FAQ o OpenWrt | Sprzedam różne routery | Oddam

dominbdg · 2019-06-17 19:11:16

dominbdg
Użytkownik
Nieaktywny

Zarejestrowany: 2017-06-16
Posty: 309

Odp: OpenWrt 18.06.1 i OpenVPN

Witam,

Panowie chciałbym się podłączyć pod temat, od wczoraj zabrałem się za konfigurację OpenVPN po swojej stronie.
Konfigi serwera to:

root@GATE:~# cat /etc/config/openvpn

config openvpn 'custom_config'
option enabled '0'
option config '/etc/openvpn/my-vpn.conf'

config openvpn 'home'
option enabled '1'
option dev 'tun0'
option port '1194'
option proto 'udp'
option log '/var/log/openvpn.log'
option verb '3'
option ca '/etc/openvpn/ca.crt'
option cert '/etc/openvpn/serwer.crt'
option key '/etc/openvpn/serwer.key'
option server '10.8.0.0 255.255.255.0'
option dh '/etc/openvpn/dh.pem'
list push 'route 172.16.10.0 255.255.255.128'
list push 'redirect-gateway def1'
list push 'route 172.16.10.0 255.255.255.128'
#list route '172.16.10.0 255.255.255.128'

mam pytanie czy config client też muszę mieć po stronie serwera ? Chyba nie.
Moja sieć LAN to 172.16.10.0/25

Openvpn się łączy no i nie mogę spingować routera czyli 172.16.10.1, ani wersji na interfejsie tun0 czyli 10.8.0.1

Na firewallu mam:
config zone
option name 'vpn'
option input 'ACCEPT'
option forward 'ACCEPT'
option output 'ACCEPT'
option network 'vpn'
option masq '1'

config forwarding
option src 'lan'
option dest 'wan'

config zone
option name 'vpn'
option input 'ACCEPT'
option forward 'ACCEPT'
option output 'ACCEPT'
option network 'vpn'

po stronie serwera openvpn.log:

root@GATE:~# cat /var/log/openvpn.log
Mon Jun 17 19:10:34 2019 OpenVPN 2.4.5 mips-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Mon Jun 17 19:10:34 2019 library versions: OpenSSL 1.0.2r 26 Feb 2019, LZO 2.10
Mon Jun 17 19:10:34 2019 WARNING: --keepalive option is missing from server config
Mon Jun 17 19:10:35 2019 Diffie-Hellman initialized with 2048 bit key
Mon Jun 17 19:10:35 2019 TUN/TAP device tun0 opened
Mon Jun 17 19:10:35 2019 TUN/TAP TX queue length set to 100
Mon Jun 17 19:10:35 2019 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Mon Jun 17 19:10:35 2019 /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
Mon Jun 17 19:10:35 2019 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2
Mon Jun 17 19:10:35 2019 Could not determine IPv4/IPv6 protocol. Using AF_INET
Mon Jun 17 19:10:35 2019 Socket Buffers: R=[163840->163840] S=[163840->163840]
Mon Jun 17 19:10:35 2019 UDPv4 link local (bound): [AF_INET][undef]:1194
Mon Jun 17 19:10:35 2019 UDPv4 link remote: [AF_UNSPEC]
Mon Jun 17 19:10:35 2019 MULTI: multi_init called, r=256 v=256
Mon Jun 17 19:10:35 2019 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Mon Jun 17 19:10:35 2019 Initialization Sequence Completed
Mon Jun 17 19:36:07 2019 31.0.68.104:8429 TLS: Initial packet from [AF_INET]31.0.68.104:8429, sid=8f3b04e5 d4efc41d
Mon Jun 17 19:36:08 2019 31.0.68.104:8429 VERIFY OK: depth=1, CN=dominbdg.servebeer.com
Mon Jun 17 19:36:08 2019 31.0.68.104:8429 VERIFY OK: depth=0, CN=dominik
Mon Jun 17 19:36:08 2019 31.0.68.104:8429 peer info: IV_VER=2.3.11
Mon Jun 17 19:36:08 2019 31.0.68.104:8429 peer info: IV_PLAT=win
Mon Jun 17 19:36:08 2019 31.0.68.104:8429 peer info: IV_PROTO=2
Mon Jun 17 19:36:08 2019 31.0.68.104:8429 peer info: IV_GUI_VER=OpenVPN_GUI_10
Mon Jun 17 19:36:08 2019 31.0.68.104:8429 Outgoing Data Channel: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jun 17 19:36:08 2019 31.0.68.104:8429 WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Mon Jun 17 19:36:08 2019 31.0.68.104:8429 Outgoing Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jun 17 19:36:08 2019 31.0.68.104:8429 Incoming Data Channel: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jun 17 19:36:08 2019 31.0.68.104:8429 WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Mon Jun 17 19:36:08 2019 31.0.68.104:8429 Incoming Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jun 17 19:36:08 2019 31.0.68.104:8429 WARNING: cipher with small block size in use, reducing reneg-bytes to 64MB to mitigate SWEET32 attacks.
Mon Jun 17 19:36:08 2019 31.0.68.104:8429 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Mon Jun 17 19:36:08 2019 31.0.68.104:8429 [dominik] Peer Connection Initiated with [AF_INET]31.0.68.104:8429
Mon Jun 17 19:36:08 2019 dominik/31.0.68.104:8429 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Mon Jun 17 19:36:08 2019 dominik/31.0.68.104:8429 MULTI: Learn: 10.8.0.6 -> dominik/31.0.68.104:8429
Mon Jun 17 19:36:08 2019 dominik/31.0.68.104:8429 MULTI: primary virtual IP for dominik/31.0.68.104:8429: 10.8.0.6
Mon Jun 17 19:36:10 2019 dominik/31.0.68.104:8429 PUSH: Received control message: 'PUSH_REQUEST'
Mon Jun 17 19:36:10 2019 dominik/31.0.68.104:8429 SENT CONTROL [dominik]: 'PUSH_REPLY,route 172.16.10.0 255.255.255.128,redirect-gateway def1,route 172.16.10.0 255.255.255.128,route 10.8.0.1,topology net30,ifconfig 10.8.0.6 10.8.0.5,peer-id 0' (status=1)
Mon Jun 17 19:36:57 2019 172.16.10.5:1194 TLS: Initial packet from [AF_INET]172.16.10.5:1194, sid=a8f4b9f7 95c998fd
Mon Jun 17 19:37:13 2019 dominik/31.0.68.104:8429 TLS: new session incoming connection from [AF_INET]31.0.68.104:8429
Mon Jun 17 19:37:14 2019 dominik/31.0.68.104:8429 VERIFY OK: depth=1, CN=dominbdg.servebeer.com
Mon Jun 17 19:37:14 2019 dominik/31.0.68.104:8429 VERIFY OK: depth=0, CN=dominik
Mon Jun 17 19:37:14 2019 dominik/31.0.68.104:8429 peer info: IV_VER=2.3.11
Mon Jun 17 19:37:14 2019 dominik/31.0.68.104:8429 peer info: IV_PLAT=win
Mon Jun 17 19:37:14 2019 dominik/31.0.68.104:8429 peer info: IV_PROTO=2
Mon Jun 17 19:37:14 2019 dominik/31.0.68.104:8429 peer info: IV_GUI_VER=OpenVPN_GUI_10
Mon Jun 17 19:37:14 2019 dominik/31.0.68.104:8429 Outgoing Data Channel: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jun 17 19:37:14 2019 dominik/31.0.68.104:8429 WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Mon Jun 17 19:37:14 2019 dominik/31.0.68.104:8429 Outgoing Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jun 17 19:37:14 2019 dominik/31.0.68.104:8429 Incoming Data Channel: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jun 17 19:37:14 2019 dominik/31.0.68.104:8429 WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Mon Jun 17 19:37:14 2019 dominik/31.0.68.104:8429 Incoming Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jun 17 19:37:14 2019 dominik/31.0.68.104:8429 TLS: move_session: dest=TM_ACTIVE src=TM_UNTRUSTED reinit_src=1
Mon Jun 17 19:37:14 2019 dominik/31.0.68.104:8429 TLS: tls_multi_process: untrusted session promoted to trusted
Mon Jun 17 19:37:14 2019 dominik/31.0.68.104:8429 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Mon Jun 17 19:37:16 2019 dominik/31.0.68.104:8429 PUSH: Received control message: 'PUSH_REQUEST'
Mon Jun 17 19:37:16 2019 dominik/31.0.68.104:8429 SENT CONTROL [dominik]: 'PUSH_REPLY,route 172.16.10.0 255.255.255.128,redirect-gateway def1,route 172.16.10.0 255.255.255.128,route 10.8.0.1,topology net30,ifconfig 10.8.0.6 10.8.0.5,peer-id 0' (status=1)
Mon Jun 17 19:37:57 2019 172.16.10.5:1194 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mon Jun 17 19:37:57 2019 172.16.10.5:1194 TLS Error: TLS handshake failed
Mon Jun 17 19:37:57 2019 172.16.10.5:1194 SIGUSR1[soft,tls-error] received, client-instance restarting
Mon Jun 17 19:40:36 2019 31.0.68.104:8396 TLS: Initial packet from [AF_INET]31.0.68.104:8396, sid=951fca5a 38cd8dc5
Mon Jun 17 19:40:37 2019 31.0.68.104:8396 VERIFY OK: depth=1, CN=dominbdg.servebeer.com
Mon Jun 17 19:40:37 2019 31.0.68.104:8396 VERIFY OK: depth=0, CN=dominik
Mon Jun 17 19:40:37 2019 31.0.68.104:8396 peer info: IV_VER=2.3.11
Mon Jun 17 19:40:37 2019 31.0.68.104:8396 peer info: IV_PLAT=win
Mon Jun 17 19:40:37 2019 31.0.68.104:8396 peer info: IV_PROTO=2
Mon Jun 17 19:40:37 2019 31.0.68.104:8396 peer info: IV_GUI_VER=OpenVPN_GUI_10
Mon Jun 17 19:40:37 2019 31.0.68.104:8396 Outgoing Data Channel: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jun 17 19:40:37 2019 31.0.68.104:8396 WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Mon Jun 17 19:40:37 2019 31.0.68.104:8396 Outgoing Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jun 17 19:40:37 2019 31.0.68.104:8396 Incoming Data Channel: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jun 17 19:40:37 2019 31.0.68.104:8396 WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Mon Jun 17 19:40:37 2019 31.0.68.104:8396 Incoming Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jun 17 19:40:37 2019 31.0.68.104:8396 WARNING: cipher with small block size in use, reducing reneg-bytes to 64MB to mitigate SWEET32 attacks.
Mon Jun 17 19:40:37 2019 31.0.68.104:8396 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Mon Jun 17 19:40:37 2019 31.0.68.104:8396 [dominik] Peer Connection Initiated with [AF_INET]31.0.68.104:8396
Mon Jun 17 19:40:37 2019 MULTI: new connection by client 'dominik' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Mon Jun 17 19:40:37 2019 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Mon Jun 17 19:40:37 2019 MULTI: Learn: 10.8.0.6 -> dominik/31.0.68.104:8396
Mon Jun 17 19:40:37 2019 MULTI: primary virtual IP for dominik/31.0.68.104:8396: 10.8.0.6
Mon Jun 17 19:40:39 2019 dominik/31.0.68.104:8396 PUSH: Received control message: 'PUSH_REQUEST'
Mon Jun 17 19:40:39 2019 dominik/31.0.68.104:8396 SENT CONTROL [dominik]: 'PUSH_REPLY,route 172.16.10.0 255.255.255.128,redirect-gateway def1,route 172.16.10.0 255.255.255.128,route 10.8.0.1,topology net30,ifconfig 10.8.0.6 10.8.0.5,peer-id 1' (status=1)
Mon Jun 17 19:42:46 2019 172.16.10.5:1194 TLS: Initial packet from [AF_INET]172.16.10.5:1194, sid=65814fac 4d9dd110
Mon Jun 17 19:43:17 2019 31.0.68.104:8425 TLS: Initial packet from [AF_INET]31.0.68.104:8425, sid=65814fac 4d9dd110
Mon Jun 17 19:43:17 2019 31.0.68.104:8425 VERIFY OK: depth=1, CN=dominbdg.servebeer.com
Mon Jun 17 19:43:17 2019 31.0.68.104:8425 VERIFY OK: depth=0, CN=dominik
Mon Jun 17 19:43:17 2019 31.0.68.104:8425 peer info: IV_VER=2.3.11
Mon Jun 17 19:43:17 2019 31.0.68.104:8425 peer info: IV_PLAT=win
Mon Jun 17 19:43:17 2019 31.0.68.104:8425 peer info: IV_PROTO=2
Mon Jun 17 19:43:17 2019 31.0.68.104:8425 peer info: IV_GUI_VER=OpenVPN_GUI_10
Mon Jun 17 19:43:17 2019 31.0.68.104:8425 Outgoing Data Channel: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jun 17 19:43:17 2019 31.0.68.104:8425 WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Mon Jun 17 19:43:17 2019 31.0.68.104:8425 Outgoing Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jun 17 19:43:17 2019 31.0.68.104:8425 Incoming Data Channel: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jun 17 19:43:17 2019 31.0.68.104:8425 WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Mon Jun 17 19:43:17 2019 31.0.68.104:8425 Incoming Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jun 17 19:43:17 2019 31.0.68.104:8425 WARNING: cipher with small block size in use, reducing reneg-bytes to 64MB to mitigate SWEET32 attacks.
Mon Jun 17 19:43:17 2019 31.0.68.104:8425 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Mon Jun 17 19:43:17 2019 31.0.68.104:8425 [dominik] Peer Connection Initiated with [AF_INET]31.0.68.104:8425
Mon Jun 17 19:43:17 2019 MULTI: new connection by client 'dominik' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Mon Jun 17 19:43:17 2019 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Mon Jun 17 19:43:17 2019 MULTI: Learn: 10.8.0.6 -> dominik/31.0.68.104:8425
Mon Jun 17 19:43:17 2019 MULTI: primary virtual IP for dominik/31.0.68.104:8425: 10.8.0.6
Mon Jun 17 19:43:20 2019 dominik/31.0.68.104:8425 PUSH: Received control message: 'PUSH_REQUEST'
Mon Jun 17 19:43:20 2019 dominik/31.0.68.104:8425 SENT CONTROL [dominik]: 'PUSH_REPLY,route 172.16.10.0 255.255.255.128,redirect-gateway def1,route 172.16.10.0 255.255.255.128,route 10.8.0.1,topology net30,ifconfig 10.8.0.6 10.8.0.5,peer-id 2' (status=1)
Mon Jun 17 19:43:46 2019 172.16.10.5:1194 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mon Jun 17 19:43:46 2019 172.16.10.5:1194 TLS Error: TLS handshake failed
Mon Jun 17 19:43:46 2019 172.16.10.5:1194 SIGUSR1[soft,tls-error] received, client-instance restarting

chciałbym przez openvpn'a dostać się do maszyn wewnątrz sieci LAN, dlatego w configu openvpn'a jest redirect,
na razie przez vpn nie mogę się dostać nawet do routera.

TpLink Archer C7 v2 na OpenWRT Luci

Cezary · 2019-06-17 19:19:03

Cezary
...
Nieaktywny

Skąd: Warszawa
Zarejestrowany: 2006-02-25
Posty: 116,075

Odp: OpenWrt 18.06.1 i OpenVPN

Mon Jun 17 19:37:57 2019 172.16.10.5:1194 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mon Jun 17 19:37:57 2019 172.16.10.5:1194 TLS Error: TLS handshake failed

Nie masz połączenia. Jesteś pewien że po obu stronach masz odpowiednie certyfikaty?

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

dominbdg · 2019-06-17 19:47:01

dominbdg
Użytkownik
Nieaktywny

Zarejestrowany: 2017-06-16
Posty: 309

Odp: OpenWrt 18.06.1 i OpenVPN

tak,
po stronie serwera wszystkie certy są w /etc/openvpn:
config openvpn 'home'
option enabled '1'
option dev 'tun0'
option port '1194'
option proto 'udp'
option log '/var/log/openvpn.log'
option verb '3'
option ca '/etc/openvpn/ca.crt'
option cert '/etc/openvpn/serwer.crt'
option key '/etc/openvpn/serwer.key'

certy są tutaj:
root@GATE:/etc/config# cd /etc/openvpn/
root@GATE:/etc/openvpn# ls -al
drwxr-xr-x 1 root root 0 Jun 17 14:42 .
drwxr-xr-x 1 root root 0 Jun 17 19:35 ..
-rw------- 1 root root 1216 Jun 8 14:01 ca.crt
-rw------- 1 root root 424 Jun 17 13:30 dh.pem
-rw------- 1 root root 4602 Jun 8 14:01 serwer.crt
-rw------- 1 root root 1708 Jun 8 14:01 serwer.key

po stronie klienta wszystko jest w c:\program files\openvpn\config:
client
ca /etc/openvpn/ca.crt
cert /etc/openvpn/dominik.crt
dev tun0
key /etc/openvpn/malgosia.key
log /tmp/openvpn.log
proto udp
remote SERWER_IP 1194
remote-cert-tls server
verb 3

tutaj log openvpn ze strony klienta:

Mon Jun 17 20:45:50 2019 OpenVPN 2.3.11 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on May 10 2016
Mon Jun 17 20:45:50 2019 Windows version 6.2 (Windows 8 or greater) 64bit
Mon Jun 17 20:45:50 2019 library versions: OpenSSL 1.0.1t 3 May 2016, LZO 2.09
Mon Jun 17 20:45:50 2019 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Mon Jun 17 20:45:50 2019 Need hold release from management interface, waiting...
Mon Jun 17 20:45:50 2019 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Mon Jun 17 20:45:50 2019 MANAGEMENT: CMD 'state on'
Mon Jun 17 20:45:50 2019 MANAGEMENT: CMD 'log all on'
Mon Jun 17 20:45:50 2019 MANAGEMENT: CMD 'hold off'
Mon Jun 17 20:45:50 2019 MANAGEMENT: CMD 'hold release'
Mon Jun 17 20:45:51 2019 Socket Buffers: R=[65536->65536] S=[65536->65536]
Mon Jun 17 20:45:51 2019 MANAGEMENT: >STATE:1560797151,RESOLVE,,,
Mon Jun 17 20:45:51 2019 UDPv4 link local (bound): [undef]
Mon Jun 17 20:45:51 2019 UDPv4 link remote: [AF_INET]46.77.88.10:1194
Mon Jun 17 20:45:51 2019 MANAGEMENT: >STATE:1560797151,WAIT,,,
Mon Jun 17 20:45:51 2019 MANAGEMENT: >STATE:1560797151,AUTH,,,
Mon Jun 17 20:45:51 2019 TLS: Initial packet from [AF_INET]46.77.88.10:1194, sid=b732d70b c2c0575f
Mon Jun 17 20:45:51 2019 VERIFY OK: depth=1, CN=dominbdg.servebeer.com
Mon Jun 17 20:45:51 2019 Validating certificate key usage
Mon Jun 17 20:45:51 2019 ++ Certificate has key usage 00a0, expects 00a0
Mon Jun 17 20:45:51 2019 VERIFY KU OK
Mon Jun 17 20:45:51 2019 Validating certificate extended key usage
Mon Jun 17 20:45:51 2019 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Mon Jun 17 20:45:51 2019 VERIFY EKU OK
Mon Jun 17 20:45:51 2019 VERIFY OK: depth=0, CN=serwer
Mon Jun 17 20:45:51 2019 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jun 17 20:45:51 2019 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jun 17 20:45:51 2019 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jun 17 20:45:51 2019 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jun 17 20:45:51 2019 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Mon Jun 17 20:45:51 2019 [serwer] Peer Connection Initiated with [AF_INET]46.77.88.10:1194
Mon Jun 17 20:45:53 2019 MANAGEMENT: >STATE:1560797153,GET_CONFIG,,,
Mon Jun 17 20:45:54 2019 SENT CONTROL [serwer]: 'PUSH_REQUEST' (status=1)
Mon Jun 17 20:45:54 2019 PUSH: Received control message: 'PUSH_REPLY,route 172.16.10.0 255.255.255.128,redirect-gateway def1,route 172.16.10.0 255.255.255.128,route 10.8.0.1,topology net30,ifconfig 10.8.0.6 10.8.0.5,peer-id 1'
Mon Jun 17 20:45:54 2019 OPTIONS IMPORT: --ifconfig/up options modified
Mon Jun 17 20:45:54 2019 OPTIONS IMPORT: route options modified
Mon Jun 17 20:45:54 2019 OPTIONS IMPORT: peer-id set
Mon Jun 17 20:45:54 2019 OPTIONS IMPORT: adjusting link_mtu to 1544
Mon Jun 17 20:45:54 2019 ROUTE_GATEWAY 192.168.43.1/255.255.255.0 I=17 HWADDR=48:89:e7:cf:3c:d0
Mon Jun 17 20:45:54 2019 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mon Jun 17 20:45:54 2019 MANAGEMENT: >STATE:1560797154,ASSIGN_IP,,10.8.0.6,
Mon Jun 17 20:45:54 2019 open_tun, tt->ipv6=0
Mon Jun 17 20:45:54 2019 TAP-WIN32 device [Ethernet] opened: \\.\Global\{C150BE1B-3722-4456-8B20-2E5B87E689AF}.tap
Mon Jun 17 20:45:54 2019 TAP-Windows Driver Version 9.21
Mon Jun 17 20:45:54 2019 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {C150BE1B-3722-4456-8B20-2E5B87E689AF} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
Mon Jun 17 20:45:54 2019 Successful ARP Flush on interface [21] {C150BE1B-3722-4456-8B20-2E5B87E689AF}
Mon Jun 17 20:45:59 2019 TEST ROUTES: 4/4 succeeded len=3 ret=1 a=0 u/d=up
Mon Jun 17 20:45:59 2019 C:\WINDOWS\system32\route.exe ADD 46.77.88.10 MASK 255.255.255.255 192.168.43.1
Mon Jun 17 20:45:59 2019 Warning: route gateway is not reachable on any active network adapters: 192.168.43.1
Mon Jun 17 20:45:59 2019 Route addition via IPAPI failed [adaptive]
Mon Jun 17 20:45:59 2019 Route addition fallback to route.exe
Mon Jun 17 20:45:59 2019 env_block: add PATH=C:\WINDOWS\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Mon Jun 17 20:45:59 2019 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.5
Mon Jun 17 20:45:59 2019 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=35 and dwForwardType=4
Mon Jun 17 20:45:59 2019 Route addition via IPAPI succeeded [adaptive]
Mon Jun 17 20:45:59 2019 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.5
Mon Jun 17 20:45:59 2019 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=35 and dwForwardType=4
Mon Jun 17 20:45:59 2019 Route addition via IPAPI succeeded [adaptive]
Mon Jun 17 20:45:59 2019 MANAGEMENT: >STATE:1560797159,ADD_ROUTES,,,
Mon Jun 17 20:45:59 2019 C:\WINDOWS\system32\route.exe ADD 172.16.10.0 MASK 255.255.255.128 10.8.0.5
Mon Jun 17 20:45:59 2019 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=35 and dwForwardType=4
Mon Jun 17 20:45:59 2019 Route addition via IPAPI succeeded [adaptive]
Mon Jun 17 20:45:59 2019 C:\WINDOWS\system32\route.exe ADD 172.16.10.0 MASK 255.255.255.128 10.8.0.5
Mon Jun 17 20:45:59 2019 ROUTE: route addition failed using CreateIpForwardEntry: The object already exists. [status=5010 if_index=21]
Mon Jun 17 20:45:59 2019 Route addition via IPAPI failed [adaptive]
Mon Jun 17 20:45:59 2019 Route addition fallback to route.exe
Mon Jun 17 20:45:59 2019 env_block: add PATH=C:\WINDOWS\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Mon Jun 17 20:45:59 2019 C:\WINDOWS\system32\route.exe ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.5
Mon Jun 17 20:45:59 2019 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=35 and dwForwardType=4
Mon Jun 17 20:45:59 2019 Route addition via IPAPI succeeded [adaptive]
Mon Jun 17 20:45:59 2019 Initialization Sequence Completed
Mon Jun 17 20:45:59 2019 MANAGEMENT: >STATE:1560797159,CONNECTED,SUCCESS,10.8.0.6,46.77.88.10

wszystko niby gra, nie wiem tylko jak rozwiązać problem z routingiem z vpn'a na lan

TpLink Archer C7 v2 na OpenWRT Luci

Cezary · 2019-06-17 21:14:29

Cezary
...
Nieaktywny

Skąd: Warszawa
Zarejestrowany: 2006-02-25
Posty: 116,075

Odp: OpenWrt 18.06.1 i OpenVPN

No nie, masz dwie sekcje vpn w firewallu. Wywal jedną, zostaw tylko tą z masq. I dodaj forwarding vpn <> lan

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

dominbdg · 2019-06-18 08:46:07

dominbdg
Użytkownik
Nieaktywny

Zarejestrowany: 2017-06-16
Posty: 309

Odp: OpenWrt 18.06.1 i OpenVPN

Cezary,
dzięki za informacje, wywaliłem wszystko co niepotrzebne.
miałem jedną sekcję zony ale bez maskarady no i nie wiem z kąd forwarder z VPN na WAN, zostawiłem tylko ten z VPN na LAN.
Zobaczę wieczorem w domu czy pomogło.

TpLink Archer C7 v2 na OpenWRT Luci

Cezary · 2019-06-18 08:50:19

Cezary
...
Nieaktywny

Skąd: Warszawa
Zarejestrowany: 2006-02-25
Posty: 116,075

Odp: OpenWrt 18.06.1 i OpenVPN

W poście 26 pokazałeś ze masz dwie sekcje dla vpn

config zone
        option name 'vpn'
        option network 'vpn'
        option masq '1'

config zone
        option name 'vpn'
        option network 'vpn'

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

dominbdg · 2019-06-18 09:16:40

dominbdg
Użytkownik
Nieaktywny

Zarejestrowany: 2017-06-16
Posty: 309

Odp: OpenWrt 18.06.1 i OpenVPN

tą wywaliłem :
config zone
option name 'vpn'
option network 'vpn'

TpLink Archer C7 v2 na OpenWRT Luci

dominbdg · 2019-06-18 18:26:49

dominbdg
Użytkownik
Nieaktywny

Zarejestrowany: 2017-06-16
Posty: 309

Odp: OpenWrt 18.06.1 i OpenVPN

Cezary,
z przykrością stwierdzam, że to u mnie nie działa.
za vpn'em nie mogę pingować ani routera po lanie, ani sieci vpn'a (klient ma 10.8.0.6, router ma 10.8.0.1)
nie wiem co dalej z tym zrobić

TpLink Archer C7 v2 na OpenWRT Luci

Cezary · 2019-06-18 19:00:53

Cezary
...
Nieaktywny

Skąd: Warszawa
Zarejestrowany: 2006-02-25
Posty: 116,075

Odp: OpenWrt 18.06.1 i OpenVPN

Pokaż:

uci show firewall
uci show network
uci show openvpn

serwera i klienta.

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

dominbdg · 2019-06-18 19:32:30

dominbdg
Użytkownik
Nieaktywny

Zarejestrowany: 2017-06-16
Posty: 309

Odp: OpenWrt 18.06.1 i OpenVPN

root@GATE:~# uci show firewall
firewall.@defaults[0]=defaults
firewall.@defaults[0].syn_flood='1'
firewall.@defaults[0].input='ACCEPT'
firewall.@defaults[0].output='ACCEPT'
firewall.@defaults[0].forward='REJECT'
firewall.@zone[0]=zone
firewall.@zone[0].name='lan'
firewall.@zone[0].input='ACCEPT'
firewall.@zone[0].output='ACCEPT'
firewall.@zone[0].forward='ACCEPT'
firewall.@zone[0].network='lan'
firewall.@zone[1]=zone
firewall.@zone[1].name='wan'
firewall.@zone[1].input='REJECT'
firewall.@zone[1].output='ACCEPT'
firewall.@zone[1].forward='REJECT'
firewall.@zone[1].masq='1'
firewall.@zone[1].mtu_fix='1'
firewall.@zone[1].network='wan wwan modem'
firewall.@zone[2]=zone
firewall.@zone[2].name='vpn'
firewall.@zone[2].input='ACCEPT'
firewall.@zone[2].forward='ACCEPT'
firewall.@zone[2].output='ACCEPT'
firewall.@zone[2].network='vpn'
firewall.@zone[2].masq='1'
firewall.@forwarding[0]=forwarding
firewall.@forwarding[0].src='lan'
firewall.@forwarding[0].dest='wan'
firewall.@rule[0]=rule
firewall.@rule[0].name='Allow-DHCP-Renew'
firewall.@rule[0].src='wan'
firewall.@rule[0].proto='udp'
firewall.@rule[0].dest_port='68'
firewall.@rule[0].target='ACCEPT'
firewall.@rule[0].family='ipv4'
firewall.@rule[1]=rule
firewall.@rule[1].name='Allow-Ping'
firewall.@rule[1].src='wan'
firewall.@rule[1].proto='icmp'
firewall.@rule[1].icmp_type='echo-request'
firewall.@rule[1].family='ipv4'
firewall.@rule[1].target='ACCEPT'
firewall.@rule[2]=rule
firewall.@rule[2].name='Allow-IGMP'
firewall.@rule[2].src='wan'
firewall.@rule[2].proto='igmp'
firewall.@rule[2].family='ipv4'
firewall.@rule[2].target='ACCEPT'
firewall.@rule[3]=rule
firewall.@rule[3].name='Allow-MLD'
firewall.@rule[3].src='wan'
firewall.@rule[3].proto='icmp'
firewall.@rule[3].src_ip='fe80::/10'
firewall.@rule[3].icmp_type='130/0' '131/0' '132/0' '143/0'
firewall.@rule[3].family='ipv6'
firewall.@rule[3].target='ACCEPT'
firewall.@rule[4]=rule
firewall.@rule[4].name='Allow-IPSec-ESP'
firewall.@rule[4].src='wan'
firewall.@rule[4].dest='lan'
firewall.@rule[4].proto='esp'
firewall.@rule[4].target='ACCEPT'
firewall.@rule[5]=rule
firewall.@rule[5].name='Allow-ISAKMP'
firewall.@rule[5].src='wan'
firewall.@rule[5].dest='lan'
firewall.@rule[5].dest_port='500'
firewall.@rule[5].proto='udp'
firewall.@rule[5].target='ACCEPT'
firewall.@include[0]=include
firewall.@include[0].path='/etc/firewall.user'
firewall.@rule[6]=rule
firewall.@rule[6].name='ssh'
firewall.@rule[6].src='wan'
firewall.@rule[6].target='ACCEPT'
firewall.@rule[6].proto='tcp'
firewall.@rule[6].dest_port='22'
firewall.@rule[7]=rule
firewall.@rule[7].name='web'
firewall.@rule[7].src='wan'
firewall.@rule[7].target='ACCEPT'
firewall.@rule[7].proto='tcp'
firewall.@rule[7].dest_port='443'
firewall.@redirect[0]=redirect
firewall.@redirect[0].name='mstsc'
firewall.@redirect[0].src='wan'
firewall.@redirect[0].proto='tcp'
firewall.@redirect[0].src_dport='3389'
firewall.@redirect[0].dest_port='3389'
firewall.@redirect[0].dest_ip='172.16.10.5'
firewall.@redirect[1]=redirect
firewall.@redirect[1].name='torrenty'
firewall.@redirect[1].src='wan'
firewall.@redirect[1].proto='tcpudp'
firewall.@redirect[1].src_dport='20000'
firewall.@redirect[1].dest_port='20000'
firewall.@redirect[1].dest_ip='172.16.10.5'
firewall.@rule[8]=rule
firewall.@rule[8].name='OpenVPN'
firewall.@rule[8].target='ACCEPT'
firewall.@rule[8].src='wan'
firewall.@rule[8].proto='udp'
firewall.@rule[8].dest_port='1194'
firewall.@rule[9]=rule
firewall.@rule[9].name='ftp'
firewall.@rule[9].src='wan'
firewall.@rule[9].target='ACCEPT'
firewall.@rule[9].proto='tcp'
firewall.@rule[9].src_dport='21'
firewall.@rule[9].dest_port='21'
firewall.@forwarding[1]=forwarding
firewall.@forwarding[1].src='vpn'
firewall.@forwarding[1].dest='lan'

root@GATE:~# uci show network
network.loopback=interface
network.loopback.ifname='lo'
network.loopback.proto='static'
network.loopback.ipaddr='127.0.0.1'
network.loopback.netmask='255.0.0.0'
network.globals=globals
network.globals.ula_prefix='fd40:4e5e:4e3f::/48'
network.lan=interface
network.lan.type='bridge'
network.lan.ifname='eth1.1'
network.lan.proto='static'
network.lan.ip6assign='60'
network.lan.ipaddr='172.16.10.1'
network.lan.netmask='255.255.255.128'
network.wan=interface
network.wan.ifname='eth0.2'
network.wan.proto='static'
network.wan.dns='8.8.8.8'
network.wan.ipaddr='10.0.0.2'
network.wan.netmask='255.255.255.224'
network.wan.gateway='10.0.0.1'
network.modem=interface
network.modem.proto='ncm'
network.modem.device='/dev/ttyUSB0'
network.modem.apn='pro.plusgsm.pl'
network.@switch[0]=switch
network.@switch[0].name='switch0'
network.@switch[0].reset='1'
network.@switch[0].enable_vlan='1'
network.@switch_vlan[0]=switch_vlan
network.@switch_vlan[0].device='switch0'
network.@switch_vlan[0].vlan='1'
network.@switch_vlan[0].ports='2 3 4 5 0t'
network.@switch_vlan[1]=switch_vlan
network.@switch_vlan[1].device='switch0'
network.@switch_vlan[1].vlan='2'
network.@switch_vlan[1].ports='1 6t'
network.vpn=interface
network.vpn.ifname='tun0'
network.vpn.proto='none'
network.vpn.auto='1'

root@GATE:~# uci show openvpn
openvpn.custom_config=openvpn
openvpn.custom_config.enabled='0'
openvpn.custom_config.config='/etc/openvpn/my-vpn.conf'
openvpn.home=openvpn
openvpn.home.enabled='1'
openvpn.home.dev='tun0'
openvpn.home.port='1194'
openvpn.home.proto='udp'
openvpn.home.log='/var/log/openvpn.log'
openvpn.home.verb='3'
openvpn.home.ca='/etc/openvpn/ca.crt'
openvpn.home.cert='/etc/openvpn/serwer.crt'
openvpn.home.key='/etc/openvpn/serwer.key'
openvpn.home.server='10.8.0.0 255.255.255.0'
openvpn.home.dh='/etc/openvpn/dh.pem'
openvpn.home.push='route 172.16.10.0 255.255.255.128' 'redirect-gateway def1' 'route 172.16.10.0 255.255.255.128'

openvpn z windows:
client
ca ca.crt
cert dominik.crt
dev tun0
key dominik.key
log openvpn.log
proto udp
remote dominbdg.servebeer.com 1194
remote-cert-tls server
verb 3

openvpn windows logi:
Tue Jun 18 20:31:28 2019 OpenVPN 2.3.11 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on May 10 2016
Tue Jun 18 20:31:28 2019 Windows version 6.2 (Windows 8 or greater) 64bit
Tue Jun 18 20:31:28 2019 library versions: OpenSSL 1.0.1t 3 May 2016, LZO 2.09
Tue Jun 18 20:31:28 2019 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Tue Jun 18 20:31:28 2019 Need hold release from management interface, waiting...
Tue Jun 18 20:31:29 2019 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Tue Jun 18 20:31:29 2019 MANAGEMENT: CMD 'state on'
Tue Jun 18 20:31:29 2019 MANAGEMENT: CMD 'log all on'
Tue Jun 18 20:31:29 2019 MANAGEMENT: CMD 'hold off'
Tue Jun 18 20:31:29 2019 MANAGEMENT: CMD 'hold release'
Tue Jun 18 20:31:29 2019 Socket Buffers: R=[65536->65536] S=[65536->65536]
Tue Jun 18 20:31:29 2019 MANAGEMENT: >STATE:1560882689,RESOLVE,,,
Tue Jun 18 20:31:29 2019 UDPv4 link local (bound): [undef]
Tue Jun 18 20:31:29 2019 UDPv4 link remote: [AF_INET]46.77.92.5:1194
Tue Jun 18 20:31:29 2019 MANAGEMENT: >STATE:1560882689,WAIT,,,
Tue Jun 18 20:31:29 2019 MANAGEMENT: >STATE:1560882689,AUTH,,,
Tue Jun 18 20:31:29 2019 TLS: Initial packet from [AF_INET]46.77.92.5:1194, sid=d32fb181 9d224da2
Tue Jun 18 20:31:30 2019 VERIFY OK: depth=1, CN=dominbdg.servebeer.com
Tue Jun 18 20:31:30 2019 Validating certificate key usage
Tue Jun 18 20:31:30 2019 ++ Certificate has key usage 00a0, expects 00a0
Tue Jun 18 20:31:30 2019 VERIFY KU OK
Tue Jun 18 20:31:30 2019 Validating certificate extended key usage
Tue Jun 18 20:31:30 2019 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Tue Jun 18 20:31:30 2019 VERIFY EKU OK
Tue Jun 18 20:31:30 2019 VERIFY OK: depth=0, CN=serwer
Tue Jun 18 20:31:30 2019 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Jun 18 20:31:30 2019 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Jun 18 20:31:30 2019 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Jun 18 20:31:30 2019 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Jun 18 20:31:30 2019 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Tue Jun 18 20:31:30 2019 [serwer] Peer Connection Initiated with [AF_INET]46.77.92.5:1194
Tue Jun 18 20:31:31 2019 MANAGEMENT: >STATE:1560882691,GET_CONFIG,,,
Tue Jun 18 20:31:32 2019 SENT CONTROL [serwer]: 'PUSH_REQUEST' (status=1)
Tue Jun 18 20:31:32 2019 PUSH: Received control message: 'PUSH_REPLY,route 172.16.10.0 255.255.255.128,redirect-gateway def1,route 172.16.10.0 255.255.255.128,route 10.8.0.1,topology net30,ifconfig 10.8.0.10 10.8.0.9,peer-id 1'
Tue Jun 18 20:31:32 2019 OPTIONS IMPORT: --ifconfig/up options modified
Tue Jun 18 20:31:32 2019 OPTIONS IMPORT: route options modified
Tue Jun 18 20:31:32 2019 OPTIONS IMPORT: peer-id set
Tue Jun 18 20:31:32 2019 OPTIONS IMPORT: adjusting link_mtu to 1544
Tue Jun 18 20:31:32 2019 ROUTE_GATEWAY 192.168.43.1/255.255.255.0 I=17 HWADDR=48:89:e7:cf:3c:d0
Tue Jun 18 20:31:32 2019 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Tue Jun 18 20:31:32 2019 MANAGEMENT: >STATE:1560882692,ASSIGN_IP,,10.8.0.10,
Tue Jun 18 20:31:32 2019 open_tun, tt->ipv6=0
Tue Jun 18 20:31:32 2019 TAP-WIN32 device [Ethernet] opened: \\.\Global\{C150BE1B-3722-4456-8B20-2E5B87E689AF}.tap
Tue Jun 18 20:31:32 2019 TAP-Windows Driver Version 9.21
Tue Jun 18 20:31:32 2019 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.10/255.255.255.252 on interface {C150BE1B-3722-4456-8B20-2E5B87E689AF} [DHCP-serv: 10.8.0.9, lease-time: 31536000]
Tue Jun 18 20:31:32 2019 Successful ARP Flush on interface [21] {C150BE1B-3722-4456-8B20-2E5B87E689AF}
Tue Jun 18 20:31:37 2019 TEST ROUTES: 4/4 succeeded len=3 ret=1 a=0 u/d=up
Tue Jun 18 20:31:37 2019 C:\WINDOWS\system32\route.exe ADD 46.77.92.5 MASK 255.255.255.255 192.168.43.1
Tue Jun 18 20:31:37 2019 Warning: route gateway is not reachable on any active network adapters: 192.168.43.1
Tue Jun 18 20:31:37 2019 Route addition via IPAPI failed [adaptive]
Tue Jun 18 20:31:37 2019 Route addition fallback to route.exe
Tue Jun 18 20:31:37 2019 env_block: add PATH=C:\WINDOWS\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Tue Jun 18 20:31:37 2019 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.9
Tue Jun 18 20:31:37 2019 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=35 and dwForwardType=4
Tue Jun 18 20:31:37 2019 Route addition via IPAPI succeeded [adaptive]
Tue Jun 18 20:31:37 2019 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.9
Tue Jun 18 20:31:37 2019 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=35 and dwForwardType=4
Tue Jun 18 20:31:37 2019 Route addition via IPAPI succeeded [adaptive]
Tue Jun 18 20:31:37 2019 MANAGEMENT: >STATE:1560882697,ADD_ROUTES,,,
Tue Jun 18 20:31:37 2019 C:\WINDOWS\system32\route.exe ADD 172.16.10.0 MASK 255.255.255.128 10.8.0.9
Tue Jun 18 20:31:37 2019 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=35 and dwForwardType=4
Tue Jun 18 20:31:37 2019 Route addition via IPAPI succeeded [adaptive]
Tue Jun 18 20:31:37 2019 C:\WINDOWS\system32\route.exe ADD 172.16.10.0 MASK 255.255.255.128 10.8.0.9
Tue Jun 18 20:31:37 2019 ROUTE: route addition failed using CreateIpForwardEntry: The object already exists. [status=5010 if_index=21]
Tue Jun 18 20:31:37 2019 Route addition via IPAPI failed [adaptive]
Tue Jun 18 20:31:37 2019 Route addition fallback to route.exe
Tue Jun 18 20:31:37 2019 env_block: add PATH=C:\WINDOWS\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Tue Jun 18 20:31:37 2019 C:\WINDOWS\system32\route.exe ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.9
Tue Jun 18 20:31:37 2019 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=35 and dwForwardType=4
Tue Jun 18 20:31:37 2019 Route addition via IPAPI succeeded [adaptive]
Tue Jun 18 20:31:37 2019 Initialization Sequence Completed
Tue Jun 18 20:31:37 2019 MANAGEMENT: >STATE:1560882697,CONNECTED,SUCCESS,10.8.0.10,46.77.92.5

TpLink Archer C7 v2 na OpenWRT Luci

Cezary · 2019-06-18 19:36:42

Cezary
...
Nieaktywny

Skąd: Warszawa
Zarejestrowany: 2006-02-25
Posty: 116,075

Odp: OpenWrt 18.06.1 i OpenVPN

Masz dwa razy tą samą trasę w konfigu sewera.

Tue Jun 18 20:31:37 2019 C:\WINDOWS\system32\route.exe ADD 46.77.92.5 MASK 255.255.255.255 192.168.43.1
Tue Jun 18 20:31:37 2019 Warning: route gateway is not reachable on any active network adapters: 192.168.43.1
Tue Jun 18 20:31:37 2019 Route addition via IPAPI failed [adaptive]
Tue Jun 18 20:31:37 2019 Route addition fallback to route.exe

Czym jest 192.168.43.1 dla windowsa?

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

dominbdg · 2019-06-18 19:41:54

dominbdg
Użytkownik
Nieaktywny

Zarejestrowany: 2017-06-16
Posty: 309

Odp: OpenWrt 18.06.1 i OpenVPN

tak, zauważyłem, wywaliłem jedną trasę - przypadkowo miałem dwie takie same.
łączę się na sieciówce wifi na laptopie z hotspotem plusa - to jest jego adres internetowy.

z laptopa podłączonego do internetu przez komórkę nawiązuję połączenie z routerem z vpn'em.

TpLink Archer C7 v2 na OpenWRT Luci

Cezary · 2019-06-18 19:47:21

Cezary
...
Nieaktywny

Skąd: Warszawa
Zarejestrowany: 2006-02-25
Posty: 116,075

Odp: OpenWrt 18.06.1 i OpenVPN

Na początek - zmień udp na tcp. Jak wszystko zrestartujesz pokaż wyniki z windowsa

route print
ping 10.8.0.1
ping 172.16.10.1

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

dominbdg · 2019-06-18 19:53:16

dominbdg
Użytkownik
Nieaktywny

Zarejestrowany: 2017-06-16
Posty: 309

Odp: OpenWrt 18.06.1 i OpenVPN

Cezary,
nie chcę nic mówić ale wprowadziłeś we mnie zwątpienie w tego hotspota z plusa,
podłączyłem modem hilinka i ... prawie wszystko działa jak należy - pinguję router po adresie z LANu oraz sieć VPN'a.
Nie mam tylko internetu na laptopie po zestawieniu połączenia VPN ale to chyba do doczytania z instrukcji OpenVPN'a

teraz jeśli chodzi o hotspot (nie hilink)
C:\Users\Dominik>route print
===========================================================================
Interface List
8...a0 8c fd 26 0f 2d ......Realtek PCIe GBE Family Controller
12...48 89 e7 cf 3c d1 ......Microsoft Wi-Fi Direct Virtual Adapter #3
9...4a 89 e7 cf 3c d0 ......Microsoft Wi-Fi Direct Virtual Adapter #4
21...00 ff c1 50 be 1b ......TAP-Windows Adapter V9
17...48 89 e7 cf 3c d0 ......Intel(R) Wireless-AC 9260 160MHz
20...48 89 e7 cf 3c d4 ......Bluetooth Device (Personal Area Network) #2
1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.43.1 192.168.43.6 55
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
192.168.43.0 255.255.255.0 On-link 192.168.43.6 311
192.168.43.6 255.255.255.255 On-link 192.168.43.6 311
192.168.43.255 255.255.255.255 On-link 192.168.43.6 311
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.43.6 311
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.43.6 311
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 331 ::1/128 On-link
1 331 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

pingi na 172.16.10.1 oraz 10.8.0.1 nie chodzą
możliwe że po połączeniu z komórki z tetheringu - komórka coś blokuje.

jeśli chodzi o config openvpn'a z windowsa - widać że zestawia routing z hilinkiem: 192.168.8.0/24

Tue Jun 18 20:55:19 2019 OpenVPN 2.3.11 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on May 10 2016
Tue Jun 18 20:55:19 2019 Windows version 6.2 (Windows 8 or greater) 64bit
Tue Jun 18 20:55:19 2019 library versions: OpenSSL 1.0.1t 3 May 2016, LZO 2.09
Tue Jun 18 20:55:19 2019 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Tue Jun 18 20:55:19 2019 Need hold release from management interface, waiting...
Tue Jun 18 20:55:19 2019 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Tue Jun 18 20:55:19 2019 MANAGEMENT: CMD 'state on'
Tue Jun 18 20:55:19 2019 MANAGEMENT: CMD 'log all on'
Tue Jun 18 20:55:19 2019 MANAGEMENT: CMD 'hold off'
Tue Jun 18 20:55:19 2019 MANAGEMENT: CMD 'hold release'
Tue Jun 18 20:55:19 2019 Socket Buffers: R=[65536->65536] S=[65536->65536]
Tue Jun 18 20:55:19 2019 MANAGEMENT: >STATE:1560884119,RESOLVE,,,
Tue Jun 18 20:55:19 2019 UDPv4 link local (bound): [undef]
Tue Jun 18 20:55:19 2019 UDPv4 link remote: [AF_INET]46.77.92.5:1194
Tue Jun 18 20:55:19 2019 MANAGEMENT: >STATE:1560884119,WAIT,,,
Tue Jun 18 20:55:20 2019 MANAGEMENT: >STATE:1560884120,AUTH,,,
Tue Jun 18 20:55:20 2019 TLS: Initial packet from [AF_INET]46.77.92.5:1194, sid=4f5e8e11 0136b513
Tue Jun 18 20:55:20 2019 VERIFY OK: depth=1, CN=dominbdg.servebeer.com
Tue Jun 18 20:55:20 2019 Validating certificate key usage
Tue Jun 18 20:55:20 2019 ++ Certificate has key usage 00a0, expects 00a0
Tue Jun 18 20:55:20 2019 VERIFY KU OK
Tue Jun 18 20:55:20 2019 Validating certificate extended key usage
Tue Jun 18 20:55:20 2019 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Tue Jun 18 20:55:20 2019 VERIFY EKU OK
Tue Jun 18 20:55:20 2019 VERIFY OK: depth=0, CN=serwer
Tue Jun 18 20:55:20 2019 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Jun 18 20:55:20 2019 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Jun 18 20:55:20 2019 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Jun 18 20:55:20 2019 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Jun 18 20:55:20 2019 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Tue Jun 18 20:55:20 2019 [serwer] Peer Connection Initiated with [AF_INET]46.77.92.5:1194
Tue Jun 18 20:55:21 2019 MANAGEMENT: >STATE:1560884121,GET_CONFIG,,,
Tue Jun 18 20:55:22 2019 SENT CONTROL [serwer]: 'PUSH_REQUEST' (status=1)
Tue Jun 18 20:55:23 2019 PUSH: Received control message: 'PUSH_REPLY,route 172.16.10.0 255.255.255.128,redirect-gateway def1,route 10.8.0.1,topology net30,ifconfig 10.8.0.6 10.8.0.5,peer-id 0'
Tue Jun 18 20:55:23 2019 OPTIONS IMPORT: --ifconfig/up options modified
Tue Jun 18 20:55:23 2019 OPTIONS IMPORT: route options modified
Tue Jun 18 20:55:23 2019 OPTIONS IMPORT: peer-id set
Tue Jun 18 20:55:23 2019 OPTIONS IMPORT: adjusting link_mtu to 1544
Tue Jun 18 20:55:23 2019 ROUTE_GATEWAY 192.168.8.1/255.255.255.0 I=63 HWADDR=0c:5b:8f:27:9a:64
Tue Jun 18 20:55:23 2019 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Tue Jun 18 20:55:23 2019 MANAGEMENT: >STATE:1560884123,ASSIGN_IP,,10.8.0.6,
Tue Jun 18 20:55:23 2019 open_tun, tt->ipv6=0
Tue Jun 18 20:55:23 2019 TAP-WIN32 device [Ethernet] opened: \\.\Global\{C150BE1B-3722-4456-8B20-2E5B87E689AF}.tap
Tue Jun 18 20:55:23 2019 TAP-Windows Driver Version 9.21
Tue Jun 18 20:55:23 2019 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {C150BE1B-3722-4456-8B20-2E5B87E689AF} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
Tue Jun 18 20:55:23 2019 Successful ARP Flush on interface [21] {C150BE1B-3722-4456-8B20-2E5B87E689AF}
Tue Jun 18 20:55:28 2019 TEST ROUTES: 3/3 succeeded len=2 ret=1 a=0 u/d=up
Tue Jun 18 20:55:28 2019 C:\WINDOWS\system32\route.exe ADD 46.77.92.5 MASK 255.255.255.255 192.168.8.1
Tue Jun 18 20:55:28 2019 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=75 and dwForwardType=4
Tue Jun 18 20:55:28 2019 Route addition via IPAPI succeeded [adaptive]
Tue Jun 18 20:55:28 2019 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.5
Tue Jun 18 20:55:28 2019 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=35 and dwForwardType=4
Tue Jun 18 20:55:28 2019 Route addition via IPAPI succeeded [adaptive]
Tue Jun 18 20:55:28 2019 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.5
Tue Jun 18 20:55:28 2019 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=35 and dwForwardType=4
Tue Jun 18 20:55:28 2019 Route addition via IPAPI succeeded [adaptive]
Tue Jun 18 20:55:28 2019 MANAGEMENT: >STATE:1560884128,ADD_ROUTES,,,
Tue Jun 18 20:55:28 2019 C:\WINDOWS\system32\route.exe ADD 172.16.10.0 MASK 255.255.255.128 10.8.0.5
Tue Jun 18 20:55:28 2019 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=35 and dwForwardType=4
Tue Jun 18 20:55:28 2019 Route addition via IPAPI succeeded [adaptive]
Tue Jun 18 20:55:28 2019 C:\WINDOWS\system32\route.exe ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.5
Tue Jun 18 20:55:28 2019 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=35 and dwForwardType=4
Tue Jun 18 20:55:28 2019 Route addition via IPAPI succeeded [adaptive]
Tue Jun 18 20:55:28 2019 Initialization Sequence Completed
Tue Jun 18 20:55:28 2019 MANAGEMENT: >STATE:1560884128,CONNECTED,SUCCESS,10.8.0.6,46.77.92.5

TpLink Archer C7 v2 na OpenWRT Luci

Cezary · 2019-06-18 20:03:01

Cezary
...
Nieaktywny

Skąd: Warszawa
Zarejestrowany: 2006-02-25
Posty: 116,075

Odp: OpenWrt 18.06.1 i OpenVPN

Zobacz że tras nie masz. Ani do 10.x ani do 172.*

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

dominbdg · 2019-06-18 20:09:32

dominbdg
Użytkownik
Nieaktywny

Zarejestrowany: 2017-06-16
Posty: 309

Odp: OpenWrt 18.06.1 i OpenVPN

mówisz o tym połączeniu z hotspotem z route -print (windowsowy) tak ?

jeśli chodzi o połączenie z hilinka to ja tam widzę routing:
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.8.1 192.168.8.100 75
0.0.0.0 128.0.0.0 10.8.0.5 10.8.0.6 35
10.8.0.1 255.255.255.255 10.8.0.5 10.8.0.6 35
10.8.0.4 255.255.255.252 On-link 10.8.0.6 291
10.8.0.6 255.255.255.255 On-link 10.8.0.6 291
10.8.0.7 255.255.255.255 On-link 10.8.0.6 291
46.77.92.5 255.255.255.255 192.168.8.1 192.168.8.100 75
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
128.0.0.0 128.0.0.0 10.8.0.5 10.8.0.6 35
172.16.10.0 255.255.255.128 10.8.0.5 10.8.0.6 35
192.168.8.0 255.255.255.0 On-link 192.168.8.100 331
192.168.8.100 255.255.255.255 On-link 192.168.8.100 331
192.168.8.255 255.255.255.255 On-link 192.168.8.100 331
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 10.8.0.6 291
224.0.0.0 240.0.0.0 On-link 192.168.8.100 331
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 10.8.0.6 291
255.255.255.255 255.255.255.255 On-link 192.168.8.100 331
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 331 ::1/128 On-link
21 291 fe80::/64 On-link
63 331 fe80::/64 On-link
21 291 fe80::61f0:2a79:ae1f:7d92/128
On-link
63 331 fe80::fdef:bd95:117d:775/128
On-link
1 331 ff00::/8 On-link
21 291 ff00::/8 On-link
63 331 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

TpLink Archer C7 v2 na OpenWRT Luci

Cezary · 2019-06-18 20:19:31

Cezary
...
Nieaktywny

Skąd: Warszawa
Zarejestrowany: 2006-02-25
Posty: 116,075

Odp: OpenWrt 18.06.1 i OpenVPN

Ale przez hotspota nie masz. Cos ci psuje ten routing.

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

dominbdg · 2019-06-19 08:01:27

dominbdg
Użytkownik
Nieaktywny

Zarejestrowany: 2017-06-16
Posty: 309

Odp: OpenWrt 18.06.1 i OpenVPN

wiesz co, nie wiem co jest grane z tym hotspotem.
normalnie na hotspocie jest jakis tam routerek z natem i przydziela 192.168.43.0/24
hilink przydziela 192.168.8.0/24 muszę sprawdzić, może ten hotspot posiada jakiegoś firewalla czy coś.
problem polega na tym że tyle się męczyłem - stawiam openvpn'a już nie pierwszy raz i dziwiłem się dlaczego nie działa.
teraz widzę że bardziej niż nad openvpn'em muszę popracować nad tym hotspotem.

Mam pytanie - odnośnie dostępu do internetu kiedy jestem za VPN'em, znalazłem coś takiego z forum:

set service dns forwarding listen-on vtun0

rozumiem, że w moim przypadku jako że mam interfejs tun0 - będzie tun0 nie vtun0 ?

TpLink Archer C7 v2 na OpenWRT Luci

Cezary · 2019-06-19 09:35:01

Cezary
...
Nieaktywny

Skąd: Warszawa
Zarejestrowany: 2006-02-25
Posty: 116,075

Odp: OpenWrt 18.06.1 i OpenVPN

nie ma w openwrt takiego polecenia jak "set service"

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

dominbdg · 2019-06-19 10:10:21

dominbdg
Użytkownik
Nieaktywny

Zarejestrowany: 2017-06-16
Posty: 309

Odp: OpenWrt 18.06.1 i OpenVPN

a to ciekawe bo taką komendę mi przyjął

TpLink Archer C7 v2 na OpenWRT Luci

Cezary · 2019-06-19 10:13:12

Cezary
...
Nieaktywny

Skąd: Warszawa
Zarejestrowany: 2006-02-25
Posty: 116,075

Odp: OpenWrt 18.06.1 i OpenVPN

set jest poleceniem w shellu do ustawiania zmiennych. Składniowo więc przyjmuje. Ale samo w sobie nie ma sensu dla openwrt, bo to polecenie z ubiquiti ściągnięte (z ichniego vyatta)

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

dominbdg · 2019-06-19 11:01:30

dominbdg
Użytkownik
Nieaktywny

Zarejestrowany: 2017-06-16
Posty: 309

Odp: OpenWrt 18.06.1 i OpenVPN

ok,

sprawa z internetem rozwiązana,
kombinowałem, grzebałem i wystarczyło dodać rulę do firewalla:

config forwarding
option src 'vpn'
option dest 'wan'

i już wszystko działa

TpLink Archer C7 v2 na OpenWRT Luci

Cezary · 2019-06-19 11:04:41

Cezary
...
Nieaktywny

Skąd: Warszawa
Zarejestrowany: 2006-02-25
Posty: 116,075

Odp: OpenWrt 18.06.1 i OpenVPN

A ping 8.8.8.8 działa? Jak tak to masz problem z dnssami (ustaw sobie na stałe np. 8.8.8.8)

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

dominbdg · 2019-06-19 12:02:49

dominbdg
Użytkownik
Nieaktywny

Zarejestrowany: 2017-06-16
Posty: 309

Odp: OpenWrt 18.06.1 i OpenVPN

wcześniej tego próbowałem właśnie z 8.8.8.8 w dns i nie chodziło - dopiero rula na firewallu naprawiła ten problem.
ale sprawdzę dzisiaj z połączeniem po HiLinku - bo testy robiłem na hotspocie.

tak więc nic nie mówię bo teraz na hilinku może być ok

PS. co ciekawe na komputerze służbowym w pracy zainstalowałem sobie openvpn'a i wgrałem konfigurację i z plusowego HotSpota wszystko działa poprawnie. Widać mam na domowym laptopie jakąś rzeźbę.

TpLink Archer C7 v2 na OpenWRT Luci

FAQ o OpenWrt | Sprzedam różne routery | Oddam

OpenWrt 18.06.1 i OpenVPN (Strona 2 z 2)

Posty: 26 do 49 z 49

26 Odpowiedź przez dominbdg 2019-06-17 19:11:16 (edytowany przez dominbdg 2019-06-17 19:12:34)

Odp: OpenWrt 18.06.1 i OpenVPN

27 Odpowiedź przez Cezary 2019-06-17 19:19:03

Odp: OpenWrt 18.06.1 i OpenVPN

28 Odpowiedź przez dominbdg 2019-06-17 19:47:01 (edytowany przez dominbdg 2019-06-17 19:49:24)

Odp: OpenWrt 18.06.1 i OpenVPN

29 Odpowiedź przez Cezary 2019-06-17 21:14:29

Odp: OpenWrt 18.06.1 i OpenVPN

30 Odpowiedź przez dominbdg 2019-06-18 08:46:07

Odp: OpenWrt 18.06.1 i OpenVPN

31 Odpowiedź przez Cezary 2019-06-18 08:50:19

Odp: OpenWrt 18.06.1 i OpenVPN

32 Odpowiedź przez dominbdg 2019-06-18 09:16:40

Odp: OpenWrt 18.06.1 i OpenVPN

33 Odpowiedź przez dominbdg 2019-06-18 18:26:49

Odp: OpenWrt 18.06.1 i OpenVPN

34 Odpowiedź przez Cezary 2019-06-18 19:00:53

Odp: OpenWrt 18.06.1 i OpenVPN

35 Odpowiedź przez dominbdg 2019-06-18 19:32:30

Odp: OpenWrt 18.06.1 i OpenVPN

36 Odpowiedź przez Cezary 2019-06-18 19:36:42

Odp: OpenWrt 18.06.1 i OpenVPN

37 Odpowiedź przez dominbdg 2019-06-18 19:41:54

Odp: OpenWrt 18.06.1 i OpenVPN

38 Odpowiedź przez Cezary 2019-06-18 19:47:21

Odp: OpenWrt 18.06.1 i OpenVPN

39 Odpowiedź przez dominbdg 2019-06-18 19:53:16 (edytowany przez dominbdg 2019-06-18 20:00:49)

Odp: OpenWrt 18.06.1 i OpenVPN

40 Odpowiedź przez Cezary 2019-06-18 20:03:01

Odp: OpenWrt 18.06.1 i OpenVPN

41 Odpowiedź przez dominbdg 2019-06-18 20:09:32 (edytowany przez dominbdg 2019-06-18 20:15:55)

Odp: OpenWrt 18.06.1 i OpenVPN

42 Odpowiedź przez Cezary 2019-06-18 20:19:31

Odp: OpenWrt 18.06.1 i OpenVPN

43 Odpowiedź przez dominbdg 2019-06-19 08:01:27 (edytowany przez dominbdg 2019-06-19 09:33:07)

Odp: OpenWrt 18.06.1 i OpenVPN

44 Odpowiedź przez Cezary 2019-06-19 09:35:01

Odp: OpenWrt 18.06.1 i OpenVPN

45 Odpowiedź przez dominbdg 2019-06-19 10:10:21 (edytowany przez dominbdg 2019-06-19 10:10:37)

Odp: OpenWrt 18.06.1 i OpenVPN

46 Odpowiedź przez Cezary 2019-06-19 10:13:12

Odp: OpenWrt 18.06.1 i OpenVPN

47 Odpowiedź przez dominbdg 2019-06-19 11:01:30 (edytowany przez dominbdg 2019-06-19 11:10:05)

Odp: OpenWrt 18.06.1 i OpenVPN

48 Odpowiedź przez Cezary 2019-06-19 11:04:41

Odp: OpenWrt 18.06.1 i OpenVPN

49 Odpowiedź przez dominbdg 2019-06-19 12:02:49 (edytowany przez dominbdg 2019-06-19 15:00:13)

Odp: OpenWrt 18.06.1 i OpenVPN

Posty: 26 do 49 z 49