"
Tue Nov 28 21:52:06 2017 kern.info kernel: [   45.070000] br-lan: port 2(wlan0) entered disabled state
Tue Nov 28 21:52:06 2017 user.emerg syslog: ERROR: No valid dynamic DNS service configurations defined
Tue Nov 28 21:52:06 2017 user.emerg syslog: (Did you specify correct configuration file path?)
Tue Nov 28 21:52:06 2017 daemon.notice netifd: wan (1685): sending -> ATV1
Tue Nov 28 21:52:06 2017 kern.info kernel: [   45.560000] br-lan: port 2(wlan0) entered forwarding state
Tue Nov 28 21:52:06 2017 kern.info kernel: [   45.570000] br-lan: port 2(wlan0) entered forwarding state
Tue Nov 28 21:52:06 2017 daemon.notice netifd: radio0 (1687): wlan0: interface state COUNTRY_UPDATE->ENABLED
Tue Nov 28 21:52:06 2017 daemon.notice netifd: radio0 (1687): wlan0: AP-ENABLED 
Tue Nov 28 21:52:06 2017 daemon.notice netifd: wan (1685): sending -> ATE1
Tue Nov 28 21:52:07 2017 daemon.notice netifd: Network device 'wlan0' link is up
Tue Nov 28 21:52:07 2017 daemon.notice netifd: wan (1685): sending -> ATS0=0
Tue Nov 28 21:52:08 2017 daemon.notice netifd: wan (1685): sending -> AT^NDISDUP=1,1,"a2mobile.pl"
Tue Nov 28 21:52:08 2017 kern.info kernel: [   47.570000] br-lan: port 2(wlan0) entered forwarding state
Tue Nov 28 21:52:08 2017 daemon.notice netifd: wan (1685): Connected, starting DHCP
Tue Nov 28 21:52:09 2017 kern.err kernel: [   48.110000] huawei_cdc_ncm 1-1:1.2 wwan0: kevent 12 may have been dropped
Tue Nov 28 21:52:09 2017 daemon.notice netifd: Interface 'wan' is now up
Tue Nov 28 21:52:09 2017 daemon.notice netifd: Network device 'wwan0' link is up
Tue Nov 28 21:52:09 2017 daemon.notice netifd: Network alias 'wwan0' link is up
Tue Nov 28 21:52:09 2017 daemon.notice netifd: Interface 'wan_4' is enabled
Tue Nov 28 21:52:09 2017 daemon.notice netifd: Interface 'wan_4' has link connectivity 
Tue Nov 28 21:52:09 2017 daemon.notice netifd: Interface 'wan_4' is setting up now
Tue Nov 28 21:52:09 2017 daemon.notice netifd: wan (1685): Command failed: Unknown error
Tue Nov 28 21:52:09 2017 daemon.notice netifd: Interface 'wan_6' is enabled
Tue Nov 28 21:52:09 2017 daemon.notice netifd: Interface 'wan_6' has link connectivity 
Tue Nov 28 21:52:09 2017 daemon.notice netifd: Interface 'wan_6' is setting up now
Tue Nov 28 21:52:09 2017 daemon.notice netifd: Interface 'wan_6' is now up
Tue Nov 28 21:52:09 2017 daemon.notice netifd: wan (1685): Command failed: Unknown error
Tue Nov 28 21:52:09 2017 daemon.notice netifd: wan_4 (2489): udhcpc (v1.23.2) started
Tue Nov 28 21:52:09 2017 daemon.notice netifd: wan_4 (2489): Sending discover...
Tue Nov 28 21:52:10 2017 daemon.err block: Unkown action change
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: started, version 2.78 cachesize 150
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: DNS service limited to local subnets
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: compile time options: no-IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP no-DHCPv6 no-Lua TFTP no-conntrack no-ipset no-auth no-

DNSSEC no-ID loop-detect inotify
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq-dhcp[2528]: DHCP, IP range 192.168.5.100 -- 192.168.5.249, lease time 12h
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.142.171.235#53 for domain micro 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.211.32.162#53 for domain micro 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 66.244.95.20#53 for domain micro 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.142.171.235#53 for domain oss 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.211.32.162#53 for domain oss 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 66.244.95.20#53 for domain oss 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.142.171.235#53 for domain null 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.211.32.162#53 for domain null 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 66.244.95.20#53 for domain null 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.142.171.235#53 for domain ing 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.211.32.162#53 for domain ing 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 66.244.95.20#53 for domain ing 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.142.171.235#53 for domain indy 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.211.32.162#53 for domain indy 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 66.244.95.20#53 for domain indy 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.142.171.235#53 for domain gopher 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.211.32.162#53 for domain gopher 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 66.244.95.20#53 for domain gopher 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.142.171.235#53 for domain geek 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.211.32.162#53 for domain geek 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 66.244.95.20#53 for domain geek 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.142.171.235#53 for domain fur 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.211.32.162#53 for domain fur 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 66.244.95.20#53 for domain fur 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.142.171.235#53 for domain free 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.211.32.162#53 for domain free 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 66.244.95.20#53 for domain free 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.142.171.235#53 for domain bbs 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.211.32.162#53 for domain bbs 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 66.244.95.20#53 for domain bbs 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using 12 more nameservers
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: reading /tmp/resolv.conf.auto
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.142.171.235#53 for domain micro 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.211.32.162#53 for domain micro 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 66.244.95.20#53 for domain micro 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.142.171.235#53 for domain oss 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.211.32.162#53 for domain oss 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 66.244.95.20#53 for domain oss 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.142.171.235#53 for domain null 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.211.32.162#53 for domain null 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 66.244.95.20#53 for domain null 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.142.171.235#53 for domain ing 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.211.32.162#53 for domain ing 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 66.244.95.20#53 for domain ing 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.142.171.235#53 for domain indy 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.211.32.162#53 for domain indy 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 66.244.95.20#53 for domain indy 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.142.171.235#53 for domain gopher 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.211.32.162#53 for domain gopher 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 66.244.95.20#53 for domain gopher 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.142.171.235#53 for domain geek 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.211.32.162#53 for domain geek 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 66.244.95.20#53 for domain geek 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.142.171.235#53 for domain fur 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.211.32.162#53 for domain fur 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 66.244.95.20#53 for domain fur 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.142.171.235#53 for domain free 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.211.32.162#53 for domain free 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 66.244.95.20#53 for domain free 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.142.171.235#53 for domain bbs 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 95.211.32.162#53 for domain bbs 
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using nameserver 66.244.95.20#53 for domain bbs 
Tue Nov 28 21:52:11 2017 daemon.warn dnsmasq[2528]: ignoring nameserver 192.168.5.1 - local interface
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: using 12 more nameservers
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: read /etc/hosts - 2 addresses
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq[2528]: read /tmp/hosts/dhcp - 1 addresses
Tue Nov 28 21:52:11 2017 daemon.info dnsmasq-dhcp[2528]: read /etc/ethers - 0 addresses
Tue Nov 28 21:52:12 2017 daemon.notice netifd: wan_4 (2489): Sending discover...
Tue Nov 28 21:52:13 2017 daemon.err block: Unkown action change
Tue Nov 28 21:52:15 2017 daemon.notice netifd: wan_4 (2489): Sending discover...
Tue Nov 28 21:52:25 2017 kern.notice kernel: [   64.670000] random: nonblocking pool is initialized
Tue Nov 28 21:52:32 2017 user.notice root: vsftpd init: mounted = 0
Tue Nov 28 21:52:32 2017 user.emerg syslog: ERROR: No drives attached, no directories to share!
Tue Nov 28 21:52:32 2017 user.emerg syslog: setting up led power
Tue Nov 28 21:52:32 2017 daemon.info procd: - init complete -
Tue Nov 28 21:52:43 2017 user.notice firewall: Reloading firewall due to ifup of wan6 (eth0.2)
Tue Nov 28 21:52:44 2017 user.notice firewall: Reloading firewall due to ifup of wan (wwan0)
Tue Nov 28 21:52:49 2017 kern.warn kernel: [   88.440000] ipt_bandwidth: timezone shift of 60 minutes detected, adjusting
Tue Nov 28 21:52:49 2017 kern.warn kernel: [   88.460000]                old minutes west=0, new minutes west=-60
Tue Nov 28 21:52:49 2017 daemon.info hostapd: wlan0: STA 00:1d:0f:b6:a1:02 IEEE 802.11: authenticated
Tue Nov 28 21:52:49 2017 daemon.info hostapd: wlan0: STA 00:1d:0f:b6:a1:02 IEEE 802.11: associated (aid 1)
Tue Nov 28 21:52:49 2017 daemon.info hostapd: wlan0: STA 00:1d:0f:b6:a1:02 WPA: pairwise key handshake completed (WPA)
Tue Nov 28 21:52:50 2017 daemon.info hostapd: wlan0: STA 00:1d:0f:b6:a1:02 WPA: group key handshake completed (WPA)
Tue Nov 28 21:52:50 2017 daemon.info dnsmasq-dhcp[2528]: DHCPREQUEST(br-lan) 192.168.5.157 00:1d:0f:b6:a1:02 
Tue Nov 28 21:52:50 2017 daemon.info dnsmasq-dhcp[2528]: DHCPACK(br-lan) 192.168.5.157 00:1d:0f:b6:a1:02 vvv-Komputer
Tue Nov 28 21:52:53 2017 daemon.info dnsmasq-dhcp[2528]: DHCPINFORM(br-lan) 192.168.5.157 00:1d:0f:b6:a1:02 
Tue Nov 28 21:52:53 2017 daemon.info dnsmasq-dhcp[2528]: DHCPACK(br-lan) 192.168.5.157 00:1d:0f:b6:a1:02 vvv-Komputer
Success

taki log jest po restarcie urządzania poprzez WEBGUI

Tue Nov 28 21:54:32 2017 kern.info kernel: [   22.230000] usbcore: registered new interface driver sierra
Tue Nov 28 21:54:32 2017 kern.info kernel: [   22.240000] usbserial: USB Serial support registered for Sierra USB modem
Tue Nov 28 21:54:32 2017 kern.info kernel: [   22.260000] usbcore: registered new interface driver sierra_net
Tue Nov 28 21:54:32 2017 kern.info kernel: [   22.310000] usbcore: registered new interface driver cdc_mbim
Tue Nov 28 21:54:32 2017 kern.info kernel: [   22.320000] usbcore: registered new interface driver option
Tue Nov 28 21:54:32 2017 kern.info kernel: [   22.340000] usbserial: USB Serial support registered for GSM modem (1-port)
Tue Nov 28 21:54:32 2017 kern.debug kernel: [   22.350000] option 1-1:1.0: no of_node; not parsing pinctrl DT
Tue Nov 28 21:54:32 2017 kern.info kernel: [   22.350000] option 1-1:1.0: GSM modem (1-port) converter detected
Tue Nov 28 21:54:32 2017 kern.debug kernel: [   22.360000] option1 ttyUSB0: no of_node; not parsing pinctrl DT
Tue Nov 28 21:54:32 2017 kern.info kernel: [   22.360000] usb 1-1: GSM modem (1-port) converter now attached to ttyUSB0
Tue Nov 28 21:54:32 2017 kern.debug kernel: [   22.380000] option 1-1:1.1: no of_node; not parsing pinctrl DT
Tue Nov 28 21:54:32 2017 kern.info kernel: [   22.380000] option 1-1:1.1: GSM modem (1-port) converter detected
Tue Nov 28 21:54:32 2017 kern.debug kernel: [   22.390000] option1 ttyUSB1: no of_node; not parsing pinctrl DT
Tue Nov 28 21:54:32 2017 kern.info kernel: [   22.390000] usb 1-1: GSM modem (1-port) converter now attached to ttyUSB1
Tue Nov 28 21:54:32 2017 kern.info kernel: [   22.430000] usbcore: registered new interface driver qcserial
Tue Nov 28 21:54:32 2017 kern.info kernel: [   22.440000] usbserial: USB Serial support registered for Qualcomm USB modem
Tue Nov 28 21:54:32 2017 kern.info kernel: [   22.680000] ieee80211 phy0: rt2x00_set_rt: Info - RT chipset 5390, rev 0500 detected
Tue Nov 28 21:54:32 2017 kern.info kernel: [   22.690000] ieee80211 phy0: rt2x00_set_rf: Info - RF chipset 7620 detected
Tue Nov 28 21:54:32 2017 kern.debug kernel: [   22.710000] ieee80211 phy0: Selected rate control algorithm 'minstrel_ht'
Tue Nov 28 21:54:36 2017 user.emerg syslog: this file has been obseleted. please call "/sbin/block mount" directly
Tue Nov 28 21:54:38 2017 daemon.err block: /dev/mtdblock6 is already mounted
Tue Nov 28 21:54:39 2017 authpriv.info dropbear[1583]: Not backgrounding
Tue Nov 28 21:54:41 2017 kern.info kernel: [   35.190000] 8021q: adding VLAN 0 to HW filter on device eth0
Tue Nov 28 21:54:41 2017 kern.info kernel: [   35.240000] device eth0.1 entered promiscuous mode
Tue Nov 28 21:54:41 2017 kern.info kernel: [   35.250000] device eth0 entered promiscuous mode
Tue Nov 28 21:54:41 2017 kern.info kernel: [   35.400000] br-lan: port 1(eth0.1) entered forwarding state
Tue Nov 28 21:54:41 2017 kern.info kernel: [   35.410000] br-lan: port 1(eth0.1) entered forwarding state
Tue Nov 28 21:54:41 2017 daemon.notice netifd: Interface 'lan' is enabled
Tue Nov 28 21:54:41 2017 daemon.notice netifd: Interface 'lan' is setting up now
Tue Nov 28 21:54:41 2017 daemon.notice netifd: Interface 'lan' is now up
Tue Nov 28 21:54:41 2017 daemon.notice netifd: Interface 'loopback' is enabled
Tue Nov 28 21:54:41 2017 daemon.notice netifd: Interface 'loopback' is setting up now
Tue Nov 28 21:54:41 2017 daemon.notice netifd: Interface 'loopback' is now up
Tue Nov 28 21:54:41 2017 daemon.notice netifd: Interface 'wan' is setting up now
Tue Nov 28 21:54:41 2017 daemon.notice netifd: Interface 'wan6' is enabled
Tue Nov 28 21:54:41 2017 daemon.notice netifd: Bridge 'br-lan' link is up
Tue Nov 28 21:54:41 2017 daemon.notice netifd: Interface 'lan' has link connectivity 
Tue Nov 28 21:54:41 2017 daemon.notice netifd: Network device 'eth0' link is up
Tue Nov 28 21:54:41 2017 daemon.notice netifd: VLAN 'eth0.1' link is up
Tue Nov 28 21:54:41 2017 daemon.notice netifd: Network device 'lo' link is up
Tue Nov 28 21:54:41 2017 daemon.notice netifd: Interface 'loopback' has link connectivity 
Tue Nov 28 21:54:41 2017 daemon.notice netifd: VLAN 'eth0.2' link is up
Tue Nov 28 21:54:41 2017 daemon.notice netifd: Interface 'wan6' has link connectivity 
Tue Nov 28 21:54:41 2017 daemon.notice netifd: Interface 'wan6' is setting up now
Tue Nov 28 21:54:41 2017 daemon.notice netifd: Interface 'wan6' is now up
Tue Nov 28 21:54:42 2017 user.notice firewall: Reloading firewall due to ifup of lan (br-lan)
Tue Nov 28 21:54:43 2017 kern.info kernel: [   37.410000] br-lan: port 1(eth0.1) entered forwarding state
Tue Nov 28 21:54:44 2017 daemon.notice netifd: radio0 (1637): command failed: Operation not supported (-122)
Tue Nov 28 21:54:45 2017 daemon.notice netifd: wan (1635): sending -> AT
Tue Nov 28 21:54:46 2017 daemon.notice netifd: wan (1635): sending -> ATZ
Tue Nov 28 21:54:47 2017 daemon.notice netifd: radio0 (1637): Configuration file: /var/run/hostapd-phy0.conf
Tue Nov 28 21:54:47 2017 kern.info kernel: [   41.500000] device wlan0 entered promiscuous mode
Tue Nov 28 21:54:47 2017 kern.info kernel: [   41.510000] br-lan: port 2(wlan0) entered forwarding state
Tue Nov 28 21:54:47 2017 kern.info kernel: [   41.520000] br-lan: port 2(wlan0) entered forwarding state
Tue Nov 28 21:54:47 2017 daemon.notice netifd: radio0 (1637): wlan0: interface state UNINITIALIZED->COUNTRY_UPDATE
Tue Nov 28 21:54:47 2017 daemon.notice netifd: radio0 (1637): Using interface wlan0 with hwaddr 20:28:18:a2:58:06 and ssid "Gargoyle"
Tue Nov 28 21:54:47 2017 kern.info kernel: [   41.650000] br-lan: port 2(wlan0) entered disabled state
Tue Nov 28 21:54:47 2017 daemon.notice netifd: wan (1635): sending -> ATQ0
Tue Nov 28 21:54:48 2017 daemon.notice netifd: wan (1635): sending -> ATV1
Tue Nov 28 21:54:48 2017 daemon.notice netifd: radio0 (1637): wlan0: interface state COUNTRY_UPDATE->ENABLED
Tue Nov 28 21:54:48 2017 daemon.notice netifd: radio0 (1637): wlan0: AP-ENABLED 
Tue Nov 28 21:54:48 2017 daemon.notice netifd: Network device 'wlan0' link is up
Tue Nov 28 21:54:48 2017 kern.info kernel: [   42.930000] br-lan: port 2(wlan0) entered forwarding state
Tue Nov 28 21:54:48 2017 kern.info kernel: [   42.940000] br-lan: port 2(wlan0) entered forwarding state
Tue Nov 28 21:54:49 2017 daemon.notice netifd: wan (1635): sending -> ATE1
Tue Nov 28 21:54:49 2017 daemon.notice netifd: wan (1635): sending -> ATS0=0
Tue Nov 28 21:54:49 2017 user.err syslog: error starting threads: errno 89 (Function not implemented)
Tue Nov 28 21:54:49 2017 user.emerg syslog: exportfs: could not open /var/lib/nfs/.etab.lock for locking: errno 2 (No such file or directory)
Tue Nov 28 21:54:49 2017 user.emerg syslog: exportfs: can't lock /var/lib/nfs/etab for writing
Tue Nov 28 21:54:49 2017 user.emerg syslog: exportfs: could not open /var/lib/nfs/.xtab.lock for locking: errno 2 (No such file or directory)
Tue Nov 28 21:54:49 2017 user.emerg syslog: exportfs: can't lock /var/lib/nfs/xtab for writing
Tue Nov 28 21:54:49 2017 user.emerg syslog: Command failed: Not found
Tue Nov 28 21:54:50 2017 daemon.notice netifd: wan (1635): sending -> AT^NDISDUP=1,1,"a2mobile.pl"
Tue Nov 28 21:54:50 2017 kern.info kernel: [   44.940000] br-lan: port 2(wlan0) entered forwarding state
Tue Nov 28 21:54:51 2017 user.emerg syslog: ERROR: No valid dynamic DNS service configurations defined
Tue Nov 28 21:54:51 2017 user.emerg syslog: (Did you specify correct configuration file path?)
Tue Nov 28 21:54:51 2017 daemon.notice netifd: wan (1635): Connected, starting DHCP
Tue Nov 28 21:54:51 2017 kern.err kernel: [   45.530000] huawei_cdc_ncm 1-1:1.2 wwan0: kevent 12 may have been dropped
Tue Nov 28 21:54:51 2017 daemon.notice netifd: Interface 'wan' is now up
Tue Nov 28 21:54:51 2017 daemon.notice netifd: Network device 'wwan0' link is up
Tue Nov 28 21:54:51 2017 daemon.notice netifd: Network alias 'wwan0' link is up
Tue Nov 28 21:54:51 2017 daemon.notice netifd: Interface 'wan_4' is enabled
Tue Nov 28 21:54:51 2017 daemon.notice netifd: Interface 'wan_4' has link connectivity 
Tue Nov 28 21:54:51 2017 daemon.notice netifd: Interface 'wan_4' is setting up now
Tue Nov 28 21:54:51 2017 daemon.notice netifd: wan (1635): Command failed: Unknown error
Tue Nov 28 21:54:51 2017 daemon.notice netifd: Interface 'wan_6' is enabled
Tue Nov 28 21:54:51 2017 daemon.notice netifd: Interface 'wan_6' has link connectivity 
Tue Nov 28 21:54:51 2017 daemon.notice netifd: Interface 'wan_6' is setting up now
Tue Nov 28 21:54:51 2017 daemon.notice netifd: Interface 'wan_6' is now up
Tue Nov 28 21:54:51 2017 daemon.notice netifd: wan (1635): Command failed: Unknown error
Tue Nov 28 21:54:51 2017 daemon.notice netifd: wan_4 (2095): udhcpc (v1.23.2) started
Tue Nov 28 21:54:51 2017 daemon.notice netifd: wan_4 (2095): Sending discover...
Tue Nov 28 21:54:51 2017 daemon.notice netifd: wan_4 (2095): Sending select for 100.112.201.236...
Tue Nov 28 21:54:51 2017 daemon.notice netifd: wan_4 (2095): Lease of 100.112.201.236 obtained, lease time 518400
Tue Nov 28 21:54:51 2017 daemon.notice netifd: Interface 'wan_4' is now up
Tue Nov 28 21:54:51 2017 daemon.notice netifd: wan_4 (2095): /sbin/uci: Invalid argument
Tue Nov 28 21:54:51 2017 daemon.notice netifd: wan_4 (2095): /sbin/uci: Invalid argument
Tue Nov 28 21:54:51 2017 daemon.notice netifd: wan_4 (2095): /sbin/uci: Invalid argument
Tue Nov 28 21:54:51 2017 daemon.notice netifd: wan_4 (2095): /sbin/uci: Invalid argument
Tue Nov 28 21:54:51 2017 daemon.notice netifd: wan_4 (2095): /sbin/uci: Invalid argument
Tue Nov 28 21:54:51 2017 daemon.notice netifd: wan_4 (2095): /sbin/uci: Invalid argument
Tue Nov 28 21:54:51 2017 daemon.notice netifd: wan_4 (2095): /sbin/uci: Invalid argument
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: started, version 2.78 cachesize 150
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: DNS service limited to local subnets
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: compile time options: no-IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP no-DHCPv6 no-Lua TFTP no-conntrack no-ipset no-auth no-DNSSEC no-ID loop-detect inotify
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq-dhcp[2139]: DHCP, IP range 192.168.5.100 -- 192.168.5.249, lease time 12h
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.142.171.235#53 for domain micro 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.211.32.162#53 for domain micro 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 66.244.95.20#53 for domain micro 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.142.171.235#53 for domain oss 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.211.32.162#53 for domain oss 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 66.244.95.20#53 for domain oss 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.142.171.235#53 for domain null 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.211.32.162#53 for domain null 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 66.244.95.20#53 for domain null 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.142.171.235#53 for domain ing 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.211.32.162#53 for domain ing 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 66.244.95.20#53 for domain ing 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.142.171.235#53 for domain indy 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.211.32.162#53 for domain indy 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 66.244.95.20#53 for domain indy 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.142.171.235#53 for domain gopher 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.211.32.162#53 for domain gopher 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 66.244.95.20#53 for domain gopher 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.142.171.235#53 for domain geek 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.211.32.162#53 for domain geek 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 66.244.95.20#53 for domain geek 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.142.171.235#53 for domain fur 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.211.32.162#53 for domain fur 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 66.244.95.20#53 for domain fur 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.142.171.235#53 for domain free 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.211.32.162#53 for domain free 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 66.244.95.20#53 for domain free 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.142.171.235#53 for domain bbs 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.211.32.162#53 for domain bbs 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 66.244.95.20#53 for domain bbs 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using 12 more nameservers
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: reading /tmp/resolv.conf.auto
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.142.171.235#53 for domain micro 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.211.32.162#53 for domain micro 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 66.244.95.20#53 for domain micro 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.142.171.235#53 for domain oss 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.211.32.162#53 for domain oss 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 66.244.95.20#53 for domain oss 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.142.171.235#53 for domain null 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.211.32.162#53 for domain null 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 66.244.95.20#53 for domain null 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.142.171.235#53 for domain ing 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.211.32.162#53 for domain ing 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 66.244.95.20#53 for domain ing 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.142.171.235#53 for domain indy 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.211.32.162#53 for domain indy 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 66.244.95.20#53 for domain indy 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.142.171.235#53 for domain gopher 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.211.32.162#53 for domain gopher 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 66.244.95.20#53 for domain gopher 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.142.171.235#53 for domain geek 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.211.32.162#53 for domain geek 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 66.244.95.20#53 for domain geek 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.142.171.235#53 for domain fur 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.211.32.162#53 for domain fur 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 66.244.95.20#53 for domain fur 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.142.171.235#53 for domain free 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.211.32.162#53 for domain free 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 66.244.95.20#53 for domain free 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.142.171.235#53 for domain bbs 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 95.211.32.162#53 for domain bbs 
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using nameserver 66.244.95.20#53 for domain bbs 
Tue Nov 28 21:54:53 2017 daemon.warn dnsmasq[2139]: ignoring nameserver 192.168.5.1 - local interface
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: using 14 more nameservers
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: read /etc/hosts - 2 addresses
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq[2139]: read /tmp/hosts/dhcp - 1 addresses
Tue Nov 28 21:54:53 2017 daemon.info dnsmasq-dhcp[2139]: read /etc/ethers - 0 addresses
Tue Nov 28 21:55:10 2017 kern.notice kernel: [   64.870000] random: nonblocking pool is initialized
Tue Nov 28 21:55:16 2017 user.notice root: vsftpd init: mounted = 0
Tue Nov 28 21:55:16 2017 user.emerg syslog: ERROR: No drives attached, no directories to share!
Tue Nov 28 21:55:16 2017 user.emerg syslog: setting up led power
Tue Nov 28 21:55:16 2017 daemon.info procd: - init complete -
Tue Nov 28 21:55:25 2017 user.notice firewall: Reloading firewall due to ifup of wan6 (eth0.2)
Tue Nov 28 21:55:26 2017 user.notice firewall: Reloading firewall due to ifup of wan (wwan0)
Tue Nov 28 21:55:31 2017 kern.warn kernel: [   85.630000] ipt_bandwidth: timezone shift of 60 minutes detected, adjusting
Tue Nov 28 21:55:31 2017 kern.warn kernel: [   85.650000]                old minutes west=0, new minutes west=-60
Tue Nov 28 21:55:33 2017 daemon.info hostapd: wlan0: STA 00:1d:0f:b6:a1:02 IEEE 802.11: authenticated
Tue Nov 28 21:55:33 2017 daemon.info hostapd: wlan0: STA 00:1d:0f:b6:a1:02 IEEE 802.11: associated (aid 1)
Tue Nov 28 21:55:33 2017 daemon.info hostapd: wlan0: STA 00:1d:0f:b6:a1:02 WPA: pairwise key handshake completed (WPA)
Tue Nov 28 21:55:34 2017 daemon.info hostapd: wlan0: STA 00:1d:0f:b6:a1:02 WPA: group key handshake completed (WPA)
Tue Nov 28 21:55:34 2017 daemon.info dnsmasq-dhcp[2139]: DHCPREQUEST(br-lan) 192.168.5.157 00:1d:0f:b6:a1:02 
Tue Nov 28 21:55:34 2017 daemon.info dnsmasq-dhcp[2139]: DHCPACK(br-lan) 192.168.5.157 00:1d:0f:b6:a1:02 vvv-Komputer
Tue Nov 28 21:55:37 2017 daemon.info dnsmasq-dhcp[2139]: DHCPINFORM(br-lan) 192.168.5.157 00:1d:0f:b6:a1:02 
Tue Nov 28 21:55:37 2017 daemon.info dnsmasq-dhcp[2139]: DHCPACK(br-lan) 192.168.5.157 00:1d:0f:b6:a1:02 vvv-Komputer
Success

2017-03-22 23:14:04

Uporałem się
Problem był w sposobie kompresji
Wystarczyło w TOMATO w opcji

COMPRESSION wybrać NONE

standardowo jest DISABLED

Dziękuję bardzo za poświęcony czas

nareszcie działa

2017-03-22 22:49:31

w logach serwera mam:

Mar 22 22:47:24 unknown daemon.notice openvpn[2631]: OPTIONS IMPORT: reading client specific options from: ccd/client1
Mar 22 22:47:24 unknown daemon.notice openvpn[2631]: MULTI_sva: pool returned IPv4=10.8.0.10, IPv6=(Not enabled)
Mar 22 22:47:24 unknown daemon.notice openvpn[2631]: MULTI: Learn: 10.8.0.10 -> client1/94.254.238.23:11517
Mar 22 22:47:24 unknown daemon.notice openvpn[2631]: MULTI: primary virtual IP for client1/94.254.238.23:11517: 10.8.0.10
Mar 22 22:47:24 unknown daemon.notice openvpn[2631]: MULTI: internal route 192.168.2.0/24 -> client1/94.254.238.23:11517
Mar 22 22:47:24 unknown daemon.notice openvpn[2631]: MULTI: Learn: 192.168.2.0/24 -> client1/94.254.238.23:11517
Mar 22 22:47:24 unknown daemon.notice openvpn[2631]: REMOVE PUSH ROUTE: 'route 192.168.2.0 255.255.255.0'
Mar 22 22:47:26 unknown daemon.notice openvpn[2631]: client1/94.254.238.23:11517 PUSH: Received control message: 'PUSH_REQUEST'
Mar 22 22:47:26 unknown daemon.notice openvpn[2631]: client1/94.254.238.23:11517 send_push_reply(): safe_cap=940
Mar 22 22:47:26 unknown daemon.notice openvpn[2631]: client1/94.254.238.23:11517 SENT CONTROL [client1]: 'PUSH_REPLY,route 10.0.0.0 255.255.255.0,route 192.168.1.0 255.255.255.0,dhcp-option DNS 10.0.0.101,route 10.8.0.0 255.255.255.0,topology net30,ping 15,ping-restart 60,ifconfig 10.8.0.10 10.8.0.9' (status=1)
Mar 22 22:47:41 unknown daemon.warn openvpn[2631]: client1/94.254.238.23:11517 IP packet with unknown IP version=15 seen
Mar 22 22:47:56 unknown daemon.warn openvpn[2631]: client1/94.254.238.23:11517 IP packet with unknown IP version=15 seen

wpis:
REMOVE PUSH ROUTE: 'route 192.168.2.0 255.255.255.0'

tak powinno byc?

2017-03-22 13:18:30

Trochę niejasno napisałem
po

route del -net 10.0.0.0 netmask 255.255.255.0 dev tun0

wpis zniknął

ale nadal nie jestem w stanie połączyć się z gargoyle po gsm przez tunel.

2017-03-21 18:59:44

Wybacz moje pytanie, ale raczkuję w tym.
jak usunąć wpis?

Wpisałem:

root@Gargoyle:~# route del -net 10.0.0.0 netmask 255.255.255.0 dev tun0

Niestety nadal mam ten sam problem.

2017-03-20 21:02:14

Jest ktoś w stanie pomóc?

2017-03-18 20:18:35

uci show firewall

root@Gargoyle:~# uci show firewall
firewall.@defaults[0]=defaults
firewall.@defaults[0].syn_flood='1'
firewall.@defaults[0].input='ACCEPT'
firewall.@defaults[0].output='ACCEPT'
firewall.@defaults[0].forward='REJECT'
firewall.@zone[0]=zone
firewall.@zone[0].name='lan'
firewall.@zone[0].network='lan'
firewall.@zone[0].input='ACCEPT'
firewall.@zone[0].output='ACCEPT'
firewall.@zone[0].forward='ACCEPT'
firewall.@zone[1]=zone
firewall.@zone[1].name='wan'
firewall.@zone[1].network='wan' 'wan6'
firewall.@zone[1].input='REJECT'
firewall.@zone[1].output='ACCEPT'
firewall.@zone[1].forward='REJECT'
firewall.@zone[1].masq='1'
firewall.@zone[1].mtu_fix='1'
firewall.@forwarding[0]=forwarding
firewall.@forwarding[0].src='lan'
firewall.@forwarding[0].dest='wan'
firewall.@rule[0]=rule
firewall.@rule[0].name='Allow-DHCP-Renew'
firewall.@rule[0].src='wan'
firewall.@rule[0].proto='udp'
firewall.@rule[0].dest_port='68'
firewall.@rule[0].target='ACCEPT'
firewall.@rule[0].family='ipv4'
firewall.@rule[1]=rule
firewall.@rule[1].name='Allow-Ping'
firewall.@rule[1].src='wan'
firewall.@rule[1].proto='icmp'
firewall.@rule[1].icmp_type='echo-request'
firewall.@rule[1].family='ipv4'
firewall.@rule[1].target='ACCEPT'
firewall.@rule[2]=rule
firewall.@rule[2].name='Allow-IGMP'
firewall.@rule[2].src='wan'
firewall.@rule[2].proto='igmp'
firewall.@rule[2].family='ipv4'
firewall.@rule[2].target='ACCEPT'
firewall.@rule[3]=rule
firewall.@rule[3].name='Allow-DHCPv6'
firewall.@rule[3].src='wan'
firewall.@rule[3].proto='udp'
firewall.@rule[3].src_ip='fe80::/10'
firewall.@rule[3].src_port='547'
firewall.@rule[3].dest_ip='fe80::/10'
firewall.@rule[3].dest_port='546'
firewall.@rule[3].family='ipv6'
firewall.@rule[3].target='ACCEPT'
firewall.@rule[4]=rule
firewall.@rule[4].name='Allow-MLD'
firewall.@rule[4].src='wan'
firewall.@rule[4].proto='icmp'
firewall.@rule[4].src_ip='fe80::/10'
firewall.@rule[4].icmp_type='130/0' '131/0' '132/0' '143/0'
firewall.@rule[4].family='ipv6'
firewall.@rule[4].target='ACCEPT'
firewall.@rule[5]=rule
firewall.@rule[5].name='Allow-ICMPv6-Input'
firewall.@rule[5].src='wan'
firewall.@rule[5].proto='icmp'
firewall.@rule[5].icmp_type='echo-request' 'echo-reply' 'destination-unreachable                                                                                                                                                             ' 'packet-too-big' 'time-exceeded' 'bad-header' 'unknown-header-type' 'router-so                                                                                                                                                             licitation' 'neighbour-solicitation' 'router-advertisement' 'neighbour-advertise                                                                                                                                                             ment'
firewall.@rule[5].limit='1000/sec'
firewall.@rule[5].family='ipv6'
firewall.@rule[5].target='ACCEPT'
firewall.@rule[6]=rule
firewall.@rule[6].name='Allow-ICMPv6-Forward'
firewall.@rule[6].src='wan'
firewall.@rule[6].dest='*'
firewall.@rule[6].proto='icmp'
firewall.@rule[6].icmp_type='echo-request' 'echo-reply' 'destination-unreachable                                                                                                                                                             ' 'packet-too-big' 'time-exceeded' 'bad-header' 'unknown-header-type'
firewall.@rule[6].limit='1000/sec'
firewall.@rule[6].family='ipv6'
firewall.@rule[6].target='ACCEPT'
firewall.@include[0]=include
firewall.@include[0].path='/etc/firewall.user'
firewall.@include[0].reload='1'
firewall.@rule[7]=rule
firewall.@rule[7].src='wan'
firewall.@rule[7].dest='lan'
firewall.@rule[7].proto='esp'
firewall.@rule[7].target='ACCEPT'
firewall.@rule[8]=rule
firewall.@rule[8].src='wan'
firewall.@rule[8].dest='lan'
firewall.@rule[8].dest_port='500'
firewall.@rule[8].proto='udp'
firewall.@rule[8].target='ACCEPT'
firewall.@include[1]=include
firewall.@include[1].type='script'
firewall.@include[1].path='/usr/lib/gargoyle_firewall_util/gargoyle_additions.fi                                                                                                                                                             rewall'
firewall.@include[1].family='IPv4'
firewall.@include[1].reload='1'
firewall.openvpn_include_file=include
firewall.openvpn_include_file.path='/etc/openvpn.firewall'
firewall.openvpn_include_file.reload='1'
firewall.vpn_zone=zone
firewall.vpn_zone.name='vpn'
firewall.vpn_zone.network='vpn'
firewall.vpn_zone.input='ACCEPT'
firewall.vpn_zone.output='ACCEPT'
firewall.vpn_zone.forward='ACCEPT'
firewall.vpn_zone.mtu_fix='1'
firewall.vpn_zone.masq='1'
firewall.vpn_lan_forwarding=forwarding
firewall.vpn_lan_forwarding.src='lan'
firewall.vpn_lan_forwarding.dest='vpn'
firewall.lan_vpn_forwarding=forwarding
firewall.lan_vpn_forwarding.src='vpn'
firewall.lan_vpn_forwarding.dest='lan'
firewall.@forwarding[1]=forwarding
firewall.@forwarding[1].src='vpn'
firewall.@forwarding[1].dest='lan'
firewall.@forwarding[2]=forwarding
firewall.@forwarding[2].src='lan'
firewall.@forwarding[2].dest='vpn'
firewall.ra_443_443=remote_accept
firewall.ra_443_443.local_port='443'
firewall.ra_443_443.remote_port='443'
firewall.ra_443_443.proto='tcp'
firewall.ra_443_443.zone='wan'
firewall.ra_80_80=remote_accept
firewall.ra_80_80.local_port='80'
firewall.ra_80_80.remote_port='80'
firewall.ra_80_80.proto='tcp'
firewall.ra_80_80.zone='wan'

root@Gargoyle:~# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         10.64.64.64     0.0.0.0         UG    0      0        0 3g-wan
10.0.0.0        10.8.0.9        255.255.255.0   UG    0      0        0 tun0
10.8.0.0        10.8.0.9        255.255.255.0   UG    0      0        0 tun0
10.8.0.9        *               255.255.255.255 UH    0      0        0 tun0
10.64.64.64     *               255.255.255.255 UH    0      0        0 3g-wan
192.168.1.0     10.8.0.9        255.255.255.0   UG    0      0        0 tun0
192.168.2.0     *               255.255.255.0   U     0      0        0 br-lan
root@Gargoyle:~#

2017-03-18 19:49:21

Nakierujcie mnie jakoś, bo walcze z tym i nic mi nie wychodzi, ciągle ten sam skutek.
serwer tomato z klientem tomato współpracują tak jak powinny, klient gargoyle niestety nie, połączony, ale tak jakby tunel nie istniał. pingi nie działają, firewall na gargoyle wyłączyłem i nadal to samo.

2017-03-17 22:09:41

Rozbudowałem trochę sieć VPN o kolejnych klientów i nadal ma ten sam problem
Serwer mam na tomato, jeden klient na GARGOYLE, drugi na tomato.
Problem jest z klientem Gargoyle. Nie mogę z klienta ani do klienta połączyć się przez VPN do urządzeń podłączonych do serwera czy do klienta z tomato.
Przy kompach i urządzeniach podpiętych do serwera i klienta z tomato problem nie występuje.

konfiguracja klienta gargoyle
https://www.dropbox.com/s/n6sib6w7dsrcd … e.jpg?dl=0

konfiguracja klienta tomato
https://www.dropbox.com/s/jhbom786k8yq9 … 1.jpg?dl=0
https://www.dropbox.com/s/uy7p3wg6w9ild … 2.jpg?dl=0
https://www.dropbox.com/s/6whbkfcen3ior … 3.jpg?dl=0

konfiguracja serwera
https://www.dropbox.com/s/41hly6to773n3 … 1.jpg?dl=0
https://www.dropbox.com/s/t5oyunp1m7l3e … 2.jpg?dl=0

2017-03-09 08:33:28

Mógłbyś napisać w jaki sposób na gargoyle ustawić forwarding?

2017-03-09 08:23:13

Jeszcze jedno pytanie.

Chciałbym mieć możliwość logować się na gargoyle (klient) i podłączonych urządzeń do gargoyle (rejestrator, NAS)
z komputerów podpiętych do tomato (serwer) i z zewnątrz sieci.

Zrobiłem to co napisałeś wcześniej, ale nie działa.

2017-03-09 07:28:14

wygenerowałem od nowa
ta.key
i działa

Kolejny problem.
W otoczeniu sieciowym nie widać urządzeń podpiętych do klienta.

2017-03-08 20:44:46

Dodałem klucz tls-auth
te same pliki ta.key na serwerze i kliencie
teraz nie może się jedno z drugim połączyć
w logach serwera:

Mar  8 20:42:32 unknown daemon.err openvpn[10301]: Authenticate/Decrypt packet error: packet HMAC authentication failed
Mar  8 20:42:32 unknown daemon.err openvpn[10301]: TLS Error: incoming packet authentication failed from [AF_INET]94.254.228.28:46390
Mar  8 20:42:34 unknown daemon.err openvpn[10301]: Authenticate/Decrypt packet error: packet HMAC authentication failed
Mar  8 20:42:34 unknown daemon.err openvpn[10301]: TLS Error: incoming packet authentication failed from [AF_INET]94.254.228.28:46390
Mar  8 20:42:38 unknown daemon.err openvpn[10301]: Authenticate/Decrypt packet error: packet HMAC authentication failed
Mar  8 20:42:38 unknown daemon.err openvpn[10301]: TLS Error: incoming packet authentication failed from [AF_INET]94.254.228.28:46390

logi klienta:

Wed Mar  8 20:43:17 2017 daemon.info dnsmasq-dhcp[2183]: DHCPDISCOVER(br-lan) b8:27:eb:79:af:18 
Wed Mar  8 20:43:17 2017 daemon.info dnsmasq-dhcp[2183]: DHCPOFFER(br-lan) 192.168.2.128 b8:27:eb:79:af:18 
Wed Mar  8 20:43:17 2017 daemon.info dnsmasq-dhcp[2183]: DHCPREQUEST(br-lan) 192.168.2.128 b8:27:eb:79:af:18 
Wed Mar  8 20:43:17 2017 daemon.info dnsmasq-dhcp[2183]: DHCPACK(br-lan) 192.168.2.128 b8:27:eb:79:af:18 osmc
Wed Mar  8 20:43:30 2017 daemon.err openvpn(custom_config)[2248]: event_wait : Interrupted system call (code=4)
Wed Mar  8 20:43:30 2017 daemon.notice openvpn(custom_config)[2248]: SIGTERM[hard,] received, process exiting
Wed Mar  8 20:43:30 2017 daemon.notice openvpn(custom_config)[3663]: OpenVPN 2.3.6 mipsel-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Feb 16 2017
Wed Mar  8 20:43:30 2017 daemon.notice openvpn(custom_config)[3663]: library versions: OpenSSL 1.0.2j  26 Sep 2016, LZO 2.08
Wed Mar  8 20:43:30 2017 daemon.warn openvpn(custom_config)[3663]: Note: cannot open /var/openvpn/current_status for WRITE
Wed Mar  8 20:43:30 2017 daemon.warn openvpn(custom_config)[3663]: WARNING: file '/etc/openvpn/grouter_client_nskmzottfofp.key' is group or others accessible
Wed Mar  8 20:43:30 2017 daemon.warn openvpn(custom_config)[3663]: WARNING: file '/etc/openvpn/grouter_client_nskmzottfofp_ta.key' is group or others accessible
Wed Mar  8 20:43:30 2017 daemon.notice openvpn(custom_config)[3663]: Control Channel Authentication: using '/etc/openvpn/grouter_client_nskmzottfofp_ta.key' as a OpenVPN static key file
Wed Mar  8 20:43:30 2017 daemon.notice openvpn(custom_config)[3663]: Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Mar  8 20:43:30 2017 daemon.notice openvpn(custom_config)[3663]: Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Mar  8 20:43:30 2017 daemon.notice openvpn(custom_config)[3663]: Socket Buffers: R=[163840->131072] S=[163840->131072]
Wed Mar  8 20:43:30 2017 daemon.notice openvpn(custom_config)[3663]: UDPv4 link local: [undef]
Wed Mar  8 20:43:30 2017 daemon.notice openvpn(custom_config)[3663]: UDPv4 link remote: [AF_INET]91.244.191.30:1194
Success

tutaj konfiguracja klienta
https://dl.dropboxusercontent.com/u/231 … ard011.jpg

konfiguracja serwera
https://dl.dropboxusercontent.com/u/231 … ard021.jpg
https://dl.dropboxusercontent.com/u/231 … ard031.jpg

2017-03-08 08:33:03

khain napisał/a:

Wstaw zwykłe linki (a nie jako obrazek) oraz wrzuć logi serwera openvpn z tomato.

Poprawiłem

2017-03-07 23:28:25

Cezary może jesteś w stanie pomóc.
Certyfikaty wygenerowałem, serwer stoi na tomato (serwer)z zew IP do którego łącze się przez GARGOYLE (klient)z modemem GSM.
Tunel działa, ale nie umiem wejść z sieci LAN tomato czy z zew (internet) na GARGOYLE. Chciałbym łączyć się z rejestratorem CCTV podpiętym do GARGOYLE

https://dl.dropboxusercontent.com/u/231 … oard01.jpg
https://dl.dropboxusercontent.com/u/231 … oard02.jpg
https://dl.dropboxusercontent.com/u/231 … oard03.jpg
https://dl.dropboxusercontent.com/u/231 … oard05.jpg
https://dl.dropboxusercontent.com/u/231 … oard04.jpg

LOG klienta

Tue Mar  7 23:43:36 2017 daemon.notice netifd: wan_4 (2144): /sbin/uci: Invalid argument
Tue Mar  7 23:43:36 2017 daemon.notice netifd: wan_4 (2144): /sbin/uci: Invalid argument
Tue Mar  7 23:43:36 2017 daemon.notice netifd: wan_4 (2144): /sbin/uci: Invalid argument
Tue Mar  7 23:43:36 2017 daemon.notice netifd: wan_4 (2144): /sbin/uci: Invalid argument
Tue Mar  7 23:43:36 2017 daemon.notice netifd: wan_4 (2144): /sbin/uci: Invalid argument
Tue Mar  7 23:43:36 2017 daemon.notice netifd: wan_4 (2144): /sbin/uci: Invalid argument
Tue Mar  7 23:43:36 2017 daemon.notice netifd: wan_4 (2144): /sbin/uci: Invalid argument
Tue Mar  7 23:43:41 2017 daemon.notice openvpn(custom_config)[2180]: TLS: Initial packet from [AF_INET]91.244.191.30:1194, sid=35ecb8d8 d9996797
Tue Mar  7 23:43:44 2017 daemon.notice openvpn(custom_config)[2180]: VERIFY OK: depth=1, C=PL, ST=Podlaskie, L=BielskPodlaski, O=OpenVPN, OU=nexx, CN=nexx, name=nexx, emailAddress=vorobiej@gmail.com
Tue Mar  7 23:43:44 2017 daemon.notice openvpn(custom_config)[2180]: VERIFY OK: nsCertType=SERVER
Tue Mar  7 23:43:44 2017 daemon.notice openvpn(custom_config)[2180]: VERIFY OK: depth=0, C=PL, ST=Podlaskie, L=BielskPodlaski, O=OpenVPN, OU=nexx, CN=pugacewicz.pl, name=nexx, emailAddress=vorobiej@gmail.com
Tue Mar  7 23:43:46 2017 daemon.notice openvpn(custom_config)[2180]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Tue Mar  7 23:43:46 2017 daemon.notice openvpn(custom_config)[2180]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Mar  7 23:43:46 2017 daemon.notice openvpn(custom_config)[2180]: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Tue Mar  7 23:43:46 2017 daemon.notice openvpn(custom_config)[2180]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Mar  7 23:43:46 2017 daemon.notice openvpn(custom_config)[2180]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Tue Mar  7 23:43:46 2017 daemon.notice openvpn(custom_config)[2180]: [pugacewicz.pl] Peer Connection Initiated with [AF_INET]91.244.191.30:1194
Tue Mar  7 23:43:47 2017 daemon.info hostapd: wlan0: STA 00:1d:0f:b6:a1:02 IEEE 802.11: authenticated
Tue Mar  7 23:43:47 2017 daemon.info hostapd: wlan0: STA 00:1d:0f:b6:a1:02 IEEE 802.11: associated (aid 1)
Tue Mar  7 23:43:47 2017 daemon.info hostapd: wlan0: STA 00:1d:0f:b6:a1:02 WPA: pairwise key handshake completed (WPA)
Tue Mar  7 23:43:48 2017 daemon.info hostapd: wlan0: STA 00:1d:0f:b6:a1:02 WPA: group key handshake completed (WPA)
Tue Mar  7 23:43:48 2017 daemon.info dnsmasq-dhcp[2199]: DHCPREQUEST(br-lan) 192.168.2.186 00:1d:0f:b6:a1:02 
Tue Mar  7 23:43:48 2017 daemon.info dnsmasq-dhcp[2199]: DHCPACK(br-lan) 192.168.2.186 00:1d:0f:b6:a1:02 vvv-Komputer
Tue Mar  7 23:43:49 2017 daemon.notice openvpn(custom_config)[2180]: SENT CONTROL [pugacewicz.pl]: 'PUSH_REQUEST' (status=1)
Tue Mar  7 23:43:49 2017 daemon.notice openvpn(custom_config)[2180]: PUSH: Received control message: 'PUSH_REPLY,route 10.0.0.0 255.255.255.0,route 10.8.0.1,topology net30,ping 15,ping-restart 60,ifconfig 10.8.0.6 10.8.0.5'
Tue Mar  7 23:43:49 2017 daemon.notice openvpn(custom_config)[2180]: OPTIONS IMPORT: timers and/or timeouts modified
Tue Mar  7 23:43:49 2017 daemon.notice openvpn(custom_config)[2180]: OPTIONS IMPORT: --ifconfig/up options modified
Tue Mar  7 23:43:49 2017 daemon.notice openvpn(custom_config)[2180]: OPTIONS IMPORT: route options modified
Tue Mar  7 23:43:49 2017 daemon.notice openvpn(custom_config)[2180]: TUN/TAP device tun0 opened
Tue Mar  7 23:43:49 2017 daemon.notice openvpn(custom_config)[2180]: TUN/TAP TX queue length set to 100
Tue Mar  7 23:43:49 2017 daemon.notice openvpn(custom_config)[2180]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Tue Mar  7 23:43:49 2017 daemon.notice openvpn(custom_config)[2180]: /sbin/ifconfig tun0 10.8.0.6 pointopoint 10.8.0.5 mtu 1500
Tue Mar  7 23:43:49 2017 daemon.notice openvpn(custom_config)[2180]: /sbin/route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.8.0.5
Tue Mar  7 23:43:49 2017 daemon.notice netifd: Interface 'vpn' is enabled
Tue Mar  7 23:43:49 2017 daemon.notice netifd: Network device 'tun0' link is up
Tue Mar  7 23:43:49 2017 daemon.notice netifd: Interface 'vpn' has link connectivity 
Tue Mar  7 23:43:49 2017 daemon.notice netifd: Interface 'vpn' is setting up now
Tue Mar  7 23:43:49 2017 daemon.notice netifd: Interface 'vpn' is now up
Tue Mar  7 23:43:49 2017 daemon.notice openvpn(custom_config)[2180]: /sbin/route add -net 10.8.0.1 netmask 255.255.255.255 gw 10.8.0.5
Tue Mar  7 23:43:49 2017 daemon.notice openvpn(custom_config)[2180]: Initialization Sequence Completed
Tue Mar  7 23:43:49 2017 kern.notice kernel: [   62.000000] random: nonblocking pool is initialized
Tue Mar  7 23:43:54 2017 daemon.info dnsmasq-dhcp[2199]: DHCPINFORM(br-lan) 192.168.2.186 00:1d:0f:b6:a1:02 
Tue Mar  7 23:43:54 2017 daemon.info dnsmasq-dhcp[2199]: DHCPACK(br-lan) 192.168.2.186 00:1d:0f:b6:a1:02 vvv-Komputer
Tue Mar  7 23:43:59 2017 user.notice root: vsftpd init: mounted = 0
Tue Mar  7 23:43:59 2017 user.emerg syslog: ERROR: No drives attached, no directories to share!
Tue Mar  7 23:43:59 2017 user.emerg syslog: setting up led power
Tue Mar  7 23:43:59 2017 daemon.info procd: - init complete -
Tue Mar  7 23:44:39 2017 user.notice firewall: Reloading firewall due to ifup of wan6 (eth0.2)
Tue Mar  7 23:44:41 2017 user.notice firewall: Reloading firewall due to ifup of wan (wwan0)
Tue Mar  7 23:44:42 2017 kern.warn kernel: [   83.020000] ipt_bandwidth: timezone shift of 60 minutes detected, adjusting
Tue Mar  7 23:44:42 2017 kern.warn kernel: [   83.030000]                old minutes west=0, new minutes west=-60
Success

LOG TOMATO

Mar  8 08:28:54 unknown daemon.notice openvpn[32651]: 94.254.230.28:22083 TLS: Initial packet from [AF_INET]94.254.230.28:22083, sid=94bd4012 c4e277a8
Mar  8 08:28:57 unknown daemon.notice openvpn[32651]: 94.254.230.28:22083 VERIFY OK: depth=1, C=PL, ST=Podlaskie, L=BielskPodlaski, O=OpenVPN, OU=nexx, CN=nexx, name=nexx, emailAddress=vorobiej@gmail.com
Mar  8 08:28:57 unknown daemon.notice openvpn[32651]: 94.254.230.28:22083 VERIFY OK: depth=0, C=PL, ST=Podlaskie, L=BielskPodlaski, O=OpenVPN, OU=nexx, CN=client1, name=nexx, emailAddress=vorobiej@gmail.com
Mar  8 08:28:57 unknown daemon.notice openvpn[32651]: 94.254.230.28:22083 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mar  8 08:28:57 unknown daemon.notice openvpn[32651]: 94.254.230.28:22083 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar  8 08:28:57 unknown daemon.notice openvpn[32651]: 94.254.230.28:22083 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mar  8 08:28:57 unknown daemon.notice openvpn[32651]: 94.254.230.28:22083 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar  8 08:28:57 unknown daemon.notice openvpn[32651]: 94.254.230.28:22083 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Mar  8 08:28:57 unknown daemon.notice openvpn[32651]: 94.254.230.28:22083 [client1] Peer Connection Initiated with [AF_INET]94.254.230.28:22083
Mar  8 08:28:57 unknown daemon.notice openvpn[32651]: MULTI: new connection by client 'client1' will cause previous active sessions by this client to be dropped.  Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Mar  8 08:28:57 unknown daemon.notice openvpn[32651]: MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Mar  8 08:28:57 unknown daemon.notice openvpn[32651]: MULTI: Learn: 10.8.0.6 -> client1/94.254.230.28:22083
Mar  8 08:28:57 unknown daemon.notice openvpn[32651]: MULTI: primary virtual IP for client1/94.254.230.28:22083: 10.8.0.6
Mar  8 08:29:00 unknown daemon.notice openvpn[32651]: client1/94.254.230.28:22083 PUSH: Received control message: 'PUSH_REQUEST'
Mar  8 08:29:00 unknown daemon.notice openvpn[32651]: client1/94.254.230.28:22083 send_push_reply(): safe_cap=940
Mar  8 08:29:00 unknown daemon.notice openvpn[32651]: client1/94.254.230.28:22083 SENT CONTROL [client1]: 'PUSH_REPLY,route 10.0.0.0 255.255.255.0,route 10.8.0.1,topology net30,ping 15,ping-restart 60,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Mar  8 08:29:16 unknown daemon.warn openvpn[32651]: client1/94.254.230.28:22083 IP packet with unknown IP version=15 seen
Mar  8 08:29:22 unknown daemon.err openvpn[32651]: event_wait : Interrupted system call (code=4)
Mar  8 08:29:22 unknown daemon.notice openvpn[32651]: TITLE,OpenVPN 2.3.11 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Aug  1 2016
Mar  8 08:29:22 unknown daemon.notice openvpn[32651]: TIME,Wed Mar  8 08:29:22 2017,1488958162
Mar  8 08:29:22 unknown daemon.notice openvpn[32651]: HEADER,CLIENT_LIST,Common Name,Real Address,Virtual Address,Bytes Received,Bytes Sent,Connected Since,Connected Since (time_t),Username
Mar  8 08:29:22 unknown daemon.notice openvpn[32651]: CLIENT_LIST,client1,94.254.230.28:22083,10.8.0.6,4427,5108,Wed Mar  8 08:28:54 2017,1488958134,UNDEF
Mar  8 08:29:22 unknown daemon.notice openvpn[32651]: HEADER,ROUTING_TABLE,Virtual Address,Common Name,Real Address,Last Ref,Last Ref (time_t)
Mar  8 08:29:22 unknown daemon.notice openvpn[32651]: ROUTING_TABLE,10.8.0.6,client1,94.254.230.28:22083,Wed Mar  8 08:28:57 2017,1488958137
Mar  8 08:29:22 unknown daemon.notice openvpn[32651]: GLOBAL_STATS,Max bcast/mcast queue length,0
Mar  8 08:29:22 unknown daemon.notice openvpn[32651]: END
Mar  8 08:29:26 unknown daemon.err openvpn[32651]: event_wait : Interrupted system call (code=4)
Mar  8 08:29:26 unknown daemon.notice openvpn[32651]: /sbin/route del -net 10.8.0.0 netmask 255.255.255.0
Mar  8 08:29:26 unknown daemon.notice openvpn[32651]: Closing TUN/TAP interface
Mar  8 08:29:26 unknown daemon.notice openvpn[32651]: /sbin/ifconfig tun21 0.0.0.0
Mar  8 08:29:26 unknown daemon.notice openvpn[32651]: SIGTERM[hard,] received, process exiting
Mar  8 08:30:17 unknown daemon.info dnsmasq-dhcp[2821]: DHCPREQUEST(br0) 10.0.0.13 64:cc:2e:d7:56:8c 
Mar  8 08:30:17 unknown daemon.info dnsmasq-dhcp[2821]: DHCPACK(br0) 10.0.0.13 64:cc:2e:d7:56:8c Redmi3-Redmi
Mar  8 08:30:27 unknown user.info kernel: tun: Universal TUN/TAP device driver, 1.6
Mar  8 08:30:27 unknown user.info kernel: tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
Mar  8 08:30:27 unknown user.info kernel: device tun21 entered promiscuous mode
Mar  8 08:30:27 unknown daemon.notice openvpn[2747]: OpenVPN 2.3.11 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Aug  1 2016
Mar  8 08:30:27 unknown daemon.notice openvpn[2747]: library versions: OpenSSL 1.0.2h  3 May 2016, LZO 2.09
Mar  8 08:30:27 unknown daemon.notice openvpn[2753]: Diffie-Hellman initialized with 2048 bit key
Mar  8 08:30:27 unknown daemon.warn openvpn[2753]: WARNING: file '/tmp/mnt/KINGSTON/openvpn/server.key' is group or others accessible
Mar  8 08:30:27 unknown daemon.notice openvpn[2753]: Socket Buffers: R=[112640->112640] S=[112640->112640]
Mar  8 08:30:27 unknown daemon.notice openvpn[2753]: TUN/TAP device tun21 opened
Mar  8 08:30:27 unknown daemon.notice openvpn[2753]: TUN/TAP TX queue length set to 100
Mar  8 08:30:27 unknown daemon.notice openvpn[2753]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mar  8 08:30:27 unknown daemon.notice openvpn[2753]: /sbin/ifconfig tun21 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
Mar  8 08:30:27 unknown daemon.notice openvpn[2753]: /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2
Mar  8 08:30:27 unknown daemon.notice openvpn[2753]: UDPv4 link local (bound): [undef]
Mar  8 08:30:27 unknown daemon.notice openvpn[2753]: UDPv4 link remote: [undef]
Mar  8 08:30:27 unknown daemon.notice openvpn[2753]: MULTI: multi_init called, r=256 v=256
Mar  8 08:30:27 unknown daemon.notice openvpn[2753]: IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Mar  8 08:30:27 unknown daemon.notice openvpn[2753]: Initialization Sequence Completed
Mar  8 08:30:32 unknown daemon.err openvpn[2753]: event_wait : Interrupted system call (code=4)
Mar  8 08:30:32 unknown daemon.notice openvpn[2753]: TITLE,OpenVPN 2.3.11 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Aug  1 2016
Mar  8 08:30:32 unknown daemon.notice openvpn[2753]: TIME,Wed Mar  8 08:30:32 2017,1488958232
Mar  8 08:30:32 unknown daemon.notice openvpn[2753]: HEADER,CLIENT_LIST,Common Name,Real Address,Virtual Address,Bytes Received,Bytes Sent,Connected Since,Connected Since (time_t),Username
Mar  8 08:30:32 unknown daemon.notice openvpn[2753]: HEADER,ROUTING_TABLE,Virtual Address,Common Name,Real Address,Last Ref,Last Ref (time_t)
Mar  8 08:30:32 unknown daemon.notice openvpn[2753]: GLOBAL_STATS,Max bcast/mcast queue length,0
Mar  8 08:30:32 unknown daemon.notice openvpn[2753]: END
Mar  8 08:30:33 unknown daemon.notice openvpn[2753]: 94.254.230.28:22140 TLS: Initial packet from [AF_INET]94.254.230.28:22140, sid=78a64444 819b007a
Mar  8 08:30:36 unknown daemon.notice openvpn[2753]: 94.254.230.28:22140 VERIFY OK: depth=1, C=PL, ST=Podlaskie, L=BielskPodlaski, O=OpenVPN, OU=nexx, CN=nexx, name=nexx, emailAddress=vorobiej@gmail.com
Mar  8 08:30:36 unknown daemon.notice openvpn[2753]: 94.254.230.28:22140 VERIFY OK: depth=0, C=PL, ST=Podlaskie, L=BielskPodlaski, O=OpenVPN, OU=nexx, CN=client1, name=nexx, emailAddress=vorobiej@gmail.com
Mar  8 08:30:36 unknown daemon.notice openvpn[2753]: 94.254.230.28:22140 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mar  8 08:30:36 unknown daemon.notice openvpn[2753]: 94.254.230.28:22140 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar  8 08:30:36 unknown daemon.notice openvpn[2753]: 94.254.230.28:22140 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mar  8 08:30:36 unknown daemon.notice openvpn[2753]: 94.254.230.28:22140 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar  8 08:30:36 unknown daemon.notice openvpn[2753]: 94.254.230.28:22140 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Mar  8 08:30:36 unknown daemon.notice openvpn[2753]: 94.254.230.28:22140 [client1] Peer Connection Initiated with [AF_INET]94.254.230.28:22140
Mar  8 08:30:36 unknown daemon.notice openvpn[2753]: client1/94.254.230.28:22140 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Mar  8 08:30:36 unknown daemon.notice openvpn[2753]: client1/94.254.230.28:22140 MULTI: Learn: 10.8.0.6 -> client1/94.254.230.28:22140
Mar  8 08:30:36 unknown daemon.notice openvpn[2753]: client1/94.254.230.28:22140 MULTI: primary virtual IP for client1/94.254.230.28:22140: 10.8.0.6
Mar  8 08:30:39 unknown daemon.notice openvpn[2753]: client1/94.254.230.28:22140 PUSH: Received control message: 'PUSH_REQUEST'
Mar  8 08:30:39 unknown daemon.notice openvpn[2753]: client1/94.254.230.28:22140 send_push_reply(): safe_cap=940
Mar  8 08:30:39 unknown daemon.notice openvpn[2753]: client1/94.254.230.28:22140 SENT CONTROL [client1]: 'PUSH_REPLY,route 10.0.0.0 255.255.255.0,route 10.8.0.1,topology net30,ping 15,ping-restart 60,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Mar  8 08:30:50 unknown daemon.err openvpn[2753]: event_wait : Interrupted system call (code=4)
Mar  8 08:30:50 unknown daemon.notice openvpn[2753]: TITLE,OpenVPN 2.3.11 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Aug  1 2016
Mar  8 08:30:50 unknown daemon.notice openvpn[2753]: TIME,Wed Mar  8 08:30:50 2017,1488958250
Mar  8 08:30:50 unknown daemon.notice openvpn[2753]: HEADER,CLIENT_LIST,Common Name,Real Address,Virtual Address,Bytes Received,Bytes Sent,Connected Since,Connected Since (time_t),Username
Mar  8 08:30:50 unknown daemon.notice openvpn[2753]: CLIENT_LIST,client1,94.254.230.28:22140,10.8.0.6,4336,5039,Wed Mar  8 08:30:33 2017,1488958233,UNDEF
Mar  8 08:30:50 unknown daemon.notice openvpn[2753]: HEADER,ROUTING_TABLE,Virtual Address,Common Name,Real Address,Last Ref,Last Ref (time_t)
Mar  8 08:30:50 unknown daemon.notice openvpn[2753]: ROUTING_TABLE,10.8.0.6,client1,94.254.230.28:22140,Wed Mar  8 08:30:36 2017,1488958236
Mar  8 08:30:50 unknown daemon.notice openvpn[2753]: GLOBAL_STATS,Max bcast/mcast queue length,0
Mar  8 08:30:50 unknown daemon.notice openvpn[2753]: END
Mar  8 08:30:54 unknown daemon.warn openvpn[2753]: client1/94.254.230.28:22140 IP packet with unknown IP version=15 seen
Mar  8 08:31:10 unknown daemon.warn openvpn[2753]: client1/94.254.230.28:22140 IP packet with unknown IP version=15 seen
Mar  8 08:31:25 unknown daemon.warn openvpn[2753]: client1/94.254.230.28:22140 IP packet with unknown IP version=15 seen
Mar  8 08:31:41 unknown daemon.notice openvpn[2753]: 94.254.230.28:22110 TLS: Initial packet from [AF_INET]94.254.230.28:22110, sid=536b5a2e 6cd826b7
Mar  8 08:31:42 unknown daemon.err openvpn[2753]: event_wait : Interrupted system call (code=4)
Mar  8 08:31:42 unknown daemon.notice openvpn[2753]: TITLE,OpenVPN 2.3.11 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Aug  1 2016
Mar  8 08:31:42 unknown daemon.notice openvpn[2753]: TIME,Wed Mar  8 08:31:42 2017,1488958302
Mar  8 08:31:42 unknown daemon.notice openvpn[2753]: HEADER,CLIENT_LIST,Common Name,Real Address,Virtual Address,Bytes Received,Bytes Sent,Connected Since,Connected Since (time_t),Username
Mar  8 08:31:42 unknown daemon.notice openvpn[2753]: CLIENT_LIST,UNDEF,94.254.230.28:22110,,36,26,Wed Mar  8 08:31:41 2017,1488958301,UNDEF
Mar  8 08:31:42 unknown daemon.notice openvpn[2753]: CLIENT_LIST,client1,94.254.230.28:22140,10.8.0.6,4543,5315,Wed Mar  8 08:30:33 2017,1488958233,UNDEF
Mar  8 08:31:42 unknown daemon.notice openvpn[2753]: HEADER,ROUTING_TABLE,Virtual Address,Common Name,Real Address,Last Ref,Last Ref (time_t)
Mar  8 08:31:42 unknown daemon.notice openvpn[2753]: ROUTING_TABLE,10.8.0.6,client1,94.254.230.28:22140,Wed Mar  8 08:30:36 2017,1488958236
Mar  8 08:31:42 unknown daemon.notice openvpn[2753]: GLOBAL_STATS,Max bcast/mcast queue length,0
Mar  8 08:31:42 unknown daemon.notice openvpn[2753]: END
Mar  8 08:31:44 unknown daemon.notice openvpn[2753]: 94.254.230.28:22110 VERIFY OK: depth=1, C=PL, ST=Podlaskie, L=BielskPodlaski, O=OpenVPN, OU=nexx, CN=nexx, name=nexx, emailAddress=vorobiej@gmail.com
Mar  8 08:31:44 unknown daemon.notice openvpn[2753]: 94.254.230.28:22110 VERIFY OK: depth=0, C=PL, ST=Podlaskie, L=BielskPodlaski, O=OpenVPN, OU=nexx, CN=client1, name=nexx, emailAddress=vorobiej@gmail.com
Mar  8 08:31:45 unknown daemon.notice openvpn[2753]: 94.254.230.28:22110 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mar  8 08:31:45 unknown daemon.notice openvpn[2753]: 94.254.230.28:22110 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar  8 08:31:45 unknown daemon.notice openvpn[2753]: 94.254.230.28:22110 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mar  8 08:31:45 unknown daemon.notice openvpn[2753]: 94.254.230.28:22110 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar  8 08:31:45 unknown daemon.notice openvpn[2753]: 94.254.230.28:22110 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Mar  8 08:31:45 unknown daemon.notice openvpn[2753]: 94.254.230.28:22110 [client1] Peer Connection Initiated with [AF_INET]94.254.230.28:22110
Mar  8 08:31:45 unknown daemon.notice openvpn[2753]: MULTI: new connection by client 'client1' will cause previous active sessions by this client to be dropped.  Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Mar  8 08:31:45 unknown daemon.notice openvpn[2753]: MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Mar  8 08:31:45 unknown daemon.notice openvpn[2753]: MULTI: Learn: 10.8.0.6 -> client1/94.254.230.28:22110
Mar  8 08:31:45 unknown daemon.notice openvpn[2753]: MULTI: primary virtual IP for client1/94.254.230.28:22110: 10.8.0.6
Mar  8 08:31:47 unknown daemon.notice openvpn[2753]: client1/94.254.230.28:22110 PUSH: Received control message: 'PUSH_REQUEST'
Mar  8 08:31:47 unknown daemon.notice openvpn[2753]: client1/94.254.230.28:22110 send_push_reply(): safe_cap=940
Mar  8 08:31:47 unknown daemon.notice openvpn[2753]: client1/94.254.230.28:22110 SENT CONTROL [client1]: 'PUSH_REPLY,route 10.0.0.0 255.255.255.0,route 10.8.0.1,topology net30,ping 15,ping-restart 60,ifconfig 10.8.0.6 10.8.0.5' (status=1)

2017-03-05 22:52:41

Chciałbym na Tomato postawić serwer OpenVPN do którego łaczyłbym się z GARGOYLE na NEXX 3020

Jak wygenerować klucze serwera i klientów?
Mógłbym skorzystać z tego poradnika:
http://www.networkservices.pl/baza-wied … -w-windows
Ale jak wygenerować plik
klient2.conf

2017-02-11 09:51:34

Dziękuje za pomoc.
Jedyne forum które pomaga laikom
Jeszcze raz WIELKIE DZIĘKI

2017-02-11 09:32:59

Dziękuję za ekspresową odpowiedź.
Mogę Gagoyle od razu na stockowe chińskie firmware instalować przez gui?
Czy muszę zachować kolejność najpierw plik factory później gargoyle?

Jeszcze jedno pytanie.
Co to jest u-boot?
Też aktualizować? Przeczytałem tutaj , że można tylko na stockowym firmware.

2017-02-11 08:57:38

Kupiłem od chińczyków NEXX 3020F (jeszcze leci)
Chciałbym podłączyć go w samochodzie z modemem HUAWEI E173.
Jestem słaby w takich sprawach. Mam kilka pytań laika.

Chce mieć na nim OPENWRT. Jeżeli bedę postępował wg tej instrucji:

http://www.securityskeptic.com/2016/01/ … outer.html

Once you have an Internet connection, telnet to the WT3020 at 192.168.8.1 using the default Nexx account credentials I show here. I've copied the commands I used and the output from the scripts below:

$ telnet 192.168.8.1
Trying 192.168.8.1...
Connected to 192.168.8.1.
Escape character is '^]'.

(none) login: nexxadmin
Password: y1n2inc.com0755

BusyBox v1.12.1 (2015-02-05 18:04:51 HKT) built-in shell (ash)
Enter 'help' for a list of built-in commands.

# cd /tmp
# wget http://downloads.openwrt.org/chaos_calm … penwrt-15.
05-ramips-mt7620-wt3020-8M-squashfs-sysupgrade.bin
Connecting to downloads.openwrt.org (78.24.191.177:80)
openwrt-15.05-ramips 100% |*******************************| 3328k 00:00:00 ETA
# mtd_write -r write openwrt-15.05-ramips-mt7620-wt3020-8M-squashfs-sysupgrade.bin mtd3
Unlocking mtd3 ...
Writing from openwrt-15.05-ramips-mt7620-wt3020-8M-squashfs-sysupgrade.bin to mtd3 ... [e]
#reboot

Warning. Your Nexx may force close telnet. Don't panic. Reboot via a power cycle.

At this point, you should be running the openWRT software. Note that openWRT assigns the IP address 192.168.1.1 to the internal LAN port. This is different from what NEXX assigns. If you're still able to connect to 192.168.8.1, something went awry: lather, rinse, repeat.

Wszystko będzie ok?

Którą później wersję OpenWRT z GUI www wybrać?
W jaki sposób Zainstalować?

Dziękuję.

FAQ o OpenWrt | Sprzedam różne routery | Oddam

Opcje wyszukiwania

Znalezione posty: 25

1 Odpowiedź przez vorobiej 2020-01-09 22:29:46

Odp: Wireguard - nie widzę urządzeń w sieci klientów. (4 odpowiedzi, napisanych Oprogramowanie / Software)

2 Temat przez vorobiej 2020-01-08 14:45:55

Temat: Wireguard - nie widzę urządzeń w sieci klientów. (4 odpowiedzi, napisanych Oprogramowanie / Software)

3 Temat przez vorobiej 2019-04-30 18:24:17

Temat: OPENVPN problem z push (6 odpowiedzi, napisanych Oprogramowanie / Software)

4 Odpowiedź przez vorobiej 2017-11-30 07:49:26

Odp: Gargoyle NEX WT3020 E3372s-153 (nie hilink)- brak połączenia (6 odpowiedzi, napisanych Oprogramowanie / Software)

5 Odpowiedź przez vorobiej 2017-11-28 23:57:06

Odp: Gargoyle NEX WT3020 E3372s-153 (nie hilink)- brak połączenia (6 odpowiedzi, napisanych Oprogramowanie / Software)

6 Odpowiedź przez vorobiej 2017-11-28 23:24:34

Odp: Gargoyle NEX WT3020 E3372s-153 (nie hilink)- brak połączenia (6 odpowiedzi, napisanych Oprogramowanie / Software)

7 Temat przez vorobiej 2017-11-28 22:42:52

Temat: Gargoyle NEX WT3020 E3372s-153 (nie hilink)- brak połączenia (6 odpowiedzi, napisanych Oprogramowanie / Software)

8 Odpowiedź przez vorobiej 2017-03-22 23:14:04

Odp: OpenVPN TOMATO i GARGORYLE (23 odpowiedzi, napisanych Oprogramowanie / Software)

9 Odpowiedź przez vorobiej 2017-03-22 22:49:31

Odp: OpenVPN TOMATO i GARGORYLE (23 odpowiedzi, napisanych Oprogramowanie / Software)

10 Odpowiedź przez vorobiej 2017-03-22 13:18:30

Odp: OpenVPN TOMATO i GARGORYLE (23 odpowiedzi, napisanych Oprogramowanie / Software)

11 Odpowiedź przez vorobiej 2017-03-21 18:59:44

Odp: OpenVPN TOMATO i GARGORYLE (23 odpowiedzi, napisanych Oprogramowanie / Software)

12 Odpowiedź przez vorobiej 2017-03-20 21:02:14

Odp: OpenVPN TOMATO i GARGORYLE (23 odpowiedzi, napisanych Oprogramowanie / Software)

13 Odpowiedź przez vorobiej 2017-03-18 20:18:35

Odp: OpenVPN TOMATO i GARGORYLE (23 odpowiedzi, napisanych Oprogramowanie / Software)

14 Odpowiedź przez vorobiej 2017-03-18 19:49:21

Odp: OpenVPN TOMATO i GARGORYLE (23 odpowiedzi, napisanych Oprogramowanie / Software)

15 Odpowiedź przez vorobiej 2017-03-17 22:09:41

Odp: OpenVPN TOMATO i GARGORYLE (23 odpowiedzi, napisanych Oprogramowanie / Software)

16 Odpowiedź przez vorobiej 2017-03-09 08:33:28

Odp: OpenVPN TOMATO i GARGORYLE (23 odpowiedzi, napisanych Oprogramowanie / Software)

17 Odpowiedź przez vorobiej 2017-03-09 08:23:13

Odp: OpenVPN TOMATO i GARGORYLE (23 odpowiedzi, napisanych Oprogramowanie / Software)

18 Odpowiedź przez vorobiej 2017-03-09 07:28:14

Odp: OpenVPN TOMATO i GARGORYLE (23 odpowiedzi, napisanych Oprogramowanie / Software)

19 Odpowiedź przez vorobiej 2017-03-08 20:44:46

Odp: OpenVPN TOMATO i GARGORYLE (23 odpowiedzi, napisanych Oprogramowanie / Software)

20 Odpowiedź przez vorobiej 2017-03-08 08:33:03

Odp: OpenVPN TOMATO i GARGORYLE (23 odpowiedzi, napisanych Oprogramowanie / Software)

21 Odpowiedź przez vorobiej 2017-03-07 23:28:25

Odp: OpenVPN TOMATO i GARGORYLE (23 odpowiedzi, napisanych Oprogramowanie / Software)

22 Temat przez vorobiej 2017-03-05 22:52:41

Temat: OpenVPN TOMATO i GARGORYLE (23 odpowiedzi, napisanych Oprogramowanie / Software)

23 Odpowiedź przez vorobiej 2017-02-11 09:51:34

Odp: NEXX 3020 do samochodu -kilka pytań początkującego (4 odpowiedzi, napisanych Oprogramowanie / Software)

24 Odpowiedź przez vorobiej 2017-02-11 09:32:59

Odp: NEXX 3020 do samochodu -kilka pytań początkującego (4 odpowiedzi, napisanych Oprogramowanie / Software)

25 Temat przez vorobiej 2017-02-11 08:57:38

Temat: NEXX 3020 do samochodu -kilka pytań początkującego (4 odpowiedzi, napisanych Oprogramowanie / Software)

Znalezione posty: 25