VPN connecting but not working
Posted: Fri Dec 02, 2011 7:29 pm
Hello, I´m new at the forum.
I have a Openvpn running on a zeroshell box. The poblem is that even when it does achieve a succesfull connection, it doesn´t routes any packet.
I tried to make ping and it only works within the first 5 seconds of connection. After that, it doesn´t work anymore.
Sometimes It can´t even make a connection showing: "event_wait : Interrupted system call (code=4)".
And always throw me this error too: Fri Dec 02 11:03:49 2011 Local Options hash (VER=V4): '31fdf004'
Fri Dec 02 11:03:49 2011 Expected Remote Options hash (VER=V4): '3e6d1056'
This are my logs and config:
Client .ovpn:
remote 201.207.45.52 1194
proto tcp
auth-user-pass
ca CA.pem
comp-lzo
verb 3
mute 20
resolv-retry infinite
nobind
client
dev tap
persist-key
persist-tun
Connection log:
Running openvpn --cd /var/mobile/Documents/Configurations/vpn --config "zeroshell.ovpn"
Fri Dec 2 11:06:31 2011 OpenVPN 2.2.0_GuizmOVPN_1.1.0 arm-apple-darwin10 [SSL] [LZO2] [eurephia] built on May 28 2011
Waiting for username/password (Auth)
Username/password received
Fri Dec 2 11:06:39 2011 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Fri Dec 2 11:06:39 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Fri Dec 2 11:06:39 2011 LZO compression initialized
Fri Dec 2 11:06:39 2011 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Fri Dec 2 11:06:39 2011 Socket Buffers: R=[131072->65536] S=[131072->65536]
Fri Dec 2 11:06:39 2011 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Fri Dec 2 11:06:39 2011 Local Options hash (VER=V4): '31fdf004'
Fri Dec 2 11:06:39 2011 Expected Remote Options hash (VER=V4): '3e6d1056'
Fri Dec 2 11:06:39 2011 Attempting to establish TCP connection with 201.207.45.52:1194 [nonblock]
Fri Dec 2 11:06:40 2011 TCP connection established with 201.207.45.52:1194
Fri Dec 2 11:06:40 2011 TCPv4_CLIENT link local: [undef]
Fri Dec 2 11:06:40 2011 TCPv4_CLIENT link remote: 201.207.45.52:1194
Fri Dec 2 11:06:40 2011 TLS: Initial packet from 201.207.45.52:1194, sid=af6a4903 effd4bb8
Fri Dec 2 11:06:40 2011 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Dec 2 11:06:54 2011 VERIFY OK: depth=1, /C=VE/O=Synergy_Global_Business/OU=Synergy/CN=Synergy
Fri Dec 2 11:06:54 2011 VERIFY OK: depth=0, /OU=Hosts/CN=zeroshell.synergy-gb.com
Fri Dec 2 11:07:29 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Dec 2 11:07:29 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Dec 2 11:07:29 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Dec 2 11:07:29 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Dec 2 11:07:29 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Fri Dec 2 11:07:29 2011 [zeroshell.synergy-gb.com] Peer Connection Initiated with 201.207.45.52:1194
Fri Dec 2 11:07:32 2011 SENT CONTROL [zeroshell.synergy-gb.com]: 'PUSH_REQUEST' (status=1)
Fri Dec 2 11:07:35 2011 PUSH: Received control message: 'PUSH_REPLY,route-gateway 192.168.2.254,redirect-gateway,dhcp-option DNS 192.168.1.254,,ping 5,ping-restart 60,ifconfig 192.168.2.11 255.255.255.0'
Fri Dec 2 11:07:35 2011 Tapemu : Received local IP : 192.168.2.11/255.255.255.0
Fri Dec 2 11:07:35 2011 OPTIONS IMPORT: timers and/or timeouts modified
Fri Dec 2 11:07:35 2011 OPTIONS IMPORT: --ifconfig/up options modified
Fri Dec 2 11:07:35 2011 OPTIONS IMPORT: route options modified
Fri Dec 2 11:07:35 2011 OPTIONS IMPORT: route-related options modified
Fri Dec 2 11:07:35 2011 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Dec 2 11:07:35 2011 ROUTE default_gateway=10.70.9.242
Fri Dec 2 11:07:35 2011 Tapemu : Starting TAP emulation.
Fri Dec 2 11:07:35 2011 Tapemu : Local MAC address : 0A:00:20:04:A5:B4
Fri Dec 2 11:07:35 2011 TUN/TAP device tunemu:/ppp0 opened
Fri Dec 2 11:07:35 2011 /sbin/ifconfig ppp0 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
Fri Dec 2 11:07:35 2011 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
Fri Dec 2 11:07:35 2011 /sbin/ifconfig ppp0 192.168.2.11 192.168.2.11 netmask 255.255.255.0 mtu 1500 up
Fri Dec 2 11:07:35 2011 /sbin/route add -net 192.168.2.0 192.168.2.11 255.255.255.0
add net 192.168.2.0: gateway 192.168.2.11
Fri Dec 2 11:07:35 2011 Tapemu : Route added for 192.168.2.0/255.255.255.0 gateway 192.168.2.11
Setting DNS to /Network/Service/237501D4-1AE8-410A-ADB3-FCE549FCD6B1/DNS (192.168.1.254 190.121.224.3)
Fri Dec 2 11:07:40 2011 /sbin/route add -net 201.207.45.52 10.70.9.242 255.255.255.255
add net 201.207.45.52: gateway 10.70.9.242
Fri Dec 2 11:07:40 2011 Tapemu : Route added for 201.207.45.52/255.255.255.255 gateway 10.70.9.242
Fri Dec 2 11:07:40 2011 /sbin/route delete -net 0.0.0.0 10.70.9.242 0.0.0.0
delete net 0.0.0.0: gateway 10.70.9.242
Fri Dec 2 11:07:40 2011 /sbin/route add -net 0.0.0.0 192.168.2.254 0.0.0.0
add net 0.0.0.0: gateway 192.168.2.254
Fri Dec 2 11:07:40 2011 Tapemu : Route added for 0.0.0.0/0.0.0.0 gateway 192.168.2.254
Fri Dec 2 11:07:40 2011 Initialization Sequence Completed
Fri Dec 2 11:07:41 2011 Tapemu : Requesting MAC address for 192.168.2.254
Fri Dec 2 11:07:45 2011 Tapemu : Requesting MAC address for 192.168.2.254
Fri Dec 2 11:07:46 2011 Tapemu : Requesting MAC address for 192.168.2.254
Fri Dec 2 11:07:47 2011 Tapemu : MAC address for 192.168.2.254 : 00:FF:81:11:42:63
Fri Dec 2 11:07:47 2011 Tapemu : MAC address for 192.168.2.254 : 00:FF:81:11:42:63
Fri Dec 2 11:07:47 2011 Tapemu : MAC address for 192.168.2.254 : 00:FF:81:11:42:63
It´s really important. Thank you all in advance!
I have a Openvpn running on a zeroshell box. The poblem is that even when it does achieve a succesfull connection, it doesn´t routes any packet.
I tried to make ping and it only works within the first 5 seconds of connection. After that, it doesn´t work anymore.
Sometimes It can´t even make a connection showing: "event_wait : Interrupted system call (code=4)".
And always throw me this error too: Fri Dec 02 11:03:49 2011 Local Options hash (VER=V4): '31fdf004'
Fri Dec 02 11:03:49 2011 Expected Remote Options hash (VER=V4): '3e6d1056'
This are my logs and config:
Client .ovpn:
remote 201.207.45.52 1194
proto tcp
auth-user-pass
ca CA.pem
comp-lzo
verb 3
mute 20
resolv-retry infinite
nobind
client
dev tap
persist-key
persist-tun
Connection log:
Running openvpn --cd /var/mobile/Documents/Configurations/vpn --config "zeroshell.ovpn"
Fri Dec 2 11:06:31 2011 OpenVPN 2.2.0_GuizmOVPN_1.1.0 arm-apple-darwin10 [SSL] [LZO2] [eurephia] built on May 28 2011
Waiting for username/password (Auth)
Username/password received
Fri Dec 2 11:06:39 2011 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Fri Dec 2 11:06:39 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Fri Dec 2 11:06:39 2011 LZO compression initialized
Fri Dec 2 11:06:39 2011 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Fri Dec 2 11:06:39 2011 Socket Buffers: R=[131072->65536] S=[131072->65536]
Fri Dec 2 11:06:39 2011 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Fri Dec 2 11:06:39 2011 Local Options hash (VER=V4): '31fdf004'
Fri Dec 2 11:06:39 2011 Expected Remote Options hash (VER=V4): '3e6d1056'
Fri Dec 2 11:06:39 2011 Attempting to establish TCP connection with 201.207.45.52:1194 [nonblock]
Fri Dec 2 11:06:40 2011 TCP connection established with 201.207.45.52:1194
Fri Dec 2 11:06:40 2011 TCPv4_CLIENT link local: [undef]
Fri Dec 2 11:06:40 2011 TCPv4_CLIENT link remote: 201.207.45.52:1194
Fri Dec 2 11:06:40 2011 TLS: Initial packet from 201.207.45.52:1194, sid=af6a4903 effd4bb8
Fri Dec 2 11:06:40 2011 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Dec 2 11:06:54 2011 VERIFY OK: depth=1, /C=VE/O=Synergy_Global_Business/OU=Synergy/CN=Synergy
Fri Dec 2 11:06:54 2011 VERIFY OK: depth=0, /OU=Hosts/CN=zeroshell.synergy-gb.com
Fri Dec 2 11:07:29 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Dec 2 11:07:29 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Dec 2 11:07:29 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Dec 2 11:07:29 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Dec 2 11:07:29 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Fri Dec 2 11:07:29 2011 [zeroshell.synergy-gb.com] Peer Connection Initiated with 201.207.45.52:1194
Fri Dec 2 11:07:32 2011 SENT CONTROL [zeroshell.synergy-gb.com]: 'PUSH_REQUEST' (status=1)
Fri Dec 2 11:07:35 2011 PUSH: Received control message: 'PUSH_REPLY,route-gateway 192.168.2.254,redirect-gateway,dhcp-option DNS 192.168.1.254,,ping 5,ping-restart 60,ifconfig 192.168.2.11 255.255.255.0'
Fri Dec 2 11:07:35 2011 Tapemu : Received local IP : 192.168.2.11/255.255.255.0
Fri Dec 2 11:07:35 2011 OPTIONS IMPORT: timers and/or timeouts modified
Fri Dec 2 11:07:35 2011 OPTIONS IMPORT: --ifconfig/up options modified
Fri Dec 2 11:07:35 2011 OPTIONS IMPORT: route options modified
Fri Dec 2 11:07:35 2011 OPTIONS IMPORT: route-related options modified
Fri Dec 2 11:07:35 2011 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Dec 2 11:07:35 2011 ROUTE default_gateway=10.70.9.242
Fri Dec 2 11:07:35 2011 Tapemu : Starting TAP emulation.
Fri Dec 2 11:07:35 2011 Tapemu : Local MAC address : 0A:00:20:04:A5:B4
Fri Dec 2 11:07:35 2011 TUN/TAP device tunemu:/ppp0 opened
Fri Dec 2 11:07:35 2011 /sbin/ifconfig ppp0 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
Fri Dec 2 11:07:35 2011 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
Fri Dec 2 11:07:35 2011 /sbin/ifconfig ppp0 192.168.2.11 192.168.2.11 netmask 255.255.255.0 mtu 1500 up
Fri Dec 2 11:07:35 2011 /sbin/route add -net 192.168.2.0 192.168.2.11 255.255.255.0
add net 192.168.2.0: gateway 192.168.2.11
Fri Dec 2 11:07:35 2011 Tapemu : Route added for 192.168.2.0/255.255.255.0 gateway 192.168.2.11
Setting DNS to /Network/Service/237501D4-1AE8-410A-ADB3-FCE549FCD6B1/DNS (192.168.1.254 190.121.224.3)
Fri Dec 2 11:07:40 2011 /sbin/route add -net 201.207.45.52 10.70.9.242 255.255.255.255
add net 201.207.45.52: gateway 10.70.9.242
Fri Dec 2 11:07:40 2011 Tapemu : Route added for 201.207.45.52/255.255.255.255 gateway 10.70.9.242
Fri Dec 2 11:07:40 2011 /sbin/route delete -net 0.0.0.0 10.70.9.242 0.0.0.0
delete net 0.0.0.0: gateway 10.70.9.242
Fri Dec 2 11:07:40 2011 /sbin/route add -net 0.0.0.0 192.168.2.254 0.0.0.0
add net 0.0.0.0: gateway 192.168.2.254
Fri Dec 2 11:07:40 2011 Tapemu : Route added for 0.0.0.0/0.0.0.0 gateway 192.168.2.254
Fri Dec 2 11:07:40 2011 Initialization Sequence Completed
Fri Dec 2 11:07:41 2011 Tapemu : Requesting MAC address for 192.168.2.254
Fri Dec 2 11:07:45 2011 Tapemu : Requesting MAC address for 192.168.2.254
Fri Dec 2 11:07:46 2011 Tapemu : Requesting MAC address for 192.168.2.254
Fri Dec 2 11:07:47 2011 Tapemu : MAC address for 192.168.2.254 : 00:FF:81:11:42:63
Fri Dec 2 11:07:47 2011 Tapemu : MAC address for 192.168.2.254 : 00:FF:81:11:42:63
Fri Dec 2 11:07:47 2011 Tapemu : MAC address for 192.168.2.254 : 00:FF:81:11:42:63
It´s really important. Thank you all in advance!