bbatman
23.01.06, 11:36
Moin,
also ich habe ein Problem,
ich möchte von meinem LINUX Server der auch Gateway ins Internet ist über VPN ins Internet kommen, alles funktioniert, er zeig das er eine Verbindung hat, aber leider kann ich keinen rechner erreichen, woran kann das liegen?
Server.conf
--daemon
port 1194
proto tcp
dev tap0
ca /usr/src/openvpn-2.0.2/easy-rsa/keys/ca.crt
cert /usr/src/openvpn-2.0.2/easy-rsa/keys/intern.crt
key /usr/src/openvpn-2.0.2/easy-rsa/keys/intern.key # This file should be kept secret
dh /usr/src/openvpn-2.0.2/easy-rsa/keys/dh2048.pem
server-bridge 192.168.1.2 255.255.255.0 192.168.1.200 192.168.1.219
ifconfig-pool-persist ipp.txt
client-to-client
keepalive 10 120
comp-lzo
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
log openvpn.log
log-append openvpn.log
verb 6
bridgestart.sh
#!/bin/bash
#################################
# Set up Ethernet bridge on Linu
# Requires: bridge-utils
#################################
# Define Bridge Interface
br="br0"
# Define list of TAP interfaces to be bridged,
# for example tap="tap0 tap1 tap2".
tap="tap0"
# Define physical ethernet interface to be bridged
# with TAP interface(s) above.
eth="eth0"
eth_ip="192.168.1.2"
eth_netmask="255.255.255.0"
eth_broadcast="192.168.1.255"
for t in $tap; do
openvpn --mktun --dev $t
done
brctl addbr $br
brctl addif $br $eth
for t in $tap; do
brctl addif $br $t
done
for t in $tap; do
ifconfig $t 0.0.0.0 promisc up
done
ifconfig $eth 0.0.0.0 promisc up
ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast
client.conf
client
dev tap
dev-node tap1
proto tcp
remote xxx.xxx.xxx.xxx 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert ikarus.crt
key ikarus.key
comp-lzo
verb 3
ifconfig
br0 Protokoll:Ethernet Hardware Adresse 00:0B:6A:28:53:D4
inet Adresse:192.168.1.2 Bcast:192.168.1.255 Maske:255.255.255.0
inet6 Adresse: fe80::20b:6aff:fe28:53d4/64 Gültigkeitsbereich:Verbindung
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3184 errors:0 dropped:0 overruns:0 frame:0
TX packets:2711 errors:0 dropped:0 overruns:0 carrier:0
Kollisionen:0 Sendewarteschlangenlänge:0
RX bytes:223541 (218.3 KiB) TX bytes:327500 (319.8 KiB)
eth0 Protokoll:Ethernet Hardware Adresse 00:0B:6A:28:53:D4
inet6 Adresse: fe80::20b:6aff:fe28:53d4/64 Gültigkeitsbereich:Verbindung
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:3257 errors:0 dropped:0 overruns:0 frame:0
TX packets:2734 errors:0 dropped:0 overruns:0 carrier:0
Kollisionen:0 Sendewarteschlangenlänge:1000
RX bytes:282607 (275.9 KiB) TX bytes:331273 (323.5 KiB)
Interrupt:11 Basisadresse:0xd00
eth1 Protokoll:Ethernet Hardware Adresse 00:08:54:04:76:1A
inet Adresse:xxx.xxx.xxx.xxx Bcast:xxx.xxx.xxx.xxx Maske:255.255.255.240
inet6 Adresse: fe80::208:54ff:fe04:761a/64 Gültigkeitsbereich:Verbindung
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1755 errors:0 dropped:0 overruns:0 frame:0
TX packets:678 errors:0 dropped:0 overruns:0 carrier:0
Kollisionen:0 Sendewarteschlangenlänge:1000
RX bytes:182630 (178.3 KiB) TX bytes:80038 (78.1 KiB)
Interrupt:10 Basisadresse:0xec00
lo Protokoll:Lokale Schleife
inet Adresse:127.0.0.1 Maske:255.0.0.0
inet6 Adresse: ::1/128 Gültigkeitsbereich:Maschine
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:53 errors:0 dropped:0 overruns:0 frame:0
TX packets:53 errors:0 dropped:0 overruns:0 carrier:0
Kollisionen:0 Sendewarteschlangenlänge:0
RX bytes:4084 (3.9 KiB) TX bytes:4084 (3.9 KiB)
openvpn ausgabe(start)
[root@herkules openvpn]# openvpn server.conf
Mon Jan 23 12:55:34 2006 us=82780 Current Parameter Settings:
Mon Jan 23 12:55:34 2006 us=83784 config = 'server.conf'
Mon Jan 23 12:55:34 2006 us=84214 mode = 1
Mon Jan 23 12:55:34 2006 us=84712 persist_config = DISABLED
Mon Jan 23 12:55:34 2006 us=85124 persist_mode = 1
Mon Jan 23 12:55:34 2006 us=85533 show_ciphers = DISABLED
Mon Jan 23 12:55:34 2006 us=86020 show_digests = DISABLED
Mon Jan 23 12:55:34 2006 us=86520 show_engines = DISABLED
Mon Jan 23 12:55:34 2006 us=86919 genkey = DISABLED
Mon Jan 23 12:55:34 2006 us=87289 key_pass_file = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=87817 show_tls_ciphers = DISABLED
Mon Jan 23 12:55:34 2006 us=88286 proto = 1
Mon Jan 23 12:55:34 2006 us=88728 local = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=89099 remote_list = NULL
Mon Jan 23 12:55:34 2006 us=89632 remote_random = DISABLED
Mon Jan 23 12:55:34 2006 us=90108 local_port = 1194
Mon Jan 23 12:55:34 2006 us=90557 remote_port = 1194
Mon Jan 23 12:55:34 2006 us=90908 remote_float = DISABLED
Mon Jan 23 12:55:34 2006 us=91277 ipchange = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=91701 bind_local = ENABLED
Mon Jan 23 12:55:34 2006 us=92030 dev = 'tap0'
Mon Jan 23 12:55:34 2006 us=92361 dev_type = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=92809 dev_node = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=93289 tun_ipv6 = DISABLED
Mon Jan 23 12:55:34 2006 us=93742 ifconfig_local = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=94134 ifconfig_remote_netmask = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=94675 ifconfig_noexec = DISABLED
Mon Jan 23 12:55:34 2006 us=95147 ifconfig_nowarn = DISABLED
Mon Jan 23 12:55:34 2006 us=95606 shaper = 0
Mon Jan 23 12:55:34 2006 us=95978 tun_mtu = 1500
Mon Jan 23 12:55:34 2006 us=96482 tun_mtu_defined = ENABLED
Mon Jan 23 12:55:34 2006 us=96951 link_mtu = 1500
Mon Jan 23 12:55:34 2006 us=97384 link_mtu_defined = DISABLED
Mon Jan 23 12:55:34 2006 us=97766 tun_mtu_extra = 32
Mon Jan 23 12:55:34 2006 us=98237 tun_mtu_extra_defined = ENABLED
Mon Jan 23 12:55:34 2006 us=98745 fragment = 0
Mon Jan 23 12:55:34 2006 us=99148 mtu_discover_type = -1
Mon Jan 23 12:55:34 2006 us=99565 mtu_test = 0
Mon Jan 23 12:55:34 2006 us=100039 mlock = DISABLED
Mon Jan 23 12:55:34 2006 us=100542 keepalive_ping = 10
Mon Jan 23 12:55:34 2006 us=100935 keepalive_timeout = 120
Mon Jan 23 12:55:34 2006 us=101301 inactivity_timeout = 0
Mon Jan 23 12:55:34 2006 us=101831 ping_send_timeout = 10
Mon Jan 23 12:55:34 2006 us=102299 ping_rec_timeout = 240
Mon Jan 23 12:55:34 2006 us=102739 ping_rec_timeout_action = 2
Mon Jan 23 12:55:34 2006 us=103113 ping_timer_remote = DISABLED
Mon Jan 23 12:55:34 2006 us=103635 remap_sigusr1 = 0
Mon Jan 23 12:55:34 2006 us=104096 explicit_exit_notification = 0
Mon Jan 23 12:55:34 2006 us=104538 persist_tun = ENABLED
Mon Jan 23 12:55:34 2006 us=104931 persist_local_ip = DISABLED
Mon Jan 23 12:55:34 2006 us=105391 persist_remote_ip = DISABLED
Mon Jan 23 12:55:34 2006 us=105766 persist_key = ENABLED
Mon Jan 23 12:55:34 2006 us=106099 mssfix = 1450
Mon Jan 23 12:55:34 2006 us=106431 passtos = DISABLED
Mon Jan 23 12:55:34 2006 us=106848 resolve_retry_seconds = 1000000000
Mon Jan 23 12:55:34 2006 us=107388 connect_retry_seconds = 5
Mon Jan 23 12:55:34 2006 us=107802 username = 'nobody'
Mon Jan 23 12:55:34 2006 us=108179 groupname = 'nobody'
Mon Jan 23 12:55:34 2006 us=108728 chroot_dir = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=109211 cd_dir = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=109656 writepid = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=110030 up_script = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=110558 down_script = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=111030 down_pre = DISABLED
Mon Jan 23 12:55:34 2006 us=111467 up_restart = DISABLED
Mon Jan 23 12:55:34 2006 us=111842 up_delay = DISABLED
Mon Jan 23 12:55:34 2006 us=112368 daemon = DISABLED
Mon Jan 23 12:55:34 2006 us=112845 inetd = 0
Mon Jan 23 12:55:34 2006 us=113241 log = DISABLED
Mon Jan 23 12:55:34 2006 us=113655 suppress_timestamps = DISABLED
Mon Jan 23 12:55:34 2006 us=114145 nice = 0
Mon Jan 23 12:55:34 2006 us=114656 verbosity = 6
Mon Jan 23 12:55:34 2006 us=115067 mute = 0
Mon Jan 23 12:55:34 2006 us=115483 gremlin = 0
Mon Jan 23 12:55:34 2006 us=115962 status_file = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=116461 status_file_version = 1
Mon Jan 23 12:55:34 2006 us=116868 status_file_update_freq = 60
Mon Jan 23 12:55:34 2006 us=117236 occ = ENABLED
Mon Jan 23 12:55:34 2006 us=117769 rcvbuf = 65536
Mon Jan 23 12:55:34 2006 us=118236 sndbuf = 65536
Mon Jan 23 12:55:34 2006 us=118681 socks_proxy_server = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=119062 socks_proxy_port = 0
Mon Jan 23 12:55:34 2006 us=119515 socks_proxy_retry = DISABLED
Mon Jan 23 12:55:34 2006 us=119888 fast_io = DISABLED
Mon Jan 23 12:55:34 2006 us=120215 comp_lzo = ENABLED
Mon Jan 23 12:55:34 2006 us=120554 comp_lzo_adaptive = ENABLED
Mon Jan 23 12:55:34 2006 us=120933 route_script = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=121465 route_default_gateway = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=121881 route_noexec = DISABLED
Mon Jan 23 12:55:34 2006 us=122261 route_delay = 0
Mon Jan 23 12:55:34 2006 us=122792 route_delay_window = 30
Mon Jan 23 12:55:34 2006 us=123259 route_delay_defined = DISABLED
Mon Jan 23 12:55:34 2006 us=123714 management_addr = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=124089 management_port = 0
Mon Jan 23 12:55:34 2006 us=124586 management_user_pass = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=125069 management_log_history_cache = 250
Mon Jan 23 12:55:34 2006 us=125524 management_echo_buffer_size = 100
Mon Jan 23 12:55:34 2006 us=125897 management_query_passwords = DISABLED
Mon Jan 23 12:55:34 2006 us=126404 management_hold = DISABLED
Mon Jan 23 12:55:34 2006 us=126877 shared_secret_file = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=127286 key_direction = 0
Mon Jan 23 12:55:34 2006 us=127703 ciphername_defined = ENABLED
Mon Jan 23 12:55:34 2006 us=128187 ciphername = 'BF-CBC'
Mon Jan 23 12:55:34 2006 us=128699 authname_defined = ENABLED
Mon Jan 23 12:55:34 2006 us=129109 authname = 'SHA1'
Mon Jan 23 12:55:34 2006 us=129527 keysize = 0
Mon Jan 23 12:55:34 2006 us=130011 engine = DISABLED
Mon Jan 23 12:55:34 2006 us=130513 replay = ENABLED
Mon Jan 23 12:55:34 2006 us=130914 mute_replay_warnings = DISABLED
Mon Jan 23 12:55:34 2006 us=131294 replay_window = 0
Mon Jan 23 12:55:34 2006 us=131823 replay_time = 0
Mon Jan 23 12:55:34 2006 us=132284 packet_id_file = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=133998 use_iv = ENABLED
Mon Jan 23 12:55:34 2006 us=134300 test_crypto = DISABLED
Mon Jan 23 12:55:34 2006 us=134717 tls_server = ENABLED
Mon Jan 23 12:55:34 2006 us=135106 tls_client = DISABLED
Mon Jan 23 12:55:34 2006 us=135782 key_method = 2
Mon Jan 23 12:55:34 2006 us=136161 ca_file = '/usr/src/openvpn-2.0.2/easy-rsa/keys/ca.crt'
Mon Jan 23 12:55:34 2006 us=136719 dh_file = '/usr/src/openvpn-2.0.2/easy-rsa/keys/dh2048.pem'
Mon Jan 23 12:55:34 2006 us=137192 cert_file = '/usr/src/openvpn-2.0.2/easy-rsa/keys/intern.crt'
Mon Jan 23 12:55:34 2006 us=137702 priv_key_file = '/usr/src/openvpn-2.0.2/easy-rsa/keys/intern.key'
Mon Jan 23 12:55:34 2006 us=138084 pkcs12_file = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=138597 cipher_list = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=139065 tls_verify = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=139516 tls_remote = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=139891 crl_file = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=140411 ns_cert_type = 0
Mon Jan 23 12:55:34 2006 us=140890 tls_timeout = 2
Mon Jan 23 12:55:34 2006 us=141302 renegotiate_bytes = 0
Mon Jan 23 12:55:34 2006 us=141722 renegotiate_packets = 0
Mon Jan 23 12:55:34 2006 us=142223 renegotiate_seconds = 3600
Mon Jan 23 12:55:34 2006 us=142736 handshake_window = 60
Mon Jan 23 12:55:34 2006 us=143147 transition_window = 3600
Mon Jan 23 12:55:34 2006 us=143560 single_session = DISABLED
Mon Jan 23 12:55:34 2006 us=144063 tls_exit = DISABLED
Mon Jan 23 12:55:34 2006 us=144581 tls_auth_file = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=145010 server_network = 0.0.0.0
Mon Jan 23 12:55:34 2006 us=145423 server_netmask = 0.0.0.0
Mon Jan 23 12:55:34 2006 us=145938 server_bridge_ip = 192.168.1.2
Mon Jan 23 12:55:34 2006 us=146452 server_bridge_netmask = 255.255.255.0
Mon Jan 23 12:55:34 2006 us=146872 server_bridge_pool_start = 192.168.1.200
Mon Jan 23 12:55:34 2006 us=147255 server_bridge_pool_end = 192.168.1.219
Mon Jan 23 12:55:34 2006 us=147797 push_list = 'route-gateway 192.168.1.2,ping 10,ping-restart 120'
Mon Jan 23 12:55:34 2006 us=148199 ifconfig_pool_defined = ENABLED
Mon Jan 23 12:55:34 2006 us=148580 ifconfig_pool_start = 192.168.1.200
Mon Jan 23 12:55:34 2006 us=148890 ifconfig_pool_end = 192.168.1.219
Mon Jan 23 12:55:34 2006 us=149265 ifconfig_pool_netmask = 255.255.255.0
Mon Jan 23 12:55:34 2006 us=149695 ifconfig_pool_persist_filename = 'ipp.txt'
Mon Jan 23 12:55:34 2006 us=150082 ifconfig_pool_persist_refresh_freq = 600
Mon Jan 23 12:55:34 2006 us=150608 ifconfig_pool_linear = DISABLED
Mon Jan 23 12:55:34 2006 us=151000 n_bcast_buf = 256
Mon Jan 23 12:55:34 2006 us=151532 tcp_queue_limit = 64
Mon Jan 23 12:55:34 2006 us=152014 real_hash_size = 256
Mon Jan 23 12:55:34 2006 us=152456 virtual_hash_size = 256
Mon Jan 23 12:55:34 2006 us=152829 client_connect_script = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=153349 learn_address_script = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=153827 client_disconnect_script = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=154236 client_config_dir = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=154656 ccd_exclusive = DISABLED
Mon Jan 23 12:55:34 2006 us=155149 tmp_dir = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=155663 push_ifconfig_defined = DISABLED
Mon Jan 23 12:55:34 2006 us=156083 push_ifconfig_local = 0.0.0.0
Mon Jan 23 12:55:34 2006 us=156511 push_ifconfig_remote_netmask = 0.0.0.0
Mon Jan 23 12:55:34 2006 us=157003 enable_c2c = ENABLED
Mon Jan 23 12:55:34 2006 us=157496 duplicate_cn = DISABLED
Mon Jan 23 12:55:34 2006 us=157904 cf_max = 0
Mon Jan 23 12:55:34 2006 us=158279 cf_per = 0
Mon Jan 23 12:55:34 2006 us=158837 max_clients = 1024
Mon Jan 23 12:55:34 2006 us=159304 max_routes_per_client = 256
Mon Jan 23 12:55:34 2006 us=159755 client_cert_not_required = DISABLED
Mon Jan 23 12:55:34 2006 us=160129 username_as_common_name = DISABLED
Mon Jan 23 12:55:34 2006 us=160655 auth_user_pass_verify_script = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=161128 auth_user_pass_verify_script_via_file = DISABLED
Mon Jan 23 12:55:34 2006 us=161591 client = DISABLED
Mon Jan 23 12:55:34 2006 us=161966 pull = DISABLED
Mon Jan 23 12:55:34 2006 us=162406 auth_user_pass_file = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=162818 OpenVPN 2.0.2 i686-pc-linux [SSL] [LZO] [EPOLL] built on Jan 3 2006
Mon Jan 23 12:55:34 2006 us=249975 Diffie-Hellman initialized with 2048 bit key
Mon Jan 23 12:55:34 2006 us=252044 WARNING: file '/usr/src/openvpn-2.0.2/easy-rsa/keys/intern.key' is group or others accessible
Mon Jan 23 12:55:34 2006 us=254590 TLS-Auth MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Mon Jan 23 12:55:34 2006 us=268088 TUN/TAP device tap0 opened
Mon Jan 23 12:55:34 2006 us=268758 TUN/TAP TX queue length set to 100
Mon Jan 23 12:55:34 2006 us=269381 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Mon Jan 23 12:55:34 2006 us=271815 GID set to nobody
Mon Jan 23 12:55:34 2006 us=272380 UID set to nobody
Mon Jan 23 12:55:34 2006 us=272897 Listening for incoming TCP connection on [undef]:1194
Mon Jan 23 12:55:34 2006 us=273436 Socket Buffers: R=[87380->131072] S=[16384->131072]
Mon Jan 23 12:55:34 2006 us=273884 TCPv4_SERVER link local (bound): [undef]:1194
Mon Jan 23 12:55:34 2006 us=274426 TCPv4_SERVER link remote: [undef]
Mon Jan 23 12:55:34 2006 us=274950 MULTI: multi_init called, r=256 v=256
Mon Jan 23 12:55:34 2006 us=275515 IFCONFIG POOL: base=192.168.1.200 size=20
Mon Jan 23 12:55:34 2006 us=276177 IFCONFIG POOL LIST
Mon Jan 23 12:55:34 2006 us=276567 ikarus.de,192.168.1.200
Mon Jan 23 12:55:34 2006 us=277074 MULTI: TCP INIT maxclients=1024 maxevents=1028
Mon Jan 23 12:55:34 2006 us=277570 Initialization Sequence Completed
Mon Jan 23 13:01:36 2006 OpenVPN 2.0.2 Win32-MinGW [SSL] [LZO] built on Aug 25 2005
Mon Jan 23 13:01:36 2006 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Mon Jan 23 13:01:36 2006 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Mon Jan 23 13:01:36 2006 LZO compression initialized
Mon Jan 23 13:01:36 2006 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Mon Jan 23 13:01:36 2006 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Mon Jan 23 13:01:36 2006 Local Options hash (VER=V4): '31fdf004'
Mon Jan 23 13:01:36 2006 Expected Remote Options hash (VER=V4): '3e6d1056'
Mon Jan 23 13:01:36 2006 Attempting to establish TCP connection with xxx.xxx.xxx.xxx:1194
Mon Jan 23 13:01:36 2006 TCP connection established with xxx.xxx.xxx.xxx:1194
Mon Jan 23 13:01:36 2006 TCPv4_CLIENT link local: [undef]
Mon Jan 23 13:01:36 2006 TCPv4_CLIENT link remote: xxx.xxx.xxx.xxx:1194
Mon Jan 23 13:01:36 2006 TLS: Initial packet from xxx.xxx.xxx.xxx:1194, sid=bfb9e21e d7754feb
Mon Jan 23 13:01:39 2006 VERIFY OK: depth=1, /C=DE/ST=Berlin/L=Berlin/O=/CN=/emailAddress=
Mon Jan 23 13:01:39 2006 VERIFY OK: depth=0, /C=DE/ST=Berlin/O=/CN=/emailAddress=
Mon Jan 23 13:01:44 2006 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jan 23 13:01:44 2006 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jan 23 13:01:44 2006 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jan 23 13:01:44 2006 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jan 23 13:01:44 2006 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Mon Jan 23 13:01:44 2006 [herkules.de] Peer Connection Initiated with xxx.xxx.xxx.xxx:1194
Mon Jan 23 13:01:45 2006 SENT CONTROL [herkules.de]: 'PUSH_REQUEST' (status=1)
Mon Jan 23 13:01:46 2006 PUSH: Received control message: 'PUSH_REPLY,route-gateway 192.168.1.2,ping 10,ping-restart 120,ifconfig 192.168.1.200 255.255.255.0'
Mon Jan 23 13:01:46 2006 OPTIONS IMPORT: timers and/or timeouts modified
Mon Jan 23 13:01:46 2006 OPTIONS IMPORT: --ifconfig/up options modified
Mon Jan 23 13:01:46 2006 OPTIONS IMPORT: route options modified
Mon Jan 23 13:01:46 2006 TAP-WIN32 device [tap1] opened: \\.\Global\{2EBEF262-FAD7-456B-8C28-D908D2E0311A}.tap
Mon Jan 23 13:01:46 2006 TAP-Win32 Driver Version 8.1
Mon Jan 23 13:01:46 2006 TAP-Win32 MTU=1500
Mon Jan 23 13:01:46 2006 Notified TAP-Win32 driver to set a DHCP IP/netmask of 192.168.1.200/255.255.255.0 on interface {2EBEF262-FAD7-456B-8C28-D908D2E0311A} [DHCP-serv: 192.168.1.0, lease-time: 31536000]
Mon Jan 23 13:01:46 2006 Successful ARP Flush on interface [6] {2EBEF262-FAD7-456B-8C28-D908D2E0311A}
Mon Jan 23 13:01:46 2006 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Mon Jan 23 13:01:46 2006 Route: Waiting for TUN/TAP interface to come up...
Mon Jan 23 13:01:47 2006 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Mon Jan 23 13:01:47 2006 Route: Waiting for TUN/TAP interface to come up...
Mon Jan 23 13:01:48 2006 TEST ROUTES: 0/0 succeeded len=-1 ret=1 a=0 u/d=up
Mon Jan 23 13:01:48 2006 Initialization Sequence Completed
wo kann der fehler noch liegen?
gestartet wird immer erst die bridge, dannach openvpn server und dann client halt?
also ich habe ein Problem,
ich möchte von meinem LINUX Server der auch Gateway ins Internet ist über VPN ins Internet kommen, alles funktioniert, er zeig das er eine Verbindung hat, aber leider kann ich keinen rechner erreichen, woran kann das liegen?
Server.conf
--daemon
port 1194
proto tcp
dev tap0
ca /usr/src/openvpn-2.0.2/easy-rsa/keys/ca.crt
cert /usr/src/openvpn-2.0.2/easy-rsa/keys/intern.crt
key /usr/src/openvpn-2.0.2/easy-rsa/keys/intern.key # This file should be kept secret
dh /usr/src/openvpn-2.0.2/easy-rsa/keys/dh2048.pem
server-bridge 192.168.1.2 255.255.255.0 192.168.1.200 192.168.1.219
ifconfig-pool-persist ipp.txt
client-to-client
keepalive 10 120
comp-lzo
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
log openvpn.log
log-append openvpn.log
verb 6
bridgestart.sh
#!/bin/bash
#################################
# Set up Ethernet bridge on Linu
# Requires: bridge-utils
#################################
# Define Bridge Interface
br="br0"
# Define list of TAP interfaces to be bridged,
# for example tap="tap0 tap1 tap2".
tap="tap0"
# Define physical ethernet interface to be bridged
# with TAP interface(s) above.
eth="eth0"
eth_ip="192.168.1.2"
eth_netmask="255.255.255.0"
eth_broadcast="192.168.1.255"
for t in $tap; do
openvpn --mktun --dev $t
done
brctl addbr $br
brctl addif $br $eth
for t in $tap; do
brctl addif $br $t
done
for t in $tap; do
ifconfig $t 0.0.0.0 promisc up
done
ifconfig $eth 0.0.0.0 promisc up
ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast
client.conf
client
dev tap
dev-node tap1
proto tcp
remote xxx.xxx.xxx.xxx 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert ikarus.crt
key ikarus.key
comp-lzo
verb 3
ifconfig
br0 Protokoll:Ethernet Hardware Adresse 00:0B:6A:28:53:D4
inet Adresse:192.168.1.2 Bcast:192.168.1.255 Maske:255.255.255.0
inet6 Adresse: fe80::20b:6aff:fe28:53d4/64 Gültigkeitsbereich:Verbindung
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3184 errors:0 dropped:0 overruns:0 frame:0
TX packets:2711 errors:0 dropped:0 overruns:0 carrier:0
Kollisionen:0 Sendewarteschlangenlänge:0
RX bytes:223541 (218.3 KiB) TX bytes:327500 (319.8 KiB)
eth0 Protokoll:Ethernet Hardware Adresse 00:0B:6A:28:53:D4
inet6 Adresse: fe80::20b:6aff:fe28:53d4/64 Gültigkeitsbereich:Verbindung
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:3257 errors:0 dropped:0 overruns:0 frame:0
TX packets:2734 errors:0 dropped:0 overruns:0 carrier:0
Kollisionen:0 Sendewarteschlangenlänge:1000
RX bytes:282607 (275.9 KiB) TX bytes:331273 (323.5 KiB)
Interrupt:11 Basisadresse:0xd00
eth1 Protokoll:Ethernet Hardware Adresse 00:08:54:04:76:1A
inet Adresse:xxx.xxx.xxx.xxx Bcast:xxx.xxx.xxx.xxx Maske:255.255.255.240
inet6 Adresse: fe80::208:54ff:fe04:761a/64 Gültigkeitsbereich:Verbindung
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1755 errors:0 dropped:0 overruns:0 frame:0
TX packets:678 errors:0 dropped:0 overruns:0 carrier:0
Kollisionen:0 Sendewarteschlangenlänge:1000
RX bytes:182630 (178.3 KiB) TX bytes:80038 (78.1 KiB)
Interrupt:10 Basisadresse:0xec00
lo Protokoll:Lokale Schleife
inet Adresse:127.0.0.1 Maske:255.0.0.0
inet6 Adresse: ::1/128 Gültigkeitsbereich:Maschine
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:53 errors:0 dropped:0 overruns:0 frame:0
TX packets:53 errors:0 dropped:0 overruns:0 carrier:0
Kollisionen:0 Sendewarteschlangenlänge:0
RX bytes:4084 (3.9 KiB) TX bytes:4084 (3.9 KiB)
openvpn ausgabe(start)
[root@herkules openvpn]# openvpn server.conf
Mon Jan 23 12:55:34 2006 us=82780 Current Parameter Settings:
Mon Jan 23 12:55:34 2006 us=83784 config = 'server.conf'
Mon Jan 23 12:55:34 2006 us=84214 mode = 1
Mon Jan 23 12:55:34 2006 us=84712 persist_config = DISABLED
Mon Jan 23 12:55:34 2006 us=85124 persist_mode = 1
Mon Jan 23 12:55:34 2006 us=85533 show_ciphers = DISABLED
Mon Jan 23 12:55:34 2006 us=86020 show_digests = DISABLED
Mon Jan 23 12:55:34 2006 us=86520 show_engines = DISABLED
Mon Jan 23 12:55:34 2006 us=86919 genkey = DISABLED
Mon Jan 23 12:55:34 2006 us=87289 key_pass_file = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=87817 show_tls_ciphers = DISABLED
Mon Jan 23 12:55:34 2006 us=88286 proto = 1
Mon Jan 23 12:55:34 2006 us=88728 local = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=89099 remote_list = NULL
Mon Jan 23 12:55:34 2006 us=89632 remote_random = DISABLED
Mon Jan 23 12:55:34 2006 us=90108 local_port = 1194
Mon Jan 23 12:55:34 2006 us=90557 remote_port = 1194
Mon Jan 23 12:55:34 2006 us=90908 remote_float = DISABLED
Mon Jan 23 12:55:34 2006 us=91277 ipchange = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=91701 bind_local = ENABLED
Mon Jan 23 12:55:34 2006 us=92030 dev = 'tap0'
Mon Jan 23 12:55:34 2006 us=92361 dev_type = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=92809 dev_node = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=93289 tun_ipv6 = DISABLED
Mon Jan 23 12:55:34 2006 us=93742 ifconfig_local = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=94134 ifconfig_remote_netmask = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=94675 ifconfig_noexec = DISABLED
Mon Jan 23 12:55:34 2006 us=95147 ifconfig_nowarn = DISABLED
Mon Jan 23 12:55:34 2006 us=95606 shaper = 0
Mon Jan 23 12:55:34 2006 us=95978 tun_mtu = 1500
Mon Jan 23 12:55:34 2006 us=96482 tun_mtu_defined = ENABLED
Mon Jan 23 12:55:34 2006 us=96951 link_mtu = 1500
Mon Jan 23 12:55:34 2006 us=97384 link_mtu_defined = DISABLED
Mon Jan 23 12:55:34 2006 us=97766 tun_mtu_extra = 32
Mon Jan 23 12:55:34 2006 us=98237 tun_mtu_extra_defined = ENABLED
Mon Jan 23 12:55:34 2006 us=98745 fragment = 0
Mon Jan 23 12:55:34 2006 us=99148 mtu_discover_type = -1
Mon Jan 23 12:55:34 2006 us=99565 mtu_test = 0
Mon Jan 23 12:55:34 2006 us=100039 mlock = DISABLED
Mon Jan 23 12:55:34 2006 us=100542 keepalive_ping = 10
Mon Jan 23 12:55:34 2006 us=100935 keepalive_timeout = 120
Mon Jan 23 12:55:34 2006 us=101301 inactivity_timeout = 0
Mon Jan 23 12:55:34 2006 us=101831 ping_send_timeout = 10
Mon Jan 23 12:55:34 2006 us=102299 ping_rec_timeout = 240
Mon Jan 23 12:55:34 2006 us=102739 ping_rec_timeout_action = 2
Mon Jan 23 12:55:34 2006 us=103113 ping_timer_remote = DISABLED
Mon Jan 23 12:55:34 2006 us=103635 remap_sigusr1 = 0
Mon Jan 23 12:55:34 2006 us=104096 explicit_exit_notification = 0
Mon Jan 23 12:55:34 2006 us=104538 persist_tun = ENABLED
Mon Jan 23 12:55:34 2006 us=104931 persist_local_ip = DISABLED
Mon Jan 23 12:55:34 2006 us=105391 persist_remote_ip = DISABLED
Mon Jan 23 12:55:34 2006 us=105766 persist_key = ENABLED
Mon Jan 23 12:55:34 2006 us=106099 mssfix = 1450
Mon Jan 23 12:55:34 2006 us=106431 passtos = DISABLED
Mon Jan 23 12:55:34 2006 us=106848 resolve_retry_seconds = 1000000000
Mon Jan 23 12:55:34 2006 us=107388 connect_retry_seconds = 5
Mon Jan 23 12:55:34 2006 us=107802 username = 'nobody'
Mon Jan 23 12:55:34 2006 us=108179 groupname = 'nobody'
Mon Jan 23 12:55:34 2006 us=108728 chroot_dir = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=109211 cd_dir = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=109656 writepid = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=110030 up_script = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=110558 down_script = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=111030 down_pre = DISABLED
Mon Jan 23 12:55:34 2006 us=111467 up_restart = DISABLED
Mon Jan 23 12:55:34 2006 us=111842 up_delay = DISABLED
Mon Jan 23 12:55:34 2006 us=112368 daemon = DISABLED
Mon Jan 23 12:55:34 2006 us=112845 inetd = 0
Mon Jan 23 12:55:34 2006 us=113241 log = DISABLED
Mon Jan 23 12:55:34 2006 us=113655 suppress_timestamps = DISABLED
Mon Jan 23 12:55:34 2006 us=114145 nice = 0
Mon Jan 23 12:55:34 2006 us=114656 verbosity = 6
Mon Jan 23 12:55:34 2006 us=115067 mute = 0
Mon Jan 23 12:55:34 2006 us=115483 gremlin = 0
Mon Jan 23 12:55:34 2006 us=115962 status_file = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=116461 status_file_version = 1
Mon Jan 23 12:55:34 2006 us=116868 status_file_update_freq = 60
Mon Jan 23 12:55:34 2006 us=117236 occ = ENABLED
Mon Jan 23 12:55:34 2006 us=117769 rcvbuf = 65536
Mon Jan 23 12:55:34 2006 us=118236 sndbuf = 65536
Mon Jan 23 12:55:34 2006 us=118681 socks_proxy_server = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=119062 socks_proxy_port = 0
Mon Jan 23 12:55:34 2006 us=119515 socks_proxy_retry = DISABLED
Mon Jan 23 12:55:34 2006 us=119888 fast_io = DISABLED
Mon Jan 23 12:55:34 2006 us=120215 comp_lzo = ENABLED
Mon Jan 23 12:55:34 2006 us=120554 comp_lzo_adaptive = ENABLED
Mon Jan 23 12:55:34 2006 us=120933 route_script = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=121465 route_default_gateway = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=121881 route_noexec = DISABLED
Mon Jan 23 12:55:34 2006 us=122261 route_delay = 0
Mon Jan 23 12:55:34 2006 us=122792 route_delay_window = 30
Mon Jan 23 12:55:34 2006 us=123259 route_delay_defined = DISABLED
Mon Jan 23 12:55:34 2006 us=123714 management_addr = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=124089 management_port = 0
Mon Jan 23 12:55:34 2006 us=124586 management_user_pass = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=125069 management_log_history_cache = 250
Mon Jan 23 12:55:34 2006 us=125524 management_echo_buffer_size = 100
Mon Jan 23 12:55:34 2006 us=125897 management_query_passwords = DISABLED
Mon Jan 23 12:55:34 2006 us=126404 management_hold = DISABLED
Mon Jan 23 12:55:34 2006 us=126877 shared_secret_file = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=127286 key_direction = 0
Mon Jan 23 12:55:34 2006 us=127703 ciphername_defined = ENABLED
Mon Jan 23 12:55:34 2006 us=128187 ciphername = 'BF-CBC'
Mon Jan 23 12:55:34 2006 us=128699 authname_defined = ENABLED
Mon Jan 23 12:55:34 2006 us=129109 authname = 'SHA1'
Mon Jan 23 12:55:34 2006 us=129527 keysize = 0
Mon Jan 23 12:55:34 2006 us=130011 engine = DISABLED
Mon Jan 23 12:55:34 2006 us=130513 replay = ENABLED
Mon Jan 23 12:55:34 2006 us=130914 mute_replay_warnings = DISABLED
Mon Jan 23 12:55:34 2006 us=131294 replay_window = 0
Mon Jan 23 12:55:34 2006 us=131823 replay_time = 0
Mon Jan 23 12:55:34 2006 us=132284 packet_id_file = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=133998 use_iv = ENABLED
Mon Jan 23 12:55:34 2006 us=134300 test_crypto = DISABLED
Mon Jan 23 12:55:34 2006 us=134717 tls_server = ENABLED
Mon Jan 23 12:55:34 2006 us=135106 tls_client = DISABLED
Mon Jan 23 12:55:34 2006 us=135782 key_method = 2
Mon Jan 23 12:55:34 2006 us=136161 ca_file = '/usr/src/openvpn-2.0.2/easy-rsa/keys/ca.crt'
Mon Jan 23 12:55:34 2006 us=136719 dh_file = '/usr/src/openvpn-2.0.2/easy-rsa/keys/dh2048.pem'
Mon Jan 23 12:55:34 2006 us=137192 cert_file = '/usr/src/openvpn-2.0.2/easy-rsa/keys/intern.crt'
Mon Jan 23 12:55:34 2006 us=137702 priv_key_file = '/usr/src/openvpn-2.0.2/easy-rsa/keys/intern.key'
Mon Jan 23 12:55:34 2006 us=138084 pkcs12_file = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=138597 cipher_list = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=139065 tls_verify = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=139516 tls_remote = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=139891 crl_file = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=140411 ns_cert_type = 0
Mon Jan 23 12:55:34 2006 us=140890 tls_timeout = 2
Mon Jan 23 12:55:34 2006 us=141302 renegotiate_bytes = 0
Mon Jan 23 12:55:34 2006 us=141722 renegotiate_packets = 0
Mon Jan 23 12:55:34 2006 us=142223 renegotiate_seconds = 3600
Mon Jan 23 12:55:34 2006 us=142736 handshake_window = 60
Mon Jan 23 12:55:34 2006 us=143147 transition_window = 3600
Mon Jan 23 12:55:34 2006 us=143560 single_session = DISABLED
Mon Jan 23 12:55:34 2006 us=144063 tls_exit = DISABLED
Mon Jan 23 12:55:34 2006 us=144581 tls_auth_file = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=145010 server_network = 0.0.0.0
Mon Jan 23 12:55:34 2006 us=145423 server_netmask = 0.0.0.0
Mon Jan 23 12:55:34 2006 us=145938 server_bridge_ip = 192.168.1.2
Mon Jan 23 12:55:34 2006 us=146452 server_bridge_netmask = 255.255.255.0
Mon Jan 23 12:55:34 2006 us=146872 server_bridge_pool_start = 192.168.1.200
Mon Jan 23 12:55:34 2006 us=147255 server_bridge_pool_end = 192.168.1.219
Mon Jan 23 12:55:34 2006 us=147797 push_list = 'route-gateway 192.168.1.2,ping 10,ping-restart 120'
Mon Jan 23 12:55:34 2006 us=148199 ifconfig_pool_defined = ENABLED
Mon Jan 23 12:55:34 2006 us=148580 ifconfig_pool_start = 192.168.1.200
Mon Jan 23 12:55:34 2006 us=148890 ifconfig_pool_end = 192.168.1.219
Mon Jan 23 12:55:34 2006 us=149265 ifconfig_pool_netmask = 255.255.255.0
Mon Jan 23 12:55:34 2006 us=149695 ifconfig_pool_persist_filename = 'ipp.txt'
Mon Jan 23 12:55:34 2006 us=150082 ifconfig_pool_persist_refresh_freq = 600
Mon Jan 23 12:55:34 2006 us=150608 ifconfig_pool_linear = DISABLED
Mon Jan 23 12:55:34 2006 us=151000 n_bcast_buf = 256
Mon Jan 23 12:55:34 2006 us=151532 tcp_queue_limit = 64
Mon Jan 23 12:55:34 2006 us=152014 real_hash_size = 256
Mon Jan 23 12:55:34 2006 us=152456 virtual_hash_size = 256
Mon Jan 23 12:55:34 2006 us=152829 client_connect_script = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=153349 learn_address_script = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=153827 client_disconnect_script = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=154236 client_config_dir = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=154656 ccd_exclusive = DISABLED
Mon Jan 23 12:55:34 2006 us=155149 tmp_dir = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=155663 push_ifconfig_defined = DISABLED
Mon Jan 23 12:55:34 2006 us=156083 push_ifconfig_local = 0.0.0.0
Mon Jan 23 12:55:34 2006 us=156511 push_ifconfig_remote_netmask = 0.0.0.0
Mon Jan 23 12:55:34 2006 us=157003 enable_c2c = ENABLED
Mon Jan 23 12:55:34 2006 us=157496 duplicate_cn = DISABLED
Mon Jan 23 12:55:34 2006 us=157904 cf_max = 0
Mon Jan 23 12:55:34 2006 us=158279 cf_per = 0
Mon Jan 23 12:55:34 2006 us=158837 max_clients = 1024
Mon Jan 23 12:55:34 2006 us=159304 max_routes_per_client = 256
Mon Jan 23 12:55:34 2006 us=159755 client_cert_not_required = DISABLED
Mon Jan 23 12:55:34 2006 us=160129 username_as_common_name = DISABLED
Mon Jan 23 12:55:34 2006 us=160655 auth_user_pass_verify_script = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=161128 auth_user_pass_verify_script_via_file = DISABLED
Mon Jan 23 12:55:34 2006 us=161591 client = DISABLED
Mon Jan 23 12:55:34 2006 us=161966 pull = DISABLED
Mon Jan 23 12:55:34 2006 us=162406 auth_user_pass_file = '[UNDEF]'
Mon Jan 23 12:55:34 2006 us=162818 OpenVPN 2.0.2 i686-pc-linux [SSL] [LZO] [EPOLL] built on Jan 3 2006
Mon Jan 23 12:55:34 2006 us=249975 Diffie-Hellman initialized with 2048 bit key
Mon Jan 23 12:55:34 2006 us=252044 WARNING: file '/usr/src/openvpn-2.0.2/easy-rsa/keys/intern.key' is group or others accessible
Mon Jan 23 12:55:34 2006 us=254590 TLS-Auth MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Mon Jan 23 12:55:34 2006 us=268088 TUN/TAP device tap0 opened
Mon Jan 23 12:55:34 2006 us=268758 TUN/TAP TX queue length set to 100
Mon Jan 23 12:55:34 2006 us=269381 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Mon Jan 23 12:55:34 2006 us=271815 GID set to nobody
Mon Jan 23 12:55:34 2006 us=272380 UID set to nobody
Mon Jan 23 12:55:34 2006 us=272897 Listening for incoming TCP connection on [undef]:1194
Mon Jan 23 12:55:34 2006 us=273436 Socket Buffers: R=[87380->131072] S=[16384->131072]
Mon Jan 23 12:55:34 2006 us=273884 TCPv4_SERVER link local (bound): [undef]:1194
Mon Jan 23 12:55:34 2006 us=274426 TCPv4_SERVER link remote: [undef]
Mon Jan 23 12:55:34 2006 us=274950 MULTI: multi_init called, r=256 v=256
Mon Jan 23 12:55:34 2006 us=275515 IFCONFIG POOL: base=192.168.1.200 size=20
Mon Jan 23 12:55:34 2006 us=276177 IFCONFIG POOL LIST
Mon Jan 23 12:55:34 2006 us=276567 ikarus.de,192.168.1.200
Mon Jan 23 12:55:34 2006 us=277074 MULTI: TCP INIT maxclients=1024 maxevents=1028
Mon Jan 23 12:55:34 2006 us=277570 Initialization Sequence Completed
Mon Jan 23 13:01:36 2006 OpenVPN 2.0.2 Win32-MinGW [SSL] [LZO] built on Aug 25 2005
Mon Jan 23 13:01:36 2006 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Mon Jan 23 13:01:36 2006 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Mon Jan 23 13:01:36 2006 LZO compression initialized
Mon Jan 23 13:01:36 2006 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Mon Jan 23 13:01:36 2006 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Mon Jan 23 13:01:36 2006 Local Options hash (VER=V4): '31fdf004'
Mon Jan 23 13:01:36 2006 Expected Remote Options hash (VER=V4): '3e6d1056'
Mon Jan 23 13:01:36 2006 Attempting to establish TCP connection with xxx.xxx.xxx.xxx:1194
Mon Jan 23 13:01:36 2006 TCP connection established with xxx.xxx.xxx.xxx:1194
Mon Jan 23 13:01:36 2006 TCPv4_CLIENT link local: [undef]
Mon Jan 23 13:01:36 2006 TCPv4_CLIENT link remote: xxx.xxx.xxx.xxx:1194
Mon Jan 23 13:01:36 2006 TLS: Initial packet from xxx.xxx.xxx.xxx:1194, sid=bfb9e21e d7754feb
Mon Jan 23 13:01:39 2006 VERIFY OK: depth=1, /C=DE/ST=Berlin/L=Berlin/O=/CN=/emailAddress=
Mon Jan 23 13:01:39 2006 VERIFY OK: depth=0, /C=DE/ST=Berlin/O=/CN=/emailAddress=
Mon Jan 23 13:01:44 2006 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jan 23 13:01:44 2006 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jan 23 13:01:44 2006 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jan 23 13:01:44 2006 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jan 23 13:01:44 2006 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Mon Jan 23 13:01:44 2006 [herkules.de] Peer Connection Initiated with xxx.xxx.xxx.xxx:1194
Mon Jan 23 13:01:45 2006 SENT CONTROL [herkules.de]: 'PUSH_REQUEST' (status=1)
Mon Jan 23 13:01:46 2006 PUSH: Received control message: 'PUSH_REPLY,route-gateway 192.168.1.2,ping 10,ping-restart 120,ifconfig 192.168.1.200 255.255.255.0'
Mon Jan 23 13:01:46 2006 OPTIONS IMPORT: timers and/or timeouts modified
Mon Jan 23 13:01:46 2006 OPTIONS IMPORT: --ifconfig/up options modified
Mon Jan 23 13:01:46 2006 OPTIONS IMPORT: route options modified
Mon Jan 23 13:01:46 2006 TAP-WIN32 device [tap1] opened: \\.\Global\{2EBEF262-FAD7-456B-8C28-D908D2E0311A}.tap
Mon Jan 23 13:01:46 2006 TAP-Win32 Driver Version 8.1
Mon Jan 23 13:01:46 2006 TAP-Win32 MTU=1500
Mon Jan 23 13:01:46 2006 Notified TAP-Win32 driver to set a DHCP IP/netmask of 192.168.1.200/255.255.255.0 on interface {2EBEF262-FAD7-456B-8C28-D908D2E0311A} [DHCP-serv: 192.168.1.0, lease-time: 31536000]
Mon Jan 23 13:01:46 2006 Successful ARP Flush on interface [6] {2EBEF262-FAD7-456B-8C28-D908D2E0311A}
Mon Jan 23 13:01:46 2006 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Mon Jan 23 13:01:46 2006 Route: Waiting for TUN/TAP interface to come up...
Mon Jan 23 13:01:47 2006 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Mon Jan 23 13:01:47 2006 Route: Waiting for TUN/TAP interface to come up...
Mon Jan 23 13:01:48 2006 TEST ROUTES: 0/0 succeeded len=-1 ret=1 a=0 u/d=up
Mon Jan 23 13:01:48 2006 Initialization Sequence Completed
wo kann der fehler noch liegen?
gestartet wird immer erst die bridge, dannach openvpn server und dann client halt?