Hallo Leute!
Ich erreiche trotz erfolgreich aufgebauter Verbindung den Server nicht unter der Server-VPN-IP (192.168.0.0)
Egal ob SSH, HTTP, MySQL - nichts geht über die IPFirefox kann keine Verbindung zu dem Server unter 192.168.0.0 aufbauen.
Meine lokale IP: 10.0.0.5/255.255.255.0
Meine VPN-IP: 192.168.0.2/255.255.255.252
So sieht meine server.conf aus:
Code:# Port port 1194 # TCP oder UDP? #proto tcp-server proto udp mode server tls-server # tun oder tap? # Das tun Device erstellt einen IP Tunnel, # während das tap Device einen Ethernet Tunnel erstellt. #tun or tap device #tun is an IP tunnel, #tap an ethernet tunnel dev tun #Our Server IP ifconfig 192.168.0.0 192.168.0.2 #dynamic clients ifconfig-pool 192.168.0.3 192.168.0.254 #Die pakete werden auf dieser größe gekapselt tun-mtu 1500 fragment 1300 mssfix #Paths to the certs ca /etc/openvpn/certs/ca.crt cert /etc/openvpn/certs/server.crt key /etc/openvpn/certs/server.key #Clients können miteinander kommunizieren #client-to-client #Diffie-Hellmann Parameters dh /etc/openvpn/certs/dh1024.pem #Same Ip in the next session #ifconfig-pool-persist ipp.txt # Der Client wird angewiesen das Netz zu routen: push "route 192.168.0.0 255.255.255.252" #iroute 192.168.5.128 255.255.255.252 # Der Server wird angewiesen das Netz einzubinden: route 192.168.0.0 255.255.255.252 #Tests the connection with a ping like paket. (wait=120sec) keepalive 10 120 #Authenication auth SHA1 #Our encryption algorithm cipher AES-256-CBC #openvpn --show-ciphers for testing #comp comp-lzo #Sets new rights after the connection user nobody group nogroup #We need this because of user nobody/group nobody. persist-key persist-tun #Logging 0, (testing:5) verb 3
Client client1.ovpn:
Code:client float dev tun tun-mtu 1500 fragment 1300 mssfix # Der Name des tun/tap Devices in der # Netzwerkkonfiguration. dev-node VPN proto udp remote # 1194 ca ca.crt cert client1.crt key client1.key auth SHA1 cipher aes-256-cbc nobind comp-lzo persist-key persist-tun verb 3
Reconnect:
Code:Fri Nov 28 06:26:48 2008 TCP/UDP: Closing socket Fri Nov 28 06:26:48 2008 C:\WINDOWS\system32\route.exe DELETE 192.168.0.0 MASK 255.255.255.252 192.168.0.1 Fri Nov 28 06:26:48 2008 Route deletion via IPAPI succeeded [adaptive] Fri Nov 28 06:26:48 2008 Closing TUN/TAP interface Fri Nov 28 06:26:48 2008 SIGTERM[hard,] received, process exiting Fri Nov 28 06:26:48 2008 OpenVPN 2.1_rc15 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Nov 19 2008 Fri Nov 28 06:26:48 2008 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Fri Nov 28 06:26:48 2008 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Fri Nov 28 06:26:48 2008 LZO compression initialized Fri Nov 28 06:26:48 2008 Control Channel MTU parms [ L:1562 D:138 EF:38 EB:0 ET:0 EL:0 ] Fri Nov 28 06:26:48 2008 Data Channel MTU parms [ L:1562 D:1300 EF:62 EB:135 ET:0 EL:0 AF:3/1 ] Fri Nov 28 06:26:48 2008 Fragmentation MTU parms [ L:1562 D:1300 EF:61 EB:135 ET:1 EL:0 AF:3/1 ] Fri Nov 28 06:26:48 2008 Local Options hash (VER=V4): 'caff5189' Fri Nov 28 06:26:48 2008 Expected Remote Options hash (VER=V4): '43a81564' Fri Nov 28 06:26:48 2008 Socket Buffers: R=[8192->8192] S=[8192->8192] Fri Nov 28 06:26:48 2008 UDPv4 link local: [undef] Fri Nov 28 06:26:48 2008 UDPv4 link remote: #:1194 Fri Nov 28 06:26:48 2008 TLS: Initial packet from #:1194, sid=063a7626 094cc20e Fri Nov 28 06:26:49 2008 VERIFY OK: # Fri Nov 28 06:26:49 2008 VERIFY OK: # Fri Nov 28 06:26:49 2008 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Fri Nov 28 06:26:49 2008 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Fri Nov 28 06:26:49 2008 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Fri Nov 28 06:26:49 2008 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Fri Nov 28 06:26:49 2008 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Fri Nov 28 06:26:49 2008 [server] Peer Connection Initiated with #:1194 Fri Nov 28 06:26:50 2008 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) Fri Nov 28 06:26:50 2008 PUSH: Received control message: 'PUSH_REPLY,route 192.168.0.0 255.255.255.252,ping 10,ping-restart 120,ifconfig 192.168.0.2 192.168.0.1' Fri Nov 28 06:26:50 2008 OPTIONS IMPORT: timers and/or timeouts modified Fri Nov 28 06:26:50 2008 OPTIONS IMPORT: --ifconfig/up options modified Fri Nov 28 06:26:50 2008 OPTIONS IMPORT: route options modified Fri Nov 28 06:26:50 2008 ROUTE default_gateway=10.0.0.138 Fri Nov 28 06:26:50 2008 TAP-WIN32 device [VPN] opened: \\.\Global\{1BD5244E-E6BB-41A4-813A-E53FEF87A55C}.tap Fri Nov 28 06:26:50 2008 TAP-Win32 Driver Version 9.4 Fri Nov 28 06:26:50 2008 TAP-Win32 MTU=1500 Fri Nov 28 06:26:50 2008 Notified TAP-Win32 driver to set a DHCP IP/netmask of 192.168.0.2/255.255.255.252 on interface {1BD5244E-E6BB-41A4-813A-E53FEF87A55C} [DHCP-serv: 192.168.0.1, lease-time: 31536000] Fri Nov 28 06:26:50 2008 Successful ARP Flush on interface [3] {1BD5244E-E6BB-41A4-813A-E53FEF87A55C} Fri Nov 28 06:26:55 2008 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up Fri Nov 28 06:26:55 2008 C:\WINDOWS\system32\route.exe ADD 192.168.0.0 MASK 255.255.255.252 192.168.0.1 Fri Nov 28 06:26:55 2008 Route addition via IPAPI succeeded [adaptive] Fri Nov 28 06:26:55 2008 Initialization Sequence Completed
Bitte um eure Hilfe
MLG, wOu
Lesezeichen