1 Temat przez kempas

  • kempas
  • Użytkownik
  • Nieaktywny
  • Zarejestrowany: 2013-11-06
  • Posty: 16

Temat: OpenVPN łączy się, ale nie ma dostępu do LAN

Witajcie,
skonfigurowałem OpenVPN na Gargoyle 1.6.1.4 (r41182)
Konfigurację jakiś czas temu przeprowadzałem na strony G 1.5 i działało.
Po aktualizacji 1.6 nie uruchamiałem (nie było mi potrzebne), teraz chciałem się "wbić" i nie idzie.
Konfiguracja przeprowadzona zgodnie z  link
Port do przekierowania dodany.
Paczka z konfiguracją wrzucona do katalogu config.
Status mam połączono z Klient1, ikona na zielono.

Sieć na routerze gdzie stoi OpenVPN to 192.168.18.1,
sieć na routerze z którego chcę się połączyć to 2.1

Niestety nie mogę pingować 18.1,
niby połączony ale jakby z VPN, ale nie z siecią LAN

2 Odpowiedź przez khain

  • khain
  • Użytkownik
  • Nieaktywny
  • Zarejestrowany: 2013-09-15
  • Posty: 328

Odp: OpenVPN łączy się, ale nie ma dostępu do LAN

A serwer się uruchamia? Wrzuć log.

TP-Link TL-WDR3600 v1.5 -  OpenWrt Chaos Calmer 15.05.1 with Luci +Microsoft LifeCam VX-3000
RaspberryPi 2 - OMV Stone Burner 2.0.15 +Creative SB Play +Medion OR24V +DVB-T Media-Tech MT4163  +MP00202AC +3xDS18B20 +HIH-4000-002 +MPXHZ6115A +Samsung SPF-85H +D-Link DUB-H7

3 Odpowiedź przez zygmunt (edytowany przez zygmunt 2015-03-04 17:38:17)

  • Zarejestrowany: 2015-01-27
  • Posty: 33

Odp: OpenVPN łączy się, ale nie ma dostępu do LAN

Podepnę się pod temat. Sam mam problem z VPN na wdr4300 z firmware gargoyle 1.7BB. Wszystko ustawione Klient1 łączy się z serwerem VPN, ale nie widzę otoczenia sieciowego tylko swój komputer. Pingi przechodzą bez problemu na każdy adres z sieci LAN. Ustawiony serwer według instrukcji powyżej.

4 Odpowiedź przez kempas (edytowany przez kempas 2015-03-07 12:52:13)

  • kempas
  • Użytkownik
  • Nieaktywny
  • Zarejestrowany: 2013-11-06
  • Posty: 16

Odp: OpenVPN łączy się, ale nie ma dostępu do LAN

Serwer uruchomiony, w zakładce podłączeni klienci też jest widoczny.

Mar  4 17:03:38 Router_zse kern.warn kernel: [   84.960000] [<8008ebf4>] 0x8008ebf4
Mar  4 17:03:38 Router_zse kern.warn kernel: [   84.960000] [<80300000>] 0x80300000
Mar  4 17:03:38 Router_zse kern.warn kernel: [   84.960000] [<8021306c>] 0x8021306c
Mar  4 17:03:38 Router_zse kern.warn kernel: [   84.960000] [<800da338>] 0x800da338
Mar  4 17:03:38 Router_zse kern.warn kernel: [   84.960000] [<802130f4>] 0x802130f4
Mar  4 17:03:38 Router_zse kern.warn kernel: [   84.960000] [<80222cb8>] 0x80222cb8
Mar  4 17:03:38 Router_zse kern.warn kernel: [   84.960000] [<801df260>] 0x801df260
Mar  4 17:03:38 Router_zse kern.warn kernel: [   84.960000] [<801de920>] 0x801de920
Mar  4 17:03:38 Router_zse kern.warn kernel: [   84.960000] [<8006a364>] 0x8006a364
Mar  4 17:03:38 Router_zse kern.warn kernel: [   84.960000] [<800d71a0>] 0x800d71a0
Mar  4 17:03:38 Router_zse kern.warn kernel: [   84.960000]
Mar  4 17:03:38 Router_zse kern.warn kernel: [   84.960000] Mem-Info:
Mar  4 17:03:39 Router_zse kern.warn kernel: [   84.960000] Normal per-cpu:
Mar  4 17:03:39 Router_zse kern.warn kernel: [   84.960000] CPU    0: hi:    0, btch:   1 usd:   0
Mar  4 17:03:39 Router_zse kern.warn kernel: [   84.960000] active_anon:405 inactive_anon:356 isolated_anon:0
Mar  4 17:03:39 Router_zse kern.warn kernel: [   84.960000]  active_file:1403 inactive_file:1459 isolated_file:0
Mar  4 17:03:39 Router_zse kern.warn kernel: [   84.960000]  unevictable:0 dirty:0 writeback:0 unstable:0
Mar  4 17:03:39 Router_zse kern.warn kernel: [   84.960000]  free:68 slab_reclaimable:423 slab_unreclaimable:1585
Mar  4 17:03:39 Router_zse kern.warn kernel: [   84.960000]  mapped:423 shmem:30 pagetables:107 bounce:0
Mar  4 17:03:39 Router_zse kern.warn kernel: [   84.960000] Normal free:272kB min:720kB low:900kB high:1080kB active_anon:1620kB inactive_anon:1424kB active_file:5612kB inactive_file:5836kB unevictable:0kB isolated(anon):0kB isolated(file):0kB present:32512kB mlocked:0kB d
Mar  4 17:03:39 Router_zse kern.warn kernel: [   84.960000] lowmem_reserve[]: 0 0
Mar  4 17:03:39 Router_zse kern.warn kernel: [   84.960000] Normal: 0*4kB 0*8kB 1*16kB 0*32kB 0*64kB 0*128kB 1*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 272kB
Mar  4 17:03:39 Router_zse kern.warn kernel: [   84.960000] 2899 total pagecache pages
Mar  4 17:03:39 Router_zse kern.warn kernel: [   84.960000] 0 pages in swap cache
Mar  4 17:03:39 Router_zse kern.warn kernel: [   84.960000] Swap cache stats: add 0, delete 0, find 0/0
Mar  4 17:03:39 Router_zse kern.warn kernel: [   84.960000] Free swap  = 0kB
Mar  4 17:03:39 Router_zse kern.warn kernel: [   84.960000] Total swap = 0kB
Mar  4 17:03:39 Router_zse kern.warn kernel: [   84.960000] 8192 pages RAM
Mar  4 17:03:39 Router_zse kern.warn kernel: [   84.960000] 903 pages reserved
Mar  4 17:03:39 Router_zse kern.warn kernel: [   84.960000] 2871 pages shared
Mar  4 17:03:39 Router_zse kern.warn kernel: [   84.960000] 5852 pages non-shared
Mar  4 17:03:39 Router_zse kern.warn kernel: [   84.960000] SLUB: Unable to allocate memory on node -1 (gfp=0x20)
Mar  4 17:03:39 Router_zse kern.warn kernel: [   84.960000]   cache: kmalloc-128, object size: 128, buffer size: 128, default order: 0, min order: 0
Mar  4 17:03:39 Router_zse kern.warn kernel: [   84.960000]   node 0: slabs: 0, objs: 0, free: 0
Mar  4 17:03:39 Router_zse kern.warn kernel: [   85.280000] iptables: page allocation failure: order:0, mode:0x20
Mar  4 17:03:39 Router_zse kern.warn kernel: [   85.280000] Call Trace:[<8028f1bc>] 0x8028f1bc
Mar  4 17:03:39 Router_zse kern.warn kernel: [   85.280000] [<8028f1bc>] 0x8028f1bc
Mar  4 17:03:39 Router_zse kern.warn kernel: [   85.280000] [<800af758>] 0x800af758
Mar  4 17:03:40 Router_zse kern.warn kernel: [   87.040000] disktype: sending ioctl 5305 to a partition!
Mar  4 17:03:40 Router_zse kern.warn kernel: [   87.040000] disktype: sending ioctl 5305 to a partition!
Mar  4 17:03:40 Router_zse kern.info kernel: [   87.150000] EXT4-fs (sda1): mounted filesystem with ordered data mode. Opts: (null)
Mar  4 17:03:40 Router_zse kern.warn kernel: [   87.360000] disktype: sending ioctl 5305 to a partition!
Mar  4 17:03:40 Router_zse kern.warn kernel: [   87.360000] disktype: sending ioctl 5305 to a partition!
Mar  4 17:03:40 Router_zse daemon.info ddns_gargoyle[2192]: Forcing update:
Mar  4 17:03:40 Router_zse kern.info kernel: [   87.400000] Adding 2097148k swap on /dev/sda2.  Priority:-1 extents:1 across:2097148k
Mar  4 17:03:40 Router_zse user.notice root: vsftpd init: mounted = 1
Mar  4 17:03:40 Router_zse user.notice root: vsftpd init: got_lock = 1
Mar  4 17:03:40 Router_zse daemon.info ddns_gargoyle[2192]:         Successfully retrieved local ip from url: http://checkmyip.com
Mar  4 17:03:41 Router_zse user.info sysinit: setting up led WLAN
Mar  4 17:03:42 Router_zse daemon.info ddns_gargoyle[2192]:     Update successful
Mar  4 17:03:42 Router_zse daemon.info ddns_gargoyle[2192]: Forcing update:
Mar  4 17:03:43 Router_zse daemon.notice openvpn(custom_config)[2351]: OpenVPN 2.2.2 mips-openwrt-linux [SSL] [LZO2] [EPOLL] built on Jul  9 2013
Mar  4 17:03:43 Router_zse daemon.warn openvpn(custom_config)[2351]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mar  4 17:03:44 Router_zse daemon.info ddns_gargoyle[2192]:     Update successful
Mar  4 17:03:44 Router_zse daemon.notice openvpn(custom_config)[2351]: Diffie-Hellman initialized with 1024 bit key
Mar  4 17:03:44 Router_zse daemon.notice openvpn(custom_config)[2351]: Control Channel Authentication: using '/etc/openvpn/ta.key' as a OpenVPN static key file
Mar  4 17:03:44 Router_zse daemon.notice openvpn(custom_config)[2351]: Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar  4 17:03:44 Router_zse daemon.notice openvpn(custom_config)[2351]: Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar  4 17:03:44 Router_zse daemon.notice openvpn(custom_config)[2351]: TLS-Auth MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Mar  4 17:03:44 Router_zse daemon.notice openvpn(custom_config)[2351]: Socket Buffers: R=[163840->131072] S=[163840->131072]
Mar  4 17:03:44 Router_zse daemon.notice openvpn(custom_config)[2351]: TUN/TAP device tun0 opened
Mar  4 17:03:44 Router_zse daemon.notice openvpn(custom_config)[2351]: TUN/TAP TX queue length set to 100
Mar  4 17:03:44 Router_zse daemon.notice openvpn(custom_config)[2351]: /sbin/ifconfig tun0 10.8.0.2 netmask 255.255.255.0 mtu 1500 broadcast 10.8.0.255
Mar  4 17:03:44 Router_zse daemon.notice openvpn(custom_config)[2351]: /etc/openvpn.up tun0 1500 1542 10.8.0.2 255.255.255.0 init
Mar  4 17:03:44 Router_zse daemon.notice netifd: Interface 'vpn' is now up
Mar  4 17:03:44 Router_zse user.notice root: openvpn up script called
Mar  4 17:03:45 Router_zse kern.warn kernel: [   92.050000] ipt_bandwidth: timezone shift of 60 minutes detected, adjusting
Mar  4 17:03:45 Router_zse kern.warn kernel: [   92.060000]                old minutes west=0, new minutes west=-60
Mar  4 17:03:52 Router_zse daemon.notice openvpn(custom_config)[2351]: Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Mar  4 17:03:52 Router_zse daemon.notice openvpn(custom_config)[2351]: UDPv4 link local (bound): [undef]:1194
Mar  4 17:03:52 Router_zse daemon.notice openvpn(custom_config)[2351]: UDPv4 link remote: [undef]
Mar  4 17:03:52 Router_zse daemon.notice openvpn(custom_config)[2351]: MULTI: multi_init called, r=256 v=256
Mar  4 17:03:52 Router_zse daemon.notice openvpn(custom_config)[2351]: Initialization Sequence Completed
Mar  4 17:03:56 Router_zse daemon.notice miniupnpd[2795]: HTTP listening on port 5000
Mar  4 17:03:56 Router_zse daemon.notice miniupnpd[2795]: Listening for NAT-PMP traffic on port 5351
Mar  4 17:03:56 Router_zse user.notice firewall: Reloading firewall due to ifup of vpn (tun0)
Mar  4 17:04:20 Router_zse user.notice firewall: Reloading firewall due to ifup of wan (pppoe-wan)
Mar  4 17:05:56 Router_zse daemon.info ddns_gargoyle[2192]:         Successfully retrieved local ip from url: http://www.ipchicken.com
Mar  4 17:06:11 Router_zse daemon.err openvpn(custom_config)[2351]: event_wait : Interrupted system call (code=4)
Mar  4 17:06:12 Router_zse daemon.notice openvpn(custom_config)[2351]: TCP/UDP: Closing socket
Mar  4 17:06:12 Router_zse daemon.notice openvpn(custom_config)[2351]: Closing TUN/TAP interface
Mar  4 17:06:12 Router_zse daemon.notice openvpn(custom_config)[2351]: /sbin/ifconfig tun0 0.0.0.0
Mar  4 17:06:12 Router_zse daemon.notice netifd: Interface 'vpn' is now down
Mar  4 17:06:12 Router_zse daemon.notice openvpn(custom_config)[2351]: /etc/openvpn.down tun0 1500 1542 10.8.0.2 255.255.255.0 init
Mar  4 17:06:12 Router_zse user.notice root: openvpn down script called
Mar  4 17:06:18 Router_zse daemon.notice openvpn(custom_config)[4347]: OpenVPN 2.2.2 mips-openwrt-linux [SSL] [LZO2] [EPOLL] built on Jul  9 2013
Mar  4 17:06:18 Router_zse daemon.warn openvpn(custom_config)[4347]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mar  4 17:06:18 Router_zse daemon.notice openvpn(custom_config)[4347]: Diffie-Hellman initialized with 1024 bit key
Mar  4 17:06:18 Router_zse daemon.notice openvpn(custom_config)[4347]: Control Channel Authentication: using '/etc/openvpn/ta.key' as a OpenVPN static key file
Mar  4 17:06:18 Router_zse daemon.notice openvpn(custom_config)[4347]: Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar  4 17:06:18 Router_zse daemon.notice openvpn(custom_config)[4347]: Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar  4 17:06:18 Router_zse daemon.notice openvpn(custom_config)[4347]: TLS-Auth MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Mar  4 17:06:18 Router_zse daemon.notice openvpn(custom_config)[4347]: Socket Buffers: R=[163840->131072] S=[163840->131072]
Mar  4 17:06:18 Router_zse daemon.notice openvpn(custom_config)[4347]: TUN/TAP device tun0 opened
Mar  4 17:06:18 Router_zse daemon.notice openvpn(custom_config)[4347]: TUN/TAP TX queue length set to 100
Mar  4 17:06:18 Router_zse daemon.notice openvpn(custom_config)[4347]: /sbin/ifconfig tun0 10.8.0.2 netmask 255.255.255.0 mtu 1500 broadcast 10.8.0.255
Mar  4 17:06:18 Router_zse daemon.notice netifd: Interface 'vpn' is now up
Mar  4 17:06:18 Router_zse daemon.notice openvpn(custom_config)[4347]: /etc/openvpn.up tun0 1500 1542 10.8.0.2 255.255.255.0 init
Mar  4 17:06:18 Router_zse user.notice root: openvpn up script called
Mar  4 17:06:19 Router_zse daemon.notice openvpn(custom_config)[4347]: Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Mar  4 17:06:19 Router_zse daemon.notice openvpn(custom_config)[4347]: UDPv4 link local (bound): [undef]:1194
Mar  4 17:06:19 Router_zse daemon.notice openvpn(custom_config)[4347]: UDPv4 link remote: [undef]
Mar  4 17:06:19 Router_zse daemon.notice openvpn(custom_config)[4347]: MULTI: multi_init called, r=256 v=256
Mar  4 17:06:19 Router_zse daemon.notice openvpn(custom_config)[4347]: Initialization Sequence Completed
Mar  4 17:06:19 Router_zse daemon.notice miniupnpd[4418]: HTTP listening on port 5000
Mar  4 17:06:19 Router_zse daemon.notice miniupnpd[4418]: Listening for NAT-PMP traffic on port 5351
Mar  4 17:06:20 Router_zse user.notice firewall: Reloading firewall due to ifup of vpn (tun0)
Mar  4 17:20:57 Router_zse daemon.info ddns_gargoyle[2192]:         Successfully retrieved local ip from url: http://www.tracemyip.org
Mar  4 17:36:01 Router_zse daemon.info ddns_gargoyle[2192]:         Could not determine local ip from url: http://checkip.dyndns.org
Mar  4 17:36:01 Router_zse daemon.info ddns_gargoyle[2192]:         Successfully retrieved local ip from url: http://checkip.org
Mar  4 17:36:02 Router_zse daemon.info ddns_gargoyle[2192]:         Successfully retrieved local ip from url: http://www.ip-address.org
Mar  4 17:50:44 Router_zse daemon.notice openvpn(custom_config)[4347]: MULTI: multi_create_instance called
Mar  4 17:50:44 Router_zse daemon.notice openvpn(custom_config)[4347]: 31.61.140.193:3270 Re-using SSL/TLS context
Mar  4 17:50:44 Router_zse daemon.notice openvpn(custom_config)[4347]: 31.61.140.193:3270 LZO compression initialized
Mar  4 17:50:44 Router_zse daemon.notice openvpn(custom_config)[4347]: 31.61.140.193:3270 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Mar  4 17:50:44 Router_zse daemon.notice openvpn(custom_config)[4347]: 31.61.140.193:3270 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Mar  4 17:50:44 Router_zse daemon.notice openvpn(custom_config)[4347]: 31.61.140.193:3270 TLS: Initial packet from 31.61.140.193:3270, sid=2b3a6837 2ad66e98
Mar  4 17:50:47 Router_zse daemon.notice openvpn(custom_config)[4347]: 31.61.140.193:3270 VERIFY OK: depth=1, /C=__/ST=UnknownProvince/L=UnknownCity/O=UnknownOrg/OU=UnknownOrgUnit/CN=biydseuvtzprixy/name=biydseuvtzprixy/emailAddress=biydseuvtzprixy@ckqfcmsqlofrswy.com
Mar  4 17:50:47 Router_zse daemon.notice openvpn(custom_config)[4347]: 31.61.140.193:3270 VERIFY OK: depth=0, /C=__/ST=UnknownProvince/L=UnknownCity/O=UnknownOrg/OU=UnknownOrgUnit/CN=klient1/name=klient1/emailAddress=klient1@.com
Mar  4 17:50:47 Router_zse daemon.notice openvpn(custom_config)[4347]: 31.61.140.193:3270 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mar  4 17:50:47 Router_zse daemon.notice openvpn(custom_config)[4347]: 31.61.140.193:3270 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar  4 17:50:47 Router_zse daemon.notice openvpn(custom_config)[4347]: 31.61.140.193:3270 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mar  4 17:50:47 Router_zse daemon.notice openvpn(custom_config)[4347]: 31.61.140.193:3270 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar  4 17:50:47 Router_zse daemon.notice openvpn(custom_config)[4347]: 31.61.140.193:3270 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mar  4 17:50:47 Router_zse daemon.notice openvpn(custom_config)[4347]: 31.61.140.193:3270 [klient1] Peer Connection Initiated with 31.61.140.193:3270
Mar  4 17:50:47 Router_zse daemon.notice openvpn(custom_config)[4347]: klient1/31.61.140.193:3270 OPTIONS IMPORT: reading client specific options from: /etc/openvpn/ccd/klient1
Mar  4 17:50:47 Router_zse daemon.notice openvpn(custom_config)[4347]: klient1/31.61.140.193:3270 MULTI: Learn: 10.8.0.3 -> klient1/31.61.140.193:3270
Mar  4 17:50:47 Router_zse daemon.notice openvpn(custom_config)[4347]: klient1/31.61.140.193:3270 MULTI: primary virtual IP for klient1/31.61.140.193:3270: 10.8.0.3
Mar  4 17:50:49 Router_zse daemon.notice openvpn(custom_config)[4347]: klient1/31.61.140.193:3270 PUSH: Received control message: 'PUSH_REQUEST'
Mar  4 17:50:49 Router_zse daemon.notice openvpn(custom_config)[4347]: klient1/31.61.140.193:3270 SENT CONTROL [klient1]: 'PUSH_REPLY,topology subnet,route-gateway 10.8.0.2,redirect-gateway def1,ping 25,ping-restart 180,route 192.168.18.0 255.255.254.0 10.8.0.2,ifconfig 10.8.
Mar  4 17:50:50 Router_zse daemon.warn openvpn(custom_config)[4347]: klient1/31.61.140.193:3270 IPv6 in tun mode is not supported in OpenVPN 2.2
Mar  4 17:50:56 Router_zse daemon.info ddns_gargoyle[2192]:         Successfully retrieved local ip from url: http://my-ip-address.com
Mar  4 17:51:01 Router_zse daemon.info ddns_gargoyle[2192]:         Could not determine local ip from url: http://www.selfseo.com/what_is_my_ip.php
Mar  4 17:51:01 Router_zse daemon.info ddns_gargoyle[2192]:         Successfully retrieved local ip from url: http://aruljohn.com
Mar  4 17:58:05 Router_zse ftp.info vsftpd[5066]: [ftp] OK LOGIN: Client "31.61.140.193", anon password "<no_password>"
Mar  4 17:58:10 Router_zse ftp.info vsftpd[5069]: [ftp] OK LOGIN: Client "31.61.140.193", anon password "<no_password>"
Mar  4 17:58:14 Router_zse ftp.info vsftpd[5072]: [ftp] OK LOGIN: Client "31.61.140.193", anon password "<no_password>"
Mar  4 17:58:18 Router_zse ftp.info vsftpd[5075]: [ftp] OK LOGIN: Client "31.61.140.193", anon password "<no_password>"
Success

---
Pomoże ktoś?

5 Odpowiedź przez kempas

  • kempas
  • Użytkownik
  • Nieaktywny
  • Zarejestrowany: 2013-11-06
  • Posty: 16

Odp: OpenVPN łączy się, ale nie ma dostępu do LAN

Podbijam

6 Odpowiedź przez pepe2k

  • pepe2k
  • pepe2k
  • Użytkownik
  • Nieaktywny
  • Zarejestrowany: 2012-10-29
  • Posty: 5,028

Odp: OpenVPN łączy się, ale nie ma dostępu do LAN

kempas napisał/a:

Podbijam

Tak w ogóle, to kernel Ci się wykłada z braku pamięci RAM.

7 Odpowiedź przez kempas

  • kempas
  • Użytkownik
  • Nieaktywny
  • Zarejestrowany: 2013-11-06
  • Posty: 16

Odp: OpenVPN łączy się, ale nie ma dostępu do LAN

Jakaś rada jak temu zaradzić ?

8 Odpowiedź przez khain

  • khain
  • Użytkownik
  • Nieaktywny
  • Zarejestrowany: 2013-09-15
  • Posty: 328

Odp: OpenVPN łączy się, ale nie ma dostępu do LAN

Zrób swapa http://eko.one.pl/?p=openwrt-externalroot. Openvpn się wykłada, bo nie ma wolnej pamięci.

TP-Link TL-WDR3600 v1.5 -  OpenWrt Chaos Calmer 15.05.1 with Luci +Microsoft LifeCam VX-3000
RaspberryPi 2 - OMV Stone Burner 2.0.15 +Creative SB Play +Medion OR24V +DVB-T Media-Tech MT4163  +MP00202AC +3xDS18B20 +HIH-4000-002 +MPXHZ6115A +Samsung SPF-85H +D-Link DUB-H7

9 Odpowiedź przez Gruberek

  • Skąd: Piotrków Tryb.
  • Zarejestrowany: 2013-08-04
  • Posty: 712

Odp: OpenVPN łączy się, ale nie ma dostępu do LAN

khain napisał/a:

Zrób swapa http://eko.one.pl/?p=openwrt-externalroot. Openvpn się wykłada, bo nie ma wolnej pamięci.

Przecież ma swap.

Home: ZyXEL NBG6817 (OpenWrt)
NAS: HP ProLiant MicroServer Gen8 E3-1265L V2, 16 GB (PVE)

Gruberek's Strona

10 Odpowiedź przez kempas

  • kempas
  • Użytkownik
  • Nieaktywny
  • Zarejestrowany: 2013-11-06
  • Posty: 16

Odp: OpenVPN łączy się, ale nie ma dostępu do LAN

Zrobiłem upgrade do nowej wersji, problem pozostał, poniżej logi:

Mar 11 20:18:49 Router_zse daemon.notice openvpn(custom_config)[10815]: TCP/UDP: Closing socket
Mar 11 20:18:49 Router_zse daemon.notice openvpn(custom_config)[10815]: Closing TUN/TAP interface
Mar 11 20:18:49 Router_zse daemon.notice openvpn(custom_config)[10815]: /sbin/ifconfig tun0 0.0.0.0
Mar 11 20:18:49 Router_zse daemon.notice netifd: Interface 'vpn' is now down
Mar 11 20:18:49 Router_zse daemon.notice openvpn(custom_config)[10815]: /etc/openvpn.down tun0 1500 1542 10.8.0.2 255.255.255.0 init
Mar 11 20:18:49 Router_zse user.notice root: openvpn down script called
Mar 11 20:18:56 Router_zse daemon.notice openvpn(custom_config)[13016]: OpenVPN 2.2.2 mips-openwrt-linux [SSL] [LZO2] [EPOLL] built on Jul  9 2013
Mar 11 20:18:56 Router_zse daemon.warn openvpn(custom_config)[13016]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mar 11 20:18:56 Router_zse daemon.notice openvpn(custom_config)[13016]: Diffie-Hellman initialized with 1024 bit key
Mar 11 20:18:56 Router_zse daemon.notice openvpn(custom_config)[13016]: Control Channel Authentication: using '/etc/openvpn/ta.key' as a OpenVPN static key file
Mar 11 20:18:56 Router_zse daemon.notice openvpn(custom_config)[13016]: Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 11 20:18:56 Router_zse daemon.notice openvpn(custom_config)[13016]: Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 11 20:18:56 Router_zse daemon.notice openvpn(custom_config)[13016]: TLS-Auth MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Mar 11 20:18:56 Router_zse daemon.notice openvpn(custom_config)[13016]: Socket Buffers: R=[163840->131072] S=[163840->131072]
Mar 11 20:18:56 Router_zse daemon.notice netifd: Interface 'vpn' is now up
Mar 11 20:18:56 Router_zse daemon.notice openvpn(custom_config)[13016]: TUN/TAP device tun0 opened
Mar 11 20:18:56 Router_zse daemon.notice openvpn(custom_config)[13016]: TUN/TAP TX queue length set to 100
Mar 11 20:18:56 Router_zse daemon.notice openvpn(custom_config)[13016]: /sbin/ifconfig tun0 10.8.0.2 netmask 255.255.255.0 mtu 1500 broadcast 10.8.0.255
Mar 11 20:18:56 Router_zse daemon.notice openvpn(custom_config)[13016]: /etc/openvpn.up tun0 1500 1542 10.8.0.2 255.255.255.0 init
Mar 11 20:18:57 Router_zse user.notice root: openvpn up script called
Mar 11 20:18:57 Router_zse daemon.notice openvpn(custom_config)[13016]: Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Mar 11 20:18:57 Router_zse daemon.notice openvpn(custom_config)[13016]: UDPv4 link local (bound): [undef]:1194
Mar 11 20:18:57 Router_zse daemon.notice openvpn(custom_config)[13016]: UDPv4 link remote: [undef]
Mar 11 20:18:57 Router_zse daemon.notice openvpn(custom_config)[13016]: MULTI: multi_init called, r=256 v=256
Mar 11 20:18:57 Router_zse daemon.notice openvpn(custom_config)[13016]: Initialization Sequence Completed
Mar 11 20:18:58 Router_zse daemon.notice miniupnpd[13087]: HTTP listening on port 5000
Mar 11 20:18:58 Router_zse daemon.notice miniupnpd[13087]: Listening for NAT-PMP traffic on port 5351
Mar 11 20:18:58 Router_zse user.notice firewall: Reloading firewall due to ifup of vpn (tun0)
Mar 11 20:33:35 Router_zse daemon.info ddns_gargoyle[3908]:         Successfully retrieved local ip from url: http://www.ip-address.org
Mar 11 20:39:11 Router_zse daemon.notice openvpn(custom_config)[13016]: MULTI: multi_create_instance called
Mar 11 20:39:11 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:23123 Re-using SSL/TLS context
Mar 11 20:39:11 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:23123 LZO compression initialized
Mar 11 20:39:11 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:23123 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Mar 11 20:39:11 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:23123 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Mar 11 20:39:11 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:23123 TLS: Initial packet from 31.61.140.144:23123, sid=794b7c96 dfa6830a
Mar 11 20:39:16 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:23123 VERIFY OK: depth=1, /C=__/ST=UnknownProvince/L=UnknownCity/O=UnknownOrg/OU=UnknownOrgUnit/CN=kelokxdzpnakjoh/name=kelokxdzpnakjoh/emailAddress=kelokxdzpnakjoh@vebhhplbbksxckl.com
Mar 11 20:39:16 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:23123 VERIFY OK: depth=0, /C=__/ST=UnknownProvince/L=UnknownCity/O=UnknownOrg/OU=UnknownOrgUnit/CN=klient1/name=klient1/emailAddress=klient1@.com
Mar 11 20:39:17 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:23123 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mar 11 20:39:17 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:23123 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 11 20:39:17 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:23123 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mar 11 20:39:17 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:23123 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 11 20:39:17 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:23123 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mar 11 20:39:17 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:23123 [klient1] Peer Connection Initiated with 31.61.140.144:23123
Mar 11 20:39:17 Router_zse daemon.notice openvpn(custom_config)[13016]: klient1/31.61.140.144:23123 OPTIONS IMPORT: reading client specific options from: /etc/openvpn/ccd/klient1
Mar 11 20:39:17 Router_zse daemon.notice openvpn(custom_config)[13016]: klient1/31.61.140.144:23123 MULTI: Learn: 10.8.0.3 -> klient1/31.61.140.144:23123
Mar 11 20:39:17 Router_zse daemon.notice openvpn(custom_config)[13016]: klient1/31.61.140.144:23123 MULTI: primary virtual IP for klient1/31.61.140.144:23123: 10.8.0.3
Mar 11 20:39:19 Router_zse daemon.notice openvpn(custom_config)[13016]: klient1/31.61.140.144:23123 PUSH: Received control message: 'PUSH_REQUEST'
Mar 11 20:39:19 Router_zse daemon.notice openvpn(custom_config)[13016]: klient1/31.61.140.144:23123 SENT CONTROL [klient1]: 'PUSH_REPLY,topology subnet,route-gateway 10.8.0.2,redirect-gateway def1,ping 25,ping-restart 180,route 192.168.18.0 255.255.254.0 10.8.0.2,ifconfig 10.
Mar 11 20:39:19 Router_zse daemon.warn openvpn(custom_config)[13016]: klient1/31.61.140.144:23123 IPv6 in tun mode is not supported in OpenVPN 2.2
Mar 11 20:42:33 Router_zse daemon.notice openvpn(custom_config)[13016]: MULTI: multi_create_instance called
Mar 11 20:42:33 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:13250 Re-using SSL/TLS context
Mar 11 20:42:33 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:13250 LZO compression initialized
Mar 11 20:42:33 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:13250 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Mar 11 20:42:33 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:13250 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Mar 11 20:42:33 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:13250 TLS: Initial packet from 31.61.140.144:13250, sid=431da5ce dc420985
Mar 11 20:42:34 Router_zse daemon.err openvpn(custom_config)[13016]: 31.61.140.144:13250 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #12 / time = (1426102959) Wed Mar 11 20:42:39 2015 ] -- see the man page entry for --no-replay and --replay-window
Mar 11 20:42:34 Router_zse daemon.err openvpn(custom_config)[13016]: 31.61.140.144:13250 TLS Error: incoming packet authentication failed from 31.61.140.144:13250
Mar 11 20:42:36 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:13250 VERIFY OK: depth=1, /C=__/ST=UnknownProvince/L=UnknownCity/O=UnknownOrg/OU=UnknownOrgUnit/CN=kelokxdzpnakjoh/name=kelokxdzpnakjoh/emailAddress=kelokxdzpnakjoh@vebhhplbbksxckl.com
Mar 11 20:42:36 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:13250 VERIFY OK: depth=0, /C=__/ST=UnknownProvince/L=UnknownCity/O=UnknownOrg/OU=UnknownOrgUnit/CN=klient1/name=klient1/emailAddress=klient1@.com
Mar 11 20:42:36 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:13250 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mar 11 20:42:36 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:13250 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 11 20:42:36 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:13250 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mar 11 20:42:36 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:13250 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 11 20:42:36 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:13250 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mar 11 20:42:36 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:13250 [klient1] Peer Connection Initiated with 31.61.140.144:13250
Mar 11 20:42:36 Router_zse daemon.notice openvpn(custom_config)[13016]: MULTI: new connection by client 'klient1' will cause previous active sessions by this client to be dropped.  Remember to use the --duplicate-cn option if you want multiple clients using the same certifica
Mar 11 20:42:36 Router_zse daemon.notice openvpn(custom_config)[13016]: OPTIONS IMPORT: reading client specific options from: /etc/openvpn/ccd/klient1
Mar 11 20:42:36 Router_zse daemon.notice openvpn(custom_config)[13016]: MULTI: Learn: 10.8.0.3 -> klient1/31.61.140.144:13250
Mar 11 20:42:36 Router_zse daemon.notice openvpn(custom_config)[13016]: MULTI: primary virtual IP for klient1/31.61.140.144:13250: 10.8.0.3
Mar 11 20:42:38 Router_zse daemon.notice openvpn(custom_config)[13016]: klient1/31.61.140.144:13250 PUSH: Received control message: 'PUSH_REQUEST'
Mar 11 20:42:38 Router_zse daemon.notice openvpn(custom_config)[13016]: klient1/31.61.140.144:13250 SENT CONTROL [klient1]: 'PUSH_REPLY,topology subnet,route-gateway 10.8.0.2,redirect-gateway def1,ping 25,ping-restart 180,route 192.168.18.0 255.255.254.0 10.8.0.2,ifconfig 10.
Mar 11 20:45:18 Router_zse daemon.notice openvpn(custom_config)[13016]: MULTI: multi_create_instance called
Mar 11 20:45:18 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:5923 Re-using SSL/TLS context
Mar 11 20:45:18 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:5923 LZO compression initialized
Mar 11 20:45:18 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:5923 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Mar 11 20:45:18 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:5923 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Mar 11 20:45:18 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:5923 TLS: Initial packet from 31.61.140.144:5923, sid=5af1926e 0427f8e2
Mar 11 20:45:20 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:5923 VERIFY OK: depth=1, /C=__/ST=UnknownProvince/L=UnknownCity/O=UnknownOrg/OU=UnknownOrgUnit/CN=kelokxdzpnakjoh/name=kelokxdzpnakjoh/emailAddress=kelokxdzpnakjoh@vebhhplbbksxckl.com
Mar 11 20:45:20 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:5923 VERIFY OK: depth=0, /C=__/ST=UnknownProvince/L=UnknownCity/O=UnknownOrg/OU=UnknownOrgUnit/CN=klient1/name=klient1/emailAddress=klient1@.com
Mar 11 20:45:21 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:5923 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mar 11 20:45:21 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:5923 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 11 20:45:21 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:5923 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mar 11 20:45:21 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:5923 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 11 20:45:21 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:5923 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mar 11 20:45:21 Router_zse daemon.notice openvpn(custom_config)[13016]: 31.61.140.144:5923 [klient1] Peer Connection Initiated with 31.61.140.144:5923
Mar 11 20:45:21 Router_zse daemon.notice openvpn(custom_config)[13016]: MULTI: new connection by client 'klient1' will cause previous active sessions by this client to be dropped.  Remember to use the --duplicate-cn option if you want multiple clients using the same certifica
Mar 11 20:45:21 Router_zse daemon.notice openvpn(custom_config)[13016]: OPTIONS IMPORT: reading client specific options from: /etc/openvpn/ccd/klient1
Mar 11 20:45:21 Router_zse daemon.notice openvpn(custom_config)[13016]: MULTI: Learn: 10.8.0.3 -> klient1/31.61.140.144:5923
Mar 11 20:45:21 Router_zse daemon.notice openvpn(custom_config)[13016]: MULTI: primary virtual IP for klient1/31.61.140.144:5923: 10.8.0.3
Mar 11 20:45:23 Router_zse daemon.notice openvpn(custom_config)[13016]: klient1/31.61.140.144:5923 PUSH: Received control message: 'PUSH_REQUEST'
Mar 11 20:45:23 Router_zse daemon.notice openvpn(custom_config)[13016]: klient1/31.61.140.144:5923 SENT CONTROL [klient1]: 'PUSH_REPLY,topology subnet,route-gateway 10.8.0.2,redirect-gateway def1,ping 25,ping-restart 180,route 192.168.18.0 255.255.254.0 10.8.0.2,ifconfig 10.8
Mar 11 20:48:34 Router_zse daemon.info ddns_gargoyle[3908]:         Successfully retrieved local ip from url: http://my-ip-address.com
Mar 11 21:03:34 Router_zse daemon.info ddns_gargoyle[3908]:         Could not determine local ip from url: http://www.selfseo.com/what_is_my_ip.php
Mar 11 21:03:35 Router_zse daemon.info ddns_gargoyle[3908]:         Successfully retrieved local ip from url: http://aruljohn.com
Mar 11 21:18:34 Router_zse daemon.info ddns_gargoyle[3908]:         Successfully retrieved local ip from url: http://www.lawrencegoetz.com/programs/ipinfo/
Mar 11 21:33:34 Router_zse daemon.info ddns_gargoyle[3908]:         Successfully retrieved local ip from url: http://myipinfo.net
Mar 11 21:45:21 Router_zse daemon.notice openvpn(custom_config)[13016]: klient1/31.61.140.144:5923 TLS: soft reset sec=0 bytes=29619/0 pkts=373/0
Mar 11 21:45:23 Router_zse daemon.notice openvpn(custom_config)[13016]: klient1/31.61.140.144:5923 VERIFY OK: depth=1, /C=__/ST=UnknownProvince/L=UnknownCity/O=UnknownOrg/OU=UnknownOrgUnit/CN=kelokxdzpnakjoh/name=kelokxdzpnakjoh/emailAddress=kelokxdzpnakjoh@vebhhplbbksxckl.co
Mar 11 21:45:23 Router_zse daemon.notice openvpn(custom_config)[13016]: klient1/31.61.140.144:5923 VERIFY OK: depth=0, /C=__/ST=UnknownProvince/L=UnknownCity/O=UnknownOrg/OU=UnknownOrgUnit/CN=klient1/name=klient1/emailAddress=klient1@.com
Mar 11 21:45:23 Router_zse daemon.notice openvpn(custom_config)[13016]: klient1/31.61.140.144:5923 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mar 11 21:45:23 Router_zse daemon.notice openvpn(custom_config)[13016]: klient1/31.61.140.144:5923 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 11 21:45:23 Router_zse daemon.notice openvpn(custom_config)[13016]: klient1/31.61.140.144:5923 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mar 11 21:45:23 Router_zse daemon.notice openvpn(custom_config)[13016]: klient1/31.61.140.144:5923 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 11 21:45:23 Router_zse daemon.notice openvpn(custom_config)[13016]: klient1/31.61.140.144:5923 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Success