Pregunta sobre openvpn - Alcance Libre

Bienvenido(a) a Alcance Libre 29/01/2023, 10:09

Alcance Libre Foros

	Índice del foro > Todo acerca de Linux > Redes y Servidores	New Topic Post Reply
Pregunta sobre openvpn

Primero | Anterior | 12 | Siguiente | Ultimo

Edgar Rene Chirivi Rico

12/10/07 11:17AM

Participa mucho

Estado: desconectado

Identificado: 03/07/07
Mensajes: 49

Hola

Anexo los log del openvpn

oot@proxy openvpn]# ./iniciovpnserver
Mon Dec 10 12:11:35 2007 OpenVPN 2.1_rc4 i386-redhat-linux-gnu [SSL] [LZO2] [EPOLL] built on Aug 7 2007
Mon Dec 10 12:11:35 2007 Diffie-Hellman initialized with 1024 bit key
Mon Dec 10 12:11:35 2007 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Mon Dec 10 12:11:35 2007 TUN/TAP device tun0 opened
Mon Dec 10 12:11:35 2007 TUN/TAP TX queue length set to 100
Mon Dec 10 12:11:35 2007 /sbin/ip link set dev tun0 up mtu 1500
Mon Dec 10 12:11:35 2007 /sbin/ip addr add dev tun0 local 192.168.0.1 peer 192.168.0.2
Mon Dec 10 12:11:35 2007 /sbin/ip route add 192.168.0.0/24 via 192.168.0.2
Mon Dec 10 12:11:35 2007 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Mon Dec 10 12:11:35 2007 Socket Buffers: R=[109568->131072] S=[109568->131072]
Mon Dec 10 12:11:35 2007 UDPv4 link local (bound): [undef]:1194
Mon Dec 10 12:11:35 2007 UDPv4 link remote: [undef]
Mon Dec 10 12:11:35 2007 MULTI: multi_init called, r=256 v=256
Mon Dec 10 12:11:35 2007 IFCONFIG POOL: base=192.168.0.4 size=62
Mon Dec 10 12:11:35 2007 IFCONFIG POOL LIST
Mon Dec 10 12:11:35 2007 cliente,192.168.0.4
Mon Dec 10 12:11:35 2007 Initialization Sequence Completed

esto es cuando lo inicio

y cuando algun cliente se conecta
Mon Dec 10 12:13:16 2007 MULTI: multi_create_instance called
Mon Dec 10 12:13:16 2007 200.119.41.154:2207 Re-using SSL/TLS context
Mon Dec 10 12:13:16 2007 200.119.41.154:2207 LZO compression initialized
Mon Dec 10 12:13:16 2007 200.119.41.154:2207 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Mon Dec 10 12:13:16 2007 200.119.41.154:2207 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Mon Dec 10 12:13:16 2007 200.119.41.154:2207 Local Options hash (VER=V4): '530fdded'
Mon Dec 10 12:13:16 2007 200.119.41.154:2207 Expected Remote Options hash (VER=V4): '41690919'
Mon Dec 10 12:13:16 2007 200.119.41.154:2207 TLS: Initial packet from 200.119.41.154:2207, sid=8e38b246 96649eeb
Mon Dec 10 12:13:17 2007 200.119.41.154:2207 VERIFY OK: depth=1, /C=CO/ST=BOG/L=Bogota/O=mettcocolombia/CN=mettcocolombia.com/emailAddress=rene_chirivi_bog@yhaoo.com
Mon Dec 10 12:13:17 2007 200.119.41.154:2207 VERIFY OK: depth=0, /C=CO/ST=BOG/L=Bogota/O=mettcocolombia/CN=cliente/emailAddress=rene_chirivi_bog@yhaoo.com
Mon Dec 10 12:13:18 2007 200.119.41.154:2207 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Dec 10 12:13:18 2007 200.119.41.154:2207 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Dec 10 12:13:18 2007 200.119.41.154:2207 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Dec 10 12:13:18 2007 200.119.41.154:2207 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Dec 10 12:13:18 2007 200.119.41.154:2207 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mon Dec 10 12:13:18 2007 200.119.41.154:2207 [cliente] Peer Connection Initiated with 200.119.41.154:2207
Mon Dec 10 12:13:18 2007 cliente/200.119.41.154:2207 MULTI: Learn: 192.168.0.6 -> cliente/200.119.41.154:2207
Mon Dec 10 12:13:18 2007 cliente/200.119.41.154:2207 MULTI: primary virtual IP for cliente/200.119.41.154:2207: 192.168.0.6
Mon Dec 10 12:13:19 2007 cliente/200.119.41.154:2207 PUSH: Received control message: 'PUSH_REQUEST'
Mon Dec 10 12:13:19 2007 cliente/200.119.41.154:2207 SENT CONTROL [cliente]: 'PUSH_REPLY,route 192.168.0.1,topology net30,ping 10,ping-restart 120,ifconfig 192.168.0.6 192.168.0.5' (status=1)
Mon Dec 10 12:13:23 2007 cliente/200.119.41.154:2207 MULTI: bad source address from client [192.168.0.3], packet dropped
Mon Dec 10 12:13:23 2007 cliente/200.119.41.154:2207 MULTI: bad source address from client [192.168.0.3], packet dropped
Mon Dec 10 12:13:23 2007 cliente/200.119.41.154:2207 MULTI: bad source address from client [192.168.0.3], packet dropped
Mon Dec 10 12:13:23 2007 cliente/200.119.41.154:2207 MULTI: bad source address from client [192.168.0.3], packet dropped
Mon Dec 10 12:13:24 2007 cliente/200.119.41.154:2207 MULTI: bad source address from client [192.168.0.3], packet dropped
Mon Dec 10 12:13:24 2007 cliente/200.119.41.154:2207 MULTI: bad source address from client [192.168.0.3], packet dropped
Mon Dec 10 12:13:24 2007 cliente/200.119.41.154:2207 MULTI: bad source address from client [192.168.0.3], packet dropped
Mon Dec 10 12:13:24 2007 cliente/200.119.41.154:2207 MULTI: bad source address from client [192.168.0.3], packet dropped
Mon Dec 10 12:13:25 2007 cliente/200.119.41.154:2207 MULTI: bad source address from client [192.168.0.3], packet dropped
Mon Dec 10 12:13:25 2007 cliente/200.119.41.154:2207 MULTI: bad source address from client [192.168.0.3], packet dropped

y este mi archivo de configuracion

port 1194
proto udp
dev tun
ca keys/ca.crt
cert keys/proxy.crt
key keys/proxy.key
dh keys/dh1024.pem
server 192.168.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status-servidorvpn-udp-1194.log
verb 3

De Nuevo Muchas Gracias

Profile

Quote

Edgar Rene Chirivi Rico

12/10/07 11:22AM

Participa mucho

Estado: desconectado

Identificado: 03/07/07
Mensajes: 49

Una Cosa en esta maquina solamente tengo funcionando apache y squid

Profile

Quote

Diego Fernando

12/11/07 09:24AM

Participa mucho

Estado: desconectado

Identificado: 07/11/07
Mensajes: 52
Localización:Colombia/Bogota

Revisa el firewall del Linux

Debe tener las siguientes reglas:

iptables -A INPUT -i tun+ -j ACCEPT
iptables -A FORWARD -i tun+ -j ACCEPT
iptables -A INPUT -i tap+ -j ACCEPT
iptables -A FORWARD -i tap+ -j ACCEPT
iptables -A INPUT -p udp --dport 1194 -j ACCEPT

Ok, puede ser eso.
Saludos

Profile