Hi all, I'm new to openvpn.
I need to install on a slackware server and Win7/Vista/XP and Linux clients.
I followed all in http://openvpn.net/index.php/open-sourc ... howto.html :
1) ./configure
make
make install
2) edit vars
3) source ./vars
./clean-all
./build-ca
4) ./build-key-server server
5) ./build-key client1
6) ./build-dh
edit /etc/openvpn/openvpn.conf (on server)
edit openvpn.ovpn (on win client).
Start openvpn with openvpn-startup.sh
Start openvpn Gui ( on win7).
At this point when I try to connect Openvpn says
Tue Aug 07 20:07:42 2012 OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2] [PKCS11] built on Dec 15 2011
Tue Aug 07 20:07:42 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Tue Aug 07 20:07:42 2012 LZO compression initialized
Tue Aug 07 20:07:42 2012 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Aug 07 20:07:42 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Aug 07 20:07:42 2012 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Aug 07 20:07:42 2012 Local Options hash (VER=V4): '41690919'
Tue Aug 07 20:07:42 2012 Expected Remote Options hash (VER=V4): '530fdded'
Tue Aug 07 20:07:42 2012 UDPv4 link local: [undef]
Tue Aug 07 20:07:42 2012 UDPv4 link remote: 192.168.1.155:1194
...
The lights are yellow
I cannot understand the issue and figure how to resolve.
Could You help me? Please.
Thanks
Giulio
Openvpn on slackware server
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please visit (and READ) the OpenVPN HowTo http://openvpn.net/howto prior to asking any questions in here!
Please visit (and READ) the OpenVPN HowTo http://openvpn.net/howto prior to asking any questions in here!
-
maikcat
- Forum Team
- Posts: 4200
- Joined: Wed Jan 12, 2011 9:23 am
- Location: Athens,Greece
- Contact:
Re: Openvpn on slackware server
please post configs & server logs
Michael.
Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
-
ronin
- OpenVpn Newbie
- Posts: 6
- Joined: Tue Aug 07, 2012 5:29 pm
Re: Openvpn on slackware server
Hi, thanks for your reply.
Server.conf:
;local 85.18.254.4
port 1194
proto udp
dev tun
;dev-node MyTap
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key # This file should be kept secret
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
#server 10.8.0.0 255.255.255.0
server 192.168.2.0 255.255.255.0
ifconfig 192.168.2.201 192.168.1.202
#ifconfig-pool-persist ipp.txt
;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
;server-bridge
;push "route 192.168.10.0 255.255.255.0"
;push "route 192.168.20.0 255.255.255.0"
;client-config-dir ccd
;route 192.168.40.128 255.255.255.248
;client-config-dir ccd
;route 10.9.0.0 255.255.255.252
;lealrn-address ./script
;push "redirect-gateway def1 bypass-dhcp"
;push "dhcp-option DNS 208.67.222.222"
;push "dhcp-option DNS 208.67.220.220"
client-to-client
;duplicate-cn
keepalive 10 120
;tls-auth ta.key 0 # This file is secret
;cipher BF-CBC # Blowfish (default)
;cipher AES-128-CBC # AES
;cipher DES-EDE3-CBC # Triple-DES
comp-lzo
max-clients 10
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
log openvpn.log
log-append openvpn.log
verb 6
;mute 20
OpenVpn.log
------------------------------------------------
Tue Aug 7 20:43:08 2012 us=555766 Current Parameter Settings:
Tue Aug 7 20:43:08 2012 us=556035 config = 'server.conf'
Tue Aug 7 20:43:08 2012 us=556072 mode = 1
Tue Aug 7 20:43:08 2012 us=556102 persist_config = DISABLED
Tue Aug 7 20:43:08 2012 us=556131 persist_mode = 1
Tue Aug 7 20:43:08 2012 us=556159 show_ciphers = DISABLED
Tue Aug 7 20:43:08 2012 us=556186 show_digests = DISABLED
Tue Aug 7 20:43:08 2012 us=556214 show_engines = DISABLED
Tue Aug 7 20:43:08 2012 us=556241 genkey = DISABLED
Tue Aug 7 20:43:08 2012 us=556268 key_pass_file = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=556296 show_tls_ciphers = DISABLED
Tue Aug 7 20:43:08 2012 us=556326 Connection profiles [default]:
Tue Aug 7 20:43:08 2012 us=556356 proto = udp
Tue Aug 7 20:43:08 2012 us=556384 local = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=556411 local_port = 1194
Tue Aug 7 20:43:08 2012 us=556438 remote = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=556465 remote_port = 1194
Tue Aug 7 20:43:08 2012 us=556491 remote_float = DISABLED
Tue Aug 7 20:43:08 2012 us=556518 bind_defined = DISABLED
Tue Aug 7 20:43:08 2012 us=556545 bind_local = ENABLED
Tue Aug 7 20:43:08 2012 us=556571 connect_retry_seconds = 5
Tue Aug 7 20:43:08 2012 us=556598 connect_timeout = 10
Tue Aug 7 20:43:08 2012 us=556625 connect_retry_max = 0
Tue Aug 7 20:43:08 2012 us=556653 socks_proxy_server = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=556679 socks_proxy_port = 0
Tue Aug 7 20:43:08 2012 us=556706 socks_proxy_retry = DISABLED
Tue Aug 7 20:43:08 2012 us=556733 Connection profiles END
Tue Aug 7 20:43:08 2012 us=556760 remote_random = DISABLED
Tue Aug 7 20:43:08 2012 us=556786 ipchange = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=556813 dev = 'tun'
Tue Aug 7 20:43:08 2012 us=556839 dev_type = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=556865 dev_node = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=556892 lladdr = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=556919 topology = 1
Tue Aug 7 20:43:08 2012 us=556945 tun_ipv6 = DISABLED
Tue Aug 7 20:43:08 2012 us=556973 ifconfig_local = '192.168.2.1'
Tue Aug 7 20:43:08 2012 us=556999 ifconfig_remote_netmask = '192.168.2.2'
Tue Aug 7 20:43:08 2012 us=557026 ifconfig_noexec = DISABLED
Tue Aug 7 20:43:08 2012 us=557214 ifconfig_nowarn = DISABLED
Tue Aug 7 20:43:08 2012 us=557244 shaper = 0
Tue Aug 7 20:43:08 2012 us=557271 tun_mtu = 1500
Tue Aug 7 20:43:08 2012 us=557298 tun_mtu_defined = ENABLED
Tue Aug 7 20:43:08 2012 us=557328 link_mtu = 1500
Tue Aug 7 20:43:08 2012 us=557356 link_mtu_defined = DISABLED
Tue Aug 7 20:43:08 2012 us=557383 tun_mtu_extra = 0
Tue Aug 7 20:43:08 2012 us=557410 tun_mtu_extra_defined = DISABLED
Tue Aug 7 20:43:08 2012 us=557436 fragment = 0
Tue Aug 7 20:43:08 2012 us=557472 mtu_discover_type = -1
Tue Aug 7 20:43:08 2012 us=557500 mtu_test = 0
Tue Aug 7 20:43:08 2012 us=557526 mlock = DISABLED
Tue Aug 7 20:43:08 2012 us=557554 keepalive_ping = 10
Tue Aug 7 20:43:08 2012 us=557581 keepalive_timeout = 120
Tue Aug 7 20:43:08 2012 us=557608 inactivity_timeout = 0
Tue Aug 7 20:43:08 2012 us=557636 ping_send_timeout = 10
Tue Aug 7 20:43:08 2012 us=557662 ping_rec_timeout = 240
Tue Aug 7 20:43:08 2012 us=557689 ping_rec_timeout_action = 2
Tue Aug 7 20:43:08 2012 us=557715 ping_timer_remote = DISABLED
Tue Aug 7 20:43:08 2012 us=557743 remap_sigusr1 = 0
Tue Aug 7 20:43:08 2012 us=557770 explicit_exit_notification = 0
Tue Aug 7 20:43:08 2012 us=557796 persist_tun = ENABLED
Tue Aug 7 20:43:08 2012 us=557823 persist_local_ip = DISABLED
Tue Aug 7 20:43:08 2012 us=557850 persist_remote_ip = DISABLED
Tue Aug 7 20:43:08 2012 us=557877 persist_key = ENABLED
Tue Aug 7 20:43:08 2012 us=557903 mssfix = 1450
Tue Aug 7 20:43:08 2012 us=557930 passtos = DISABLED
Tue Aug 7 20:43:08 2012 us=557957 resolve_retry_seconds = 1000000000
Tue Aug 7 20:43:08 2012 us=557984 username = 'nobody'
Tue Aug 7 20:43:08 2012 us=558010 groupname = 'nobody'
Tue Aug 7 20:43:08 2012 us=558037 chroot_dir = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=558063 cd_dir = '/etc/openvpn'
Tue Aug 7 20:43:08 2012 us=558119 writepid = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=558148 up_script = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=558174 down_script = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=558201 down_pre = DISABLED
Tue Aug 7 20:43:08 2012 us=558227 up_restart = DISABLED
Tue Aug 7 20:43:08 2012 us=558253 up_delay = DISABLED
Tue Aug 7 20:43:08 2012 us=558279 daemon = ENABLED
Tue Aug 7 20:43:08 2012 us=558305 inetd = 0
Tue Aug 7 20:43:08 2012 us=558331 log = ENABLED
Tue Aug 7 20:43:08 2012 us=558357 suppress_timestamps = DISABLED
Tue Aug 7 20:43:08 2012 us=558384 nice = 0
Tue Aug 7 20:43:08 2012 us=558410 verbosity = 6
Tue Aug 7 20:43:08 2012 us=558436 mute = 0
Tue Aug 7 20:43:08 2012 us=558462 gremlin = 0
Tue Aug 7 20:43:08 2012 us=558487 status_file = 'openvpn-status.log'
Tue Aug 7 20:43:08 2012 us=558515 status_file_version = 1
Tue Aug 7 20:43:08 2012 us=558541 status_file_update_freq = 60
Tue Aug 7 20:43:08 2012 us=558567 occ = ENABLED
Tue Aug 7 20:43:08 2012 us=558593 rcvbuf = 65536
Tue Aug 7 20:43:08 2012 us=558619 sndbuf = 65536
Tue Aug 7 20:43:08 2012 us=558645 sockflags = 0
Tue Aug 7 20:43:08 2012 us=558671 fast_io = DISABLED
Tue Aug 7 20:43:08 2012 us=558697 lzo = 7
Tue Aug 7 20:43:08 2012 us=558735 route_script = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=558763 route_default_gateway = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=558790 route_default_metric = 0
Tue Aug 7 20:43:08 2012 us=558816 route_noexec = DISABLED
Tue Aug 7 20:43:08 2012 us=558843 route_delay = 0
Tue Aug 7 20:43:08 2012 us=558869 route_delay_window = 30
Tue Aug 7 20:43:08 2012 us=558895 route_delay_defined = DISABLED
Tue Aug 7 20:43:08 2012 us=558922 route_nopull = DISABLED
Tue Aug 7 20:43:08 2012 us=558949 route_gateway_via_dhcp = DISABLED
Tue Aug 7 20:43:08 2012 us=558976 max_routes = 100
Tue Aug 7 20:43:08 2012 us=559003 allow_pull_fqdn = DISABLED
Tue Aug 7 20:43:08 2012 us=559032 route 192.168.2.0/255.255.255.0/nil/nil
Tue Aug 7 20:43:08 2012 us=559059 management_addr = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=559086 management_port = 0
Tue Aug 7 20:43:08 2012 us=559113 management_user_pass = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=559140 management_log_history_cache = 250
Tue Aug 7 20:43:08 2012 us=559166 management_echo_buffer_size = 100
Tue Aug 7 20:43:08 2012 us=559193 management_write_peer_info_file = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=559220 management_client_user = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=559247 management_client_group = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=559274 management_flags = 0
Tue Aug 7 20:43:08 2012 us=559300 shared_secret_file = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=559327 key_direction = 0
Tue Aug 7 20:43:08 2012 us=559354 ciphername_defined = ENABLED
Tue Aug 7 20:43:08 2012 us=559381 ciphername = 'BF-CBC'
Tue Aug 7 20:43:08 2012 us=559407 authname_defined = ENABLED
Tue Aug 7 20:43:08 2012 us=559433 authname = 'SHA1'
Tue Aug 7 20:43:08 2012 us=559460 prng_hash = 'SHA1'
Tue Aug 7 20:43:08 2012 us=559487 prng_nonce_secret_len = 16
Tue Aug 7 20:43:08 2012 us=559513 keysize = 0
Tue Aug 7 20:43:08 2012 us=559540 engine = DISABLED
Tue Aug 7 20:43:08 2012 us=559566 replay = ENABLED
Tue Aug 7 20:43:08 2012 us=559593 mute_replay_warnings = DISABLED
Tue Aug 7 20:43:08 2012 us=559620 replay_window = 64
Tue Aug 7 20:43:08 2012 us=559647 replay_time = 15
Tue Aug 7 20:43:08 2012 us=559673 packet_id_file = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=559700 use_iv = ENABLED
Tue Aug 7 20:43:08 2012 us=559726 test_crypto = DISABLED
Tue Aug 7 20:43:08 2012 us=559752 tls_server = ENABLED
Tue Aug 7 20:43:08 2012 us=559778 tls_client = DISABLED
Tue Aug 7 20:43:08 2012 us=559805 key_method = 2
Tue Aug 7 20:43:08 2012 us=559832 ca_file = '/etc/openvpn/easy-rsa/2.0/keys/ca.crt'
Tue Aug 7 20:43:08 2012 us=559859 ca_path = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=559885 dh_file = '/etc/openvpn/easy-rsa/2.0/keys/dh1024.pem'
Tue Aug 7 20:43:08 2012 us=559939 cert_file = '/etc/openvpn/easy-rsa/2.0/keys/server.crt'
Tue Aug 7 20:43:08 2012 us=559968 priv_key_file = '/etc/openvpn/easy-rsa/2.0/keys/server.key'
Tue Aug 7 20:43:08 2012 us=559995 pkcs12_file = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=560022 cipher_list = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=560048 tls_verify = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=560075 tls_export_cert = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=560101 tls_remote = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=560127 crl_file = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=560153 ns_cert_type = 0
Tue Aug 7 20:43:08 2012 us=560179 remote_cert_ku = 0
Tue Aug 7 20:43:08 2012 us=560205 remote_cert_ku = 0
Tue Aug 7 20:43:08 2012 us=560231 remote_cert_ku = 0
Tue Aug 7 20:43:08 2012 us=560257 remote_cert_ku = 0
Tue Aug 7 20:43:08 2012 us=560283 remote_cert_ku = 0
Tue Aug 7 20:43:08 2012 us=560309 remote_cert_ku = 0
Tue Aug 7 20:43:08 2012 us=560335 remote_cert_ku = 0
Tue Aug 7 20:43:08 2012 us=560360 remote_cert_ku = 0
Tue Aug 7 20:43:08 2012 us=560386 remote_cert_ku = 0
Tue Aug 7 20:43:08 2012 us=560412 remote_cert_ku = 0
Tue Aug 7 20:43:08 2012 us=560438 remote_cert_ku[i] = 0
Tue Aug 7 20:43:08 2012 us=560464 remote_cert_ku[i] = 0
Tue Aug 7 20:43:08 2012 us=560490 remote_cert_ku[i] = 0
Tue Aug 7 20:43:08 2012 us=560515 remote_cert_ku[i] = 0
Tue Aug 7 20:43:08 2012 us=560542 remote_cert_ku[i] = 0
Tue Aug 7 20:43:08 2012 us=560567 remote_cert_ku[i] = 0
Tue Aug 7 20:43:08 2012 us=560594 remote_cert_eku = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=560620 tls_timeout = 2
Tue Aug 7 20:43:08 2012 us=560646 renegotiate_bytes = 0
Tue Aug 7 20:43:08 2012 us=560672 renegotiate_packets = 0
Tue Aug 7 20:43:08 2012 us=560698 renegotiate_seconds = 3600
Tue Aug 7 20:43:08 2012 us=560724 handshake_window = 60
Tue Aug 7 20:43:08 2012 us=560751 transition_window = 3600
Tue Aug 7 20:43:08 2012 us=560776 single_session = DISABLED
Tue Aug 7 20:43:08 2012 us=560803 push_peer_info = DISABLED
Tue Aug 7 20:43:08 2012 us=560828 tls_exit = DISABLED
Tue Aug 7 20:43:08 2012 us=560854 tls_auth_file = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=560885 server_network = 192.168.2.0
Tue Aug 7 20:43:08 2012 us=560915 server_netmask = 255.255.255.0
Tue Aug 7 20:43:08 2012 us=560944 server_bridge_ip = 0.0.0.0
Tue Aug 7 20:43:08 2012 us=560973 server_bridge_netmask = 0.0.0.0
Tue Aug 7 20:43:08 2012 us=561002 server_bridge_pool_start = 0.0.0.0
Tue Aug 7 20:43:08 2012 us=561030 server_bridge_pool_end = 0.0.0.0
Tue Aug 7 20:43:08 2012 us=561133 push_entry = 'route 192.168.2.0 255.255.255.0'
Tue Aug 7 20:43:08 2012 us=561162 push_entry = 'topology net30'
Tue Aug 7 20:43:08 2012 us=561188 push_entry = 'ping 10'
Tue Aug 7 20:43:08 2012 us=561214 push_entry = 'ping-restart 120'
Tue Aug 7 20:43:08 2012 us=561241 ifconfig_pool_defined = ENABLED
Tue Aug 7 20:43:08 2012 us=561270 ifconfig_pool_start = 192.168.2.4
Tue Aug 7 20:43:08 2012 us=561299 ifconfig_pool_end = 192.168.2.251
Tue Aug 7 20:43:08 2012 us=561328 ifconfig_pool_netmask = 0.0.0.0
Tue Aug 7 20:43:08 2012 us=561354 ifconfig_pool_persist_filename = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=561381 ifconfig_pool_persist_refresh_freq = 600
Tue Aug 7 20:43:08 2012 us=561407 n_bcast_buf = 256
Tue Aug 7 20:43:08 2012 us=561433 tcp_queue_limit = 64
Tue Aug 7 20:43:08 2012 us=561462 real_hash_size = 256
Tue Aug 7 20:43:08 2012 us=561489 virtual_hash_size = 256
Tue Aug 7 20:43:08 2012 us=561516 client_connect_script = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=561542 learn_address_script = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=561568 client_disconnect_script = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=561595 client_config_dir = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=561621 ccd_exclusive = DISABLED
Tue Aug 7 20:43:08 2012 us=561647 tmp_dir = '/tmp'
Tue Aug 7 20:43:08 2012 us=561673 push_ifconfig_defined = DISABLED
Tue Aug 7 20:43:08 2012 us=561703 push_ifconfig_local = 0.0.0.0
Tue Aug 7 20:43:08 2012 us=561763 push_ifconfig_remote_netmask = 0.0.0.0
Tue Aug 7 20:43:08 2012 us=561793 enable_c2c = ENABLED
Tue Aug 7 20:43:08 2012 us=561820 duplicate_cn = DISABLED
Tue Aug 7 20:43:08 2012 us=561847 cf_max = 0
Tue Aug 7 20:43:08 2012 us=561874 cf_per = 0
Tue Aug 7 20:43:08 2012 us=561901 max_clients = 10
Tue Aug 7 20:43:08 2012 us=561927 max_routes_per_client = 256
Tue Aug 7 20:43:08 2012 us=561954 auth_user_pass_verify_script = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=561980 auth_user_pass_verify_script_via_file = DISABLED
Tue Aug 7 20:43:08 2012 us=562007 ssl_flags = 0
Tue Aug 7 20:43:08 2012 us=562033 port_share_host = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=562060 port_share_port = 0
Tue Aug 7 20:43:08 2012 us=562086 client = DISABLED
Tue Aug 7 20:43:08 2012 us=562113 pull = DISABLED
Tue Aug 7 20:43:08 2012 us=562139 auth_user_pass_file = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=562172 OpenVPN 2.2.2 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] [eurephia] built on Aug 5 2012
Tue Aug 7 20:43:08 2012 us=562548 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Tue Aug 7 20:43:08 2012 us=578222 Diffie-Hellman initialized with 1024 bit key
Tue Aug 7 20:43:08 2012 us=580048 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Aug 7 20:43:08 2012 us=580184 Socket Buffers: R=[109568->131072] S=[109568->131072]
Tue Aug 7 20:43:08 2012 us=580587 ROUTE default_gateway=85.18.254.2
Tue Aug 7 20:43:08 2012 us=586300 TUN/TAP device tun0 opened
Tue Aug 7 20:43:08 2012 us=586454 TUN/TAP TX queue length set to 100
Tue Aug 7 20:43:08 2012 us=586584 /sbin/ifconfig tun0 192.168.2.1 pointopoint 192.168.2.2 mtu 1500
Tue Aug 7 20:43:08 2012 us=595180 /sbin/route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.2.2
Tue Aug 7 20:43:08 2012 us=597349 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Aug 7 20:43:08 2012 us=599518 GID set to nobody
Tue Aug 7 20:43:08 2012 us=599960 UID set to nobody
Tue Aug 7 20:43:08 2012 us=600050 UDPv4 link local (bound): [undef]:1194
Tue Aug 7 20:43:08 2012 us=600082 UDPv4 link remote: [undef]
Tue Aug 7 20:43:08 2012 us=600129 MULTI: multi_init called, r=256 v=256
Tue Aug 7 20:43:08 2012 us=600384 IFCONFIG POOL: base=192.168.2.4 size=62
Tue Aug 7 20:43:08 2012 us=600501 Initialization Sequence Completed
Client.log
----------------------------------------------------
Wed Aug 08 10:34:22 2012 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Aug 08 10:34:22 2012 TLS Error: TLS handshake failed
Wed Aug 08 10:34:22 2012 TCP/UDP: Closing socket
Wed Aug 08 10:34:22 2012 SIGUSR1[soft,tls-error] received, process restarting
Wed Aug 08 10:34:22 2012 Restart pause, 2 second(s)
Wed Aug 08 10:34:24 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Wed Aug 08 10:34:24 2012 Re-using SSL/TLS context
Wed Aug 08 10:34:24 2012 LZO compression initialized
Wed Aug 08 10:34:24 2012 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed Aug 08 10:34:24 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Wed Aug 08 10:34:24 2012 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Aug 08 10:34:24 2012 Local Options hash (VER=V4): '41690919'
Wed Aug 08 10:34:24 2012 Expected Remote Options hash (VER=V4): '530fdded'
Wed Aug 08 10:34:24 2012 UDPv4 link local: [undef]
Wed Aug 08 10:34:24 2012 UDPv4 link remote: 85.18.254.4:1194
Hope is enough.
Thanks
Giulio
Server.conf:
;local 85.18.254.4
port 1194
proto udp
dev tun
;dev-node MyTap
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key # This file should be kept secret
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
#server 10.8.0.0 255.255.255.0
server 192.168.2.0 255.255.255.0
ifconfig 192.168.2.201 192.168.1.202
#ifconfig-pool-persist ipp.txt
;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
;server-bridge
;push "route 192.168.10.0 255.255.255.0"
;push "route 192.168.20.0 255.255.255.0"
;client-config-dir ccd
;route 192.168.40.128 255.255.255.248
;client-config-dir ccd
;route 10.9.0.0 255.255.255.252
;lealrn-address ./script
;push "redirect-gateway def1 bypass-dhcp"
;push "dhcp-option DNS 208.67.222.222"
;push "dhcp-option DNS 208.67.220.220"
client-to-client
;duplicate-cn
keepalive 10 120
;tls-auth ta.key 0 # This file is secret
;cipher BF-CBC # Blowfish (default)
;cipher AES-128-CBC # AES
;cipher DES-EDE3-CBC # Triple-DES
comp-lzo
max-clients 10
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
log openvpn.log
log-append openvpn.log
verb 6
;mute 20
OpenVpn.log
------------------------------------------------
Tue Aug 7 20:43:08 2012 us=555766 Current Parameter Settings:
Tue Aug 7 20:43:08 2012 us=556035 config = 'server.conf'
Tue Aug 7 20:43:08 2012 us=556072 mode = 1
Tue Aug 7 20:43:08 2012 us=556102 persist_config = DISABLED
Tue Aug 7 20:43:08 2012 us=556131 persist_mode = 1
Tue Aug 7 20:43:08 2012 us=556159 show_ciphers = DISABLED
Tue Aug 7 20:43:08 2012 us=556186 show_digests = DISABLED
Tue Aug 7 20:43:08 2012 us=556214 show_engines = DISABLED
Tue Aug 7 20:43:08 2012 us=556241 genkey = DISABLED
Tue Aug 7 20:43:08 2012 us=556268 key_pass_file = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=556296 show_tls_ciphers = DISABLED
Tue Aug 7 20:43:08 2012 us=556326 Connection profiles [default]:
Tue Aug 7 20:43:08 2012 us=556356 proto = udp
Tue Aug 7 20:43:08 2012 us=556384 local = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=556411 local_port = 1194
Tue Aug 7 20:43:08 2012 us=556438 remote = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=556465 remote_port = 1194
Tue Aug 7 20:43:08 2012 us=556491 remote_float = DISABLED
Tue Aug 7 20:43:08 2012 us=556518 bind_defined = DISABLED
Tue Aug 7 20:43:08 2012 us=556545 bind_local = ENABLED
Tue Aug 7 20:43:08 2012 us=556571 connect_retry_seconds = 5
Tue Aug 7 20:43:08 2012 us=556598 connect_timeout = 10
Tue Aug 7 20:43:08 2012 us=556625 connect_retry_max = 0
Tue Aug 7 20:43:08 2012 us=556653 socks_proxy_server = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=556679 socks_proxy_port = 0
Tue Aug 7 20:43:08 2012 us=556706 socks_proxy_retry = DISABLED
Tue Aug 7 20:43:08 2012 us=556733 Connection profiles END
Tue Aug 7 20:43:08 2012 us=556760 remote_random = DISABLED
Tue Aug 7 20:43:08 2012 us=556786 ipchange = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=556813 dev = 'tun'
Tue Aug 7 20:43:08 2012 us=556839 dev_type = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=556865 dev_node = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=556892 lladdr = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=556919 topology = 1
Tue Aug 7 20:43:08 2012 us=556945 tun_ipv6 = DISABLED
Tue Aug 7 20:43:08 2012 us=556973 ifconfig_local = '192.168.2.1'
Tue Aug 7 20:43:08 2012 us=556999 ifconfig_remote_netmask = '192.168.2.2'
Tue Aug 7 20:43:08 2012 us=557026 ifconfig_noexec = DISABLED
Tue Aug 7 20:43:08 2012 us=557214 ifconfig_nowarn = DISABLED
Tue Aug 7 20:43:08 2012 us=557244 shaper = 0
Tue Aug 7 20:43:08 2012 us=557271 tun_mtu = 1500
Tue Aug 7 20:43:08 2012 us=557298 tun_mtu_defined = ENABLED
Tue Aug 7 20:43:08 2012 us=557328 link_mtu = 1500
Tue Aug 7 20:43:08 2012 us=557356 link_mtu_defined = DISABLED
Tue Aug 7 20:43:08 2012 us=557383 tun_mtu_extra = 0
Tue Aug 7 20:43:08 2012 us=557410 tun_mtu_extra_defined = DISABLED
Tue Aug 7 20:43:08 2012 us=557436 fragment = 0
Tue Aug 7 20:43:08 2012 us=557472 mtu_discover_type = -1
Tue Aug 7 20:43:08 2012 us=557500 mtu_test = 0
Tue Aug 7 20:43:08 2012 us=557526 mlock = DISABLED
Tue Aug 7 20:43:08 2012 us=557554 keepalive_ping = 10
Tue Aug 7 20:43:08 2012 us=557581 keepalive_timeout = 120
Tue Aug 7 20:43:08 2012 us=557608 inactivity_timeout = 0
Tue Aug 7 20:43:08 2012 us=557636 ping_send_timeout = 10
Tue Aug 7 20:43:08 2012 us=557662 ping_rec_timeout = 240
Tue Aug 7 20:43:08 2012 us=557689 ping_rec_timeout_action = 2
Tue Aug 7 20:43:08 2012 us=557715 ping_timer_remote = DISABLED
Tue Aug 7 20:43:08 2012 us=557743 remap_sigusr1 = 0
Tue Aug 7 20:43:08 2012 us=557770 explicit_exit_notification = 0
Tue Aug 7 20:43:08 2012 us=557796 persist_tun = ENABLED
Tue Aug 7 20:43:08 2012 us=557823 persist_local_ip = DISABLED
Tue Aug 7 20:43:08 2012 us=557850 persist_remote_ip = DISABLED
Tue Aug 7 20:43:08 2012 us=557877 persist_key = ENABLED
Tue Aug 7 20:43:08 2012 us=557903 mssfix = 1450
Tue Aug 7 20:43:08 2012 us=557930 passtos = DISABLED
Tue Aug 7 20:43:08 2012 us=557957 resolve_retry_seconds = 1000000000
Tue Aug 7 20:43:08 2012 us=557984 username = 'nobody'
Tue Aug 7 20:43:08 2012 us=558010 groupname = 'nobody'
Tue Aug 7 20:43:08 2012 us=558037 chroot_dir = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=558063 cd_dir = '/etc/openvpn'
Tue Aug 7 20:43:08 2012 us=558119 writepid = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=558148 up_script = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=558174 down_script = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=558201 down_pre = DISABLED
Tue Aug 7 20:43:08 2012 us=558227 up_restart = DISABLED
Tue Aug 7 20:43:08 2012 us=558253 up_delay = DISABLED
Tue Aug 7 20:43:08 2012 us=558279 daemon = ENABLED
Tue Aug 7 20:43:08 2012 us=558305 inetd = 0
Tue Aug 7 20:43:08 2012 us=558331 log = ENABLED
Tue Aug 7 20:43:08 2012 us=558357 suppress_timestamps = DISABLED
Tue Aug 7 20:43:08 2012 us=558384 nice = 0
Tue Aug 7 20:43:08 2012 us=558410 verbosity = 6
Tue Aug 7 20:43:08 2012 us=558436 mute = 0
Tue Aug 7 20:43:08 2012 us=558462 gremlin = 0
Tue Aug 7 20:43:08 2012 us=558487 status_file = 'openvpn-status.log'
Tue Aug 7 20:43:08 2012 us=558515 status_file_version = 1
Tue Aug 7 20:43:08 2012 us=558541 status_file_update_freq = 60
Tue Aug 7 20:43:08 2012 us=558567 occ = ENABLED
Tue Aug 7 20:43:08 2012 us=558593 rcvbuf = 65536
Tue Aug 7 20:43:08 2012 us=558619 sndbuf = 65536
Tue Aug 7 20:43:08 2012 us=558645 sockflags = 0
Tue Aug 7 20:43:08 2012 us=558671 fast_io = DISABLED
Tue Aug 7 20:43:08 2012 us=558697 lzo = 7
Tue Aug 7 20:43:08 2012 us=558735 route_script = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=558763 route_default_gateway = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=558790 route_default_metric = 0
Tue Aug 7 20:43:08 2012 us=558816 route_noexec = DISABLED
Tue Aug 7 20:43:08 2012 us=558843 route_delay = 0
Tue Aug 7 20:43:08 2012 us=558869 route_delay_window = 30
Tue Aug 7 20:43:08 2012 us=558895 route_delay_defined = DISABLED
Tue Aug 7 20:43:08 2012 us=558922 route_nopull = DISABLED
Tue Aug 7 20:43:08 2012 us=558949 route_gateway_via_dhcp = DISABLED
Tue Aug 7 20:43:08 2012 us=558976 max_routes = 100
Tue Aug 7 20:43:08 2012 us=559003 allow_pull_fqdn = DISABLED
Tue Aug 7 20:43:08 2012 us=559032 route 192.168.2.0/255.255.255.0/nil/nil
Tue Aug 7 20:43:08 2012 us=559059 management_addr = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=559086 management_port = 0
Tue Aug 7 20:43:08 2012 us=559113 management_user_pass = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=559140 management_log_history_cache = 250
Tue Aug 7 20:43:08 2012 us=559166 management_echo_buffer_size = 100
Tue Aug 7 20:43:08 2012 us=559193 management_write_peer_info_file = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=559220 management_client_user = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=559247 management_client_group = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=559274 management_flags = 0
Tue Aug 7 20:43:08 2012 us=559300 shared_secret_file = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=559327 key_direction = 0
Tue Aug 7 20:43:08 2012 us=559354 ciphername_defined = ENABLED
Tue Aug 7 20:43:08 2012 us=559381 ciphername = 'BF-CBC'
Tue Aug 7 20:43:08 2012 us=559407 authname_defined = ENABLED
Tue Aug 7 20:43:08 2012 us=559433 authname = 'SHA1'
Tue Aug 7 20:43:08 2012 us=559460 prng_hash = 'SHA1'
Tue Aug 7 20:43:08 2012 us=559487 prng_nonce_secret_len = 16
Tue Aug 7 20:43:08 2012 us=559513 keysize = 0
Tue Aug 7 20:43:08 2012 us=559540 engine = DISABLED
Tue Aug 7 20:43:08 2012 us=559566 replay = ENABLED
Tue Aug 7 20:43:08 2012 us=559593 mute_replay_warnings = DISABLED
Tue Aug 7 20:43:08 2012 us=559620 replay_window = 64
Tue Aug 7 20:43:08 2012 us=559647 replay_time = 15
Tue Aug 7 20:43:08 2012 us=559673 packet_id_file = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=559700 use_iv = ENABLED
Tue Aug 7 20:43:08 2012 us=559726 test_crypto = DISABLED
Tue Aug 7 20:43:08 2012 us=559752 tls_server = ENABLED
Tue Aug 7 20:43:08 2012 us=559778 tls_client = DISABLED
Tue Aug 7 20:43:08 2012 us=559805 key_method = 2
Tue Aug 7 20:43:08 2012 us=559832 ca_file = '/etc/openvpn/easy-rsa/2.0/keys/ca.crt'
Tue Aug 7 20:43:08 2012 us=559859 ca_path = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=559885 dh_file = '/etc/openvpn/easy-rsa/2.0/keys/dh1024.pem'
Tue Aug 7 20:43:08 2012 us=559939 cert_file = '/etc/openvpn/easy-rsa/2.0/keys/server.crt'
Tue Aug 7 20:43:08 2012 us=559968 priv_key_file = '/etc/openvpn/easy-rsa/2.0/keys/server.key'
Tue Aug 7 20:43:08 2012 us=559995 pkcs12_file = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=560022 cipher_list = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=560048 tls_verify = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=560075 tls_export_cert = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=560101 tls_remote = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=560127 crl_file = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=560153 ns_cert_type = 0
Tue Aug 7 20:43:08 2012 us=560179 remote_cert_ku = 0
Tue Aug 7 20:43:08 2012 us=560205 remote_cert_ku = 0
Tue Aug 7 20:43:08 2012 us=560231 remote_cert_ku = 0
Tue Aug 7 20:43:08 2012 us=560257 remote_cert_ku = 0
Tue Aug 7 20:43:08 2012 us=560283 remote_cert_ku = 0
Tue Aug 7 20:43:08 2012 us=560309 remote_cert_ku = 0
Tue Aug 7 20:43:08 2012 us=560335 remote_cert_ku = 0
Tue Aug 7 20:43:08 2012 us=560360 remote_cert_ku = 0
Tue Aug 7 20:43:08 2012 us=560386 remote_cert_ku = 0
Tue Aug 7 20:43:08 2012 us=560412 remote_cert_ku = 0
Tue Aug 7 20:43:08 2012 us=560438 remote_cert_ku[i] = 0
Tue Aug 7 20:43:08 2012 us=560464 remote_cert_ku[i] = 0
Tue Aug 7 20:43:08 2012 us=560490 remote_cert_ku[i] = 0
Tue Aug 7 20:43:08 2012 us=560515 remote_cert_ku[i] = 0
Tue Aug 7 20:43:08 2012 us=560542 remote_cert_ku[i] = 0
Tue Aug 7 20:43:08 2012 us=560567 remote_cert_ku[i] = 0
Tue Aug 7 20:43:08 2012 us=560594 remote_cert_eku = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=560620 tls_timeout = 2
Tue Aug 7 20:43:08 2012 us=560646 renegotiate_bytes = 0
Tue Aug 7 20:43:08 2012 us=560672 renegotiate_packets = 0
Tue Aug 7 20:43:08 2012 us=560698 renegotiate_seconds = 3600
Tue Aug 7 20:43:08 2012 us=560724 handshake_window = 60
Tue Aug 7 20:43:08 2012 us=560751 transition_window = 3600
Tue Aug 7 20:43:08 2012 us=560776 single_session = DISABLED
Tue Aug 7 20:43:08 2012 us=560803 push_peer_info = DISABLED
Tue Aug 7 20:43:08 2012 us=560828 tls_exit = DISABLED
Tue Aug 7 20:43:08 2012 us=560854 tls_auth_file = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=560885 server_network = 192.168.2.0
Tue Aug 7 20:43:08 2012 us=560915 server_netmask = 255.255.255.0
Tue Aug 7 20:43:08 2012 us=560944 server_bridge_ip = 0.0.0.0
Tue Aug 7 20:43:08 2012 us=560973 server_bridge_netmask = 0.0.0.0
Tue Aug 7 20:43:08 2012 us=561002 server_bridge_pool_start = 0.0.0.0
Tue Aug 7 20:43:08 2012 us=561030 server_bridge_pool_end = 0.0.0.0
Tue Aug 7 20:43:08 2012 us=561133 push_entry = 'route 192.168.2.0 255.255.255.0'
Tue Aug 7 20:43:08 2012 us=561162 push_entry = 'topology net30'
Tue Aug 7 20:43:08 2012 us=561188 push_entry = 'ping 10'
Tue Aug 7 20:43:08 2012 us=561214 push_entry = 'ping-restart 120'
Tue Aug 7 20:43:08 2012 us=561241 ifconfig_pool_defined = ENABLED
Tue Aug 7 20:43:08 2012 us=561270 ifconfig_pool_start = 192.168.2.4
Tue Aug 7 20:43:08 2012 us=561299 ifconfig_pool_end = 192.168.2.251
Tue Aug 7 20:43:08 2012 us=561328 ifconfig_pool_netmask = 0.0.0.0
Tue Aug 7 20:43:08 2012 us=561354 ifconfig_pool_persist_filename = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=561381 ifconfig_pool_persist_refresh_freq = 600
Tue Aug 7 20:43:08 2012 us=561407 n_bcast_buf = 256
Tue Aug 7 20:43:08 2012 us=561433 tcp_queue_limit = 64
Tue Aug 7 20:43:08 2012 us=561462 real_hash_size = 256
Tue Aug 7 20:43:08 2012 us=561489 virtual_hash_size = 256
Tue Aug 7 20:43:08 2012 us=561516 client_connect_script = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=561542 learn_address_script = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=561568 client_disconnect_script = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=561595 client_config_dir = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=561621 ccd_exclusive = DISABLED
Tue Aug 7 20:43:08 2012 us=561647 tmp_dir = '/tmp'
Tue Aug 7 20:43:08 2012 us=561673 push_ifconfig_defined = DISABLED
Tue Aug 7 20:43:08 2012 us=561703 push_ifconfig_local = 0.0.0.0
Tue Aug 7 20:43:08 2012 us=561763 push_ifconfig_remote_netmask = 0.0.0.0
Tue Aug 7 20:43:08 2012 us=561793 enable_c2c = ENABLED
Tue Aug 7 20:43:08 2012 us=561820 duplicate_cn = DISABLED
Tue Aug 7 20:43:08 2012 us=561847 cf_max = 0
Tue Aug 7 20:43:08 2012 us=561874 cf_per = 0
Tue Aug 7 20:43:08 2012 us=561901 max_clients = 10
Tue Aug 7 20:43:08 2012 us=561927 max_routes_per_client = 256
Tue Aug 7 20:43:08 2012 us=561954 auth_user_pass_verify_script = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=561980 auth_user_pass_verify_script_via_file = DISABLED
Tue Aug 7 20:43:08 2012 us=562007 ssl_flags = 0
Tue Aug 7 20:43:08 2012 us=562033 port_share_host = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=562060 port_share_port = 0
Tue Aug 7 20:43:08 2012 us=562086 client = DISABLED
Tue Aug 7 20:43:08 2012 us=562113 pull = DISABLED
Tue Aug 7 20:43:08 2012 us=562139 auth_user_pass_file = '[UNDEF]'
Tue Aug 7 20:43:08 2012 us=562172 OpenVPN 2.2.2 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] [eurephia] built on Aug 5 2012
Tue Aug 7 20:43:08 2012 us=562548 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Tue Aug 7 20:43:08 2012 us=578222 Diffie-Hellman initialized with 1024 bit key
Tue Aug 7 20:43:08 2012 us=580048 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Aug 7 20:43:08 2012 us=580184 Socket Buffers: R=[109568->131072] S=[109568->131072]
Tue Aug 7 20:43:08 2012 us=580587 ROUTE default_gateway=85.18.254.2
Tue Aug 7 20:43:08 2012 us=586300 TUN/TAP device tun0 opened
Tue Aug 7 20:43:08 2012 us=586454 TUN/TAP TX queue length set to 100
Tue Aug 7 20:43:08 2012 us=586584 /sbin/ifconfig tun0 192.168.2.1 pointopoint 192.168.2.2 mtu 1500
Tue Aug 7 20:43:08 2012 us=595180 /sbin/route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.2.2
Tue Aug 7 20:43:08 2012 us=597349 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Aug 7 20:43:08 2012 us=599518 GID set to nobody
Tue Aug 7 20:43:08 2012 us=599960 UID set to nobody
Tue Aug 7 20:43:08 2012 us=600050 UDPv4 link local (bound): [undef]:1194
Tue Aug 7 20:43:08 2012 us=600082 UDPv4 link remote: [undef]
Tue Aug 7 20:43:08 2012 us=600129 MULTI: multi_init called, r=256 v=256
Tue Aug 7 20:43:08 2012 us=600384 IFCONFIG POOL: base=192.168.2.4 size=62
Tue Aug 7 20:43:08 2012 us=600501 Initialization Sequence Completed
Client.log
----------------------------------------------------
Wed Aug 08 10:34:22 2012 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Aug 08 10:34:22 2012 TLS Error: TLS handshake failed
Wed Aug 08 10:34:22 2012 TCP/UDP: Closing socket
Wed Aug 08 10:34:22 2012 SIGUSR1[soft,tls-error] received, process restarting
Wed Aug 08 10:34:22 2012 Restart pause, 2 second(s)
Wed Aug 08 10:34:24 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Wed Aug 08 10:34:24 2012 Re-using SSL/TLS context
Wed Aug 08 10:34:24 2012 LZO compression initialized
Wed Aug 08 10:34:24 2012 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed Aug 08 10:34:24 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Wed Aug 08 10:34:24 2012 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Aug 08 10:34:24 2012 Local Options hash (VER=V4): '41690919'
Wed Aug 08 10:34:24 2012 Expected Remote Options hash (VER=V4): '530fdded'
Wed Aug 08 10:34:24 2012 UDPv4 link local: [undef]
Wed Aug 08 10:34:24 2012 UDPv4 link remote: 85.18.254.4:1194
Hope is enough.
Thanks
Giulio
-
maikcat
- Forum Team
- Posts: 4200
- Joined: Wed Jan 12, 2011 9:23 am
- Location: Athens,Greece
- Contact:
Re: Openvpn on slackware server
did you forward the port 1194/udp on your internet router? (server side)
can you post the output of:
iptables -L -v
on your openvpn server?
Michael.
can you post the output of:
iptables -L -v
on your openvpn server?
Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
-
ronin
- OpenVpn Newbie
- Posts: 6
- Joined: Tue Aug 07, 2012 5:29 pm
Re: Openvpn on slackware server
Chain INPUT (policy ACCEPT 953 packets, 95625 bytes)
pkts bytes target prot opt in out source destination
577 86760 ACCEPT all -- lo any anywhere anywhere
0 0 ACCEPT udp -- lo any anywhere anywhere
0 0 DROP tcp -- eth1 any anywhere anywhere tcp dpt:ssh
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:ssh
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:auth
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:auth
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:ftp-data
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:ftp-data
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:ftp
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:ftp
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:ntp
4 304 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:ntp
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:time
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:time
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:domain
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:domain
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:nntp
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:nntp
7 571 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:http
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:http
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:https
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:https
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:squid
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:squid
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:3130
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:3130
394 105K ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:smtp
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:smtp
80 4462 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:pop3
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:pop3
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:783
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:783
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:isis
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:isis
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:hylafax
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:4559
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:46013
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:46013
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:squid
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:squid
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:ipp
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:ipp
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:10000
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:10000
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:8080
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:8080
0 0 DROP tcp -- eth1 any anywhere anywhere tcp dpt:netbios-ns
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:netbios-ns
0 0 DROP tcp -- eth1 any anywhere anywhere tcp dpt:netbios-dgm
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:netbios-dgm
0 0 DROP tcp -- eth1 any anywhere anywhere tcp dpt:netbios-ssn
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:netbios-ssn
2 96 DROP tcp -- eth1 any anywhere anywhere tcp dpt:microsoft-ds
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:microsoft-ds
Chain FORWARD (policy DROP 17 packets, 1259 bytes)
pkts bytes target prot opt in out source destination
767 186K ACCEPT all -- eth1 eth0 anywhere anywhere state RELATED,ESTABLISHED
0 0 ACCEPT all -- eth1 eth0 anywhere anywhere state RELATED
503 79237 ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED
356 48675 ACCEPT all -- eth0 eth1 anywhere anywhere
Chain OUTPUT (policy ACCEPT 1568 packets, 471K bytes)
pkts bytes target prot opt in out source destination
608 88930 ACCEPT all -- any lo anywhere anywhere
pkts bytes target prot opt in out source destination
577 86760 ACCEPT all -- lo any anywhere anywhere
0 0 ACCEPT udp -- lo any anywhere anywhere
0 0 DROP tcp -- eth1 any anywhere anywhere tcp dpt:ssh
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:ssh
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:auth
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:auth
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:ftp-data
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:ftp-data
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:ftp
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:ftp
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:ntp
4 304 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:ntp
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:time
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:time
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:domain
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:domain
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:nntp
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:nntp
7 571 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:http
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:http
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:https
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:https
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:squid
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:squid
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:3130
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:3130
394 105K ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:smtp
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:smtp
80 4462 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:pop3
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:pop3
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:783
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:783
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:isis
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:isis
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:hylafax
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:4559
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:46013
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:46013
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:squid
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:squid
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:ipp
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:ipp
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:10000
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:10000
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:8080
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:8080
0 0 DROP tcp -- eth1 any anywhere anywhere tcp dpt:netbios-ns
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:netbios-ns
0 0 DROP tcp -- eth1 any anywhere anywhere tcp dpt:netbios-dgm
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:netbios-dgm
0 0 DROP tcp -- eth1 any anywhere anywhere tcp dpt:netbios-ssn
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:netbios-ssn
2 96 DROP tcp -- eth1 any anywhere anywhere tcp dpt:microsoft-ds
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:microsoft-ds
Chain FORWARD (policy DROP 17 packets, 1259 bytes)
pkts bytes target prot opt in out source destination
767 186K ACCEPT all -- eth1 eth0 anywhere anywhere state RELATED,ESTABLISHED
0 0 ACCEPT all -- eth1 eth0 anywhere anywhere state RELATED
503 79237 ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED
356 48675 ACCEPT all -- eth0 eth1 anywhere anywhere
Chain OUTPUT (policy ACCEPT 1568 packets, 471K bytes)
pkts bytes target prot opt in out source destination
608 88930 ACCEPT all -- any lo anywhere anywhere
-
ronin
- OpenVpn Newbie
- Posts: 6
- Joined: Tue Aug 07, 2012 5:29 pm
Re: Openvpn on slackware server
Hi Michael
This is my iptables:
Chain INPUT (policy ACCEPT 953 packets, 95625 bytes)
pkts bytes target prot opt in out source destination
577 86760 ACCEPT all -- lo any anywhere anywhere
0 0 ACCEPT udp -- lo any anywhere anywhere
0 0 DROP tcp -- eth1 any anywhere anywhere tcp dpt:ssh
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:ssh
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:auth
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:auth
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:ftp-data
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:ftp-data
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:ftp
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:ftp
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:ntp
4 304 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:ntp
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:time
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:time
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:domain
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:domain
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:nntp
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:nntp
7 571 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:http
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:http
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:https
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:https
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:squid
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:squid
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:3130
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:3130
394 105K ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:smtp
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:smtp
80 4462 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:pop3
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:pop3
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:783
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:783
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:isis
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:isis
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:hylafax
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:4559
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:46013
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:46013
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:squid
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:squid
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:ipp
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:ipp
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:10000
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:10000
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:8080
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:8080
0 0 DROP tcp -- eth1 any anywhere anywhere tcp dpt:netbios-ns
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:netbios-ns
0 0 DROP tcp -- eth1 any anywhere anywhere tcp dpt:netbios-dgm
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:netbios-dgm
0 0 DROP tcp -- eth1 any anywhere anywhere tcp dpt:netbios-ssn
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:netbios-ssn
2 96 DROP tcp -- eth1 any anywhere anywhere tcp dpt:microsoft-ds
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:microsoft-ds
Chain FORWARD (policy DROP 17 packets, 1259 bytes)
pkts bytes target prot opt in out source destination
767 186K ACCEPT all -- eth1 eth0 anywhere anywhere state RELATED,ESTABLISHED
0 0 ACCEPT all -- eth1 eth0 anywhere anywhere state RELATED
503 79237 ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED
356 48675 ACCEPT all -- eth0 eth1 anywhere anywhere
Chain OUTPUT (policy ACCEPT 1568 packets, 471K bytes)
pkts bytes target prot opt in out source destination
608 88930 ACCEPT all -- any lo anywhere anywhere
This is my iptables:
Chain INPUT (policy ACCEPT 953 packets, 95625 bytes)
pkts bytes target prot opt in out source destination
577 86760 ACCEPT all -- lo any anywhere anywhere
0 0 ACCEPT udp -- lo any anywhere anywhere
0 0 DROP tcp -- eth1 any anywhere anywhere tcp dpt:ssh
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:ssh
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:auth
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:auth
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:ftp-data
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:ftp-data
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:ftp
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:ftp
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:ntp
4 304 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:ntp
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:time
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:time
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:domain
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:domain
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:nntp
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:nntp
7 571 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:http
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:http
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:https
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:https
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:squid
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:squid
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:3130
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:3130
394 105K ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:smtp
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:smtp
80 4462 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:pop3
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:pop3
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:783
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:783
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:isis
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:isis
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:hylafax
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:4559
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:46013
0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:46013
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:squid
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:squid
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:ipp
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:ipp
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:10000
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:10000
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:8080
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:8080
0 0 DROP tcp -- eth1 any anywhere anywhere tcp dpt:netbios-ns
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:netbios-ns
0 0 DROP tcp -- eth1 any anywhere anywhere tcp dpt:netbios-dgm
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:netbios-dgm
0 0 DROP tcp -- eth1 any anywhere anywhere tcp dpt:netbios-ssn
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:netbios-ssn
2 96 DROP tcp -- eth1 any anywhere anywhere tcp dpt:microsoft-ds
0 0 DROP udp -- eth1 any anywhere anywhere udp dpt:microsoft-ds
Chain FORWARD (policy DROP 17 packets, 1259 bytes)
pkts bytes target prot opt in out source destination
767 186K ACCEPT all -- eth1 eth0 anywhere anywhere state RELATED,ESTABLISHED
0 0 ACCEPT all -- eth1 eth0 anywhere anywhere state RELATED
503 79237 ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED
356 48675 ACCEPT all -- eth0 eth1 anywhere anywhere
Chain OUTPUT (policy ACCEPT 1568 packets, 471K bytes)
pkts bytes target prot opt in out source destination
608 88930 ACCEPT all -- any lo anywhere anywhere
-
ronin
- OpenVpn Newbie
- Posts: 6
- Joined: Tue Aug 07, 2012 5:29 pm
Re: Openvpn on slackware server
I think this could be the problem:
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.2.2 * 255.255.255.255 UH 0 0 0 tun0
85.18.254.0 * 255.255.255.248 U 0 0 0 eth1
192.168.2.0 192.168.2.2 255.255.255.0 UG 0 0 0 tun0
localnet * 255.255.255.0 U 0 0 0 eth0
loopback * 255.0.0.0 U 0 0 0 lo
default 85-18-254-2.ip. 0.0.0.0 UG 1 0 0 eth1
root@server2:/etc/openvpn#
The VPN server is configured as 192.168.2.1 (I should be).
The routing table is set via 192.168.2.2 (gw).
192.168.2.2 should be my client.
So It doesn't run.
Do You think this could be the problem?
Ho can I change the vpn routing table?
Tks.
Giulio
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.2.2 * 255.255.255.255 UH 0 0 0 tun0
85.18.254.0 * 255.255.255.248 U 0 0 0 eth1
192.168.2.0 192.168.2.2 255.255.255.0 UG 0 0 0 tun0
localnet * 255.255.255.0 U 0 0 0 eth0
loopback * 255.0.0.0 U 0 0 0 lo
default 85-18-254-2.ip. 0.0.0.0 UG 1 0 0 eth1
root@server2:/etc/openvpn#
The VPN server is configured as 192.168.2.1 (I should be).
The routing table is set via 192.168.2.2 (gw).
192.168.2.2 should be my client.
So It doesn't run.
Do You think this could be the problem?
Ho can I change the vpn routing table?
Tks.
Giulio
-
maikcat
- Forum Team
- Posts: 4200
- Joined: Wed Jan 12, 2011 9:23 am
- Location: Athens,Greece
- Contact:
Re: Openvpn on slackware server
hi there,
please remove
ifconfig 192.168.2.201 192.168.1.202
from your server config (server directive is enough..)
your ip tables look ok,for verify only can you post them using iptables -L -v -n
Michael.
please remove
ifconfig 192.168.2.201 192.168.1.202
from your server config (server directive is enough..)
your ip tables look ok,for verify only can you post them using iptables -L -v -n
Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
-
ronin
- OpenVpn Newbie
- Posts: 6
- Joined: Tue Aug 07, 2012 5:29 pm
Re: Openvpn on slackware server
Hi,
I removed the ifconfig as you told me.
this is Iptables -L -v -n:
Chain INPUT (policy ACCEPT 4680 packets, 577K bytes)
pkts bytes target prot opt in out source destination
30272 7744K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT udp -- lo * 0.0.0.0/0 0.0.0.0/0
14 708 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:22
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:113
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:113
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:20
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:20
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:21
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:123
4 304 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:123
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:37
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:37
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
2 112 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:119
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:119
703 58206 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
12 569 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:80
84 4748 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:3128
2 96 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3128
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:3130
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:3130
41896 17M ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
1 46 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:25
9492 529K ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:110
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:110
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:783
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:783
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:2042
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:2042
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:4559
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:4559
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:46013
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:46013
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:3128
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:3128
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:631
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:631
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:10000
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:10000
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:8080
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:8080
0 0 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:137
7 546 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:137
0 0 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:138
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:138
6 288 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:139
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:139
240 11984 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:445
0 0 DROP all -- eth1 * 127.0.0.1 0.0.0.0/0
0 0 DROP all -- eth1 * 0.0.0.0/0 127.0.0.1
0 0 DROP all -- eth1 * 127.0.0.1 0.0.0.0/0
0 0 DROP all -- eth1 * 0.0.0.0/0 127.0.0.1
0 0 DROP all -- eth1 * 127.0.0.1 0.0.0.0/0
0 0 DROP all -- eth1 * 0.0.0.0/0 127.0.0.1
0 0 DROP all -- eth1 * 192.168.0.0/16 0.0.0.0/0
0 0 DROP all -- eth1 * 172.16.0.0/12 0.0.0.0/0
0 0 DROP all -- eth1 * 10.0.0.0/8 0.0.0.0/0
0 0 DROP all -- eth1 * 127.0.0.1 0.0.0.0/0
0 0 DROP all -- eth1 * 0.0.0.0/0 127.0.0.1
0 0 DROP all -- eth1 * 192.168.0.0/16 0.0.0.0/0
0 0 DROP all -- eth1 * 172.16.0.0/12 0.0.0.0/0
0 0 DROP all -- eth1 * 10.0.0.0/8 0.0.0.0/0
0 0 ACCEPT all -- * * 127.0.0.1 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 127.0.0.1
540 33464 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
3873 274K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1194
0 0 ACCEPT all -- tun+ * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- tap+ * 0.0.0.0/0 0.0.0.0/0
77234 7501K ACCEPT all -- eth0 * 0.0.0.0/0 0.0.0.0/0
19023 2359K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
1101K 996M ACCEPT all -- eth1 eth0 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT all -- eth1 eth0 0.0.0.0/0 0.0.0.0/0 state RELATED
872K 104M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
12589 886K ACCEPT all -- eth0 eth1 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- eth1 * 127.0.0.1 0.0.0.0/0
0 0 DROP all -- eth1 * 0.0.0.0/0 127.0.0.1
0 0 DROP all -- eth1 * 127.0.0.1 0.0.0.0/0
0 0 DROP all -- eth1 * 0.0.0.0/0 127.0.0.1
0 0 DROP all -- eth1 * 192.168.0.0/16 0.0.0.0/0
0 0 DROP all -- eth1 * 172.16.0.0/12 0.0.0.0/0
0 0 DROP all -- eth1 * 127.0.0.1 0.0.0.0/0
0 0 DROP all -- eth1 * 0.0.0.0/0 127.0.0.1
0 0 DROP all -- eth1 * 192.168.0.0/16 0.0.0.0/0
0 0 DROP all -- eth1 * 172.16.0.0/12 0.0.0.0/0
0 0 DROP all -- eth1 * 10.0.0.0/8 0.0.0.0/0
0 0 DROP all -- eth1 * 127.0.0.1 0.0.0.0/0
0 0 DROP all -- eth1 * 0.0.0.0/0 127.0.0.1
0 0 DROP all -- eth1 * 192.168.0.0/16 0.0.0.0/0
0 0 DROP all -- eth1 * 172.16.0.0/12 0.0.0.0/0
0 0 DROP all -- eth1 * 10.0.0.0/8 0.0.0.0/0
0 0 DROP tcp -- * eth1 0.0.0.0/0 0.0.0.0/0 tcp spts:137:139
0 0 DROP udp -- * eth1 0.0.0.0/0 0.0.0.0/0 udp spts:137:139
0 0 DROP all -- eth0 * !192.168.1.0/24 0.0.0.0/0
0 0 ACCEPT all -- tun+ * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- tap+ * 0.0.0.0/0 0.0.0.0/0
10 528 ACCEPT all -- eth0 * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * eth1 0.0.0.0/0 0.0.0.0/0 state NEW
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
Chain OUTPUT (policy ACCEPT 245K packets, 233M bytes)
pkts bytes target prot opt in out source destination
31135 7805K ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 DROP tcp -- * eth1 0.0.0.0/0 0.0.0.0/0 tcp spts:137:139
0 0 DROP udp -- * eth1 0.0.0.0/0 0.0.0.0/0 udp spts:137:139
1533 110K ACCEPT all -- * eth1 0.0.0.0/0 0.0.0.0/0 state NEW
.
On server
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:192.168.2.1 P-t-P:192.168.2.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:23 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:1908 (1.8 KiB)
The client does not answer to the ping 192.168.2.2.
Could be this?
I removed the ifconfig as you told me.
this is Iptables -L -v -n:
Chain INPUT (policy ACCEPT 4680 packets, 577K bytes)
pkts bytes target prot opt in out source destination
30272 7744K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT udp -- lo * 0.0.0.0/0 0.0.0.0/0
14 708 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:22
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:113
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:113
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:20
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:20
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:21
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:123
4 304 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:123
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:37
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:37
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
2 112 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:119
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:119
703 58206 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
12 569 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:80
84 4748 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:3128
2 96 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3128
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:3130
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:3130
41896 17M ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
1 46 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:25
9492 529K ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:110
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:110
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:783
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:783
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:2042
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:2042
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:4559
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:4559
0 0 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:46013
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:46013
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:3128
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:3128
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:631
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:631
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:10000
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:10000
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:8080
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:8080
0 0 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:137
7 546 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:137
0 0 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:138
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:138
6 288 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:139
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:139
240 11984 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
0 0 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:445
0 0 DROP all -- eth1 * 127.0.0.1 0.0.0.0/0
0 0 DROP all -- eth1 * 0.0.0.0/0 127.0.0.1
0 0 DROP all -- eth1 * 127.0.0.1 0.0.0.0/0
0 0 DROP all -- eth1 * 0.0.0.0/0 127.0.0.1
0 0 DROP all -- eth1 * 127.0.0.1 0.0.0.0/0
0 0 DROP all -- eth1 * 0.0.0.0/0 127.0.0.1
0 0 DROP all -- eth1 * 192.168.0.0/16 0.0.0.0/0
0 0 DROP all -- eth1 * 172.16.0.0/12 0.0.0.0/0
0 0 DROP all -- eth1 * 10.0.0.0/8 0.0.0.0/0
0 0 DROP all -- eth1 * 127.0.0.1 0.0.0.0/0
0 0 DROP all -- eth1 * 0.0.0.0/0 127.0.0.1
0 0 DROP all -- eth1 * 192.168.0.0/16 0.0.0.0/0
0 0 DROP all -- eth1 * 172.16.0.0/12 0.0.0.0/0
0 0 DROP all -- eth1 * 10.0.0.0/8 0.0.0.0/0
0 0 ACCEPT all -- * * 127.0.0.1 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 127.0.0.1
540 33464 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
3873 274K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1194
0 0 ACCEPT all -- tun+ * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- tap+ * 0.0.0.0/0 0.0.0.0/0
77234 7501K ACCEPT all -- eth0 * 0.0.0.0/0 0.0.0.0/0
19023 2359K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
1101K 996M ACCEPT all -- eth1 eth0 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT all -- eth1 eth0 0.0.0.0/0 0.0.0.0/0 state RELATED
872K 104M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
12589 886K ACCEPT all -- eth0 eth1 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- eth1 * 127.0.0.1 0.0.0.0/0
0 0 DROP all -- eth1 * 0.0.0.0/0 127.0.0.1
0 0 DROP all -- eth1 * 127.0.0.1 0.0.0.0/0
0 0 DROP all -- eth1 * 0.0.0.0/0 127.0.0.1
0 0 DROP all -- eth1 * 192.168.0.0/16 0.0.0.0/0
0 0 DROP all -- eth1 * 172.16.0.0/12 0.0.0.0/0
0 0 DROP all -- eth1 * 127.0.0.1 0.0.0.0/0
0 0 DROP all -- eth1 * 0.0.0.0/0 127.0.0.1
0 0 DROP all -- eth1 * 192.168.0.0/16 0.0.0.0/0
0 0 DROP all -- eth1 * 172.16.0.0/12 0.0.0.0/0
0 0 DROP all -- eth1 * 10.0.0.0/8 0.0.0.0/0
0 0 DROP all -- eth1 * 127.0.0.1 0.0.0.0/0
0 0 DROP all -- eth1 * 0.0.0.0/0 127.0.0.1
0 0 DROP all -- eth1 * 192.168.0.0/16 0.0.0.0/0
0 0 DROP all -- eth1 * 172.16.0.0/12 0.0.0.0/0
0 0 DROP all -- eth1 * 10.0.0.0/8 0.0.0.0/0
0 0 DROP tcp -- * eth1 0.0.0.0/0 0.0.0.0/0 tcp spts:137:139
0 0 DROP udp -- * eth1 0.0.0.0/0 0.0.0.0/0 udp spts:137:139
0 0 DROP all -- eth0 * !192.168.1.0/24 0.0.0.0/0
0 0 ACCEPT all -- tun+ * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- tap+ * 0.0.0.0/0 0.0.0.0/0
10 528 ACCEPT all -- eth0 * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * eth1 0.0.0.0/0 0.0.0.0/0 state NEW
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
Chain OUTPUT (policy ACCEPT 245K packets, 233M bytes)
pkts bytes target prot opt in out source destination
31135 7805K ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 DROP tcp -- * eth1 0.0.0.0/0 0.0.0.0/0 tcp spts:137:139
0 0 DROP udp -- * eth1 0.0.0.0/0 0.0.0.0/0 udp spts:137:139
1533 110K ACCEPT all -- * eth1 0.0.0.0/0 0.0.0.0/0 state NEW
.
On server
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:192.168.2.1 P-t-P:192.168.2.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:23 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:1908 (1.8 KiB)
The client does not answer to the ping 192.168.2.2.
Could be this?
-
maikcat
- Forum Team
- Posts: 4200
- Joined: Wed Jan 12, 2011 9:23 am
- Location: Athens,Greece
- Contact:
Re: Openvpn on slackware server
your openvpn logs show that server doesnt recieve anything from your client..
probably a roule in INPUT chain drops traffic
try adding a rule specifically for openvpn and place it on top
of INPUT chain
keep in mind that your source port could be anything ,only the dest port is 1194 (TO your server).
Michael.
probably a roule in INPUT chain drops traffic
try adding a rule specifically for openvpn and place it on top
of INPUT chain
keep in mind that your source port could be anything ,only the dest port is 1194 (TO your server).
Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"