1. Diese Seite verwendet Cookies. Wenn du dich weiterhin auf dieser Seite aufhältst, akzeptierst du unseren Einsatz von Cookies. Weitere Informationen

Talk OpenVPN schlaegt fehl

Dieses Thema im Forum "DM 800se HD Clones" wurde erstellt von mac-duff, 6. Januar 2013.

  1. mac-duff
    Offline

    mac-duff Ist gelegentlich hier

    Registriert:
    10. Dezember 2012
    Beiträge:
    36
    Zustimmungen:
    0
    Punkte für Erfolge:
    0
    Hallo,
    und zwar habe ich ein recht komisches Problem. Ich habe bei IVACY mir eine VPN Leitung gekauft und die in einer VM unter XP getestet und funktioniert auch.
    Wenn ich diese aber auf meine Dreambox nigma von el blindo uebertrage funktioniert diese nur alle 1%. Das komische ist, dass sobald nach dem Aufbau ich einen ping oder ein ifconfig mache sich die Box verabschiedet, sprich TV geht noch, kann sie aber nicht mehr neu starten da sie sich aufhaengt da sie anscheinend die VPN Verbindung nicht loesen kann.
    Habe auch die Log Datei aktiviert wo aber auch nix drinne steht....

    Was mich echt kirre macht ist das es mal geht und dann wieder nicht...

    log
    Code:
    Sun Jan  6 15:40:19 2013 OpenVPN 2.2.2 mipsel-oe-linux [SSL] [LZO2] [EPOLL] [eurephia] built on Mar  7 2012
    Sun Jan  6 15:40:19 2013 WARNING: file '/etc/openvpn/authpass' is group or others accessible
    Sun Jan  6 15:40:19 2013 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
    Sun Jan  6 15:40:19 2013 WARNING: file 'ivacy-client.key' is group or others accessible
    Sun Jan  6 15:40:19 2013 WARNING: file 'ivacy-tls.key' is group or others accessible
    Sun Jan  6 15:40:19 2013 Control Channel Authentication: using 'ivacy-tls.key' as a OpenVPN static key file
    Sun Jan  6 15:40:19 2013 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sun Jan  6 15:40:19 2013 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sun Jan  6 15:40:19 2013 LZO compression initialized
    Sun Jan  6 15:40:19 2013 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
    Sun Jan  6 15:40:19 2013 Socket Buffers: R=[103424->131072] S=[103424->131072]
    Sun Jan  6 15:40:19 2013 RESOLVE: NOTE: openvpn.ivacy.com resolves to 3 addresses
    Sun Jan  6 15:40:19 2013 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
    Sun Jan  6 15:40:19 2013 Local Options hash (VER=V4): '504e774e'
    Sun Jan  6 15:40:19 2013 Expected Remote Options hash (VER=V4): '14168603'
    Sun Jan  6 15:40:19 2013 UDPv4 link local: [undef]
    Sun Jan  6 15:40:19 2013 UDPv4 link remote: 213.232.200.170:1194
    Sun Jan  6 15:40:19 2013 TLS: Initial packet from 213.232.200.170:1194, sid=0ba3f877 9ae59387
    Sun Jan  6 15:40:19 2013 WARNING: this configuration may cache passwords  in memory -- use the auth-nocache option to prevent this
    Sun Jan  6 15:40:20 2013 VERIFY OK: depth=1, /C=RU/ST=MR/L=Moscow/O=ivacy.com/CN=ivacy.com_CA/emailAddress=admin@ivacy.com
    Sun Jan  6 15:40:20 2013 VERIFY OK: nsCertType=SERVER
    Sun Jan  6 15:40:20 2013 VERIFY OK: depth=0, /C=RU/ST=MR/L=Moscow/O=ivacy.com/CN=openvpn.ivacy.com/emailAddress=admin@ivacy.com
    Sun Jan  6 15:40:22 2013 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Sun Jan  6 15:40:22 2013 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sun Jan  6 15:40:22 2013 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Sun Jan  6 15:40:22 2013 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sun Jan  6 15:40:22 2013 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
    Sun Jan  6 15:40:22 2013 [openvpn.ivacy.com] Peer Connection Initiated with 213.232.200.170:1194
    Sun Jan  6 15:40:24 2013 SENT CONTROL [openvpn.ivacy.com]: 'PUSH_REQUEST' (status=1)
    Sun Jan  6 15:40:24 2013 PUSH: Received control message:  'PUSH_REPLY,route 1.0.0.0 255.0.0.0,dhcp-option DNS  1.254.2.2,dhcp-option DNS 1.254.2.3,dhcp-option DOMAIN  vpn,explicit-exit-notify 2,route-gateway 1.2.124.1,topology subnet,ping  10,ping-restart 60,ifconfig 1.2.124.110 255.255.255.0'
    Sun Jan  6 15:40:24 2013 OPTIONS IMPORT: timers and/or timeouts modified
    Sun Jan  6 15:40:24 2013 OPTIONS IMPORT: explicit notify parm(s) modified
    Sun Jan  6 15:40:24 2013 OPTIONS IMPORT: --ifconfig/up options modified
    Sun Jan  6 15:40:24 2013 OPTIONS IMPORT: route options modified
    Sun Jan  6 15:40:24 2013 OPTIONS IMPORT: route-related options modified
    Sun Jan  6 15:40:24 2013 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
    Sun Jan  6 15:40:24 2013 ROUTE default_gateway=192.168.33.2
    

    client-config
    Code:
    client
    dev tun
    proto udp
    remote openvpn.ivacy.com 1194
    push "route 192.168.33.0 255.255.255.0"
    resolv-retry infinite
    nobind
    persist-key
    persist-tun
    ca ivacy-ca.crt
    cert ivacy-client.crt
    key ivacy-client.key
    tls-auth ivacy-tls.key 1
    ns-cert-type server
    comp-lzo
    verb 3
    auth-user-pass /etc/openvpn/authpass
    redirect-gateway
    reneg-sec 0
    status /etc/openvpn/openvpn-status.log
    log /etc/openvpn/openvpn-log.log
    

    Irgend eine Idee?

    Edit:

    Jetzt habe ich mal die push method herausgenommen, kann immer noch auf die Box zugreifen und der Tunnel ist da, hier mal der log
    Code:
    Sun Jan  6 16:23:32 2013 OpenVPN 2.2.2 mipsel-oe-linux [SSL] [LZO2] [EPOLL] [eurephia] built on Mar  7 2012
    Sun Jan  6 16:23:32 2013 WARNING: file '/etc/openvpn/authpass' is group or others accessible
    Sun Jan  6 16:23:32 2013 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
    Sun Jan  6 16:23:32 2013 WARNING: file 'ivacy-client.key' is group or others accessible
    Sun Jan  6 16:23:32 2013 WARNING: file 'ivacy-tls.key' is group or others accessible
    Sun Jan  6 16:23:32 2013 Control Channel Authentication: using 'ivacy-tls.key' as a OpenVPN static key file
    Sun Jan  6 16:23:32 2013 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sun Jan  6 16:23:32 2013 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sun Jan  6 16:23:32 2013 LZO compression initialized
    Sun Jan  6 16:23:32 2013 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
    Sun Jan  6 16:23:32 2013 Socket Buffers: R=[103424->131072] S=[103424->131072]
    Sun Jan  6 16:23:32 2013 RESOLVE: NOTE: openvpn.ivacy.com resolves to 3 addresses
    Sun Jan  6 16:23:32 2013 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
    Sun Jan  6 16:23:32 2013 Local Options hash (VER=V4): '504e774e'
    Sun Jan  6 16:23:32 2013 Expected Remote Options hash (VER=V4): '14168603'
    Sun Jan  6 16:23:32 2013 UDPv4 link local: [undef]
    Sun Jan  6 16:23:32 2013 UDPv4 link remote: 213.232.200.172:1194
    Sun Jan  6 16:23:32 2013 TLS: Initial packet from 213.232.200.172:1194, sid=695cef27 21c0c54d
    Sun Jan  6 16:23:32 2013 WARNING: this configuration may cache passwords  in memory -- use the auth-nocache option to prevent this
    Sun Jan  6 16:23:33 2013 VERIFY OK: depth=1, /C=RU/ST=MR/L=Moscow/O=ivacy.com/CN=ivacy.com_CA/emailAddress=admin@ivacy.com
    Sun Jan  6 16:23:33 2013 VERIFY OK: nsCertType=SERVER
    Sun Jan  6 16:23:33 2013 VERIFY OK: depth=0, /C=RU/ST=MR/L=Moscow/O=ivacy.com/CN=openvpn.ivacy.com/emailAddress=admin@ivacy.com
    Sun Jan  6 16:23:35 2013 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Sun Jan  6 16:23:35 2013 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sun Jan  6 16:23:35 2013 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Sun Jan  6 16:23:35 2013 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sun Jan  6 16:23:35 2013 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
    Sun Jan  6 16:23:35 2013 [openvpn.ivacy.com] Peer Connection Initiated with 213.232.200.172:1194
    Sun Jan  6 16:23:37 2013 SENT CONTROL [openvpn.ivacy.com]: 'PUSH_REQUEST' (status=1)
    Sun Jan  6 16:23:37 2013 PUSH: Received control message:  'PUSH_REPLY,route 1.0.0.0 255.0.0.0,dhcp-option DNS  1.254.2.2,dhcp-option DNS 1.254.2.3,dhcp-option DOMAIN  vpn,explicit-exit-notify 2,route-gateway 1.2.112.1,topology subnet,ping  10,ping-restart 60,ifconfig 1.2.112.101 255.255.252.0'
    Sun Jan  6 16:23:37 2013 OPTIONS IMPORT: timers and/or timeouts modified
    Sun Jan  6 16:23:37 2013 OPTIONS IMPORT: explicit notify parm(s) modified
    Sun Jan  6 16:23:37 2013 OPTIONS IMPORT: --ifconfig/up options modified
    Sun Jan  6 16:23:37 2013 OPTIONS IMPORT: route options modified
    Sun Jan  6 16:23:37 2013 OPTIONS IMPORT: route-related options modified
    Sun Jan  6 16:23:37 2013 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
    Sun Jan  6 16:23:37 2013 ROUTE default_gateway=192.168.33.2
    Sun Jan  6 16:23:37 2013 TUN/TAP device tun0 opened
    Sun Jan  6 16:23:37 2013 TUN/TAP TX queue length set to 100
    Sun Jan  6 16:23:37 2013 /sbin/ifconfig tun0 1.2.112.101 netmask 255.255.252.0 mtu 1500 broadcast 1.2.115.255
    Sun Jan  6 16:23:37 2013 /sbin/route add -net 213.232.200.172 netmask 255.255.255.255 gw 192.168.33.2
    Sun Jan  6 16:23:37 2013 /sbin/route del -net 0.0.0.0 netmask 0.0.0.0
    Sun Jan  6 16:23:37 2013 /sbin/route add -net 0.0.0.0 netmask 0.0.0.0 gw 1.2.112.1
    Sun Jan  6 16:23:37 2013 WARNING: potential route subnet conflict  between local LAN [1.2.112.0/255.255.255.0] and remote VPN  [1.0.0.0/255.0.0.0]
    Sun Jan  6 16:23:37 2013 /sbin/route add -net 1.0.0.0 netmask 255.0.0.0 gw 1.2.112.1
    Sun Jan  6 16:23:37 2013 Initialization Sequence Completed
    
     
    Zuletzt von einem Moderator bearbeitet: 6. Januar 2013
    #1

Diese Seite empfehlen