Новый участник
Сообщения: 30
Благодарности: 0
|
Профиль
|
Отправить PM
| Цитировать
Поднимаю тему.
Настроил OpenVpn. Но опять же не работает роутинг.
Прикладываю конфиги
Server.opvn
Цитата:
port 21
proto tcp
dev tun
ca "C:\\Program Files (x86)\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "C:\\Program Files (x86)\\OpenVPN\\easy-rsa\\keys\\server.crt"
key "C:\\Program Files (x86)\\OpenVPN\\easy-rsa\\keys\\server.key" # This file should be kept secret
dh "C:\\Program Files (x86)\\OpenVPN\\easy-rsa\\keys\\dh1024.pem"
server 10.0.0.0 255.255.255.0
client-config-dir ccd
push "route 10.0.1.0 255.255.255.0"
push "route 10.0.2.0 255.255.255.0"
push "route 10.0.3.0 255.255.255.0"
route 10.0.1.0 255.255.255.0
route 10.0.2.0 255.255.255.0
route 10.0.3.0 255.255.255.0
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
|
client.ovpn
Цитата:
client
dev tun
proto tcp
remote <тут был ip> 21
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client1.crt
key client1.key
ns-cert-type server
comp-lzo
verb 3
|
Ipconfig Клиент
Цитата:
Подключение по локальной сети 12 - Ethernet адаптер:
DNS-суффикс этого подключения . . :
Описание . . . . . . . . . . . . : TAP-Win32 Adapter V9
Физический адрес. . . . . . . . . : 00-FF-AE-F2-05-AD
Dhcp включен. . . . . . . . . . . : да
Автонастройка включена . . . . . : да
IP-адрес . . . . . . . . . . . . : 10.0.0.6
Маска подсети . . . . . . . . . . : 255.255.255.252
IP-адрес . . . . . . . . . . . . : fe80::2ff:aeff:fef2:5ad%13
Основной шлюз . . . . . . . . . . :
DHCP-сервер . . . . . . . . . . . : 10.0.0.5
DNS-серверы . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
Аренда получена . . . . . . . . . : 12 марта 2011 г. 3:57:04
Аренда истекает . . . . . . . . . : 11 марта 2012 г. 3:57:04
|
Ipconfig Сервер
Цитата:
Ethernet adapter Подключение по локальной сети:
DNS-суффикс подключения . . . . . :
Описание. . . . . . . . . . . . . : TAP-Win32 Adapter V9
Физический адрес. . . . . . . . . : 00-FF-D0-3A-54-D1
DHCP включен. . . . . . . . . . . : Да
Автонастройка включена. . . . . . : Да
Локальный IPv6-адрес канала . . . : fe80::8c78:417:c5f9:2b70%23(Основной)
IPv4-адрес. . . . . . . . . . . . : 10.0.0.1(Основной)
Маска подсети . . . . . . . . . . : 255.255.255.252
Аренда получена. . . . . . . . . . : 12 марта 2011 г. 3:53:53
Срок аренды истекает. . . . . . . . . . : 11 марта 2012 г. 3:53:52
Основной шлюз. . . . . . . . . :
DHCP-сервер. . . . . . . . . . . : 10.0.0.2
IAID DHCPv6 . . . . . . . . . . . : 385941456
DUID клиента DHCPv6 . . . . . . . : 00-01-00-01-14-C4-DB-A5-1C-6F-65-92-31-69
DNS-серверы. . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBios через TCP/IP. . . . . . . . : Включен
|
Лог клиента
Цитата:
Sat Mar 12 03:56:52 2011 OpenVPN 2.1.4 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Nov 8 2010
Sat Mar 12 03:56:52 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sat Mar 12 03:56:52 2011 LZO compression initialized
Sat Mar 12 03:56:52 2011 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sat Mar 12 03:56:52 2011 Socket Buffers: R=[131072->131072] S=[81920->81920]
Sat Mar 12 03:56:52 2011 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Mar 12 03:56:52 2011 Local Options hash (VER=V4): '69109d17'
Sat Mar 12 03:56:52 2011 Expected Remote Options hash (VER=V4): 'c0103fa8'
Sat Mar 12 03:56:52 2011 Attempting to establish TCP connection with 178.94.126.155:21
Sat Mar 12 03:56:52 2011 TCP connection established with 178.94.126.155:21
Sat Mar 12 03:56:52 2011 TCPv4_CLIENT link local: [undef]
Sat Mar 12 03:56:52 2011 TCPv4_CLIENT link remote: 178.94.126.155:21
Sat Mar 12 03:56:52 2011 TLS: Initial packet from 178.94.126.155:21, sid=091ac758 42f2f4ab
Sat Mar 12 03:56:54 2011 VERIFY OK: depth=1, /C=RU/ST=NA/L=Moscow/O=OpenVPN/emailAddress=mail@example.domain
Sat Mar 12 03:56:54 2011 VERIFY OK: nsCertType=SERVER
Sat Mar 12 03:56:54 2011 VERIFY OK: depth=0, /C=RU/ST=NA/O=OpenVPN/OU=IT/CN=server/emailAddress=mail@host.domain
Sat Mar 12 03:56:57 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Mar 12 03:56:57 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Mar 12 03:56:57 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Mar 12 03:56:57 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Mar 12 03:56:57 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sat Mar 12 03:56:57 2011 [server] Peer Connection Initiated with 178.94.126.155:21
Sat Mar 12 03:56:59 2011 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Sat Mar 12 03:56:59 2011 PUSH: Received control message: 'PUSH_REPLY,route 10.0.1.0 255.255.255.0,route 10.0.2.0 255.255.255.0,route 10.0.3.0 255.255.255.0,route 10.0.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.0.0.6 10.0.0.5'
Sat Mar 12 03:56:59 2011 OPTIONS IMPORT: timers and/or timeouts modified
Sat Mar 12 03:56:59 2011 OPTIONS IMPORT: --ifconfig/up options modified
Sat Mar 12 03:56:59 2011 OPTIONS IMPORT: route options modified
Sat Mar 12 03:56:59 2011 ROUTE default_gateway=84.55.63.1
Sat Mar 12 03:56:59 2011 TAP-WIN32 device [Подключение по локальной сети 12] opened: \\.\Global\{AEF205AD-D812-40CD-B350-0D5268842089}.tap
Sat Mar 12 03:56:59 2011 TAP-Win32 Driver Version 9.7
Sat Mar 12 03:56:59 2011 TAP-Win32 MTU=1500
Sat Mar 12 03:56:59 2011 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.0.0.6/255.255.255.252 on interface {AEF205AD-D812-40CD-B350-0D5268842089} [DHCP-serv: 10.0.0.5, lease-time: 31536000]
Sat Mar 12 03:56:59 2011 Successful ARP Flush on interface [524293] {AEF205AD-D812-40CD-B350-0D5268842089}
Sat Mar 12 03:57:05 2011 TEST ROUTES: 4/4 succeeded len=4 ret=1 a=0 u/d=up
Sat Mar 12 03:57:05 2011 C:\WINDOWS\system32\route.exe ADD 10.0.1.0 MASK 255.255.255.0 10.0.0.5
Sat Mar 12 03:57:05 2011 Route addition via IPAPI succeeded [adaptive]
Sat Mar 12 03:57:05 2011 C:\WINDOWS\system32\route.exe ADD 10.0.2.0 MASK 255.255.255.0 10.0.0.5
Sat Mar 12 03:57:05 2011 Route addition via IPAPI succeeded [adaptive]
Sat Mar 12 03:57:05 2011 C:\WINDOWS\system32\route.exe ADD 10.0.3.0 MASK 255.255.255.0 10.0.0.5
Sat Mar 12 03:57:05 2011 Route addition via IPAPI succeeded [adaptive]
Sat Mar 12 03:57:05 2011 C:\WINDOWS\system32\route.exe ADD 10.0.0.1 MASK 255.255.255.255 10.0.0.5
Sat Mar 12 03:57:05 2011 Route addition via IPAPI succeeded [adaptive]
Sat Mar 12 03:57:05 2011 Initialization Sequence Completed
|
Лог сервера
Цитата:
Sat Mar 12 03:53:52 2011 OpenVPN 2.1.4 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Nov 8 2010
Sat Mar 12 03:53:52 2011 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
Sat Mar 12 03:53:52 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sat Mar 12 03:53:52 2011 Diffie-Hellman initialized with 1024 bit key
Sat Mar 12 03:53:52 2011 TLS-Auth MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sat Mar 12 03:53:52 2011 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sat Mar 12 03:53:52 2011 ROUTE default_gateway=192.168.1.1
Sat Mar 12 03:53:52 2011 TAP-WIN32 device [Подключение по локальной сети] opened: \\.\Global\{D03A54D1-50DE-418E-BE25-E710290603B7}.tap
Sat Mar 12 03:53:52 2011 TAP-Win32 Driver Version 9.7
Sat Mar 12 03:53:52 2011 TAP-Win32 MTU=1500
Sat Mar 12 03:53:52 2011 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.0.0.1/255.255.255.252 on interface {D03A54D1-50DE-418E-BE25-E710290603B7} [DHCP-serv: 10.0.0.2, lease-time: 31536000]
Sat Mar 12 03:53:52 2011 Sleeping for 10 seconds...
Sat Mar 12 03:54:02 2011 Successful ARP Flush on interface [23] {D03A54D1-50DE-418E-BE25-E710290603B7}
Sat Mar 12 03:54:02 2011 C:\WINDOWS\system32\route.exe ADD 10.0.1.0 MASK 255.255.255.0 10.0.0.2
Sat Mar 12 03:54:02 2011 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Sat Mar 12 03:54:02 2011 Route addition via IPAPI succeeded [adaptive]
Sat Mar 12 03:54:02 2011 C:\WINDOWS\system32\route.exe ADD 10.0.2.0 MASK 255.255.255.0 10.0.0.2
Sat Mar 12 03:54:02 2011 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Sat Mar 12 03:54:02 2011 Route addition via IPAPI succeeded [adaptive]
Sat Mar 12 03:54:02 2011 C:\WINDOWS\system32\route.exe ADD 10.0.3.0 MASK 255.255.255.0 10.0.0.2
Sat Mar 12 03:54:02 2011 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Sat Mar 12 03:54:02 2011 Route addition via IPAPI succeeded [adaptive]
Sat Mar 12 03:54:02 2011 C:\WINDOWS\system32\route.exe ADD 10.0.0.0 MASK 255.255.255.0 10.0.0.2
Sat Mar 12 03:54:02 2011 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Sat Mar 12 03:54:02 2011 Route addition via IPAPI succeeded [adaptive]
Sat Mar 12 03:54:02 2011 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Mar 12 03:54:02 2011 Listening for incoming TCP connection on [undef]:21
Sat Mar 12 03:54:02 2011 TCPv4_SERVER link local (bound): [undef]:21
Sat Mar 12 03:54:02 2011 TCPv4_SERVER link remote: [undef]
Sat Mar 12 03:54:02 2011 MULTI: multi_init called, r=256 v=256
Sat Mar 12 03:54:02 2011 IFCONFIG POOL: base=10.0.0.4 size=62
Sat Mar 12 03:54:02 2011 MULTI: TCP INIT maxclients=60 maxevents=64
Sat Mar 12 03:54:02 2011 Initialization Sequence Completed
Sat Mar 12 03:54:03 2011 MULTI: multi_create_instance called
Sat Mar 12 03:54:03 2011 Re-using SSL/TLS context
Sat Mar 12 03:54:03 2011 LZO compression initialized
Sat Mar 12 03:54:03 2011 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sat Mar 12 03:54:03 2011 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Mar 12 03:54:03 2011 Local Options hash (VER=V4): 'c0103fa8'
Sat Mar 12 03:54:03 2011 Expected Remote Options hash (VER=V4): '69109d17'
Sat Mar 12 03:54:03 2011 TCP connection established with <CLIENT IP ADDR>:1188
Sat Mar 12 03:54:03 2011 TCPv4_SERVER link local: [undef]
Sat Mar 12 03:54:03 2011 TCPv4_SERVER link remote: <CLIENT IP ADDR>:1188
Sat Mar 12 03:54:03 2011 <CLIENT IP ADDR>:1188 TLS: Initial packet from <CLIENT IP ADDR>:1188, sid=d22e1ff2 58545850
Sat Mar 12 03:54:06 2011 <CLIENT IP ADDR>:1188 VERIFY OK: depth=1, /C=RU/ST=NA/L=Moscow/O=OpenVPN/emailAddress=mail@example.domain
Sat Mar 12 03:54:06 2011 <CLIENT IP ADDR>:1188 VERIFY OK: depth=0, /C=RU/ST=NA/O=OpenVPN/OU=IT/CN=client1/emailAddress=mail@host.domain
Sat Mar 12 03:54:08 2011 <CLIENT IP ADDR>:1188 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Mar 12 03:54:08 2011 <CLIENT IP ADDR>:1188 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Mar 12 03:54:08 2011 <CLIENT IP ADDR>:1188 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Mar 12 03:54:08 2011 <CLIENT IP ADDR>:1188 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Mar 12 03:54:08 2011 <CLIENT IP ADDR>:1188 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sat Mar 12 03:54:08 2011 <CLIENT IP ADDR>:1188 [client1] Peer Connection Initiated with <CLIENT IP ADDR>:1188
Sat Mar 12 03:54:08 2011 client1/<CLIENT IP ADDR>:1188 MULTI: Learn: 10.0.0.6 -> client1/<CLIENT IP ADDR>:1188
Sat Mar 12 03:54:08 2011 client1/<CLIENT IP ADDR>:1188 MULTI: primary virtual IP for client1/<CLIENT IP ADDR>:1188: 10.0.0.6
Sat Mar 12 03:54:10 2011 client1/<CLIENT IP ADDR>:1188 PUSH: Received control message: 'PUSH_REQUEST'
Sat Mar 12 03:54:10 2011 client1/<CLIENT IP ADDR>:1188 SENT CONTROL [client1]: 'PUSH_REPLY,route 10.0.1.0 255.255.255.0,route 10.0.2.0 255.255.255.0,route 10.0.3.0 255.255.255.0,route 10.0.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.0.0.6 10.0.0.5' (status=1)
Sat Mar 12 03:54:25 2011 client1/<CLIENT IP ADDR>:1188 Connection reset, restarting [-1]
Sat Mar 12 03:54:25 2011 client1/<CLIENT IP ADDR>:1188 SIGUSR1[soft,connection-reset] received, client-instance restarting
Sat Mar 12 03:54:25 2011 TCP/UDP: Closing socket
Sat Mar 12 03:54:26 2011 MULTI: multi_create_instance called
Sat Mar 12 03:54:26 2011 Re-using SSL/TLS context
Sat Mar 12 03:54:26 2011 LZO compression initialized
Sat Mar 12 03:54:26 2011 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sat Mar 12 03:54:26 2011 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Mar 12 03:54:26 2011 Local Options hash (VER=V4): 'c0103fa8'
Sat Mar 12 03:54:26 2011 Expected Remote Options hash (VER=V4): '69109d17'
Sat Mar 12 03:54:26 2011 TCP connection established with <CLIENT IP ADDR>:1189
Sat Mar 12 03:54:26 2011 TCPv4_SERVER link local: [undef]
Sat Mar 12 03:54:26 2011 TCPv4_SERVER link remote: <CLIENT IP ADDR>:1189
Sat Mar 12 03:54:26 2011 <CLIENT IP ADDR>:1189 TLS: Initial packet from <CLIENT IP ADDR>:1189, sid=d31de12c 2c6cfdd7
Sat Mar 12 03:54:29 2011 <CLIENT IP ADDR>:1189 VERIFY OK: depth=1, /C=RU/ST=NA/L=Moscow/O=OpenVPN/emailAddress=mail@example.domain
Sat Mar 12 03:54:29 2011 <CLIENT IP ADDR>:1189 VERIFY OK: depth=0, /C=RU/ST=NA/O=OpenVPN/OU=IT/CN=client1/emailAddress=mail@host.domain
Sat Mar 12 03:54:31 2011 <CLIENT IP ADDR>:1189 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Mar 12 03:54:31 2011 <CLIENT IP ADDR>:1189 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Mar 12 03:54:31 2011 <CLIENT IP ADDR>:1189 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Mar 12 03:54:31 2011 <CLIENT IP ADDR>:1189 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Mar 12 03:54:31 2011 <CLIENT IP ADDR>:1189 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sat Mar 12 03:54:31 2011 <CLIENT IP ADDR>:1189 [client1] Peer Connection Initiated with <CLIENT IP ADDR>:1189
Sat Mar 12 03:54:31 2011 client1/<CLIENT IP ADDR>:1189 MULTI: Learn: 10.0.0.6 -> client1/<CLIENT IP ADDR>:1189
Sat Mar 12 03:54:31 2011 client1/<CLIENT IP ADDR>:1189 MULTI: primary virtual IP for client1/<CLIENT IP ADDR>:1189: 10.0.0.6
Sat Mar 12 03:54:33 2011 client1/<CLIENT IP ADDR>:1189 PUSH: Received control message: 'PUSH_REQUEST'
Sat Mar 12 03:54:33 2011 client1/<CLIENT IP ADDR>:1189 SENT CONTROL [client1]: 'PUSH_REPLY,route 10.0.1.0 255.255.255.0,route 10.0.2.0 255.255.255.0,route 10.0.3.0 255.255.255.0,route 10.0.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.0.0.6 10.0.0.5' (status=1)
Sat Mar 12 03:55:55 2011 client1/<CLIENT IP ADDR>:1189 Connection reset, restarting [-1]
Sat Mar 12 03:55:55 2011 client1/<CLIENT IP ADDR>:1189 SIGUSR1[soft,connection-reset] received, client-instance restarting
Sat Mar 12 03:55:55 2011 TCP/UDP: Closing socket
Sat Mar 12 03:55:59 2011 MULTI: multi_create_instance called
Sat Mar 12 03:55:59 2011 Re-using SSL/TLS context
Sat Mar 12 03:55:59 2011 LZO compression initialized
Sat Mar 12 03:55:59 2011 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sat Mar 12 03:55:59 2011 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Mar 12 03:55:59 2011 Local Options hash (VER=V4): 'c0103fa8'
Sat Mar 12 03:55:59 2011 Expected Remote Options hash (VER=V4): '69109d17'
Sat Mar 12 03:55:59 2011 TCP connection established with <CLIENT IP ADDR>:1295
Sat Mar 12 03:55:59 2011 TCPv4_SERVER link local: [undef]
Sat Mar 12 03:55:59 2011 TCPv4_SERVER link remote: <CLIENT IP ADDR>:1295
Sat Mar 12 03:56:01 2011 <CLIENT IP ADDR>:1295 WARNING: Bad encapsulated packet length from peer (20821), which must be > 0 and <= 1544 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attemping restart...]
Sat Mar 12 03:56:01 2011 <CLIENT IP ADDR>:1295 Connection reset, restarting [0]
Sat Mar 12 03:56:01 2011 <CLIENT IP ADDR>:1295 SIGUSR1[soft,connection-reset] received, client-instance restarting
Sat Mar 12 03:56:01 2011 TCP/UDP: Closing socket
Sat Mar 12 03:56:07 2011 MULTI: multi_create_instance called
Sat Mar 12 03:56:07 2011 Re-using SSL/TLS context
Sat Mar 12 03:56:07 2011 LZO compression initialized
Sat Mar 12 03:56:07 2011 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sat Mar 12 03:56:07 2011 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Mar 12 03:56:07 2011 Local Options hash (VER=V4): 'c0103fa8'
Sat Mar 12 03:56:07 2011 Expected Remote Options hash (VER=V4): '69109d17'
Sat Mar 12 03:56:07 2011 TCP connection established with <CLIENT IP ADDR>:1296
Sat Mar 12 03:56:07 2011 TCPv4_SERVER link local: [undef]
Sat Mar 12 03:56:07 2011 TCPv4_SERVER link remote: <CLIENT IP ADDR>:1296
Sat Mar 12 03:56:07 2011 <CLIENT IP ADDR>:1296 TLS: Initial packet from <CLIENT IP ADDR>:1296, sid=38c32db3 380ea67d
Sat Mar 12 03:56:11 2011 <CLIENT IP ADDR>:1296 VERIFY OK: depth=1, /C=RU/ST=NA/L=Moscow/O=OpenVPN/emailAddress=mail@example.domain
Sat Mar 12 03:56:11 2011 <CLIENT IP ADDR>:1296 VERIFY OK: depth=0, /C=RU/ST=NA/O=OpenVPN/OU=IT/CN=client1/emailAddress=mail@host.domain
Sat Mar 12 03:56:12 2011 <CLIENT IP ADDR>:1296 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Mar 12 03:56:12 2011 <CLIENT IP ADDR>:1296 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Mar 12 03:56:12 2011 <CLIENT IP ADDR>:1296 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Mar 12 03:56:12 2011 <CLIENT IP ADDR>:1296 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Mar 12 03:56:13 2011 <CLIENT IP ADDR>:1296 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sat Mar 12 03:56:13 2011 <CLIENT IP ADDR>:1296 [client1] Peer Connection Initiated with <CLIENT IP ADDR>:1296
Sat Mar 12 03:56:13 2011 client1/<CLIENT IP ADDR>:1296 MULTI: Learn: 10.0.0.6 -> client1/<CLIENT IP ADDR>:1296
Sat Mar 12 03:56:13 2011 client1/<CLIENT IP ADDR>:1296 MULTI: primary virtual IP for client1/<CLIENT IP ADDR>:1296: 10.0.0.6
Sat Mar 12 03:56:14 2011 client1/<CLIENT IP ADDR>:1296 PUSH: Received control message: 'PUSH_REQUEST'
Sat Mar 12 03:56:14 2011 client1/<CLIENT IP ADDR>:1296 SENT CONTROL [client1]: 'PUSH_REPLY,route 10.0.1.0 255.255.255.0,route 10.0.2.0 255.255.255.0,route 10.0.3.0 255.255.255.0,route 10.0.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.0.0.6 10.0.0.5' (status=1)
|
Ребят.. Мне кажется что-то с route и push.. Где накосячил? Все пытался по ману делать.. :|
ВПНы горят зелеными. К сожалению не могу проверить пинги, но по nbtstat вижу NetBios имя и MAC сетевухи сервера, соотв. и пинг должен быть. Если у кого-то есть готовое решение конфигов, поделитесь 
З.Ы. Цель: полная маршрутизация трафика.
Схема: клиент впн -> сервер впн -> интернет.
З.З.Ы Просите то, что не дал. route print добавлю днем. Заманался сегодня :| |
Вечная проблема у меня с Этим ВПН-ом. Никак нормально подниматься не хочет.
