Mise en place d'openvpn sous linux

Mise en place d'openvpn sous linux - réseaux et sécurité - Linux et OS Alternatifs

Marsh Posté le 12-04-2008 à 19:57:24    

Bonjour a tous
voila j'ai suivi plein de tuto sur internet et je n'arrive pas à faire fonctionner mon vpn
je vous explique ma configuration
 
tout d'abord  
 
OrdinateurFixeMaison -------------------------------------LIvebox-------------------internet--------------PcPortable
Linux                                          priv:192.168.1.1    pub:compte dynDNS                    
eth0 192.168.1.20
tun0 10.8.0.1
 
Le serveur vpn est installer sur OrdinateurFixeMaison
 
/etc/openvpn/server.conf

Code :
  1. ;Port en écoute utilisé pour la connexion VPN
  2. port 1194
  4. tun-mtu 1400
  6. ;Protocole utilisé (Le protocole udp est plus sécurisé que le tcp)
  7. proto tcp-server
  9. ;Type d'interface réseau virtuelle créée
  10. dev tun
  12. ;Nom des fichiers servant à l'authentification des clients via OpenSSL
  13. ca ca.crt
  14. cert MaisonServeur.crt
  15. key MaisonServeur.key 
  16. dh dh1024.pem
  18. ;Adresse du réseau virtuel (Le serveur aura l'adresse 10.8.0.1)
  19. server 10.8.0.0 255.255.255.0
  21. # Cette ligne permet aux clients de voire les autres clients
  22. ;client-to-client
  24. keepalive 10 120
  26. ;Cette ligne active la compression
  27. comp-lzo
  29. ;Ces lignes indiquent un user et un group particulier pour le processus
  30. user openvpn
  31. group openvpn
  33. ;Ces lignes permettent de rendre persistante la connexion
  34. persist-key
  35. persist-tun
  37. status openvpn-status.log
  39. ;Cette ligne permet d'indiquer le niveau de log souhaité (de 1 à 9)
  40. verb 5


 
 
 
 
 
Maintenant sur le Pc Portable
 
 
/etc/openvpn/client.conf
 

Code :
  1. # On indique ici que l'on est un client.
  2. client
  4. # Mode dev tun pour mode routed IP
  5. ;dev tap
  6. dev tun
  8. tun-mtu 1400
  11. # On utilise le mode udp
  12. proto tcp-client
  13. ;proto udp
  15. # On spécifie l'adresse et le port pour le serveur
  16. remote XXX.XXXX.com 1194
  18. # On essaye indéfiniment de résoudre le nom s'hôte
  19. resolv-retry infinite
  21. # Most clients don't need to bind to
  22. # a specific local port number.
  23. nobind
  25. # Try to preserve some state across restarts.
  26. persist-key
  27. persist-tun
  29. # SSL/TLS parms.
  30. # See the server config file for more
  31. # description.  It's best to use
  32. # a separate .crt/.key file pair
  33. # for each client.  A single ca
  34. # file can be used for all clients.
  35. ca /etc/openvpn/ca.crt
  36. cert /etc/openvpn/clientPortableAcer.crt
  37. key /etc/openvpn/clientPortableAcer.key
  39. # Enable compression on the VPN link.
  40. # Don't enable this unless it is also
  41. # enabled in the server config file.
  42. comp-lzo
  44. # Set log file verbosity.
  45. verb 9


 
 
 
 
sur ma livebox j'ai ouvert le port 1194 en tcp sur l'adresse ip 10.8.0.1. Lorsque je lance openvpn sur le client voici ce qu'il me dit :
 

Code :
  1. [root@localhost openvpn]# openvpn client.conf
  2. Sat Apr 12 19:51:36 2008 OpenVPN 2.1_rc4 i586-mandriva-linux-gnu [SSL] [LZO2] [EPOLL] built on Dec  6 2007
  3. Sat Apr 12 19:51:36 2008 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
  4. Sat Apr 12 19:51:36 2008 LZO compression initialized
  5. Sat Apr 12 19:51:36 2008 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1400)
  6. Sat Apr 12 19:51:36 2008 Control Channel MTU parms [ L:1444 D:140 EF:40 EB:0 ET:0 EL:0 ]
  7. Sat Apr 12 19:51:36 2008 Data Channel MTU parms [ L:1444 D:1444 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
  8. Sat Apr 12 19:51:36 2008 Local Options hash (VER=V4): '7dfc3732'
  9. Sat Apr 12 19:51:36 2008 Expected Remote Options hash (VER=V4): '347277f0'
  10. Sat Apr 12 19:51:36 2008 Attempting to establish TCP connection with XX.XX.XX.XX:1194 [nonblock]
  11. Sat Apr 12 19:51:37 2008 TCP: connect to XX.XX.XX.XX:1194 failed, will try again in 5 seconds: Connection refused


 
 
 
Voila si quelqu'un pouvait m'aider, je l'en remercierais.
 
 
 
Gaetan


Message édité par Profil supprimé le 12-04-2008 à 19:57:56
Reply

Marsh Posté le 12-04-2008 à 19:57:24   

Reply

Marsh Posté le 13-04-2008 à 19:25:16    

un petit up si quelqu'un peut m'apporter quelques précisions !

Reply

Marsh Posté le 15-04-2008 à 16:07:42    

up

Reply

Marsh Posté le 15-04-2008 à 22:13:27    

Et coté client tu as quoi comme log ?


---------------
¡ Viva la Revolución !
Reply

Marsh Posté le 16-04-2008 à 15:51:35    

alors coté client j'ai ce que j'ai mit en dernier dans mon poste. Je suppose que tu veut parler coté serveur ? voici ce que j'ai coté serveur :
 
 

Code :
  1. Wed Apr 16 15:43:56 2008 OpenVPN 2.1_rc4 i586-mandriva-linux-gnu [SSL] [LZO2] [EPOLL] built on Dec  6 2007
  2. Wed Apr 16 15:43:56 2008 Diffie-Hellman initialized with 1024 bit key
  3. Wed Apr 16 15:43:56 2008 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1400)
  4. Wed Apr 16 15:43:56 2008 TLS-Auth MTU parms [ L:1444 D:140 EF:40 EB:0 ET:0 EL:0 ]
  5. Wed Apr 16 15:43:56 2008 TUN/TAP device tun0 opened
  6. Wed Apr 16 15:43:56 2008 TUN/TAP TX queue length set to 100
  7. Wed Apr 16 15:43:56 2008 /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1400
  8. Wed Apr 16 15:43:56 2008 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2
  9. Wed Apr 16 15:43:56 2008 Data Channel MTU parms [ L:1444 D:1444 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
  10. Wed Apr 16 15:43:56 2008 GID set to openvpn
  11. Wed Apr 16 15:43:56 2008 UID set to openvpn
  12. Wed Apr 16 15:43:56 2008 Listening for incoming TCP connection on [undef]:1194
  13. Wed Apr 16 15:43:56 2008 Socket Buffers: R=[87380->131072] S=[16384->131072]
  14. Wed Apr 16 15:43:56 2008 TCPv4_SERVER link local (bound): [undef]:1194
  15. Wed Apr 16 15:43:56 2008 TCPv4_SERVER link remote: [undef]
  16. Wed Apr 16 15:43:56 2008 MULTI: multi_init called, r=256 v=256
  17. Wed Apr 16 15:43:56 2008 IFCONFIG POOL: base=10.8.0.4 size=62
  18. Wed Apr 16 15:43:56 2008 IFCONFIG POOL LIST
  19. Wed Apr 16 15:43:56 2008 MULTI: TCP INIT maxclients=1024 maxevents=1028
  20. Wed Apr 16 15:43:56 2008 Initialization Sequence Completed


 
est ce que cela vous avance ?

Reply

Marsh Posté le 16-04-2008 à 19:02:45    

Là dans ton conf coté serveur on ne voit pas le client tenté de se log.
 
Pourrais tu faire une tentative de connexion et donner les logs des deux cotés stp ?


---------------
¡ Viva la Revolución !
Reply

Marsh Posté le 16-04-2008 à 22:11:59    

alors voici le log que j'ai récupérer sur le serveur , même après avoir essayer de me conecter avec un client sur le serveur ( mode verb 6) :

Code :
  1. Apr 16 22:02:23 localhost openvpn[6945]: Current Parameter Settings:
  2. Apr 16 22:02:23 localhost openvpn[6945]:   config = 'server.conf'
  3. Apr 16 22:02:23 localhost openvpn[6945]:   mode = 1
  4. Apr 16 22:02:23 localhost openvpn[6945]:   persist_config = DISABLED
  5. Apr 16 22:02:23 localhost openvpn[6945]:   persist_mode = 1
  6. Apr 16 22:02:23 localhost openvpn[6945]:   show_ciphers = DISABLED
  7. Apr 16 22:02:23 localhost openvpn[6945]:   show_digests = DISABLED
  8. Apr 16 22:02:23 localhost openvpn[6945]:   show_engines = DISABLED
  9. Apr 16 22:02:23 localhost openvpn[6945]:   genkey = DISABLED
  10. Apr 16 22:02:23 localhost openvpn[6945]:   key_pass_file = '[UNDEF]'
  11. Apr 16 22:02:23 localhost openvpn[6945]:   show_tls_ciphers = DISABLED
  12. Apr 16 22:02:23 localhost openvpn[6945]:   proto = 1
  13. Apr 16 22:02:23 localhost openvpn[6945]:   local = '[UNDEF]'
  14. Apr 16 22:02:23 localhost openvpn[6945]:   remote_list = NULL
  15. Apr 16 22:02:23 localhost openvpn[6945]:   remote_random = DISABLED
  16. Apr 16 22:02:23 localhost openvpn[6945]:   local_port = 1194
  17. Apr 16 22:02:23 localhost openvpn[6945]:   remote_port = 1194
  18. Apr 16 22:02:23 localhost openvpn[6945]:   remote_float = DISABLED
  19. Apr 16 22:02:23 localhost openvpn[6945]:   ipchange = '[UNDEF]'
  20. Apr 16 22:02:23 localhost openvpn[6945]:   bind_defined = DISABLED
  21. Apr 16 22:02:23 localhost openvpn[6945]:   bind_local = ENABLED
  22. Apr 16 22:02:23 localhost openvpn[6945]:   dev = 'tun'
  23. Apr 16 22:02:23 localhost openvpn[6945]:   dev_type = '[UNDEF]'
  24. Apr 16 22:02:23 localhost openvpn[6945]:   dev_node = '[UNDEF]'
  25. Apr 16 22:02:23 localhost openvpn[6945]:   lladdr = '[UNDEF]'
  26. Apr 16 22:02:23 localhost openvpn[6945]:   topology = 1
  27. Apr 16 22:02:23 localhost openvpn[6945]:   tun_ipv6 = DISABLED
  28. Apr 16 22:02:23 localhost openvpn[6945]:   ifconfig_local = '10.8.0.1'
  29. Apr 16 22:02:23 localhost openvpn[6945]:   ifconfig_remote_netmask = '10.8.0.2'
  30. Apr 16 22:02:23 localhost openvpn[6945]:   ifconfig_noexec = DISABLED
  31. Apr 16 22:02:23 localhost openvpn[6945]:   ifconfig_nowarn = DISABLED
  32. Apr 16 22:02:23 localhost openvpn[6945]:   shaper = 0
  33. Apr 16 22:02:23 localhost openvpn[6945]:   tun_mtu = 1400
  34. Apr 16 22:02:23 localhost openvpn[6945]:   tun_mtu_defined = ENABLED
  35. Apr 16 22:02:23 localhost openvpn[6945]:   link_mtu = 1500
  36. Apr 16 22:02:23 localhost openvpn[6945]:   link_mtu_defined = DISABLED
  37. Apr 16 22:02:23 localhost openvpn[6945]:   tun_mtu_extra = 0
  38. Apr 16 22:02:23 localhost openvpn[6945]:   tun_mtu_extra_defined = DISABLED
  39. Apr 16 22:02:23 localhost openvpn[6945]:   fragment = 0
  40. Apr 16 22:02:23 localhost openvpn[6945]:   mtu_discover_type = -1
  41. Apr 16 22:02:23 localhost openvpn[6945]:   mtu_test = 0
  42. Apr 16 22:02:23 localhost openvpn[6945]:   mlock = DISABLED
  43. Apr 16 22:02:23 localhost openvpn[6945]:   keepalive_ping = 10
  44. Apr 16 22:02:23 localhost openvpn[6945]:   keepalive_timeout = 120
  45. Apr 16 22:02:23 localhost openvpn[6945]:   inactivity_timeout = 0
  46. Apr 16 22:02:23 localhost openvpn[6945]:   ping_send_timeout = 10
  47. Apr 16 22:02:23 localhost openvpn[6945]:   ping_rec_timeout = 240
  48. Apr 16 22:02:23 localhost openvpn[6945]:   ping_rec_timeout_action = 2
  49. Apr 16 22:02:23 localhost openvpn[6945]:   ping_timer_remote = DISABLED
  50. Apr 16 22:02:23 localhost openvpn[6945]:   remap_sigusr1 = 0
  51. Apr 16 22:02:23 localhost openvpn[6945]:   explicit_exit_notification = 0
  52. Apr 16 22:02:23 localhost openvpn[6945]:   persist_tun = ENABLED
  53. Apr 16 22:02:23 localhost openvpn[6945]:   persist_local_ip = DISABLED
  54. Apr 16 22:02:23 localhost openvpn[6945]:   persist_remote_ip = DISABLED
  55. Apr 16 22:02:23 localhost openvpn[6945]:   persist_key = ENABLED
  56. Apr 16 22:02:23 localhost openvpn[6945]:   mssfix = 1450
  57. Apr 16 22:02:23 localhost openvpn[6945]:   passtos = DISABLED
  58. Apr 16 22:02:23 localhost openvpn[6945]:   resolve_retry_seconds = 1000000000
  59. Apr 16 22:02:23 localhost openvpn[6945]:   connect_retry_seconds = 5
  60. Apr 16 22:02:23 localhost openvpn[6945]:   connect_timeout = 10
  61. Apr 16 22:02:23 localhost openvpn[6945]:   connect_retry_max = 0
  62. Apr 16 22:02:23 localhost openvpn[6945]:   username = 'openvpn'
  63. Apr 16 22:02:23 localhost openvpn[6945]:   groupname = 'openvpn'
  64. Apr 16 22:02:23 localhost openvpn[6945]:   chroot_dir = '[UNDEF]'
  65. Apr 16 22:02:23 localhost openvpn[6945]:   cd_dir = '/etc/openvpn'
  66. Apr 16 22:02:23 localhost openvpn[6945]:   writepid = '/var/run/openvpn/server.pid'
  67. Apr 16 22:02:23 localhost openvpn[6945]:   up_script = '[UNDEF]'
  68. Apr 16 22:02:23 localhost openvpn[6945]:   down_script = '[UNDEF]'
  69. Apr 16 22:02:23 localhost openvpn[6945]:   down_pre = DISABLED
  70. Apr 16 22:02:23 localhost openvpn[6945]:   up_restart = DISABLED
  71. Apr 16 22:02:23 localhost openvpn[6945]:   up_delay = DISABLED
  72. Apr 16 22:02:23 localhost openvpn[6945]:   daemon = ENABLED
  73. Apr 16 22:02:23 localhost openvpn[6945]:   inetd = 0
  74. Apr 16 22:02:23 localhost openvpn[6945]:   log = DISABLED
  75. Apr 16 22:02:23 localhost openvpn[6945]:   suppress_timestamps = DISABLED
  76. Apr 16 22:02:23 localhost openvpn[6945]:   nice = 0
  77. Apr 16 22:02:23 localhost openvpn[6945]:   verbosity = 6
  78. Apr 16 22:02:23 localhost openvpn[6945]:   mute = 0
  79. Apr 16 22:02:23 localhost openvpn[6945]:   gremlin = 0
  80. Apr 16 22:02:23 localhost openvpn[6945]:   status_file = 'openvpn-status.log'
  81. Apr 16 22:02:23 localhost openvpn[6945]:   status_file_version = 1
  82. Apr 16 22:02:23 localhost openvpn[6945]:   status_file_update_freq = 60
  83. Apr 16 22:02:23 localhost openvpn[6945]:   occ = ENABLED
  84. Apr 16 22:02:23 localhost openvpn[6945]:   rcvbuf = 65536
  85. Apr 16 22:02:23 localhost openvpn[6945]:   sndbuf = 65536
  86. Apr 16 22:02:23 localhost openvpn[6945]:   sockflags = 0
  87. Apr 16 22:02:23 localhost openvpn[6945]:   socks_proxy_server = '[UNDEF]'
  88. Apr 16 22:02:23 localhost openvpn[6945]:   socks_proxy_port = 0
  89. Apr 16 22:02:23 localhost openvpn[6945]:   socks_proxy_retry = DISABLED
  90. Apr 16 22:02:23 localhost openvpn[6945]:   fast_io = DISABLED
  91. Apr 16 22:02:23 localhost openvpn[6945]:   lzo = 7
  92. Apr 16 22:02:23 localhost openvpn[6945]:   route_script = '[UNDEF]'
  93. Apr 16 22:02:23 localhost openvpn[6945]:   route_default_gateway = '[UNDEF]'
  94. Apr 16 22:02:23 localhost openvpn[6945]:   route_default_metric = 0
  95. Apr 16 22:02:23 localhost openvpn[6945]:   route_noexec = DISABLED
  96. Apr 16 22:02:23 localhost openvpn[6945]:   route_delay = 0
  97. Apr 16 22:02:23 localhost openvpn[6945]:   route_delay_window = 30
  98. Apr 16 22:02:23 localhost openvpn[6945]:   route_delay_defined = DISABLED
  99. Apr 16 22:02:23 localhost openvpn[6945]:   route_nopull = DISABLED
  100. Apr 16 22:02:23 localhost openvpn[6945]:   route 10.8.0.0/255.255.255.0/nil/nil
  101. Apr 16 22:02:23 localhost openvpn[6945]:   management_addr = '[UNDEF]'
  102. Apr 16 22:02:23 localhost openvpn[6945]:   management_port = 0
  103. Apr 16 22:02:23 localhost openvpn[6945]:   management_user_pass = '[UNDEF]'
  104. Apr 16 22:02:23 localhost openvpn[6945]:   management_log_history_cache = 250
  105. Apr 16 22:02:23 localhost openvpn[6945]:   management_echo_buffer_size = 100
  106. Apr 16 22:02:23 localhost openvpn[6945]:   management_query_passwords = DISABLED
  107. Apr 16 22:02:23 localhost openvpn[6945]:   management_hold = DISABLED
  108. Apr 16 22:02:23 localhost openvpn[6945]:   management_client = DISABLED
  109. Apr 16 22:02:23 localhost openvpn[6945]:   management_write_peer_info_file = '[UNDEF]'
  110. Apr 16 22:02:23 localhost openvpn[6945]:   shared_secret_file = '[UNDEF]'
  111. Apr 16 22:02:23 localhost openvpn[6945]:   key_direction = 0
  112. Apr 16 22:02:23 localhost openvpn[6945]:   ciphername_defined = ENABLED
  113. Apr 16 22:02:23 localhost openvpn[6945]:   ciphername = 'BF-CBC'
  114. Apr 16 22:02:23 localhost openvpn[6945]:   authname_defined = ENABLED
  115. Apr 16 22:02:23 localhost openvpn[6945]:   authname = 'SHA1'
  116. Apr 16 22:02:23 localhost openvpn[6945]:   keysize = 0
  117. Apr 16 22:02:23 localhost openvpn[6945]:   engine = DISABLED
  118. Apr 16 22:02:23 localhost openvpn[6945]:   replay = ENABLED
  119. Apr 16 22:02:23 localhost openvpn[6945]:   mute_replay_warnings = DISABLED
  120. Apr 16 22:02:23 localhost openvpn[6945]:   replay_window = 0
  121. Apr 16 22:02:23 localhost openvpn[6945]:   replay_time = 0
  122. Apr 16 22:02:23 localhost openvpn[6945]:   packet_id_file = '[UNDEF]'
  123. Apr 16 22:02:23 localhost openvpn[6945]:   use_iv = ENABLED
  124. Apr 16 22:02:23 localhost openvpn[6945]:   test_crypto = DISABLED
  125. Apr 16 22:02:23 localhost openvpn[6945]:   tls_server = ENABLED
  126. Apr 16 22:02:23 localhost openvpn[6945]:   tls_client = DISABLED
  127. Apr 16 22:02:23 localhost openvpn[6945]:   key_method = 2
  128. Apr 16 22:02:23 localhost openvpn[6945]:   ca_file = 'ca.crt'
  129. Apr 16 22:02:23 localhost openvpn[6945]:   ca_path = '[UNDEF]'
  130. Apr 16 22:02:23 localhost openvpn[6945]:   dh_file = 'dh1024.pem'
  131. Apr 16 22:02:23 localhost openvpn[6945]:   cert_file = 'MaisonServeur.crt'
  132. Apr 16 22:02:23 localhost openvpn[6945]:   priv_key_file = 'MaisonServeur.key'
  133. Apr 16 22:02:23 localhost openvpn[6945]:   pkcs12_file = '[UNDEF]'
  134. Apr 16 22:02:23 localhost openvpn[6945]:   cipher_list = '[UNDEF]'
  135. Apr 16 22:02:23 localhost openvpn[6945]:   tls_verify = '[UNDEF]'
  136. Apr 16 22:02:23 localhost openvpn[6945]:   tls_remote = '[UNDEF]'
  137. Apr 16 22:02:23 localhost openvpn[6945]:   crl_file = '[UNDEF]'
  138. Apr 16 22:02:23 localhost openvpn[6945]:   ns_cert_type = 0
  139. Apr 16 22:02:23 localhost openvpn[6945]:   remote_cert_ku[i] = 0
  140. Apr 16 22:02:23 localhost last message repeated 15 times
  141. Apr 16 22:02:23 localhost openvpn[6945]:   remote_cert_eku = '[UNDEF]'
  142. Apr 16 22:02:23 localhost openvpn[6945]:   tls_timeout = 2
  143. Apr 16 22:02:23 localhost openvpn[6945]:   renegotiate_bytes = 0
  144. Apr 16 22:02:23 localhost openvpn[6945]:   renegotiate_packets = 0
  145. Apr 16 22:02:23 localhost openvpn[6945]:   renegotiate_seconds = 3600
  146. Apr 16 22:02:23 localhost openvpn[6945]:   handshake_window = 60
  147. Apr 16 22:02:23 localhost openvpn[6945]:   transition_window = 3600
  148. Apr 16 22:02:23 localhost openvpn[6945]:   single_session = DISABLED
  149. Apr 16 22:02:23 localhost openvpn[6945]:   tls_exit = DISABLED
  150. Apr 16 22:02:23 localhost openvpn[6945]:   tls_auth_file = '[UNDEF]'
  151. Apr 16 22:02:23 localhost openvpn[6945]:   pkcs11_protected_authentication = DISABLED
  152. Apr 16 22:02:23 localhost last message repeated 15 times
  153. Apr 16 22:02:23 localhost openvpn[6945]:   pkcs11_cert_private = DISABLED
  154. Apr 16 22:02:23 localhost last message repeated 15 times
  155. Apr 16 22:02:23 localhost openvpn[6945]:   pkcs11_pin_cache_period = -1
  156. Apr 16 22:02:23 localhost openvpn[6945]:   pkcs11_slot_type = '[UNDEF]'
  157. Apr 16 22:02:23 localhost openvpn[6945]:   pkcs11_slot = '[UNDEF]'
  158. Apr 16 22:02:23 localhost openvpn[6945]:   pkcs11_id_type = '[UNDEF]'
  159. Apr 16 22:02:23 localhost openvpn[6945]:   pkcs11_id = '[UNDEF]'
  160. Apr 16 22:02:23 localhost openvpn[6945]:   server_network = 10.8.0.0
  161. Apr 16 22:02:23 localhost openvpn[6945]:   server_netmask = 255.255.255.0
  162. Apr 16 22:02:23 localhost openvpn[6945]:   server_bridge_ip = 0.0.0.0
  163. Apr 16 22:02:23 localhost openvpn[6945]:   server_bridge_netmask = 0.0.0.0
  164. Apr 16 22:02:23 localhost openvpn[6945]:   server_bridge_pool_start = 0.0.0.0
  165. Apr 16 22:02:23 localhost openvpn[6945]:   server_bridge_pool_end = 0.0.0.0
  166. Apr 16 22:02:23 localhost openvpn[6945]:   push_list = 'route 10.8.0.1,topology net30,ping 10,ping-restart 120'
  167. Apr 16 22:02:23 localhost openvpn[6945]:   ifconfig_pool_defined = ENABLED
  168. Apr 16 22:02:23 localhost openvpn[6945]:   ifconfig_pool_start = 10.8.0.4
  169. Apr 16 22:02:23 localhost openvpn[6945]:   ifconfig_pool_end = 10.8.0.251
  170. Apr 16 22:02:23 localhost openvpn[6945]:   ifconfig_pool_netmask = 0.0.0.0
  171. Apr 16 22:02:23 localhost openvpn[6945]:   ifconfig_pool_persist_filename = '[UNDEF]'
  172. Apr 16 22:02:23 localhost openvpn[6945]:   ifconfig_pool_persist_refresh_freq = 600
  173. Apr 16 22:02:23 localhost openvpn[6945]:   n_bcast_buf = 256
  174. Apr 16 22:02:23 localhost openvpn[6945]:   tcp_queue_limit = 64
  175. Apr 16 22:02:23 localhost openvpn[6945]:   real_hash_size = 256
  176. Apr 16 22:02:23 localhost openvpn[6945]:   virtual_hash_size = 256
  177. Apr 16 22:02:23 localhost openvpn[6945]:   client_connect_script = '[UNDEF]'
  178. Apr 16 22:02:23 localhost openvpn[6945]:   learn_address_script = '[UNDEF]'
  179. Apr 16 22:02:23 localhost openvpn[6945]:   client_disconnect_script = '[UNDEF]'
  180. Apr 16 22:02:23 localhost openvpn[6945]:   client_config_dir = '[UNDEF]'
  181. Apr 16 22:02:23 localhost openvpn[6945]:   ccd_exclusive = DISABLED
  182. Apr 16 22:02:23 localhost openvpn[6945]:   tmp_dir = '[UNDEF]'
  183. Apr 16 22:02:23 localhost openvpn[6945]:   push_ifconfig_defined = DISABLED
  184. Apr 16 22:02:23 localhost openvpn[6945]:   push_ifconfig_local = 0.0.0.0
  185. Apr 16 22:02:23 localhost openvpn[6945]:   push_ifconfig_remote_netmask = 0.0.0.0
  186. Apr 16 22:02:23 localhost openvpn[6945]:   enable_c2c = DISABLED
  187. Apr 16 22:02:23 localhost openvpn[6945]:   duplicate_cn = DISABLED
  188. Apr 16 22:02:23 localhost openvpn[6945]:   cf_max = 0
  189. Apr 16 22:02:23 localhost openvpn[6945]:   cf_per = 0
  190. Apr 16 22:02:23 localhost openvpn[6945]:   max_clients = 1024
  191. Apr 16 22:02:23 localhost openvpn[6945]:   max_routes_per_client = 256
  192. Apr 16 22:02:23 localhost openvpn[6945]:   client_cert_not_required = DISABLED
  193. Apr 16 22:02:23 localhost openvpn[6945]:   username_as_common_name = DISABLED
  194. Apr 16 22:02:23 localhost openvpn[6945]:   auth_user_pass_verify_script = '[UNDEF]'
  195. Apr 16 22:02:23 localhost openvpn[6945]:   auth_user_pass_verify_script_via_file = DISABLED
  196. Apr 16 22:02:23 localhost openvpn[6945]:   port_share_host = '[UNDEF]'
  197. Apr 16 22:02:23 localhost openvpn[6945]:   port_share_port = 0
  198. Apr 16 22:02:23 localhost openvpn[6945]:   client = DISABLED
  199. Apr 16 22:02:23 localhost openvpn[6945]:   pull = DISABLED
  200. Apr 16 22:02:23 localhost openvpn[6945]:   auth_user_pass_file = '[UNDEF]'
  201. Apr 16 22:02:23 localhost openvpn[6945]: OpenVPN 2.1_rc4 i586-mandriva-linux-gnu [SSL] [LZO2] [EPOLL] built on Dec  6 2007
  202. Apr 16 22:02:23 localhost openvpn[6945]: Diffie-Hellman initialized with 1024 bit key
  203. Apr 16 22:02:23 localhost openvpn[6945]: WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1400)
  204. Apr 16 22:02:23 localhost openvpn[6945]: TLS-Auth MTU parms [ L:1444 D:140 EF:40 EB:0 ET:0 EL:0 ]
  205. Apr 16 22:02:23 localhost kernel: tun0: Disabled Privacy Extensions
  206. Apr 16 22:02:23 localhost openvpn[6945]: TUN/TAP device tun0 opened
  207. Apr 16 22:02:23 localhost openvpn[6945]: TUN/TAP TX queue length set to 100
  208. Apr 16 22:02:23 localhost openvpn[6945]: /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1400
  209. Apr 16 22:02:23 localhost openvpn[6945]: /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2
  210. Apr 16 22:02:23 localhost openvpn[6945]: Data Channel MTU parms [ L:1444 D:1444 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
  211. Apr 16 22:02:23 localhost openvpn[6951]: GID set to openvpn
  212. Apr 16 22:02:23 localhost openvpn[6951]: UID set to openvpn
  213. Apr 16 22:02:23 localhost openvpn[6951]: Listening for incoming TCP connection on [undef]:1194
  214. Apr 16 22:02:23 localhost openvpn[6951]: Socket Buffers: R=[87380->131072] S=[16384->131072]
  215. Apr 16 22:02:23 localhost openvpn[6951]: TCPv4_SERVER link local (bound): [undef]:1194
  216. Apr 16 22:02:23 localhost openvpn[6951]: TCPv4_SERVER link remote: [undef]
  217. Apr 16 22:02:23 localhost openvpn[6951]: MULTI: multi_init called, r=256 v=256
  218. Apr 16 22:02:23 localhost openvpn[6951]: IFCONFIG POOL: base=10.8.0.4 size=62
  219. Apr 16 22:02:23 localhost openvpn[6951]: MULTI: TCP INIT maxclients=1024 maxevents=1028
  220. Apr 16 22:02:23 localhost openvpn[6951]: Initialization Sequence Completed


 
 
 
Maintenant voici ce que j'ai sur le client :
 
 

Code :
  1. [root@localhost openvpn]# openvpn client.conf
  2. Wed Apr 16 22:04:12 2008 us=831833 Current Parameter Settings:
  3. Wed Apr 16 22:04:12 2008 us=831925   config = 'client.conf'
  4. Wed Apr 16 22:04:12 2008 us=831940   mode = 0
  5. Wed Apr 16 22:04:12 2008 us=831954   persist_config = DISABLED
  6. Wed Apr 16 22:04:12 2008 us=831968   persist_mode = 1
  7. Wed Apr 16 22:04:12 2008 us=831980   show_ciphers = DISABLED
  8. Wed Apr 16 22:04:12 2008 us=831993   show_digests = DISABLED
  9. Wed Apr 16 22:04:12 2008 us=832006   show_engines = DISABLED
  10. Wed Apr 16 22:04:12 2008 us=832018   genkey = DISABLED
  11. Wed Apr 16 22:04:12 2008 us=832036   key_pass_file = '[UNDEF]'
  12. Wed Apr 16 22:04:12 2008 us=832049   show_tls_ciphers = DISABLED
  13. Wed Apr 16 22:04:12 2008 us=832061   proto = 2
  14. Wed Apr 16 22:04:12 2008 us=832077   local = '[UNDEF]'
  15. Wed Apr 16 22:04:12 2008 us=832093   remote_list[0] = {'mondomaine.com', 1194}
  16. Wed Apr 16 22:04:12 2008 us=832107   remote_random = DISABLED
  17. Wed Apr 16 22:04:12 2008 us=832123   local_port = 0
  18. Wed Apr 16 22:04:12 2008 us=832137   remote_port = 1194
  19. Wed Apr 16 22:04:12 2008 us=832149   remote_float = DISABLED
  20. Wed Apr 16 22:04:12 2008 us=832165   ipchange = '[UNDEF]'
  21. Wed Apr 16 22:04:12 2008 us=832178   bind_defined = DISABLED
  22. Wed Apr 16 22:04:12 2008 us=832190   bind_local = DISABLED
  23. Wed Apr 16 22:04:12 2008 us=832206   dev = 'tun'
  24. Wed Apr 16 22:04:12 2008 us=832219   dev_type = '[UNDEF]'
  25. Wed Apr 16 22:04:12 2008 us=832231   dev_node = '[UNDEF]'
  26. Wed Apr 16 22:04:12 2008 us=832246   lladdr = '[UNDEF]'
  27. Wed Apr 16 22:04:12 2008 us=832260   topology = 1
  28. Wed Apr 16 22:04:12 2008 us=832271   tun_ipv6 = DISABLED
  29. Wed Apr 16 22:04:12 2008 us=832287   ifconfig_local = '[UNDEF]'
  30. Wed Apr 16 22:04:12 2008 us=832301   ifconfig_remote_netmask = '[UNDEF]'
  31. Wed Apr 16 22:04:12 2008 us=832313   ifconfig_noexec = DISABLED
  32. Wed Apr 16 22:04:12 2008 us=832328   ifconfig_nowarn = DISABLED
  33. Wed Apr 16 22:04:12 2008 us=832341   shaper = 0
  34. Wed Apr 16 22:04:12 2008 us=832353   tun_mtu = 1400
  35. Wed Apr 16 22:04:12 2008 us=832369   tun_mtu_defined = ENABLED
  36. Wed Apr 16 22:04:12 2008 us=832382   link_mtu = 1500
  37. Wed Apr 16 22:04:12 2008 us=832394   link_mtu_defined = DISABLED
  38. Wed Apr 16 22:04:12 2008 us=832410   tun_mtu_extra = 0
  39. Wed Apr 16 22:04:12 2008 us=832423   tun_mtu_extra_defined = DISABLED
  40. Wed Apr 16 22:04:12 2008 us=832441   fragment = 0
  41. Wed Apr 16 22:04:12 2008 us=832455   mtu_discover_type = -1
  42. Wed Apr 16 22:04:12 2008 us=832474   mtu_test = 0
  43. Wed Apr 16 22:04:12 2008 us=832487   mlock = DISABLED
  44. Wed Apr 16 22:04:12 2008 us=832499   keepalive_ping = 0
  45. Wed Apr 16 22:04:12 2008 us=832511   keepalive_timeout = 0
  46. Wed Apr 16 22:04:12 2008 us=832525   inactivity_timeout = 0
  47. Wed Apr 16 22:04:12 2008 us=832543   ping_send_timeout = 0
  48. Wed Apr 16 22:04:12 2008 us=832556   ping_rec_timeout = 0
  49. Wed Apr 16 22:04:12 2008 us=832567   ping_rec_timeout_action = 0
  50. Wed Apr 16 22:04:12 2008 us=832583   ping_timer_remote = DISABLED
  51. Wed Apr 16 22:04:12 2008 us=832595   remap_sigusr1 = 0
  52. Wed Apr 16 22:04:12 2008 us=832609   explicit_exit_notification = 0
  53. Wed Apr 16 22:04:12 2008 us=832626   persist_tun = ENABLED
  54. Wed Apr 16 22:04:12 2008 us=832638   persist_local_ip = DISABLED
  55. Wed Apr 16 22:04:12 2008 us=832652   persist_remote_ip = DISABLED
  56. Wed Apr 16 22:04:12 2008 us=832676   persist_key = ENABLED
  57. Wed Apr 16 22:04:12 2008 us=832689   mssfix = 1450
  58. Wed Apr 16 22:04:12 2008 us=832703   passtos = DISABLED
  59. Wed Apr 16 22:04:12 2008 us=832715   resolve_retry_seconds = 1000000000
  60. Wed Apr 16 22:04:12 2008 us=832728   connect_retry_seconds = 5
  61. Wed Apr 16 22:04:12 2008 us=832778   connect_timeout = 10
  62. Wed Apr 16 22:04:12 2008 us=832818   connect_retry_max = 0
  63. Wed Apr 16 22:04:12 2008 us=832857   username = '[UNDEF]'
  64. Wed Apr 16 22:04:12 2008 us=832896   groupname = '[UNDEF]'
  65. Wed Apr 16 22:04:12 2008 us=832934   chroot_dir = '[UNDEF]'
  66. Wed Apr 16 22:04:12 2008 us=832973   cd_dir = '[UNDEF]'
  67. Wed Apr 16 22:04:12 2008 us=833012   writepid = '[UNDEF]'
  68. Wed Apr 16 22:04:12 2008 us=833027   up_script = '[UNDEF]'
  69. Wed Apr 16 22:04:12 2008 us=833041   down_script = '[UNDEF]'
  70. Wed Apr 16 22:04:12 2008 us=833054   down_pre = DISABLED
  71. Wed Apr 16 22:04:12 2008 us=833066   up_restart = DISABLED
  72. Wed Apr 16 22:04:12 2008 us=833079   up_delay = DISABLED
  73. Wed Apr 16 22:04:12 2008 us=833091   daemon = DISABLED
  74. Wed Apr 16 22:04:12 2008 us=833104   inetd = 0
  75. Wed Apr 16 22:04:12 2008 us=833121   log = DISABLED
  76. Wed Apr 16 22:04:12 2008 us=833134   suppress_timestamps = DISABLED
  77. Wed Apr 16 22:04:12 2008 us=833146   nice = 0
  78. Wed Apr 16 22:04:12 2008 us=833161   verbosity = 6
  79. Wed Apr 16 22:04:12 2008 us=833173   mute = 0
  80. Wed Apr 16 22:04:12 2008 us=833187   gremlin = 0
  81. Wed Apr 16 22:04:12 2008 us=833203   status_file = '[UNDEF]'
  82. Wed Apr 16 22:04:12 2008 us=833216   status_file_version = 1
  83. Wed Apr 16 22:04:12 2008 us=833228   status_file_update_freq = 60
  84. Wed Apr 16 22:04:12 2008 us=833244   occ = ENABLED
  85. Wed Apr 16 22:04:12 2008 us=833257   rcvbuf = 65536
  86. Wed Apr 16 22:04:12 2008 us=833269   sndbuf = 65536
  87. Wed Apr 16 22:04:12 2008 us=833284   sockflags = 0
  88. Wed Apr 16 22:04:12 2008 us=833300   socks_proxy_server = '[UNDEF]'
  89. Wed Apr 16 22:04:12 2008 us=833313   socks_proxy_port = 0
  90. Wed Apr 16 22:04:12 2008 us=833329   socks_proxy_retry = DISABLED
  91. Wed Apr 16 22:04:12 2008 us=833342   fast_io = DISABLED
  92. Wed Apr 16 22:04:12 2008 us=833353   lzo = 7
  93. Wed Apr 16 22:04:12 2008 us=833369   route_script = '[UNDEF]'
  94. Wed Apr 16 22:04:12 2008 us=833383   route_default_gateway = '[UNDEF]'
  95. Wed Apr 16 22:04:12 2008 us=833395   route_default_metric = 0
  96. Wed Apr 16 22:04:12 2008 us=833409   route_noexec = DISABLED
  97. Wed Apr 16 22:04:12 2008 us=833421   route_delay = 0
  98. Wed Apr 16 22:04:12 2008 us=833435   route_delay_window = 30
  99. Wed Apr 16 22:04:12 2008 us=833451   route_delay_defined = DISABLED
  100. Wed Apr 16 22:04:12 2008 us=833464   route_nopull = DISABLED
  101. Wed Apr 16 22:04:12 2008 us=833476   management_addr = '[UNDEF]'
  102. Wed Apr 16 22:04:12 2008 us=833491   management_port = 0
  103. Wed Apr 16 22:04:12 2008 us=833504   management_user_pass = '[UNDEF]'
  104. Wed Apr 16 22:04:12 2008 us=833517   management_log_history_cache = 250
  105. Wed Apr 16 22:04:12 2008 us=833533   management_echo_buffer_size = 100
  106. Wed Apr 16 22:04:12 2008 us=833546   management_query_passwords = DISABLED
  107. Wed Apr 16 22:04:12 2008 us=833558   management_hold = DISABLED
  108. Wed Apr 16 22:04:12 2008 us=833575   management_client = DISABLED
  109. Wed Apr 16 22:04:12 2008 us=833588   management_write_peer_info_file = '[UNDEF]'
  110. Wed Apr 16 22:04:12 2008 us=833601   shared_secret_file = '[UNDEF]'
  111. Wed Apr 16 22:04:12 2008 us=833618   key_direction = 0
  112. Wed Apr 16 22:04:12 2008 us=833630   ciphername_defined = ENABLED
  113. Wed Apr 16 22:04:12 2008 us=833645   ciphername = 'BF-CBC'
  114. Wed Apr 16 22:04:12 2008 us=833660   authname_defined = ENABLED
  115. Wed Apr 16 22:04:12 2008 us=833674   authname = 'SHA1'
  116. Wed Apr 16 22:04:12 2008 us=833686   keysize = 0
  117. Wed Apr 16 22:04:12 2008 us=833702   engine = DISABLED
  118. Wed Apr 16 22:04:12 2008 us=833715   replay = ENABLED
  119. Wed Apr 16 22:04:12 2008 us=833727   mute_replay_warnings = DISABLED
  120. Wed Apr 16 22:04:12 2008 us=833743   replay_window = 0
  121. Wed Apr 16 22:04:12 2008 us=833756   replay_time = 0
  122. Wed Apr 16 22:04:12 2008 us=833768   packet_id_file = '[UNDEF]'
  123. Wed Apr 16 22:04:12 2008 us=833783   use_iv = ENABLED
  124. Wed Apr 16 22:04:12 2008 us=833796   test_crypto = DISABLED
  125. Wed Apr 16 22:04:12 2008 us=833812   tls_server = DISABLED
  126. Wed Apr 16 22:04:12 2008 us=833825   tls_client = ENABLED
  127. Wed Apr 16 22:04:12 2008 us=833837   key_method = 2
  128. Wed Apr 16 22:04:12 2008 us=833852   ca_file = '/etc/openvpn/ca.crt'
  129. Wed Apr 16 22:04:12 2008 us=833865   ca_path = '[UNDEF]'
  130. Wed Apr 16 22:04:12 2008 us=833878   dh_file = '[UNDEF]'
  131. Wed Apr 16 22:04:12 2008 us=833895   cert_file = '/etc/openvpn/clientPortableAcer.crt'
  132. Wed Apr 16 22:04:12 2008 us=833908   priv_key_file = '/etc/openvpn/clientPortableAcer.key'
  133. Wed Apr 16 22:04:12 2008 us=833921   pkcs12_file = '[UNDEF]'
  134. Wed Apr 16 22:04:12 2008 us=833936   cipher_list = '[UNDEF]'
  135. Wed Apr 16 22:04:12 2008 us=833949   tls_verify = '[UNDEF]'
  136. Wed Apr 16 22:04:12 2008 us=833961   tls_remote = '[UNDEF]'
  137. Wed Apr 16 22:04:12 2008 us=833978   crl_file = '[UNDEF]'
  138. Wed Apr 16 22:04:12 2008 us=833991   ns_cert_type = 0
  139. Wed Apr 16 22:04:12 2008 us=834003   remote_cert_ku[i] = 0
  140. Wed Apr 16 22:04:12 2008 us=834018   remote_cert_ku[i] = 0
  141. Wed Apr 16 22:04:12 2008 us=834031   remote_cert_ku[i] = 0
  142. Wed Apr 16 22:04:12 2008 us=834043   remote_cert_ku[i] = 0
  143. Wed Apr 16 22:04:12 2008 us=834058   remote_cert_ku[i] = 0
  144. Wed Apr 16 22:04:12 2008 us=834070   remote_cert_ku[i] = 0
  145. Wed Apr 16 22:04:12 2008 us=834082   remote_cert_ku[i] = 0
  146. Wed Apr 16 22:04:12 2008 us=834098   remote_cert_ku[i] = 0
  147. Wed Apr 16 22:04:12 2008 us=834111   remote_cert_ku[i] = 0
  148. Wed Apr 16 22:04:12 2008 us=834122   remote_cert_ku[i] = 0
  149. Wed Apr 16 22:04:12 2008 us=834138   remote_cert_ku[i] = 0
  150. Wed Apr 16 22:04:12 2008 us=834150   remote_cert_ku[i] = 0
  151. Wed Apr 16 22:04:12 2008 us=834164   remote_cert_ku[i] = 0
  152. Wed Apr 16 22:04:12 2008 us=834180   remote_cert_ku[i] = 0
  153. Wed Apr 16 22:04:12 2008 us=834193   remote_cert_ku[i] = 0
  154. Wed Apr 16 22:04:12 2008 us=834205   remote_cert_ku[i] = 0
  155. Wed Apr 16 22:04:12 2008 us=834221   remote_cert_eku = '[UNDEF]'
  156. Wed Apr 16 22:04:12 2008 us=834234   tls_timeout = 2
  157. Wed Apr 16 22:04:12 2008 us=834246   renegotiate_bytes = 0
  158. Wed Apr 16 22:04:12 2008 us=834262   renegotiate_packets = 0
  159. Wed Apr 16 22:04:12 2008 us=834275   renegotiate_seconds = 3600
  160. Wed Apr 16 22:04:12 2008 us=834287   handshake_window = 60
  161. Wed Apr 16 22:04:12 2008 us=834303   transition_window = 3600
  162. Wed Apr 16 22:04:12 2008 us=834316   single_session = DISABLED
  163. Wed Apr 16 22:04:12 2008 us=834328   tls_exit = DISABLED
  164. Wed Apr 16 22:04:12 2008 us=834344   tls_auth_file = '[UNDEF]'
  165. Wed Apr 16 22:04:12 2008 us=834358   pkcs11_protected_authentication = DISABLED
  166. Wed Apr 16 22:04:12 2008 us=834370   pkcs11_protected_authentication = DISABLED
  167. Wed Apr 16 22:04:12 2008 us=834386   pkcs11_protected_authentication = DISABLED
  168. Wed Apr 16 22:04:12 2008 us=834399   pkcs11_protected_authentication = DISABLED
  169. Wed Apr 16 22:04:12 2008 us=834411   pkcs11_protected_authentication = DISABLED
  170. Wed Apr 16 22:04:12 2008 us=834427   pkcs11_protected_authentication = DISABLED
  171. Wed Apr 16 22:04:12 2008 us=834440   pkcs11_protected_authentication = DISABLED
  172. Wed Apr 16 22:04:12 2008 us=834452   pkcs11_protected_authentication = DISABLED
  173. Wed Apr 16 22:04:12 2008 us=834468   pkcs11_protected_authentication = DISABLED
  174. Wed Apr 16 22:04:12 2008 us=834481   pkcs11_protected_authentication = DISABLED
  175. Wed Apr 16 22:04:12 2008 us=834494   pkcs11_protected_authentication = DISABLED
  176. Wed Apr 16 22:04:12 2008 us=834509   pkcs11_protected_authentication = DISABLED
  177. Wed Apr 16 22:04:12 2008 us=834522   pkcs11_protected_authentication = DISABLED
  178. Wed Apr 16 22:04:12 2008 us=834534   pkcs11_protected_authentication = DISABLED
  179. Wed Apr 16 22:04:12 2008 us=834550   pkcs11_protected_authentication = DISABLED
  180. Wed Apr 16 22:04:12 2008 us=834564   pkcs11_protected_authentication = DISABLED
  181. Wed Apr 16 22:04:12 2008 us=834576   pkcs11_cert_private = DISABLED
  182. Wed Apr 16 22:04:12 2008 us=834592   pkcs11_cert_private = DISABLED
  183. Wed Apr 16 22:04:12 2008 us=834605   pkcs11_cert_private = DISABLED
  184. Wed Apr 16 22:04:12 2008 us=834617   pkcs11_cert_private = DISABLED
  185. Wed Apr 16 22:04:12 2008 us=834633   pkcs11_cert_private = DISABLED
  186. Wed Apr 16 22:04:12 2008 us=834646   pkcs11_cert_private = DISABLED
  187. Wed Apr 16 22:04:12 2008 us=834658   pkcs11_cert_private = DISABLED
  188. Wed Apr 16 22:04:12 2008 us=834673   pkcs11_cert_private = DISABLED
  189. Wed Apr 16 22:04:12 2008 us=834686   pkcs11_cert_private = DISABLED
  190. Wed Apr 16 22:04:12 2008 us=834698   pkcs11_cert_private = DISABLED
  191. Wed Apr 16 22:04:12 2008 us=834714   pkcs11_cert_private = DISABLED
  192. Wed Apr 16 22:04:12 2008 us=834727   pkcs11_cert_private = DISABLED
  193. Wed Apr 16 22:04:12 2008 us=834738   pkcs11_cert_private = DISABLED
  194. Wed Apr 16 22:04:12 2008 us=834754   pkcs11_cert_private = DISABLED
  195. Wed Apr 16 22:04:12 2008 us=834767   pkcs11_cert_private = DISABLED
  196. Wed Apr 16 22:04:12 2008 us=834779   pkcs11_cert_private = DISABLED
  197. Wed Apr 16 22:04:12 2008 us=834792   pkcs11_pin_cache_period = -1
  198. Wed Apr 16 22:04:12 2008 us=834805   pkcs11_slot_type = '[UNDEF]'
  199. Wed Apr 16 22:04:12 2008 us=834818   pkcs11_slot = '[UNDEF]'
  200. Wed Apr 16 22:04:12 2008 us=834830   pkcs11_id_type = '[UNDEF]'
  201. Wed Apr 16 22:04:12 2008 us=834846   pkcs11_id = '[UNDEF]'
  202. Wed Apr 16 22:04:12 2008 us=834870   server_network = 0.0.0.0
  203. Wed Apr 16 22:04:12 2008 us=834889   server_netmask = 0.0.0.0
  204. Wed Apr 16 22:04:12 2008 us=834902   server_bridge_ip = 0.0.0.0
  205. Wed Apr 16 22:04:12 2008 us=834919   server_bridge_netmask = 0.0.0.0
  206. Wed Apr 16 22:04:12 2008 us=834936   server_bridge_pool_start = 0.0.0.0
  207. Wed Apr 16 22:04:12 2008 us=834950   server_bridge_pool_end = 0.0.0.0
  208. Wed Apr 16 22:04:12 2008 us=834964   ifconfig_pool_defined = DISABLED
  209. Wed Apr 16 22:04:12 2008 us=834981   ifconfig_pool_start = 0.0.0.0
  210. Wed Apr 16 22:04:12 2008 us=834994   ifconfig_pool_end = 0.0.0.0
  211. Wed Apr 16 22:04:12 2008 us=835009   ifconfig_pool_netmask = 0.0.0.0
  212. Wed Apr 16 22:04:12 2008 us=835025   ifconfig_pool_persist_filename = '[UNDEF]'
  213. Wed Apr 16 22:04:12 2008 us=835038   ifconfig_pool_persist_refresh_freq = 600
  214. Wed Apr 16 22:04:12 2008 us=835050   n_bcast_buf = 256
  215. Wed Apr 16 22:04:12 2008 us=835066   tcp_queue_limit = 64
  216. Wed Apr 16 22:04:12 2008 us=835079   real_hash_size = 256
  217. Wed Apr 16 22:04:12 2008 us=835092   virtual_hash_size = 256
  218. Wed Apr 16 22:04:12 2008 us=835108   client_connect_script = '[UNDEF]'
  219. Wed Apr 16 22:04:12 2008 us=835121   learn_address_script = '[UNDEF]'
  220. Wed Apr 16 22:04:12 2008 us=835133   client_disconnect_script = '[UNDEF]'
  221. Wed Apr 16 22:04:12 2008 us=835149   client_config_dir = '[UNDEF]'
  222. Wed Apr 16 22:04:12 2008 us=835162   ccd_exclusive = DISABLED
  223. Wed Apr 16 22:04:12 2008 us=835174   tmp_dir = '[UNDEF]'
  224. Wed Apr 16 22:04:12 2008 us=835190   push_ifconfig_defined = DISABLED
  225. Wed Apr 16 22:04:12 2008 us=835205   push_ifconfig_local = 0.0.0.0
  226. Wed Apr 16 22:04:12 2008 us=835221   push_ifconfig_remote_netmask = 0.0.0.0
  227. Wed Apr 16 22:04:12 2008 us=835236   enable_c2c = DISABLED
  228. Wed Apr 16 22:04:12 2008 us=835250   duplicate_cn = DISABLED
  229. Wed Apr 16 22:04:12 2008 us=835262   cf_max = 0
  230. Wed Apr 16 22:04:12 2008 us=835278   cf_per = 0
  231. Wed Apr 16 22:04:12 2008 us=835292   max_clients = 1024
  232. Wed Apr 16 22:04:12 2008 us=835305   max_routes_per_client = 256
  233. Wed Apr 16 22:04:12 2008 us=835317   client_cert_not_required = DISABLED
  234. Wed Apr 16 22:04:12 2008 us=835330   username_as_common_name = DISABLED
  235. Wed Apr 16 22:04:12 2008 us=835346   auth_user_pass_verify_script = '[UNDEF]'
  236. Wed Apr 16 22:04:12 2008 us=835360   auth_user_pass_verify_script_via_file = DISABLED
  237. Wed Apr 16 22:04:12 2008 us=835372   port_share_host = '[UNDEF]'
  238. Wed Apr 16 22:04:12 2008 us=835388   port_share_port = 0
  239. Wed Apr 16 22:04:12 2008 us=835401   client = DISABLED
  240. Wed Apr 16 22:04:12 2008 us=835413   pull = DISABLED
  241. Wed Apr 16 22:04:12 2008 us=835429   auth_user_pass_file = '[UNDEF]'
  242. Wed Apr 16 22:04:12 2008 us=835444 OpenVPN 2.1_rc4 i586-mandriva-linux-gnu [SSL] [LZO2] [EPOLL] built on Dec  6 2007
  243. Wed Apr 16 22:04:12 2008 us=835517 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
  244. Wed Apr 16 22:04:12 2008 us=914588 LZO compression initialized
  245. Wed Apr 16 22:04:12 2008 us=914641 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1400)
  246. Wed Apr 16 22:04:12 2008 us=914814 Control Channel MTU parms [ L:1444 D:140 EF:40 EB:0 ET:0 EL:0 ]
  247. Wed Apr 16 22:04:13 2008 us=309390 TUN/TAP device tun1 opened
  248. Wed Apr 16 22:04:13 2008 us=309436 TUN/TAP TX queue length set to 100
  249. Wed Apr 16 22:04:13 2008 us=309488 Data Channel MTU parms [ L:1444 D:1444 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
  250. Wed Apr 16 22:04:13 2008 us=309533 Local Options String: 'V4,dev-type tun,link-mtu 1444,tun-mtu 1400,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
  251. Wed Apr 16 22:04:13 2008 us=309546 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1444,tun-mtu 1400,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
  252. Wed Apr 16 22:04:13 2008 us=309581 Local Options hash (VER=V4): '7dfc3732'
  253. Wed Apr 16 22:04:13 2008 us=309602 Expected Remote Options hash (VER=V4): '347277f0'
  254. Wed Apr 16 22:04:13 2008 us=309628 Attempting to establish TCP connection with XX.XX.XX.XX:1194 [nonblock]
  255. Wed Apr 16 22:04:14 2008 us=309781 TCP: connect to XX.XX.XX.XX:1194 failed, will try again in 5 seconds: Connection refuse


 
 
Voila si y a besoin de n'importe quel autre précision n'hésite pas !
 
Merci

Reply

Marsh Posté le 16-04-2008 à 23:29:00    

Tu devrais passer tes logs en verb 3 déjà, ca suffirait LARGEMENT, là du verb 5 ca rajoute trop de truc inutile qui te font gonfler tes logs pour pas grand chose.
 
Et donc là, on voit bien que ton client n'arrive pas à contacter ton serveur, déjà coté serveur aucune emprunte n'est présente de la tentative, et coté client on voit bien l'erreur  
 
"will try again in 5 seconds: Connection refuse"
 
As-tu tenté de router le port 1194 de ta livebox vers ton poste officiant en tant que serveur chez toi ? As-tu ouvert le port 1194 sur ton iptables (je présume que c'est iptables) ?


---------------
¡ Viva la Revolución !
Reply

Marsh Posté le 17-04-2008 à 16:24:45    

Bonjour !
 
Alors sur mon PC serveur j'ai bien ouvert le port 1194 en tcp sur iptables via l'assistant drakconf (mandriva 2008) .
Sur ma livebox j'ai autoriser le port 1194 en tcp vers l'adresse 10.8.0.1 ( tun0 ) mais ce que je me demandai c'est que vu que mon PC est connecter a internet via ma livebox sur eth0 ( 192.168.1.20 ) est ce qu'il y a du routage a faire sur le PC serveur ?'


Message édité par Profil supprimé le 17-04-2008 à 16:26:29
Reply

Marsh Posté le 17-04-2008 à 17:23:57    

Tu autorise l'ip VPN sur ta livebox, l'interface tun0 (virtuelle) travaille sur l'interface eth0 (physique), tu dois router le port 1194 sur ton adresse 192.168.1.20.


---------------
¡ Viva la Revolución !
Reply

Marsh Posté le 17-04-2008 à 17:23:57   

Reply

Marsh Posté le 17-04-2008 à 17:29:07    

J'ai changer ce que tu ma dit sur la livebox mais j'ai toujours le même problème

Reply

Marsh Posté le 17-04-2008 à 18:47:37    

si tu veux, donne moi ton adresse publique en mp que je te scan et vois ce que ca donne.
 
Mais en gros internet 1194 > livebox 1194 > chez toi 1194 = 192.168.1.20
 
Et si ensuite ton firewall est ouvert et ton applis (vu les logs c'est bon) sont pret à recevoir des requetes sur le 1194 il ne devrait pas y avoir de probleme.


---------------
¡ Viva la Revolución !
Reply

Sujets relatifs:

Leave a Replay

Make sure you enter the(*)required information where indicate.HTML code is not allowed