Netsh error

[erg161]

Hi guys.. can you help me out?
i'm a client and i've this error

client

Code: Select all

client
route-method exe
route-delay 2 2
dev tun
tun-mtu 1492
resolv-retry infinite
auth-user-pass
persist-key
persist-tun
verb 2
float
lport 53
remote xx.xx.xx.xx 123



<ca>
-----BEGIN CERTIFICATE-----
I Hide This Part
-----END CERTIFICATE-----
</ca>

Code: Select all

Sat Nov 26 16:57:06 2011 OpenVPN 2.1_rc19 i686-pc-mingw32 [SSL] [LZO2] built on Oct  5 2011
Sat Nov 26 16:57:06 2011 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Sat Nov 26 16:57:06 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sat Nov 26 16:57:07 2011 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1492)
Sat Nov 26 16:57:07 2011 Control Channel MTU parms [ L:1533 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sat Nov 26 16:57:07 2011 Data Channel MTU parms [ L:1533 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Sat Nov 26 16:57:07 2011 Local Options hash (VER=V4): '0b10a096'
Sat Nov 26 16:57:07 2011 Expected Remote Options hash (VER=V4): 'fac5fede'
Sat Nov 26 16:57:07 2011 UDPv4 link local (bound): [undef]:706
Sat Nov 26 16:57:07 2011 UDPv4 link remote: 0.0.0.0:0
Sat Nov 26 16:57:07 2011 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sat Nov 26 16:57:08 2011 VERIFY OK: depth=0, /CN=www.dntwtrrdczrls.net
Sat Nov 26 16:57:08 2011 VERIFY OK: depth=0, /CN=www.dntwtrrdczrls.net
Sat Nov 26 16:57:09 2011 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1533', remote='link-mtu 1541'
Sat Nov 26 16:57:09 2011 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1492', remote='tun-mtu 1500'
Sat Nov 26 16:57:09 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Nov 26 16:57:09 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Nov 26 16:57:09 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Nov 26 16:57:09 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Nov 26 16:57:09 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sat Nov 26 16:57:09 2011 [www.dntwtrrdczrls.net] Peer Connection Initiated with 0.0.0.0:0
Sat Nov 26 16:57:11 2011 TAP-WIN32 device [{F475D5E0-F1C1-4A76-9377-B614AF1E7CBD}] opened: \\.\Global\{F475D5E0-F1C1-4A76-9377-B614AF1E7CBD}.tap
Sat Nov 26 16:57:11 2011 TAP-Win32 MTU=1500
Sat Nov 26 16:57:12 2011 NETSH: C:\WINDOWS\system32\netsh.exe interface ip set address {F475D5E0-F1C1-4A76-9377-B614AF1E7CBD} static 10.26.40.52 255.255.248.0
Sat Nov 26 16:57:20 2011 ERROR: netsh command failed: returned error code 1
Sat Nov 26 16:57:25 2011 NETSH: C:\WINDOWS\system32\netsh.exe interface ip set address {F475D5E0-F1C1-4A76-9377-B614AF1E7CBD} static 10.26.40.52 255.255.248.0
Sat Nov 26 16:57:33 2011 NETSH: C:\WINDOWS\system32\netsh.exe interface ip delete dns {F475D5E0-F1C1-4A76-9377-B614AF1E7CBD} all
Sat Nov 26 16:57:41 2011 NETSH: C:\WINDOWS\system32\netsh.exe interface ip set dns {F475D5E0-F1C1-4A76-9377-B614AF1E7CBD} static 10.26.40.1
Sat Nov 26 16:57:48 2011 Set TAP-Win32 TUN subnet mode network/local/netmask = 10.26.40.0/10.26.40.52/255.255.248.0 [SUCCEEDED]
Sat Nov 26 16:57:48 2011 Successful ARP Flush on interface [9] {F475D5E0-F1C1-4A76-9377-B614AF1E7CBD}
Sat Nov 26 16:57:55 2011 Initialization Sequence Completed

and other problem is..
you see i'm using wireless usb broadband stick
and i keep on disconnecting every 30 mins..

[janjust]

you're using v2.1_rc19 built in Oct 2011? that cannot be right - 2.1rc19 is way older than that.
Upgrade to the latest version (2.2.1) and try again.

Also, remove the line

Code: Select all

tun-mtu 1492

from the client config, to get rid of the warnings

Sat Nov 26 16:57:09 2011 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1533', remote='link-mtu 1541'
Sat Nov 26 16:57:09 2011 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1492', remote='tun-mtu 1500'

[erg161]

Recently, my ISP blocked my lport 53 and remote 123
Now I mange to connect with the following but still not perfect

Client Config:

Code: Select all

client
route-method exe
route-delay 2 2
dev tun
resolv-retry infinite
auth-user-pass
persist-key
persist-tun
verb 2
float
lport 642
remote 68.68.108.143 137
script-security 2

<ca>
-----BEGIN CERTIFICATE-----

-----END CERTIFICATE-----
</ca>

Log File:

Code: Select all

Mon Nov 28 14:40:18 2011 OpenVPN 2.1_rc19 i686-pc-mingw32 [SSL] [LZO2] built on Oct  5 2011
Mon Nov 28 14:40:18 2011 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Mon Nov 28 14:40:18 2011 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mon Nov 28 14:40:18 2011 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Mon Nov 28 14:40:19 2011 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Mon Nov 28 14:40:19 2011 Local Options hash (VER=V4): '3514370b'
Mon Nov 28 14:40:19 2011 Expected Remote Options hash (VER=V4): '239669a8'
Mon Nov 28 14:40:19 2011 UDPv4 link local (bound): [undef]:642
Mon Nov 28 14:40:19 2011 UDPv4 link remote: 0.0.0.0:0
Mon Nov 28 14:40:19 2011 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Nov 28 14:40:20 2011 VERIFY OK: depth=0, /CN=www.bm6em7zai7vhoyno.net
Mon Nov 28 14:40:20 2011 VERIFY OK: depth=0, /CN=www.bm6em7zai7vhoyno.net
Mon Nov 28 14:40:21 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Nov 28 14:40:21 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Nov 28 14:40:21 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Nov 28 14:40:21 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Nov 28 14:40:21 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mon Nov 28 14:40:21 2011 [www.bm6em7zai7vhoyno.net] Peer Connection Initiated with 0.0.0.0:0
Mon Nov 28 14:40:23 2011 TAP-WIN32 device [{F475D5E0-F1C1-4A76-9377-B614AF1E7CBD}] opened: \\.\Global\{F475D5E0-F1C1-4A76-9377-B614AF1E7CBD}.tap
Mon Nov 28 14:40:23 2011 TAP-Win32 MTU=1500
Mon Nov 28 14:40:24 2011 NETSH: C:\WINDOWS\system32\netsh.exe interface ip set address {F475D5E0-F1C1-4A76-9377-B614AF1E7CBD} static 10.26.16.114 255.255.248.0
Mon Nov 28 14:40:27 2011 NETSH: C:\WINDOWS\system32\netsh.exe interface ip delete dns {F475D5E0-F1C1-4A76-9377-B614AF1E7CBD} all
Mon Nov 28 14:40:33 2011 NETSH: C:\WINDOWS\system32\netsh.exe interface ip set dns {F475D5E0-F1C1-4A76-9377-B614AF1E7CBD} static 10.26.16.1
Mon Nov 28 14:40:37 2011 Set TAP-Win32 TUN subnet mode network/local/netmask = 10.26.16.0/10.26.16.114/255.255.248.0 [SUCCEEDED]
Mon Nov 28 14:40:37 2011 Successful ARP Flush on interface [9] {F475D5E0-F1C1-4A76-9377-B614AF1E7CBD}
Mon Nov 28 14:40:42 2011 Initialization Sequence Completed

also my ISP assign me 4-7 kinds of address..
is there any way , I can add some combination port such that?
sorry I'm so noob I can't use such term like pro..

[janjust]

you're still using 2.1rc19 ; the connection log shows

Mon Nov 28 14:40:37 2011 Set TAP-Win32 TUN subnet mode network/local/netmask = 10.26.16.0/10.26.16.114/255.255.248.0 [SUCCEEDED]
Mon Nov 28 14:40:37 2011 Successful ARP Flush on interface [9] {F475D5E0-F1C1-4A76-9377-B614AF1E7CBD}
Mon Nov 28 14:40:42 2011 Initialization Sequence Completed

which indicates the connection is fine - try pinging the VPN server @ 10.26.16.1 ; if that works your VPN is functional. Everything after that is routing , for which you will need to talk to your VPN provider.

good luck.

[erg161]

Okay,,, I'll do that..
my connection's stable so far..
Thanks very much janjust..