Forum |  HardWare.fr | News | Articles | PC | S'identifier | S'inscrire | Shop Recherche
1727 connectés 

  FORUM HardWare.fr
  Linux et OS Alternatifs
  réseaux et sécurité

  Mise en place d'openvpn sous linux

 
 


 Mot :   Pseudo :  
 
Bas de page
Auteur Sujet :

Mise en place d'openvpn sous linux

n°1032776
Profil sup​primé
Posté le 12-04-2008 à 19:57:24  answer
 

Bonjour a tous
voila j'ai suivi plein de tuto sur internet et je n'arrive pas à faire fonctionner mon vpn
je vous explique ma configuration
 
tout d'abord  
 
OrdinateurFixeMaison -------------------------------------LIvebox-------------------internet--------------PcPortable
Linux                                          priv:192.168.1.1    pub:compte dynDNS                    
eth0 192.168.1.20
tun0 10.8.0.1
 
Le serveur vpn est installer sur OrdinateurFixeMaison
 
/etc/openvpn/server.conf

Code :
  1. ;Port en écoute utilisé pour la connexion VPN
  2. port 1194
  4. tun-mtu 1400
  6. ;Protocole utilisé (Le protocole udp est plus sécurisé que le tcp)
  7. proto tcp-server
  9. ;Type d'interface réseau virtuelle créée
  10. dev tun
  12. ;Nom des fichiers servant à l'authentification des clients via OpenSSL
  13. ca ca.crt
  14. cert MaisonServeur.crt
  15. key MaisonServeur.key 
  16. dh dh1024.pem
  18. ;Adresse du réseau virtuel (Le serveur aura l'adresse 10.8.0.1)
  19. server 10.8.0.0 255.255.255.0
  21. # Cette ligne permet aux clients de voire les autres clients
  22. ;client-to-client
  24. keepalive 10 120
  26. ;Cette ligne active la compression
  27. comp-lzo
  29. ;Ces lignes indiquent un user et un group particulier pour le processus
  30. user openvpn
  31. group openvpn
  33. ;Ces lignes permettent de rendre persistante la connexion
  34. persist-key
  35. persist-tun
  37. status openvpn-status.log
  39. ;Cette ligne permet d'indiquer le niveau de log souhaité (de 1 à 9)
  40. verb 5


 
 
 
 
 
Maintenant sur le Pc Portable
 
 
/etc/openvpn/client.conf
 

Code :
  1. # On indique ici que l'on est un client.
  2. client
  4. # Mode dev tun pour mode routed IP
  5. ;dev tap
  6. dev tun
  8. tun-mtu 1400
  11. # On utilise le mode udp
  12. proto tcp-client
  13. ;proto udp
  15. # On spécifie l'adresse et le port pour le serveur
  16. remote XXX.XXXX.com 1194
  18. # On essaye indéfiniment de résoudre le nom s'hôte
  19. resolv-retry infinite
  21. # Most clients don't need to bind to
  22. # a specific local port number.
  23. nobind
  25. # Try to preserve some state across restarts.
  26. persist-key
  27. persist-tun
  29. # SSL/TLS parms.
  30. # See the server config file for more
  31. # description.  It's best to use
  32. # a separate .crt/.key file pair
  33. # for each client.  A single ca
  34. # file can be used for all clients.
  35. ca /etc/openvpn/ca.crt
  36. cert /etc/openvpn/clientPortableAcer.crt
  37. key /etc/openvpn/clientPortableAcer.key
  39. # Enable compression on the VPN link.
  40. # Don't enable this unless it is also
  41. # enabled in the server config file.
  42. comp-lzo
  44. # Set log file verbosity.
  45. verb 9


 
 
 
 
sur ma livebox j'ai ouvert le port 1194 en tcp sur l'adresse ip 10.8.0.1. Lorsque je lance openvpn sur le client voici ce qu'il me dit :
 

Code :
  1. [root@localhost openvpn]# openvpn client.conf
  2. Sat Apr 12 19:51:36 2008 OpenVPN 2.1_rc4 i586-mandriva-linux-gnu [SSL] [LZO2] [EPOLL] built on Dec  6 2007
  3. Sat Apr 12 19:51:36 2008 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
  4. Sat Apr 12 19:51:36 2008 LZO compression initialized
  5. Sat Apr 12 19:51:36 2008 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1400)
  6. Sat Apr 12 19:51:36 2008 Control Channel MTU parms [ L:1444 D:140 EF:40 EB:0 ET:0 EL:0 ]
  7. Sat Apr 12 19:51:36 2008 Data Channel MTU parms [ L:1444 D:1444 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
  8. Sat Apr 12 19:51:36 2008 Local Options hash (VER=V4): '7dfc3732'
  9. Sat Apr 12 19:51:36 2008 Expected Remote Options hash (VER=V4): '347277f0'
  10. Sat Apr 12 19:51:36 2008 Attempting to establish TCP connection with XX.XX.XX.XX:1194 [nonblock]
  11. Sat Apr 12 19:51:37 2008 TCP: connect to XX.XX.XX.XX:1194 failed, will try again in 5 seconds: Connection refused


 
 
 
Voila si quelqu'un pouvait m'aider, je l'en remercierais.
 
 
 
Gaetan


Message édité par Profil supprimé le 12-04-2008 à 19:57:56
mood
Publicité
Posté le 12-04-2008 à 19:57:24  profilanswer
 

n°1033031
Profil sup​primé
Posté le 13-04-2008 à 19:25:16  answer
 

un petit up si quelqu'un peut m'apporter quelques précisions !

n°1033539
Profil sup​primé
Posté le 15-04-2008 à 16:07:42  answer
 

up

n°1033607
Walk_Man
To live is to die.
Posté le 15-04-2008 à 22:13:27  profilanswer
 

Et coté client tu as quoi comme log ?


---------------
¡ Viva la Revolución !
n°1033792
Profil sup​primé
Posté le 16-04-2008 à 15:51:35  answer
 

alors coté client j'ai ce que j'ai mit en dernier dans mon poste. Je suppose que tu veut parler coté serveur ? voici ce que j'ai coté serveur :
 
 

Code :
  1. Wed Apr 16 15:43:56 2008 OpenVPN 2.1_rc4 i586-mandriva-linux-gnu [SSL] [LZO2] [EPOLL] built on Dec  6 2007
  2. Wed Apr 16 15:43:56 2008 Diffie-Hellman initialized with 1024 bit key
  3. Wed Apr 16 15:43:56 2008 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1400)
  4. Wed Apr 16 15:43:56 2008 TLS-Auth MTU parms [ L:1444 D:140 EF:40 EB:0 ET:0 EL:0 ]
  5. Wed Apr 16 15:43:56 2008 TUN/TAP device tun0 opened
  6. Wed Apr 16 15:43:56 2008 TUN/TAP TX queue length set to 100
  7. Wed Apr 16 15:43:56 2008 /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1400
  8. Wed Apr 16 15:43:56 2008 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2
  9. Wed Apr 16 15:43:56 2008 Data Channel MTU parms [ L:1444 D:1444 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
  10. Wed Apr 16 15:43:56 2008 GID set to openvpn
  11. Wed Apr 16 15:43:56 2008 UID set to openvpn
  12. Wed Apr 16 15:43:56 2008 Listening for incoming TCP connection on [undef]:1194
  13. Wed Apr 16 15:43:56 2008 Socket Buffers: R=[87380->131072] S=[16384->131072]
  14. Wed Apr 16 15:43:56 2008 TCPv4_SERVER link local (bound): [undef]:1194
  15. Wed Apr 16 15:43:56 2008 TCPv4_SERVER link remote: [undef]
  16. Wed Apr 16 15:43:56 2008 MULTI: multi_init called, r=256 v=256
  17. Wed Apr 16 15:43:56 2008 IFCONFIG POOL: base=10.8.0.4 size=62
  18. Wed Apr 16 15:43:56 2008 IFCONFIG POOL LIST
  19. Wed Apr 16 15:43:56 2008 MULTI: TCP INIT maxclients=1024 maxevents=1028
  20. Wed Apr 16 15:43:56 2008 Initialization Sequence Completed


 
est ce que cela vous avance ?

n°1033847
Walk_Man
To live is to die.
Posté le 16-04-2008 à 19:02:45  profilanswer
 

Là dans ton conf coté serveur on ne voit pas le client tenté de se log.
 
Pourrais tu faire une tentative de connexion et donner les logs des deux cotés stp ?


---------------
¡ Viva la Revolución !
n°1033924
Profil sup​primé
Posté le 16-04-2008 à 22:11:59  answer
 

alors voici le log que j'ai récupérer sur le serveur , même après avoir essayer de me conecter avec un client sur le serveur ( mode verb 6) :

Code :
  1. Apr 16 22:02:23 localhost openvpn[6945]: Current Parameter Settings:
  2. Apr 16 22:02:23 localhost openvpn[6945]:   config = 'server.conf'
  3. Apr 16 22:02:23 localhost openvpn[6945]:   mode = 1
  4. Apr 16 22:02:23 localhost openvpn[6945]:   persist_config = DISABLED
  5. Apr 16 22:02:23 localhost openvpn[6945]:   persist_mode = 1
  6. Apr 16 22:02:23 localhost openvpn[6945]:   show_ciphers = DISABLED
  7. Apr 16 22:02:23 localhost openvpn[6945]:   show_digests = DISABLED
  8. Apr 16 22:02:23 localhost openvpn[6945]:   show_engines = DISABLED
  9. Apr 16 22:02:23 localhost openvpn[6945]:   genkey = DISABLED
  10. Apr 16 22:02:23 localhost openvpn[6945]:   key_pass_file = '[UNDEF]'
  11. Apr 16 22:02:23 localhost openvpn[6945]:   show_tls_ciphers = DISABLED
  12. Apr 16 22:02:23 localhost openvpn[6945]:   proto = 1
  13. Apr 16 22:02:23 localhost openvpn[6945]:   local = '[UNDEF]'
  14. Apr 16 22:02:23 localhost openvpn[6945]:   remote_list = NULL
  15. Apr 16 22:02:23 localhost openvpn[6945]:   remote_random = DISABLED
  16. Apr 16 22:02:23 localhost openvpn[6945]:   local_port = 1194
  17. Apr 16 22:02:23 localhost openvpn[6945]:   remote_port = 1194
  18. Apr 16 22:02:23 localhost openvpn[6945]:   remote_float = DISABLED
  19. Apr 16 22:02:23 localhost openvpn[6945]:   ipchange = '[UNDEF]'
  20. Apr 16 22:02:23 localhost openvpn[6945]:   bind_defined = DISABLED
  21. Apr 16 22:02:23 localhost openvpn[6945]:   bind_local = ENABLED
  22. Apr 16 22:02:23 localhost openvpn[6945]:   dev = 'tun'
  23. Apr 16 22:02:23 localhost openvpn[6945]:   dev_type = '[UNDEF]'
  24. Apr 16 22:02:23 localhost openvpn[6945]:   dev_node = '[UNDEF]'
  25. Apr 16 22:02:23 localhost openvpn[6945]:   lladdr = '[UNDEF]'
  26. Apr 16 22:02:23 localhost openvpn[6945]:   topology = 1
  27. Apr 16 22:02:23 localhost openvpn[6945]:   tun_ipv6 = DISABLED
  28. Apr 16 22:02:23 localhost openvpn[6945]:   ifconfig_local = '10.8.0.1'
  29. Apr 16 22:02:23 localhost openvpn[6945]:   ifconfig_remote_netmask = '10.8.0.2'
  30. Apr 16 22:02:23 localhost openvpn[6945]:   ifconfig_noexec = DISABLED
  31. Apr 16 22:02:23 localhost openvpn[6945]:   ifconfig_nowarn = DISABLED
  32. Apr 16 22:02:23 localhost openvpn[6945]:   shaper = 0
  33. Apr 16 22:02:23 localhost openvpn[6945]:   tun_mtu = 1400
  34. Apr 16 22:02:23 localhost openvpn[6945]:   tun_mtu_defined = ENABLED
  35. Apr 16 22:02:23 localhost openvpn[6945]:   link_mtu = 1500
  36. Apr 16 22:02:23 localhost openvpn[6945]:   link_mtu_defined = DISABLED
  37. Apr 16 22:02:23 localhost openvpn[6945]:   tun_mtu_extra = 0
  38. Apr 16 22:02:23 localhost openvpn[6945]:   tun_mtu_extra_defined = DISABLED
  39. Apr 16 22:02:23 localhost openvpn[6945]:   fragment = 0
  40. Apr 16 22:02:23 localhost openvpn[6945]:   mtu_discover_type = -1
  41. Apr 16 22:02:23 localhost openvpn[6945]:   mtu_test = 0
  42. Apr 16 22:02:23 localhost openvpn[6945]:   mlock = DISABLED
  43. Apr 16 22:02:23 localhost openvpn[6945]:   keepalive_ping = 10
  44. Apr 16 22:02:23 localhost openvpn[6945]:   keepalive_timeout = 120
  45. Apr 16 22:02:23 localhost openvpn[6945]:   inactivity_timeout = 0
  46. Apr 16 22:02:23 localhost openvpn[6945]:   ping_send_timeout = 10
  47. Apr 16 22:02:23 localhost openvpn[6945]:   ping_rec_timeout = 240
  48. Apr 16 22:02:23 localhost openvpn[6945]:   ping_rec_timeout_action = 2
  49. Apr 16 22:02:23 localhost openvpn[6945]:   ping_timer_remote = DISABLED
  50. Apr 16 22:02:23 localhost openvpn[6945]:   remap_sigusr1 = 0
  51. Apr 16 22:02:23 localhost openvpn[6945]:   explicit_exit_notification = 0
  52. Apr 16 22:02:23 localhost openvpn[6945]:   persist_tun = ENABLED
  53. Apr 16 22:02:23 localhost openvpn[6945]:   persist_local_ip = DISABLED
  54. Apr 16 22:02:23 localhost openvpn[6945]:   persist_remote_ip = DISABLED
  55. Apr 16 22:02:23 localhost openvpn[6945]:   persist_key = ENABLED
  56. Apr 16 22:02:23 localhost openvpn[6945]:   mssfix = 1450
  57. Apr 16 22:02:23 localhost openvpn[6945]:   passtos = DISABLED
  58. Apr 16 22:02:23 localhost openvpn[6945]:   resolve_retry_seconds = 1000000000
  59. Apr 16 22:02:23 localhost openvpn[6945]:   connect_retry_seconds = 5
  60. Apr 16 22:02:23 localhost openvpn[6945]:   connect_timeout = 10
  61. Apr 16 22:02:23 localhost openvpn[6945]:   connect_retry_max = 0
  62. Apr 16 22:02:23 localhost openvpn[6945]:   username = 'openvpn'
  63. Apr 16 22:02:23 localhost openvpn[6945]:   groupname = 'openvpn'
  64. Apr 16 22:02:23 localhost openvpn[6945]:   chroot_dir = '[UNDEF]'
  65. Apr 16 22:02:23 localhost openvpn[6945]:   cd_dir = '/etc/openvpn'
  66. Apr 16 22:02:23 localhost openvpn[6945]:   writepid = '/var/run/openvpn/server.pid'
  67. Apr 16 22:02:23 localhost openvpn[6945]:   up_script = '[UNDEF]'
  68. Apr 16 22:02:23 localhost openvpn[6945]:   down_script = '[UNDEF]'
  69. Apr 16 22:02:23 localhost openvpn[6945]:   down_pre = DISABLED
  70. Apr 16 22:02:23 localhost openvpn[6945]:   up_restart = DISABLED
  71. Apr 16 22:02:23 localhost openvpn[6945]:   up_delay = DISABLED
  72. Apr 16 22:02:23 localhost openvpn[6945]:   daemon = ENABLED
  73. Apr 16 22:02:23 localhost openvpn[6945]:   inetd = 0
  74. Apr 16 22:02:23 localhost openvpn[6945]:   log = DISABLED
  75. Apr 16 22:02:23 localhost openvpn[6945]:   suppress_timestamps = DISABLED
  76. Apr 16 22:02:23 localhost openvpn[6945]:   nice = 0
  77. Apr 16 22:02:23 localhost openvpn[6945]:   verbosity = 6
  78. Apr 16 22:02:23 localhost openvpn[6945]:   mute = 0
  79. Apr 16 22:02:23 localhost openvpn[6945]:   gremlin = 0
  80. Apr 16 22:02:23 localhost openvpn[6945]:   status_file = 'openvpn-status.log'
  81. Apr 16 22:02:23 localhost openvpn[6945]:   status_file_version = 1
  82. Apr 16 22:02:23 localhost openvpn[6945]:   status_file_update_freq = 60
  83. Apr 16 22:02:23 localhost openvpn[6945]:   occ = ENABLED
  84. Apr 16 22:02:23 localhost openvpn[6945]:   rcvbuf = 65536
  85. Apr 16 22:02:23 localhost openvpn[6945]:   sndbuf = 65536
  86. Apr 16 22:02:23 localhost openvpn[6945]:   sockflags = 0
  87. Apr 16 22:02:23 localhost openvpn[6945]:   socks_proxy_server = '[UNDEF]'
  88. Apr 16 22:02:23 localhost openvpn[6945]:   socks_proxy_port = 0
  89. Apr 16 22:02:23 localhost openvpn[6945]:   socks_proxy_retry = DISABLED
  90. Apr 16 22:02:23 localhost openvpn[6945]:   fast_io = DISABLED
  91. Apr 16 22:02:23 localhost openvpn[6945]:   lzo = 7
  92. Apr 16 22:02:23 localhost openvpn[6945]:   route_script = '[UNDEF]'
  93. Apr 16 22:02:23 localhost openvpn[6945]:   route_default_gateway = '[UNDEF]'
  94. Apr 16 22:02:23 localhost openvpn[6945]:   route_default_metric = 0
  95. Apr 16 22:02:23 localhost openvpn[6945]:   route_noexec = DISABLED
  96. Apr 16 22:02:23 localhost openvpn[6945]:   route_delay = 0
  97. Apr 16 22:02:23 localhost openvpn[6945]:   route_delay_window = 30
  98. Apr 16 22:02:23 localhost openvpn[6945]:   route_delay_defined = DISABLED
  99. Apr 16 22:02:23 localhost openvpn[6945]:   route_nopull = DISABLED
  100. Apr 16 22:02:23 localhost openvpn[6945]:   route 10.8.0.0/255.255.255.0/nil/nil
  101. Apr 16 22:02:23 localhost openvpn[6945]:   management_addr = '[UNDEF]'
  102. Apr 16 22:02:23 localhost openvpn[6945]:   management_port = 0
  103. Apr 16 22:02:23 localhost openvpn[6945]:   management_user_pass = '[UNDEF]'
  104. Apr 16 22:02:23 localhost openvpn[6945]:   management_log_history_cache = 250
  105. Apr 16 22:02:23 localhost openvpn[6945]:   management_echo_buffer_size = 100
  106. Apr 16 22:02:23 localhost openvpn[6945]:   management_query_passwords = DISABLED
  107. Apr 16 22:02:23 localhost openvpn[6945]:   management_hold = DISABLED
  108. Apr 16 22:02:23 localhost openvpn[6945]:   management_client = DISABLED
  109. Apr 16 22:02:23 localhost openvpn[6945]:   management_write_peer_info_file = '[UNDEF]'
  110. Apr 16 22:02:23 localhost openvpn[6945]:   shared_secret_file = '[UNDEF]'
  111. Apr 16 22:02:23 localhost openvpn[6945]:   key_direction = 0
  112. Apr 16 22:02:23 localhost openvpn[6945]:   ciphername_defined = ENABLED
  113. Apr 16 22:02:23 localhost openvpn[6945]:   ciphername = 'BF-CBC'
  114. Apr 16 22:02:23 localhost openvpn[6945]:   authname_defined = ENABLED
  115. Apr 16 22:02:23 localhost openvpn[6945]:   authname = 'SHA1'
  116. Apr 16 22:02:23 localhost openvpn[6945]:   keysize = 0
  117. Apr 16 22:02:23 localhost openvpn[6945]:   engine = DISABLED
  118. Apr 16 22:02:23 localhost openvpn[6945]:   replay = ENABLED
  119. Apr 16 22:02:23 localhost openvpn[6945]:   mute_replay_warnings = DISABLED
  120. Apr 16 22:02:23 localhost openvpn[6945]:   replay_window = 0
  121. Apr 16 22:02:23 localhost openvpn[6945]:   replay_time = 0
  122. Apr 16 22:02:23 localhost openvpn[6945]:   packet_id_file = '[UNDEF]'
  123. Apr 16 22:02:23 localhost openvpn[6945]:   use_iv = ENABLED
  124. Apr 16 22:02:23 localhost openvpn[6945]:   test_crypto = DISABLED
  125. Apr 16 22:02:23 localhost openvpn[6945]:   tls_server = ENABLED
  126. Apr 16 22:02:23 localhost openvpn[6945]:   tls_client = DISABLED
  127. Apr 16 22:02:23 localhost openvpn[6945]:   key_method = 2
  128. Apr 16 22:02:23 localhost openvpn[6945]:   ca_file = 'ca.crt'
  129. Apr 16 22:02:23 localhost openvpn[6945]:   ca_path = '[UNDEF]'
  130. Apr 16 22:02:23 localhost openvpn[6945]:   dh_file = 'dh1024.pem'
  131. Apr 16 22:02:23 localhost openvpn[6945]:   cert_file = 'MaisonServeur.crt'
  132. Apr 16 22:02:23 localhost openvpn[6945]:   priv_key_file = 'MaisonServeur.key'
  133. Apr 16 22:02:23 localhost openvpn[6945]:   pkcs12_file = '[UNDEF]'
  134. Apr 16 22:02:23 localhost openvpn[6945]:   cipher_list = '[UNDEF]'
  135. Apr 16 22:02:23 localhost openvpn[6945]:   tls_verify = '[UNDEF]'
  136. Apr 16 22:02:23 localhost openvpn[6945]:   tls_remote = '[UNDEF]'
  137. Apr 16 22:02:23 localhost openvpn[6945]:   crl_file = '[UNDEF]'
  138. Apr 16 22:02:23 localhost openvpn[6945]:   ns_cert_type = 0
  139. Apr 16 22:02:23 localhost openvpn[6945]:   remote_cert_ku[i] = 0
  140. Apr 16 22:02:23 localhost last message repeated 15 times
  141. Apr 16 22:02:23 localhost openvpn[6945]:   remote_cert_eku = '[UNDEF]'
  142. Apr 16 22:02:23 localhost openvpn[6945]:   tls_timeout = 2
  143. Apr 16 22:02:23 localhost openvpn[6945]:   renegotiate_bytes = 0
  144. Apr 16 22:02:23 localhost openvpn[6945]:   renegotiate_packets = 0
  145. Apr 16 22:02:23 localhost openvpn[6945]:   renegotiate_seconds = 3600
  146. Apr 16 22:02:23 localhost openvpn[6945]:   handshake_window = 60
  147. Apr 16 22:02:23 localhost openvpn[6945]:   transition_window = 3600
  148. Apr 16 22:02:23 localhost openvpn[6945]:   single_session = DISABLED
  149. Apr 16 22:02:23 localhost openvpn[6945]:   tls_exit = DISABLED
  150. Apr 16 22:02:23 localhost openvpn[6945]:   tls_auth_file = '[UNDEF]'
  151. Apr 16 22:02:23 localhost openvpn[6945]:   pkcs11_protected_authentication = DISABLED
  152. Apr 16 22:02:23 localhost last message repeated 15 times
  153. Apr 16 22:02:23 localhost openvpn[6945]:   pkcs11_cert_private = DISABLED
  154. Apr 16 22:02:23 localhost last message repeated 15 times
  155. Apr 16 22:02:23 localhost openvpn[6945]:   pkcs11_pin_cache_period = -1
  156. Apr 16 22:02:23 localhost openvpn[6945]:   pkcs11_slot_type = '[UNDEF]'
  157. Apr 16 22:02:23 localhost openvpn[6945]:   pkcs11_slot = '[UNDEF]'
  158. Apr 16 22:02:23 localhost openvpn[6945]:   pkcs11_id_type = '[UNDEF]'
  159. Apr 16 22:02:23 localhost openvpn[6945]:   pkcs11_id = '[UNDEF]'
  160. Apr 16 22:02:23 localhost openvpn[6945]:   server_network = 10.8.0.0
  161. Apr 16 22:02:23 localhost openvpn[6945]:   server_netmask = 255.255.255.0
  162. Apr 16 22:02:23 localhost openvpn[6945]:   server_bridge_ip = 0.0.0.0
  163. Apr 16 22:02:23 localhost openvpn[6945]:   server_bridge_netmask = 0.0.0.0
  164. Apr 16 22:02:23 localhost openvpn[6945]:   server_bridge_pool_start = 0.0.0.0
  165. Apr 16 22:02:23 localhost openvpn[6945]:   server_bridge_pool_end = 0.0.0.0
  166. Apr 16 22:02:23 localhost openvpn[6945]:   push_list = 'route 10.8.0.1,topology net30,ping 10,ping-restart 120'
  167. Apr 16 22:02:23 localhost openvpn[6945]:   ifconfig_pool_defined = ENABLED
  168. Apr 16 22:02:23 localhost openvpn[6945]:   ifconfig_pool_start = 10.8.0.4
  169. Apr 16 22:02:23 localhost openvpn[6945]:   ifconfig_pool_end = 10.8.0.251
  170. Apr 16 22:02:23 localhost openvpn[6945]:   ifconfig_pool_netmask = 0.0.0.0
  171. Apr 16 22:02:23 localhost openvpn[6945]:   ifconfig_pool_persist_filename = '[UNDEF]'
  172. Apr 16 22:02:23 localhost openvpn[6945]:   ifconfig_pool_persist_refresh_freq = 600
  173. Apr 16 22:02:23 localhost openvpn[6945]:   n_bcast_buf = 256
  174. Apr 16 22:02:23 localhost openvpn[6945]:   tcp_queue_limit = 64
  175. Apr 16 22:02:23 localhost openvpn[6945]:   real_hash_size = 256
  176. Apr 16 22:02:23 localhost openvpn[6945]:   virtual_hash_size = 256
  177. Apr 16 22:02:23 localhost openvpn[6945]:   client_connect_script = '[UNDEF]'
  178. Apr 16 22:02:23 localhost openvpn[6945]:   learn_address_script = '[UNDEF]'
  179. Apr 16 22:02:23 localhost openvpn[6945]:   client_disconnect_script = '[UNDEF]'
  180. Apr 16 22:02:23 localhost openvpn[6945]:   client_config_dir = '[UNDEF]'
  181. Apr 16 22:02:23 localhost openvpn[6945]:   ccd_exclusive = DISABLED
  182. Apr 16 22:02:23 localhost openvpn[6945]:   tmp_dir = '[UNDEF]'
  183. Apr 16 22:02:23 localhost openvpn[6945]:   push_ifconfig_defined = DISABLED
  184. Apr 16 22:02:23 localhost openvpn[6945]:   push_ifconfig_local = 0.0.0.0
  185. Apr 16 22:02:23 localhost openvpn[6945]:   push_ifconfig_remote_netmask = 0.0.0.0
  186. Apr 16 22:02:23 localhost openvpn[6945]:   enable_c2c = DISABLED
  187. Apr 16 22:02:23 localhost openvpn[6945]:   duplicate_cn = DISABLED
  188. Apr 16 22:02:23 localhost openvpn[6945]:   cf_max = 0
  189. Apr 16 22:02:23 localhost openvpn[6945]:   cf_per = 0
  190. Apr 16 22:02:23 localhost openvpn[6945]:   max_clients = 1024
  191. Apr 16 22:02:23 localhost openvpn[6945]:   max_routes_per_client = 256
  192. Apr 16 22:02:23 localhost openvpn[6945]:   client_cert_not_required = DISABLED
  193. Apr 16 22:02:23 localhost openvpn[6945]:   username_as_common_name = DISABLED
  194. Apr 16 22:02:23 localhost openvpn[6945]:   auth_user_pass_verify_script = '[UNDEF]'
  195. Apr 16 22:02:23 localhost openvpn[6945]:   auth_user_pass_verify_script_via_file = DISABLED
  196. Apr 16 22:02:23 localhost openvpn[6945]:   port_share_host = '[UNDEF]'
  197. Apr 16 22:02:23 localhost openvpn[6945]:   port_share_port = 0
  198. Apr 16 22:02:23 localhost openvpn[6945]:   client = DISABLED
  199. Apr 16 22:02:23 localhost openvpn[6945]:   pull = DISABLED
  200. Apr 16 22:02:23 localhost openvpn[6945]:   auth_user_pass_file = '[UNDEF]'
  201. Apr 16 22:02:23 localhost openvpn[6945]: OpenVPN 2.1_rc4 i586-mandriva-linux-gnu [SSL] [LZO2] [EPOLL] built on Dec  6 2007
  202. Apr 16 22:02:23 localhost openvpn[6945]: Diffie-Hellman initialized with 1024 bit key
  203. Apr 16 22:02:23 localhost openvpn[6945]: WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1400)
  204. Apr 16 22:02:23 localhost openvpn[6945]: TLS-Auth MTU parms [ L:1444 D:140 EF:40 EB:0 ET:0 EL:0 ]
  205. Apr 16 22:02:23 localhost kernel: tun0: Disabled Privacy Extensions
  206. Apr 16 22:02:23 localhost openvpn[6945]: TUN/TAP device tun0 opened
  207. Apr 16 22:02:23 localhost openvpn[6945]: TUN/TAP TX queue length set to 100
  208. Apr 16 22:02:23 localhost openvpn[6945]: /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1400
  209. Apr 16 22:02:23 localhost openvpn[6945]: /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2
  210. Apr 16 22:02:23 localhost openvpn[6945]: Data Channel MTU parms [ L:1444 D:1444 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
  211. Apr 16 22:02:23 localhost openvpn[6951]: GID set to openvpn
  212. Apr 16 22:02:23 localhost openvpn[6951]: UID set to openvpn
  213. Apr 16 22:02:23 localhost openvpn[6951]: Listening for incoming TCP connection on [undef]:1194
  214. Apr 16 22:02:23 localhost openvpn[6951]: Socket Buffers: R=[87380->131072] S=[16384->131072]
  215. Apr 16 22:02:23 localhost openvpn[6951]: TCPv4_SERVER link local (bound): [undef]:1194
  216. Apr 16 22:02:23 localhost openvpn[6951]: TCPv4_SERVER link remote: [undef]
  217. Apr 16 22:02:23 localhost openvpn[6951]: MULTI: multi_init called, r=256 v=256
  218. Apr 16 22:02:23 localhost openvpn[6951]: IFCONFIG POOL: base=10.8.0.4 size=62
  219. Apr 16 22:02:23 localhost openvpn[6951]: MULTI: TCP INIT maxclients=1024 maxevents=1028
  220. Apr 16 22:02:23 localhost openvpn[6951]: Initialization Sequence Completed


 
 
 
Maintenant voici ce que j'ai sur le client :
 
 

Code :
  1. [root@localhost openvpn]# openvpn client.conf
  2. Wed Apr 16 22:04:12 2008 us=831833 Current Parameter Settings:
  3. Wed Apr 16 22:04:12 2008 us=831925   config = 'client.conf'
  4. Wed Apr 16 22:04:12 2008 us=831940   mode = 0
  5. Wed Apr 16 22:04:12 2008 us=831954   persist_config = DISABLED
  6. Wed Apr 16 22:04:12 2008 us=831968   persist_mode = 1
  7. Wed Apr 16 22:04:12 2008 us=831980   show_ciphers = DISABLED
  8. Wed Apr 16 22:04:12 2008 us=831993   show_digests = DISABLED
  9. Wed Apr 16 22:04:12 2008 us=832006   show_engines = DISABLED
  10. Wed Apr 16 22:04:12 2008 us=832018   genkey = DISABLED
  11. Wed Apr 16 22:04:12 2008 us=832036   key_pass_file = '[UNDEF]'
  12. Wed Apr 16 22:04:12 2008 us=832049   show_tls_ciphers = DISABLED
  13. Wed Apr 16 22:04:12 2008 us=832061   proto = 2
  14. Wed Apr 16 22:04:12 2008 us=832077   local = '[UNDEF]'
  15. Wed Apr 16 22:04:12 2008 us=832093   remote_list[0] = {'mondomaine.com', 1194}
  16. Wed Apr 16 22:04:12 2008 us=832107   remote_random = DISABLED
  17. Wed Apr 16 22:04:12 2008 us=832123   local_port = 0
  18. Wed Apr 16 22:04:12 2008 us=832137   remote_port = 1194
  19. Wed Apr 16 22:04:12 2008 us=832149   remote_float = DISABLED
  20. Wed Apr 16 22:04:12 2008 us=832165   ipchange = '[UNDEF]'
  21. Wed Apr 16 22:04:12 2008 us=832178   bind_defined = DISABLED
  22. Wed Apr 16 22:04:12 2008 us=832190   bind_local = DISABLED
  23. Wed Apr 16 22:04:12 2008 us=832206   dev = 'tun'
  24. Wed Apr 16 22:04:12 2008 us=832219   dev_type = '[UNDEF]'
  25. Wed Apr 16 22:04:12 2008 us=832231   dev_node = '[UNDEF]'
  26. Wed Apr 16 22:04:12 2008 us=832246   lladdr = '[UNDEF]'
  27. Wed Apr 16 22:04:12 2008 us=832260   topology = 1
  28. Wed Apr 16 22:04:12 2008 us=832271   tun_ipv6 = DISABLED
  29. Wed Apr 16 22:04:12 2008 us=832287   ifconfig_local = '[UNDEF]'
  30. Wed Apr 16 22:04:12 2008 us=832301   ifconfig_remote_netmask = '[UNDEF]'
  31. Wed Apr 16 22:04:12 2008 us=832313   ifconfig_noexec = DISABLED
  32. Wed Apr 16 22:04:12 2008 us=832328   ifconfig_nowarn = DISABLED
  33. Wed Apr 16 22:04:12 2008 us=832341   shaper = 0
  34. Wed Apr 16 22:04:12 2008 us=832353   tun_mtu = 1400
  35. Wed Apr 16 22:04:12 2008 us=832369   tun_mtu_defined = ENABLED
  36. Wed Apr 16 22:04:12 2008 us=832382   link_mtu = 1500
  37. Wed Apr 16 22:04:12 2008 us=832394   link_mtu_defined = DISABLED
  38. Wed Apr 16 22:04:12 2008 us=832410   tun_mtu_extra = 0
  39. Wed Apr 16 22:04:12 2008 us=832423   tun_mtu_extra_defined = DISABLED
  40. Wed Apr 16 22:04:12 2008 us=832441   fragment = 0
  41. Wed Apr 16 22:04:12 2008 us=832455   mtu_discover_type = -1
  42. Wed Apr 16 22:04:12 2008 us=832474   mtu_test = 0
  43. Wed Apr 16 22:04:12 2008 us=832487   mlock = DISABLED
  44. Wed Apr 16 22:04:12 2008 us=832499   keepalive_ping = 0
  45. Wed Apr 16 22:04:12 2008 us=832511   keepalive_timeout = 0
  46. Wed Apr 16 22:04:12 2008 us=832525   inactivity_timeout = 0
  47. Wed Apr 16 22:04:12 2008 us=832543   ping_send_timeout = 0
  48. Wed Apr 16 22:04:12 2008 us=832556   ping_rec_timeout = 0
  49. Wed Apr 16 22:04:12 2008 us=832567   ping_rec_timeout_action = 0
  50. Wed Apr 16 22:04:12 2008 us=832583   ping_timer_remote = DISABLED
  51. Wed Apr 16 22:04:12 2008 us=832595   remap_sigusr1 = 0
  52. Wed Apr 16 22:04:12 2008 us=832609   explicit_exit_notification = 0
  53. Wed Apr 16 22:04:12 2008 us=832626   persist_tun = ENABLED
  54. Wed Apr 16 22:04:12 2008 us=832638   persist_local_ip = DISABLED
  55. Wed Apr 16 22:04:12 2008 us=832652   persist_remote_ip = DISABLED
  56. Wed Apr 16 22:04:12 2008 us=832676   persist_key = ENABLED
  57. Wed Apr 16 22:04:12 2008 us=832689   mssfix = 1450
  58. Wed Apr 16 22:04:12 2008 us=832703   passtos = DISABLED
  59. Wed Apr 16 22:04:12 2008 us=832715   resolve_retry_seconds = 1000000000
  60. Wed Apr 16 22:04:12 2008 us=832728   connect_retry_seconds = 5
  61. Wed Apr 16 22:04:12 2008 us=832778   connect_timeout = 10
  62. Wed Apr 16 22:04:12 2008 us=832818   connect_retry_max = 0
  63. Wed Apr 16 22:04:12 2008 us=832857   username = '[UNDEF]'
  64. Wed Apr 16 22:04:12 2008 us=832896   groupname = '[UNDEF]'
  65. Wed Apr 16 22:04:12 2008 us=832934   chroot_dir = '[UNDEF]'
  66. Wed Apr 16 22:04:12 2008 us=832973   cd_dir = '[UNDEF]'
  67. Wed Apr 16 22:04:12 2008 us=833012   writepid = '[UNDEF]'
  68. Wed Apr 16 22:04:12 2008 us=833027   up_script = '[UNDEF]'
  69. Wed Apr 16 22:04:12 2008 us=833041   down_script = '[UNDEF]'
  70. Wed Apr 16 22:04:12 2008 us=833054   down_pre = DISABLED
  71. Wed Apr 16 22:04:12 2008 us=833066   up_restart = DISABLED
  72. Wed Apr 16 22:04:12 2008 us=833079   up_delay = DISABLED
  73. Wed Apr 16 22:04:12 2008 us=833091   daemon = DISABLED
  74. Wed Apr 16 22:04:12 2008 us=833104   inetd = 0
  75. Wed Apr 16 22:04:12 2008 us=833121   log = DISABLED
  76. Wed Apr 16 22:04:12 2008 us=833134   suppress_timestamps = DISABLED
  77. Wed Apr 16 22:04:12 2008 us=833146   nice = 0
  78. Wed Apr 16 22:04:12 2008 us=833161   verbosity = 6
  79. Wed Apr 16 22:04:12 2008 us=833173   mute = 0
  80. Wed Apr 16 22:04:12 2008 us=833187   gremlin = 0
  81. Wed Apr 16 22:04:12 2008 us=833203   status_file = '[UNDEF]'
  82. Wed Apr 16 22:04:12 2008 us=833216   status_file_version = 1
  83. Wed Apr 16 22:04:12 2008 us=833228   status_file_update_freq = 60
  84. Wed Apr 16 22:04:12 2008 us=833244   occ = ENABLED
  85. Wed Apr 16 22:04:12 2008 us=833257   rcvbuf = 65536
  86. Wed Apr 16 22:04:12 2008 us=833269   sndbuf = 65536
  87. Wed Apr 16 22:04:12 2008 us=833284   sockflags = 0
  88. Wed Apr 16 22:04:12 2008 us=833300   socks_proxy_server = '[UNDEF]'
  89. Wed Apr 16 22:04:12 2008 us=833313   socks_proxy_port = 0
  90. Wed Apr 16 22:04:12 2008 us=833329   socks_proxy_retry = DISABLED
  91. Wed Apr 16 22:04:12 2008 us=833342   fast_io = DISABLED
  92. Wed Apr 16 22:04:12 2008 us=833353   lzo = 7
  93. Wed Apr 16 22:04:12 2008 us=833369   route_script = '[UNDEF]'
  94. Wed Apr 16 22:04:12 2008 us=833383   route_default_gateway = '[UNDEF]'
  95. Wed Apr 16 22:04:12 2008 us=833395   route_default_metric = 0
  96. Wed Apr 16 22:04:12 2008 us=833409   route_noexec = DISABLED
  97. Wed Apr 16 22:04:12 2008 us=833421   route_delay = 0
  98. Wed Apr 16 22:04:12 2008 us=833435   route_delay_window = 30
  99. Wed Apr 16 22:04:12 2008 us=833451   route_delay_defined = DISABLED
  100. Wed Apr 16 22:04:12 2008 us=833464   route_nopull = DISABLED
  101. Wed Apr 16 22:04:12 2008 us=833476   management_addr = '[UNDEF]'
  102. Wed Apr 16 22:04:12 2008 us=833491   management_port = 0
  103. Wed Apr 16 22:04:12 2008 us=833504   management_user_pass = '[UNDEF]'
  104. Wed Apr 16 22:04:12 2008 us=833517   management_log_history_cache = 250
  105. Wed Apr 16 22:04:12 2008 us=833533   management_echo_buffer_size = 100
  106. Wed Apr 16 22:04:12 2008 us=833546   management_query_passwords = DISABLED
  107. Wed Apr 16 22:04:12 2008 us=833558   management_hold = DISABLED
  108. Wed Apr 16 22:04:12 2008 us=833575   management_client = DISABLED
  109. Wed Apr 16 22:04:12 2008 us=833588   management_write_peer_info_file = '[UNDEF]'
  110. Wed Apr 16 22:04:12 2008 us=833601   shared_secret_file = '[UNDEF]'
  111. Wed Apr 16 22:04:12 2008 us=833618   key_direction = 0
  112. Wed Apr 16 22:04:12 2008 us=833630   ciphername_defined = ENABLED
  113. Wed Apr 16 22:04:12 2008 us=833645   ciphername = 'BF-CBC'
  114. Wed Apr 16 22:04:12 2008 us=833660   authname_defined = ENABLED
  115. Wed Apr 16 22:04:12 2008 us=833674   authname = 'SHA1'
  116. Wed Apr 16 22:04:12 2008 us=833686   keysize = 0
  117. Wed Apr 16 22:04:12 2008 us=833702   engine = DISABLED
  118. Wed Apr 16 22:04:12 2008 us=833715   replay = ENABLED
  119. Wed Apr 16 22:04:12 2008 us=833727   mute_replay_warnings = DISABLED
  120. Wed Apr 16 22:04:12 2008 us=833743   replay_window = 0
  121. Wed Apr 16 22:04:12 2008 us=833756   replay_time = 0
  122. Wed Apr 16 22:04:12 2008 us=833768   packet_id_file = '[UNDEF]'
  123. Wed Apr 16 22:04:12 2008 us=833783   use_iv = ENABLED
  124. Wed Apr 16 22:04:12 2008 us=833796   test_crypto = DISABLED
  125. Wed Apr 16 22:04:12 2008 us=833812   tls_server = DISABLED
  126. Wed Apr 16 22:04:12 2008 us=833825   tls_client = ENABLED
  127. Wed Apr 16 22:04:12 2008 us=833837   key_method = 2
  128. Wed Apr 16 22:04:12 2008 us=833852   ca_file = '/etc/openvpn/ca.crt'
  129. Wed Apr 16 22:04:12 2008 us=833865   ca_path = '[UNDEF]'
  130. Wed Apr 16 22:04:12 2008 us=833878   dh_file = '[UNDEF]'
  131. Wed Apr 16 22:04:12 2008 us=833895   cert_file = '/etc/openvpn/clientPortableAcer.crt'
  132. Wed Apr 16 22:04:12 2008 us=833908   priv_key_file = '/etc/openvpn/clientPortableAcer.key'
  133. Wed Apr 16 22:04:12 2008 us=833921   pkcs12_file = '[UNDEF]'
  134. Wed Apr 16 22:04:12 2008 us=833936   cipher_list = '[UNDEF]'
  135. Wed Apr 16 22:04:12 2008 us=833949   tls_verify = '[UNDEF]'
  136. Wed Apr 16 22:04:12 2008 us=833961   tls_remote = '[UNDEF]'
  137. Wed Apr 16 22:04:12 2008 us=833978   crl_file = '[UNDEF]'
  138. Wed Apr 16 22:04:12 2008 us=833991   ns_cert_type = 0
  139. Wed Apr 16 22:04:12 2008 us=834003   remote_cert_ku[i] = 0
  140. Wed Apr 16 22:04:12 2008 us=834018   remote_cert_ku[i] = 0
  141. Wed Apr 16 22:04:12 2008 us=834031   remote_cert_ku[i] = 0
  142. Wed Apr 16 22:04:12 2008 us=834043   remote_cert_ku[i] = 0
  143. Wed Apr 16 22:04:12 2008 us=834058   remote_cert_ku[i] = 0
  144. Wed Apr 16 22:04:12 2008 us=834070   remote_cert_ku[i] = 0
  145. Wed Apr 16 22:04:12 2008 us=834082   remote_cert_ku[i] = 0
  146. Wed Apr 16 22:04:12 2008 us=834098   remote_cert_ku[i] = 0
  147. Wed Apr 16 22:04:12 2008 us=834111   remote_cert_ku[i] = 0
  148. Wed Apr 16 22:04:12 2008 us=834122   remote_cert_ku[i] = 0
  149. Wed Apr 16 22:04:12 2008 us=834138   remote_cert_ku[i] = 0
  150. Wed Apr 16 22:04:12 2008 us=834150   remote_cert_ku[i] = 0
  151. Wed Apr 16 22:04:12 2008 us=834164   remote_cert_ku[i] = 0
  152. Wed Apr 16 22:04:12 2008 us=834180   remote_cert_ku[i] = 0
  153. Wed Apr 16 22:04:12 2008 us=834193   remote_cert_ku[i] = 0
  154. Wed Apr 16 22:04:12 2008 us=834205   remote_cert_ku[i] = 0
  155. Wed Apr 16 22:04:12 2008 us=834221   remote_cert_eku = '[UNDEF]'
  156. Wed Apr 16 22:04:12 2008 us=834234   tls_timeout = 2
  157. Wed Apr 16 22:04:12 2008 us=834246   renegotiate_bytes = 0
  158. Wed Apr 16 22:04:12 2008 us=834262   renegotiate_packets = 0
  159. Wed Apr 16 22:04:12 2008 us=834275   renegotiate_seconds = 3600
  160. Wed Apr 16 22:04:12 2008 us=834287   handshake_window = 60
  161. Wed Apr 16 22:04:12 2008 us=834303   transition_window = 3600
  162. Wed Apr 16 22:04:12 2008 us=834316   single_session = DISABLED
  163. Wed Apr 16 22:04:12 2008 us=834328   tls_exit = DISABLED
  164. Wed Apr 16 22:04:12 2008 us=834344   tls_auth_file = '[UNDEF]'
  165. Wed Apr 16 22:04:12 2008 us=834358   pkcs11_protected_authentication = DISABLED
  166. Wed Apr 16 22:04:12 2008 us=834370   pkcs11_protected_authentication = DISABLED
  167. Wed Apr 16 22:04:12 2008 us=834386   pkcs11_protected_authentication = DISABLED
  168. Wed Apr 16 22:04:12 2008 us=834399   pkcs11_protected_authentication = DISABLED
  169. Wed Apr 16 22:04:12 2008 us=834411   pkcs11_protected_authentication = DISABLED
  170. Wed Apr 16 22:04:12 2008 us=834427   pkcs11_protected_authentication = DISABLED
  171. Wed Apr 16 22:04:12 2008 us=834440   pkcs11_protected_authentication = DISABLED
  172. Wed Apr 16 22:04:12 2008 us=834452   pkcs11_protected_authentication = DISABLED
  173. Wed Apr 16 22:04:12 2008 us=834468   pkcs11_protected_authentication = DISABLED
  174. Wed Apr 16 22:04:12 2008 us=834481   pkcs11_protected_authentication = DISABLED
  175. Wed Apr 16 22:04:12 2008 us=834494   pkcs11_protected_authentication = DISABLED
  176. Wed Apr 16 22:04:12 2008 us=834509   pkcs11_protected_authentication = DISABLED
  177. Wed Apr 16 22:04:12 2008 us=834522   pkcs11_protected_authentication = DISABLED
  178. Wed Apr 16 22:04:12 2008 us=834534   pkcs11_protected_authentication = DISABLED
  179. Wed Apr 16 22:04:12 2008 us=834550   pkcs11_protected_authentication = DISABLED
  180. Wed Apr 16 22:04:12 2008 us=834564   pkcs11_protected_authentication = DISABLED
  181. Wed Apr 16 22:04:12 2008 us=834576   pkcs11_cert_private = DISABLED
  182. Wed Apr 16 22:04:12 2008 us=834592   pkcs11_cert_private = DISABLED
  183. Wed Apr 16 22:04:12 2008 us=834605   pkcs11_cert_private = DISABLED
  184. Wed Apr 16 22:04:12 2008 us=834617   pkcs11_cert_private = DISABLED
  185. Wed Apr 16 22:04:12 2008 us=834633   pkcs11_cert_private = DISABLED
  186. Wed Apr 16 22:04:12 2008 us=834646   pkcs11_cert_private = DISABLED
  187. Wed Apr 16 22:04:12 2008 us=834658   pkcs11_cert_private = DISABLED
  188. Wed Apr 16 22:04:12 2008 us=834673   pkcs11_cert_private = DISABLED
  189. Wed Apr 16 22:04:12 2008 us=834686   pkcs11_cert_private = DISABLED
  190. Wed Apr 16 22:04:12 2008 us=834698   pkcs11_cert_private = DISABLED
  191. Wed Apr 16 22:04:12 2008 us=834714   pkcs11_cert_private = DISABLED
  192. Wed Apr 16 22:04:12 2008 us=834727   pkcs11_cert_private = DISABLED
  193. Wed Apr 16 22:04:12 2008 us=834738   pkcs11_cert_private = DISABLED
  194. Wed Apr 16 22:04:12 2008 us=834754   pkcs11_cert_private = DISABLED
  195. Wed Apr 16 22:04:12 2008 us=834767   pkcs11_cert_private = DISABLED
  196. Wed Apr 16 22:04:12 2008 us=834779   pkcs11_cert_private = DISABLED
  197. Wed Apr 16 22:04:12 2008 us=834792   pkcs11_pin_cache_period = -1
  198. Wed Apr 16 22:04:12 2008 us=834805   pkcs11_slot_type = '[UNDEF]'
  199. Wed Apr 16 22:04:12 2008 us=834818   pkcs11_slot = '[UNDEF]'
  200. Wed Apr 16 22:04:12 2008 us=834830   pkcs11_id_type = '[UNDEF]'
  201. Wed Apr 16 22:04:12 2008 us=834846   pkcs11_id = '[UNDEF]'
  202. Wed Apr 16 22:04:12 2008 us=834870   server_network = 0.0.0.0
  203. Wed Apr 16 22:04:12 2008 us=834889   server_netmask = 0.0.0.0
  204. Wed Apr 16 22:04:12 2008 us=834902   server_bridge_ip = 0.0.0.0
  205. Wed Apr 16 22:04:12 2008 us=834919   server_bridge_netmask = 0.0.0.0
  206. Wed Apr 16 22:04:12 2008 us=834936   server_bridge_pool_start = 0.0.0.0
  207. Wed Apr 16 22:04:12 2008 us=834950   server_bridge_pool_end = 0.0.0.0
  208. Wed Apr 16 22:04:12 2008 us=834964   ifconfig_pool_defined = DISABLED
  209. Wed Apr 16 22:04:12 2008 us=834981   ifconfig_pool_start = 0.0.0.0
  210. Wed Apr 16 22:04:12 2008 us=834994   ifconfig_pool_end = 0.0.0.0
  211. Wed Apr 16 22:04:12 2008 us=835009   ifconfig_pool_netmask = 0.0.0.0
  212. Wed Apr 16 22:04:12 2008 us=835025   ifconfig_pool_persist_filename = '[UNDEF]'
  213. Wed Apr 16 22:04:12 2008 us=835038   ifconfig_pool_persist_refresh_freq = 600
  214. Wed Apr 16 22:04:12 2008 us=835050   n_bcast_buf = 256
  215. Wed Apr 16 22:04:12 2008 us=835066   tcp_queue_limit = 64
  216. Wed Apr 16 22:04:12 2008 us=835079   real_hash_size = 256
  217. Wed Apr 16 22:04:12 2008 us=835092   virtual_hash_size = 256
  218. Wed Apr 16 22:04:12 2008 us=835108   client_connect_script = '[UNDEF]'
  219. Wed Apr 16 22:04:12 2008 us=835121   learn_address_script = '[UNDEF]'
  220. Wed Apr 16 22:04:12 2008 us=835133   client_disconnect_script = '[UNDEF]'
  221. Wed Apr 16 22:04:12 2008 us=835149   client_config_dir = '[UNDEF]'
  222. Wed Apr 16 22:04:12 2008 us=835162   ccd_exclusive = DISABLED
  223. Wed Apr 16 22:04:12 2008 us=835174   tmp_dir = '[UNDEF]'
  224. Wed Apr 16 22:04:12 2008 us=835190   push_ifconfig_defined = DISABLED
  225. Wed Apr 16 22:04:12 2008 us=835205   push_ifconfig_local = 0.0.0.0
  226. Wed Apr 16 22:04:12 2008 us=835221   push_ifconfig_remote_netmask = 0.0.0.0
  227. Wed Apr 16 22:04:12 2008 us=835236   enable_c2c = DISABLED
  228. Wed Apr 16 22:04:12 2008 us=835250   duplicate_cn = DISABLED
  229. Wed Apr 16 22:04:12 2008 us=835262   cf_max = 0
  230. Wed Apr 16 22:04:12 2008 us=835278   cf_per = 0
  231. Wed Apr 16 22:04:12 2008 us=835292   max_clients = 1024
  232. Wed Apr 16 22:04:12 2008 us=835305   max_routes_per_client = 256
  233. Wed Apr 16 22:04:12 2008 us=835317   client_cert_not_required = DISABLED
  234. Wed Apr 16 22:04:12 2008 us=835330   username_as_common_name = DISABLED
  235. Wed Apr 16 22:04:12 2008 us=835346   auth_user_pass_verify_script = '[UNDEF]'
  236. Wed Apr 16 22:04:12 2008 us=835360   auth_user_pass_verify_script_via_file = DISABLED
  237. Wed Apr 16 22:04:12 2008 us=835372   port_share_host = '[UNDEF]'
  238. Wed Apr 16 22:04:12 2008 us=835388   port_share_port = 0
  239. Wed Apr 16 22:04:12 2008 us=835401   client = DISABLED
  240. Wed Apr 16 22:04:12 2008 us=835413   pull = DISABLED
  241. Wed Apr 16 22:04:12 2008 us=835429   auth_user_pass_file = '[UNDEF]'
  242. Wed Apr 16 22:04:12 2008 us=835444 OpenVPN 2.1_rc4 i586-mandriva-linux-gnu [SSL] [LZO2] [EPOLL] built on Dec  6 2007
  243. Wed Apr 16 22:04:12 2008 us=835517 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
  244. Wed Apr 16 22:04:12 2008 us=914588 LZO compression initialized
  245. Wed Apr 16 22:04:12 2008 us=914641 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1400)
  246. Wed Apr 16 22:04:12 2008 us=914814 Control Channel MTU parms [ L:1444 D:140 EF:40 EB:0 ET:0 EL:0 ]
  247. Wed Apr 16 22:04:13 2008 us=309390 TUN/TAP device tun1 opened
  248. Wed Apr 16 22:04:13 2008 us=309436 TUN/TAP TX queue length set to 100
  249. Wed Apr 16 22:04:13 2008 us=309488 Data Channel MTU parms [ L:1444 D:1444 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
  250. Wed Apr 16 22:04:13 2008 us=309533 Local Options String: 'V4,dev-type tun,link-mtu 1444,tun-mtu 1400,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
  251. Wed Apr 16 22:04:13 2008 us=309546 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1444,tun-mtu 1400,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
  252. Wed Apr 16 22:04:13 2008 us=309581 Local Options hash (VER=V4): '7dfc3732'
  253. Wed Apr 16 22:04:13 2008 us=309602 Expected Remote Options hash (VER=V4): '347277f0'
  254. Wed Apr 16 22:04:13 2008 us=309628 Attempting to establish TCP connection with XX.XX.XX.XX:1194 [nonblock]
  255. Wed Apr 16 22:04:14 2008 us=309781 TCP: connect to XX.XX.XX.XX:1194 failed, will try again in 5 seconds: Connection refuse


 
 
Voila si y a besoin de n'importe quel autre précision n'hésite pas !
 
Merci

n°1033955
Walk_Man
To live is to die.
Posté le 16-04-2008 à 23:29:00  profilanswer
 

Tu devrais passer tes logs en verb 3 déjà, ca suffirait LARGEMENT, là du verb 5 ca rajoute trop de truc inutile qui te font gonfler tes logs pour pas grand chose.
 
Et donc là, on voit bien que ton client n'arrive pas à contacter ton serveur, déjà coté serveur aucune emprunte n'est présente de la tentative, et coté client on voit bien l'erreur  
 
"will try again in 5 seconds: Connection refuse"
 
As-tu tenté de router le port 1194 de ta livebox vers ton poste officiant en tant que serveur chez toi ? As-tu ouvert le port 1194 sur ton iptables (je présume que c'est iptables) ?


---------------
¡ Viva la Revolución !
n°1034248
Profil sup​primé
Posté le 17-04-2008 à 16:24:45  answer
 

Bonjour !
 
Alors sur mon PC serveur j'ai bien ouvert le port 1194 en tcp sur iptables via l'assistant drakconf (mandriva 2008) .
Sur ma livebox j'ai autoriser le port 1194 en tcp vers l'adresse 10.8.0.1 ( tun0 ) mais ce que je me demandai c'est que vu que mon PC est connecter a internet via ma livebox sur eth0 ( 192.168.1.20 ) est ce qu'il y a du routage a faire sur le PC serveur ?'


Message édité par Profil supprimé le 17-04-2008 à 16:26:29
n°1034316
Walk_Man
To live is to die.
Posté le 17-04-2008 à 17:23:57  profilanswer
 

Tu autorise l'ip VPN sur ta livebox, l'interface tun0 (virtuelle) travaille sur l'interface eth0 (physique), tu dois router le port 1194 sur ton adresse 192.168.1.20.


---------------
¡ Viva la Revolución !
mood
Publicité
Posté le 17-04-2008 à 17:23:57  profilanswer
 

n°1034322
Profil sup​primé
Posté le 17-04-2008 à 17:29:07  answer
 

J'ai changer ce que tu ma dit sur la livebox mais j'ai toujours le même problème

n°1034352
Walk_Man
To live is to die.
Posté le 17-04-2008 à 18:47:37  profilanswer
 

si tu veux, donne moi ton adresse publique en mp que je te scan et vois ce que ca donne.
 
Mais en gros internet 1194 > livebox 1194 > chez toi 1194 = 192.168.1.20
 
Et si ensuite ton firewall est ouvert et ton applis (vu les logs c'est bon) sont pret à recevoir des requetes sur le 1194 il ne devrait pas y avoir de probleme.


---------------
¡ Viva la Revolución !

Aller à :
Ajouter une réponse
  FORUM HardWare.fr
  Linux et OS Alternatifs
  réseaux et sécurité

  Mise en place d'openvpn sous linux

 

Sujets relatifs
spanning tree sous linuxDD multimédia + installation distrub linux
memoire 4 Go et plus : linux 32 ou 64 bitsCECI N'A PAS SA PLACE DANS LA SECTION WIFI (MARRE DES ADMINS IDIOTS)
Webcam qui marche bien sous linuxLinux : HTML --> PDF
Mise en place de quotas d'impression. 
Plus de sujets relatifs à : Mise en place d'openvpn sous linux

Forum MesDiscussions.Net, Version 2010.2
(c) 2000-2011 Doctissimo
Page générée en 0.273 secondes

Copyright © 1997-2022 Hardware.fr SARL (Signaler un contenu illicite / Données personnelles) / Groupe LDLC / Shop HFR