[Ubuntu-BR] Openvpn e estações windows
Fábio Rabelo
fabio em fabiorabelo.wiki.br
Sábado Fevereiro 19 16:00:52 UTC 2011
Boa tarde a todos...
Tenho um problema com o openvpn que já está me deixando maluco !!!
A conexão é entre dois firewalls, ambos rodando Shorewall.
O servidor tem 4 placas de redem uma para o ip válido, e três segmentos
internos, 172.16.2.xxx, 172.16.3.xxx e 172.16.4.xxx .
Estes é o arquivo de configuração do servidor :
dev tun
#proto tcp-server
port 7794
local 186.xxx.43.18
remote 186.xxx.43.10
ifconfig 192.168.99.2 192.168.99.1
route 172.16.0.0 255.255.255.0 192.168.99.1
push "route 192.168.10.0 255.255.255.0 vpn_gateway"
tls-server
dh dh2048.pem
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server_
cities.crt
key /etc/openvpn/keys/server_cities.key
comp-lzo
link-mtu 1542
auth none SHA1
cipher BF-CBC
keysize 128
verb 5
No cliente existem apenas 2 placas de rede, e a rede local atualmente é
172.16.0.xxx,mas eu já tentei colocar o ip do cliente em 192.168.10.xxx e o
problema persistiu !
este é o arquivo de configuração do cliente :
dev tun
#proto tcp-client
port 7794
local 186.xxx.43.10
remote 186.xxx.43.18
ifconfig 192.168.99.1 192.168.99.2
route 172.16.2.0 255.255.255.0 192.168.99.2
route 172.16.3.0 255.255.255.0 192.168.99.2
route 172.16.4.0 255.255.255.0 192.168.99.2
push "route 172.16.2.0 255.255.255.0 vpn_gateway"
push "route 172.16.3.0 255.255.255.0 vpn_gateway"
push "route 172.16.4.0 255.255.255.0 vpn_gateway"
tls-client
dh dh2048.pem
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/cities.crt
key /etc/openvpn/keys/cities.key
comp-lzo
link-mtu 1542
auth none SHA1
cipher BF-CBC
keysize 128
verb 5
E esta é a saída do log segue anexo, pois é muito grande para que seja
postado em texto .
Os ips válidos foram editados, por razões óbvias !
E finalmente o problema :
Os pacotes não circulam !!!
O objetivo é que as máquinas na rede cliente possam ter acesso aos volumes
de rede da rede do servidor, mas elas não se "enxergam" ...
Não há nenhuma msg de erro, a conexão é estabelecida, como o log mostra, mas
nada acontece ....
Qualquer ajuda será muito útil ..
Fábio Rabelo
-------------- Próxima Parte ----------
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: Current Parameter Settings:
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: config = '/etc/openvpn/172-16-2.conf'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: mode = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: persist_config = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: persist_mode = 1
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: show_ciphers = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: show_digests = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: show_engines = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: genkey = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: key_pass_file = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: show_tls_ciphers = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: Connection profiles [default]:
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: proto = udp
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: local = '186.201.43.10'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: local_port = 7794
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote = '186.201.43.18'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_port = 7794
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_float = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: bind_defined = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: bind_local = ENABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: connect_retry_seconds = 5
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: connect_timeout = 10
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: connect_retry_max = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: socks_proxy_server = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: socks_proxy_port = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: socks_proxy_retry = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: Connection profiles END
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_random = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ipchange = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: dev = 'tun'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: dev_type = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: dev_node = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: lladdr = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: topology = 1
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tun_ipv6 = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ifconfig_local = '192.168.99.1'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ifconfig_remote_netmask = '192.168.99.2'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ifconfig_noexec = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ifconfig_nowarn = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: shaper = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tun_mtu = 1500
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tun_mtu_defined = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: link_mtu = 1542
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: link_mtu_defined = ENABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tun_mtu_extra = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tun_mtu_extra_defined = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: fragment = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: mtu_discover_type = -1
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: mtu_test = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: mlock = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: keepalive_ping = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: keepalive_timeout = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: inactivity_timeout = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ping_send_timeout = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ping_rec_timeout = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ping_rec_timeout_action = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ping_timer_remote = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remap_sigusr1 = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: explicit_exit_notification = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: persist_tun = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: persist_local_ip = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: persist_remote_ip = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: persist_key = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: mssfix = 1450
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: passtos = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: resolve_retry_seconds = 1000000000
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: username = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: groupname = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: chroot_dir = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: cd_dir = '/etc/openvpn'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: writepid = '/var/run/openvpn.172-16-2.pid'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: up_script = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: down_script = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: down_pre = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: up_restart = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: up_delay = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: daemon = ENABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: inetd = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: log = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: suppress_timestamps = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: nice = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: verbosity = 5
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: mute = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: gremlin = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: status_file = '/var/run/openvpn.172-16-2.status'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: status_file_version = 1
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: status_file_update_freq = 10
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: occ = ENABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: rcvbuf = 65536
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: sndbuf = 65536
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: sockflags = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: fast_io = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: lzo = 7
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route_script = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route_default_gateway = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route_default_metric = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route_noexec = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route_delay = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route_delay_window = 30
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route_delay_defined = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route_nopull = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route_gateway_via_dhcp = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: allow_pull_fqdn = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route 172.16.2.0/255.255.255.0/192.168.99.2/nil
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route 172.16.3.0/255.255.255.0/192.168.99.2/nil
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route 172.16.4.0/255.255.255.0/192.168.99.2/nil
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: management_addr = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: management_port = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: management_user_pass = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: management_log_history_cache = 250
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: management_echo_buffer_size = 100
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: management_write_peer_info_file = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: management_flags = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: shared_secret_file = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: key_direction = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ciphername_defined = ENABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ciphername = 'BF-CBC'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: authname_defined = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: authname = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: keysize = 16
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: engine = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: replay = ENABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: mute_replay_warnings = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: replay_window = 64
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: replay_time = 15
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: packet_id_file = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: use_iv = ENABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: test_crypto = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tls_server = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tls_client = ENABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: key_method = 2
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ca_file = '/etc/openvpn/keys/ca.crt'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ca_path = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: dh_file = 'dh2048.pem'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: cert_file = '/etc/openvpn/keys/cities.crt'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: priv_key_file = '/etc/openvpn/keys/cities.key'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs12_file = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: cipher_list = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tls_verify = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tls_remote = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: crl_file = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ns_cert_type = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_eku = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tls_timeout = 2
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: renegotiate_bytes = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: renegotiate_packets = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: renegotiate_seconds = 3600
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: handshake_window = 60
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: transition_window = 3600
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: single_session = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tls_exit = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tls_auth_file = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_pin_cache_period = -1
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_id = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_id_management = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: server_network = 0.0.0.0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: server_netmask = 0.0.0.0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: server_bridge_ip = 0.0.0.0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: server_bridge_netmask = 0.0.0.0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: server_bridge_pool_start = 0.0.0.0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: server_bridge_pool_end = 0.0.0.0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: push_list = 'route 172.16.2.0 255.255.255.0 vpn_gateway,route 172.16.3.0 255.255.255.0 vpn_gateway,route 172.16.4.0 255.255.255.0 vpn_gateway'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ifconfig_pool_defined = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ifconfig_pool_start = 0.0.0.0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ifconfig_pool_end = 0.0.0.0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ifconfig_pool_netmask = 0.0.0.0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ifconfig_pool_persist_filename = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ifconfig_pool_persist_refresh_freq = 600
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: n_bcast_buf = 256
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tcp_queue_limit = 64
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: real_hash_size = 256
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: virtual_hash_size = 256
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: client_connect_script = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: learn_address_script = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: client_disconnect_script = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: client_config_dir = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ccd_exclusive = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tmp_dir = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: push_ifconfig_defined = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: push_ifconfig_local = 0.0.0.0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: push_ifconfig_remote_netmask = 0.0.0.0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: enable_c2c = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: duplicate_cn = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: cf_max = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: cf_per = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: max_clients = 1024
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: max_routes_per_client = 256
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: client_cert_not_required = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: username_as_common_name = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: auth_user_pass_verify_script = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: auth_user_pass_verify_script_via_file = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: port_share_host = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: port_share_port = 0
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: client = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pull = DISABLED
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: auth_user_pass_file = '[UNDEF]'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: OpenVPN 2.1_rc11 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Sep 18 2008
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ******* WARNING *******: null MAC specified, no authentication will be used
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: /usr/bin/openssl-vulnkey -q -b 2048 -m <modulus omitted>
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: LZO compression initialized
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1520)
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ROUTE default_gateway=186.201.43.9
Feb 19 13:50:09 condominio kernel: [14986.762914] tun0: Disabled Privacy Extensions
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: TUN/TAP device tun0 opened
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: TUN/TAP TX queue length set to 100
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: /sbin/ifconfig tun0 192.168.99.1 pointopoint 192.168.99.2 mtu 1520
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: /sbin/route add -net 172.16.2.0 netmask 255.255.255.0 gw 192.168.99.2
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: /sbin/route add -net 172.16.3.0 netmask 255.255.255.0 gw 192.168.99.2
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: /sbin/route add -net 172.16.4.0 netmask 255.255.255.0 gw 192.168.99.2
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: Data Channel MTU parms [ L:1542 D:1450 EF:22 EB:135 ET:0 EL:0 AF:3/1 ]
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1520,proto UDPv4,ifconfig 192.168.99.2 192.168.99.1,comp-lzo,cipher BF-CBC,auth [null-digest],keysize 128,key-method 2,tls-client'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1520,proto UDPv4,ifconfig 192.168.99.1 192.168.99.2,comp-lzo,cipher BF-CBC,auth [null-digest],keysize 128,key-method 2,tls-server'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: Local Options hash (VER=V4): '8a2f147d'
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: Expected Remote Options hash (VER=V4): '0ac8a69c'
Feb 19 13:50:09 condominio ovpn-172-16-2[12388]: Socket Buffers: R=[124928->131072] S=[124928->131072]
Feb 19 13:50:09 condominio ovpn-172-16-2[12388]: UDPv4 link local (bound): 186.201.43.10:7794
Feb 19 13:50:09 condominio ovpn-172-16-2[12388]: UDPv4 link remote: 186.201.43.18:7794
Feb 19 13:50:09 condominio ovpn-172-16-2[12388]: TLS: Initial packet from 186.201.43.18:7794, sid=8d6250dd 65f09020
Feb 19 13:50:09 condominio ovpn-172-16-2[12388]: VERIFY OK: depth=1, /C=BR/ST=SP/L=Sao_Paulo/O=riuma/OU=cities/CN=riuma_CA/emailAddress=audieperes em gmail.com
Feb 19 13:50:09 condominio ovpn-172-16-2[12388]: VERIFY OK: depth=0, /C=BR/ST=SP/L=Sao_Paulo/O=riuma/CN=cities/emailAddress=audieperes em gmail.com
Feb 19 13:50:09 condominio ovpn-172-16-2[12388]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Feb 19 13:50:09 condominio ovpn-172-16-2[12388]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Feb 19 13:50:09 condominio ovpn-172-16-2[12388]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Feb 19 13:50:09 condominio ovpn-172-16-2[12388]: [cities] Peer Connection Initiated with 186.201.43.18:7794
Feb 19 13:50:10 condominio ovpn-172-16-2[12388]: Initialization Sequence Completed
More information about the ubuntu-br
mailing list