FAQ o OpenWrt | Sprzedam różne routery | Oddam

JarekMk · 2016-11-01 15:45:32

JarekMk
Użytkownik
Nieaktywny

Zarejestrowany: 2014-11-09
Posty: 328

Temat: Gargoyle klient OpenVPN

Serwer mam na Debianie,

Format jedno plikowy taki:

client
dev tun
proto udp
remote xxxxxxx yyyy
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-CBC
auth SHA512
setenv opt block-outside-dns
tls-version-min 1.2
tls-client
tls-cipher TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
<ca>
-----BEGIN CERTIFICATE-----
MIIDKzCCAhOgAwIBAgIJAMvJuUT0YtWiMA0GCSqGSIb3DQEBCwUAMBMxETAPBgNV
BAMMCENoYW5nZU1lMB4XDTE2MTAyOTA4NTM0MFoXDTI2MTAyNzA4NTM0MFowEzER
MA8GA1UEAwwIQ2hhbmdlTWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDXzi5lvykDyiZqMoLl6+MkYlGEuZZ8SU1J32LMfdbrgJ36t0/sF3nQVlmqp0jD
1mcHbF8wQQT5+NY2o9MQH7wWTomN8goAGLoAV5A+2yrv3CjXfM9O6dLeCB0sLp6N
iF2xITLeExr7BYv0hxed
+NB4I4Jwk1tA5V+5YSjidWT6rJgwlPEle8SZDYPZOEU9T3piDAaZqdISoh1Zhj0s
YU3tNxa6FkJmhwYBZk64doFczocEGzdK8YxrzpGv3P5JzRt9HbT0F7g6XWqvgMAh
vnD6L4iPCYPf7IFK6OfZrYiPNpnwmLi47FPSrpm+RrPHzEIlLA5Q5MGC8JraNlhF
Emvo/3XXiVyM4dtxSua5bZ96wcl74N1kPzGFIrJQHHFCYPe/l3/832HSjMOt2xg=
-----END CERTIFICATE-----
</ca>
<cert>
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ChangeMe
Validity
Not Before: Oct 29 08:54:19 2016 GMT
Not After : Oct 27 08:54:19 2026 GMT
Subject: CN=lgliniecki
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:dc:8d:4e:e:6d:19:72:
ac:f2:4e:d6:ce:33:32:8d:42:0f:d5:18:8c:8d:8f:
19:22:ee:c:
08:89:28:a9:10:40:1f:24:90:7a:0e:c8:c6:4d:e2:
89:b0:23:96:ef:69:d5:e2:f5:24:e8:d5:9f:9e:3f:
8c:28:dc:ec:13:71:6c:65:a6:bf:65:db:73:c2:ef:
ab:56:da:91:9b:32:22:6b:1a:04:b2:4c:04:97:4f:
8d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
4D:02:BA:2F:C1:08:1E:BC:41:09:D5:4C:BF:07:40:FA:DA:AE:1B:26
X509v3 Authority Key Identifier:
keyid:36:1E:4C:F4:15:A6:FB:C5:C7:DE:F9:85:5F:7F:31:75:A6:4E:2E:FD
DirName:/CN=ChangeMe
serial:CB:C9:B9:44:F4:62:D5:A2

X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
Signature Algorithm: sha256WithRSAEncryption
87:b6:e:55:
68:ae:12:e0:86:60:20:9b:b7:0b:5f:7f:6f:62:3c:a5:b7:05:
99:e7:ad:5a:48:49:31:3e:af:aa:b2:a5:87:05:2c:86:40:e1:
09:c7:e3:77:57:36:7c:a7:f7:7e:41:5d:c5:1b:4c:de:15:9a:
e6:54:7b:06:48:26:34:96:28:4e:2f:ad:81:77:df:8a:35:4f:
41:44:f6:ed:2f:ac:c8:0b:39:2a:34:f1:a0:21:42:27:b9:b9:
a6:b4:ba:25:77:d3:ab:87:42:9a:ce:0e:7a:9d:f2:7d:8f:2b:
64:e2:60:ea:49:9d:9b:a2:b6:80:da:2b:67:3d:86:a1:b2:7f:
ae:18:09:cc
-----BEGIN CERTIFICATE-----
MIIDODCCAiCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDDAhDaGFu
Z2VNZTAeFw0x+RnQDux+4nj
ntHzbDlJazqTGG7doCu02Bd+NIesayLe3BDgu4p85id3YkT40sckVcpsAcoijAiJ
KKkQQB8kkHoOyMZN4omwI5bvadXi9STo1Z+eP4wo3OwTcWxlpr9l23PC76tW2pGb
MiJrGgSyTASXT43jAgMBAAGjgZQwgZEwCQYDVR0TBAIwADAdBgNVHQ4EFgQUTQK6
L8EIHrxBCdVMvwdA+tquGyYwQwYDVR0jBDwwOoAUNh5M9BWm+8XH3vmFX38xdaZO
Lv2hF6QVMBMxETAPBgNVBAMMCENoYW5nZU1lggkAy8m5RPRi1aIwEwYDVR0lBAww
CgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQCHtiLT
K+P3vsI1jRqyve3Yw5edtq4uR5MrjRhk4aZvBhSF99t/XhNbM8//yPXkiGMz0+kp
f5wrF7DnapQ4WzpY9A7pI4+HaFHw7au7zW2Drh1BJfsRD4dsj7VPJ8v38beV0srZ
8V0LxCw1U6YX1PUF9vHPgPn1WI5xgF1xnlVorhLghmAgm7cLX39vYjyltwWZ561a
SEkxPq+qsqWHBSyGQOEJx+N3VzZ8p/d+QV3FG0zeFZrmVHsGSCY0lihOL62Bd9+K
NU9BRPbtL6zICzkqNPGgIUInubmmtLold9Orh0Kazg56nfJ9jytk4mDqSZ2boraA
2itnPYahsn+uGAnM
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQDcjU7pa2DXStcm
X2Y14vri3qS7vp/w/BW80IsE7lRl18U3tmbvB906Y20ZcqzyTtbOMzKNQg/VGIyN
jxki7sGN7xH7jLEOf4b5rSeslLpsx1JFlGvTc7KdVfsYaCa+MpRYgWRxSdTRm6FA
nOZd8dACWTCon4h8Eyb0nPNqMjlMNEcWsZwBoR0bhVeN7+RnQDux+4njntHzbDlJ
azqTGG7doCu02Bd+NIesayLe3BDgu4p85id3YkT40sckVcpsAcoijAiJKKkQQB8k
kHoOyMZN4omwI5bvadXi9STo1Z+eP4wo3OwTcWxlpr9l23PC76tW2pGbMiJrGgSy
TASXT43jAgMBAAECggEBANQa5eAfz1Nde0pBBvgd4TAb9ItGCWVl2bXrTTchyXLk
LpukxJtukbicdAi8O00Quw41OJGXDcjfQhTFoOPyf5xzZXTo2kJaLMGjX/teUJtnFW2QEI5JNK90CXHfZ2e2ALvf1a1Nmfk+azCIGPilFtzZ
Dlq5k4oB7MUU6+K838ePN6ofYoOXxWUmFrXKDES1oIpnat3Rh+f0rHyqmxlHqeJx
3U1ShpLOBKlckkDNzTYypp2DmPDMWZburLgXUsQiZvkCgYEA+5KvzKi5l0jmAPTJ
g53sIWpE49hGyBpQIHP2ckW2D/65EUkqFeV8tjBHSaILa+hT2axjdkcxyRnZuVnr
Ff3jwCY8LNybIFF/GFjVLd6qrzVi2Kv0N0Aq1SK8KhNLpNPDwa1nAbBXeAjwqdIUbFW0XYo8VuGHumtfafn3WxwTM
kSQKgdrC8ui2UItIfEzRbfzs+IU=
-----END PRIVATE KEY-----
</key>
key-direction 1
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
c3a0f5b716db5df6d656a3633c87df9d
e5c23d15ce289195b2be3a661d4f1ae5
906195826da5018b00d07937851b5d16

02f33e4541c44e926731435def77fa7e
0201b1e90a8dc77a8be1b71166318508
794a66a6f8f
1d9ee6963fb220e7b5d77a4756db9bf9
23c053a42441f7fb3568f87ab1db70b3
-----END OpenVPN Static key V1-----
</tls-auth>

Ale nie łączy z serwerem, dlaczego?

Cezary · 2016-11-01 16:06:15

Cezary
...
Nieaktywny

Skąd: Warszawa
Zarejestrowany: 2006-02-25
Posty: 116,055

Odp: Gargoyle klient OpenVPN

Też nie wiemy. Pokaż logi.

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

JarekMk · 2016-11-01 16:21:19

JarekMk
Użytkownik
Nieaktywny

Zarejestrowany: 2014-11-09
Posty: 328

Odp: Gargoyle klient OpenVPN

Tue Nov 1 16:18:47 2016 daemon.info dnsmasq[9218]: using nameserver 208.67.222.222#53
Tue Nov 1 16:18:47 2016 daemon.info dnsmasq[9218]: using nameserver 208.67.220.220#53
Tue Nov 1 16:18:47 2016 daemon.info dnsmasq[9218]: read /etc/hosts - 3 addresses
Tue Nov 1 16:18:47 2016 daemon.info dnsmasq[9218]: read /tmp/hosts/dhcp - 1 addresses
Tue Nov 1 16:18:47 2016 daemon.info dnsmasq[9218]: read /plugin_root/adblock/block.hosts - 1 addresses
Tue Nov 1 16:18:47 2016 daemon.info dnsmasq-dhcp[9218]: read /etc/ethers - 0 addresses
Tue Nov 1 16:18:47 2016 daemon.warn dnsmasq-dhcp[9218]: not giving name datpol.lan to the DHCP lease of 192.168.1.246 because the name exists in /etc/hosts with address 192.168.1.1
Tue Nov 1 16:18:47 2016 daemon.warn dnsmasq-dhcp[9218]: not giving name datpol to the DHCP lease of 192.168.1.246 because the name exists in /etc/hosts with address 192.168.1.1
Tue Nov 1 16:18:47 2016 user.notice firewall: Reloading firewall due to ifup of wan6 (eth0.2)
Tue Nov 1 16:18:50 2016 daemon.notice netifd: wan (9078): Timeout running AT-command
Tue Nov 1 16:18:50 2016 daemon.notice netifd: wan (9078): Failed to connect
Tue Nov 1 16:18:50 2016 daemon.notice netifd: wan (9403): Stopping network
Tue Nov 1 16:18:53 2016 daemon.notice netifd: wan (9403): sending ->
Tue Nov 1 16:18:55 2016 daemon.notice netifd: Interface 'wan' is now down
Tue Nov 1 16:18:55 2016 daemon.notice netifd: Interface 'wan' is setting up now
Tue Nov 1 16:18:58 2016 daemon.notice netifd: wan (9411): sending ->
Tue Nov 1 16:19:00 2016 user.notice root: openvpn stopped, restarting
Tue Nov 1 16:19:00 2016 daemon.err openvpn(custom_config)[9440]: Options error: You must define TUN/TAP device (--dev)
Tue Nov 1 16:19:00 2016 daemon.warn openvpn(custom_config)[9440]: Use --help for more information.
Tue Nov 1 16:19:13 2016 daemon.notice netifd: wan (9411): Timeout running AT-command
Tue Nov 1 16:19:13 2016 daemon.notice netifd: wan (9411): Failed to connect
Tue Nov 1 16:19:13 2016 daemon.notice netifd: wan (9447): Stopping network
Tue Nov 1 16:19:15 2016 daemon.notice netifd: wan (9447): sending ->
Tue Nov 1 16:19:18 2016 daemon.notice netifd: Interface 'wan' is now down
Tue Nov 1 16:19:18 2016 daemon.notice netifd: Interface 'wan' is setting up now
Tue Nov 1 16:19:20 2016 daemon.notice netifd: wan (9455): sending ->
Tue Nov 1 16:19:33 2016 daemon.info dnsmasq-dhcp[9218]: DHCPINFORM(br-lan) 192.168.1.246 00:26:c6:0e:f0:3a
Tue Nov 1 16:19:33 2016 daemon.info dnsmasq-dhcp[9218]: DHCPACK(br-lan) 192.168.1.246 00:26:c6:0e:f0:3a datpol
Tue Nov 1 16:19:35 2016 daemon.notice netifd: wan (9455): Timeout running AT-command
Tue Nov 1 16:19:35 2016 daemon.notice netifd: wan (9455): Failed to connect
Tue Nov 1 16:19:35 2016 daemon.notice netifd: wan (9469): Stopping network
Tue Nov 1 16:19:37 2016 daemon.notice netifd: wan (9469): sending ->
Tue Nov 1 16:19:40 2016 daemon.notice netifd: Interface 'wan' is now down
Tue Nov 1 16:19:40 2016 daemon.notice netifd: Interface 'wan' is setting up now
Tue Nov 1 16:19:42 2016 daemon.notice netifd: wan (9477): sending ->

Cezary · 2016-11-01 16:27:50

Cezary
...
Nieaktywny

Skąd: Warszawa
Zarejestrowany: 2006-02-25
Posty: 116,055

Odp: Gargoyle klient OpenVPN

uci show openvpn pokaż.

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

JarekMk · 2016-11-01 17:06:43

JarekMk
Użytkownik
Nieaktywny

Zarejestrowany: 2014-11-09
Posty: 328

Odp: Gargoyle klient OpenVPN

uci show openvpn
openvpn.custom_config=openvpn
openvpn.custom_config.script_security='3'
openvpn.custom_config.up='/etc/openvpn.up'
openvpn.custom_config.down='/etc/openvpn.down'
openvpn.custom_config.config='/etc/openvpn/grouter_client_fpreipgiiuyn.conf'
openvpn.custom_config.enabled='1'
openvpn.sample_server=openvpn
openvpn.sample_server.enabled='0'
openvpn.sample_server.port='1194'
openvpn.sample_server.proto='udp'
openvpn.sample_server.dev='tun'
openvpn.sample_server.ca='/etc/openvpn/ca.crt'
openvpn.sample_server.cert='/etc/openvpn/server.crt'
openvpn.sample_server.key='/etc/openvpn/server.key'
openvpn.sample_server.dh='/etc/openvpn/dh1024.pem'
openvpn.sample_server.server='10.8.0.0 255.255.255.0'
openvpn.sample_server.ifconfig_pool_persist='/tmp/ipp.txt'
openvpn.sample_server.keepalive='10 120'
openvpn.sample_server.comp_lzo='yes'
openvpn.sample_server.persist_key='1'
openvpn.sample_server.persist_tun='1'
openvpn.sample_server.status='/tmp/openvpn-status.log'
openvpn.sample_server.verb='3'
openvpn.sample_client=openvpn
openvpn.sample_client.enabled='0'
openvpn.sample_client.client='1'
openvpn.sample_client.dev='tun'
openvpn.sample_client.proto='udp'
openvpn.sample_client.remote='my_server_1 1194'
openvpn.sample_client.resolv_retry='infinite'
openvpn.sample_client.nobind='1'
openvpn.sample_client.persist_key='1'
openvpn.sample_client.persist_tun='1'
openvpn.sample_client.ca='/etc/openvpn/ca.crt'
openvpn.sample_client.cert='/etc/openvpn/client.crt'
openvpn.sample_client.key='/etc/openvpn/client.key'
openvpn.sample_client.comp_lzo='yes'
openvpn.sample_client.verb='3'

Cezary · 2016-11-01 17:14:36

Cezary
...
Nieaktywny

Skąd: Warszawa
Zarejestrowany: 2006-02-25
Posty: 116,055

Odp: Gargoyle klient OpenVPN

Zakładając że /etc/openvpn/grouter_client_fpreipgiiuyn.conf to to co pokażałeś powyżej - nie edytowałeś go czasami pod windowsem?

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

JarekMk · 2016-11-01 17:19:29

JarekMk
Użytkownik
Nieaktywny

Zarejestrowany: 2014-11-09
Posty: 328

Odp: Gargoyle klient OpenVPN

Nie

FAQ o OpenWrt | Sprzedam różne routery | Oddam

Gargoyle klient OpenVPN

Posty: 7

1 Temat przez JarekMk 2016-11-01 15:45:32

Temat: Gargoyle klient OpenVPN

2 Odpowiedź przez Cezary 2016-11-01 16:06:15

Odp: Gargoyle klient OpenVPN

3 Odpowiedź przez JarekMk 2016-11-01 16:21:19

Odp: Gargoyle klient OpenVPN

4 Odpowiedź przez Cezary 2016-11-01 16:27:50

Odp: Gargoyle klient OpenVPN

5 Odpowiedź przez JarekMk 2016-11-01 17:06:43

Odp: Gargoyle klient OpenVPN

6 Odpowiedź przez Cezary 2016-11-01 17:14:36

Odp: Gargoyle klient OpenVPN

7 Odpowiedź przez JarekMk 2016-11-01 17:19:29

Odp: Gargoyle klient OpenVPN

Posty: 7