Indice del forum www.zeroshell.net
Distribuzione Linux ZeroShell
 
 FAQFAQ   CercaCerca  GruppiGruppi   RegistratiRegistrati 
 ProfiloProfilo  Log inLog in   Messaggi privatiMessaggi privati 

Problema con Open VPN client su Windows 2003 SBS

 
Nuovo argomento   Rispondi    Indice del forum -> ZeroShell
Precedente :: Successivo  
Autore Messaggio
adpslab



Registrato: 28/04/09 16:22
Messaggi: 1

MessaggioInviato: Mar Apr 28, 2009 4:49 pm    Oggetto: Problema con Open VPN client su Windows 2003 SBS Rispondi citando

Salve ragazzi e complimenti per il forum.

Vorrei porvi un quesito tecnico riguardante OpenVPN.

Ho installato un router in un sito in questo modo:

pc remoto LAN 192.168.0.10 ->192.168.0.1 (router firewall con openvpn server) 192.168.1.100 <->192.168.1.1 (router alice business) -> ip pubblico internet -> ip dinamico (router alice) 192.168.1.1 -> 192.168.1.10 server locale windows 2003 SBS con OpenVPN client .

Il server Open VPN č configurato in modo da assegnare in dhcp gli indirizzi ai client nella subnet 192.168.200.0.

La rete VPN č stata configurata e testata su pc con OpenVPN client su Windos XP, si connette al router remoto e pinga e sfoglia la rete 192.168.0.0.

Il problema nasce quando lo stesso OpenVPN client con la stessa configurazione lo installo su Windows 2003 SBS (naturalmente tutto con privilegi di amministratore).

Il link si stabilisce ed avviene lo scambio delle chiavi ma la procedura si blocca sul routing.

Questo č il log dell'ultima parte della connessione:



Tue Apr 28 16:51:06 2009 us=718000 PUSH: Received control message: 'PUSH_REPLY,route

192.168.0.0 255.255.255.0,route 192.168.200.1,ping 10,ping-restart 60,ifconfig

192.168.200.6 192.168.200.5'
Tue Apr 28 16:51:06 2009 us=718000 OPTIONS IMPORT: timers and/or timeouts modified
Tue Apr 28 16:51:06 2009 us=718000 OPTIONS IMPORT: --ifconfig/up options modified
Tue Apr 28 16:51:06 2009 us=718000 OPTIONS IMPORT: route options modified
Tue Apr 28 16:51:06 2009 us=718000 ROUTE default_gateway=192.168.1.1
Tue Apr 28 16:51:06 2009 us=718000 TAP-WIN32 device [OPENVPN] opened:

\\.\Global\{7BA79274-A6BF-4170-AC33-19711433AE67}.tap
Tue Apr 28 16:51:06 2009 us=718000 TAP-Win32 Driver Version 9.4
Tue Apr 28 16:51:06 2009 us=718000 TAP-Win32 MTU=1500
Tue Apr 28 16:51:06 2009 us=718000 Notified TAP-Win32 driver to set a DHCP

IP/netmask of 192.168.200.6/255.255.255.252 on interface

{7BA79274-A6BF-4170-AC33-19711433AE67} [DHCP-serv: 192.168.200.5, lease-time:

31536000]
Tue Apr 28 16:51:06 2009 us=718000 Successful ARP Flush on interface [2]

{7BA79274-A6BF-4170-AC33-19711433AE67}
Tue Apr 28 16:51:17 2009 us=531000 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0

u/d=down
Tue Apr 28 16:51:17 2009 us=531000 Route: Waiting for TUN/TAP interface to come

up...
Tue Apr 28 16:51:22 2009 us=937000 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0

u/d=down
Tue Apr 28 16:51:22 2009 us=937000 Route: Waiting for TUN/TAP interface to come

up...
Tue Apr 28 16:51:24 2009 us=140000 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0

u/d=down
Tue Apr 28 16:51:24 2009 us=140000 Route: Waiting for TUN/TAP interface to come

up...
Tue Apr 28 16:51:25 2009 us=343000 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0

u/d=down
Tue Apr 28 16:51:25 2009 us=343000 Route: Waiting for TUN/TAP interface to come

up...
Tue Apr 28 16:51:26 2009 us=546000 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0

u/d=down
Tue Apr 28 16:51:26 2009 us=546000 Route: Waiting for TUN/TAP interface to come

up...
Tue Apr 28 16:51:27 2009 us=203000 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0

u/d=down
Tue Apr 28 16:51:27 2009 us=203000 Route: Waiting for TUN/TAP interface to come

up...
Tue Apr 28 16:51:28 2009 us=343000 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0

u/d=down
Tue Apr 28 16:51:28 2009 us=343000 Route: Waiting for TUN/TAP interface to come

up...
Tue Apr 28 16:51:29 2009 us=484000 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0

u/d=down
Tue Apr 28 16:51:29 2009 us=484000 Route: Waiting for TUN/TAP interface to come

up...
Tue Apr 28 16:51:30 2009 us=625000 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0

u/d=down
Tue Apr 28 16:51:30 2009 us=625000 Route: Waiting for TUN/TAP interface to come

up...
Tue Apr 28 16:51:31 2009 us=765000 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0

u/d=down
Tue Apr 28 16:51:31 2009 us=765000 Route: Waiting for TUN/TAP interface to come

up...
Tue Apr 28 16:51:32 2009 us=906000 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0

u/d=down
Tue Apr 28 16:51:32 2009 us=906000 Route: Waiting for TUN/TAP interface to come

up...
Tue Apr 28 16:51:34 2009 us=46000 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0

u/d=down
Tue Apr 28 16:51:34 2009 us=46000 Route: Waiting for TUN/TAP interface to come up...
Tue Apr 28 16:51:35 2009 us=187000 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0

u/d=down
Tue Apr 28 16:51:35 2009 us=187000 Route: Waiting for TUN/TAP interface to come

up...
Tue Apr 28 16:51:36 2009 us=328000 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0

u/d=down
Tue Apr 28 16:51:36 2009 us=328000 Route: Waiting for TUN/TAP interface to come

up...
Tue Apr 28 16:51:37 2009 us=234000 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0

u/d=down
Tue Apr 28 16:51:37 2009 us=234000 Route: Waiting for TUN/TAP interface to come

up...
Tue Apr 28 16:51:38 2009 us=390000 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0

u/d=down
Tue Apr 28 16:51:38 2009 us=390000 Route: Waiting for TUN/TAP interface to come

up...
Tue Apr 28 16:51:39 2009 us=546000 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0

u/d=down
Tue Apr 28 16:51:39 2009 us=546000 Route: Waiting for TUN/TAP interface to come

up...
Tue Apr 28 16:51:40 2009 us=703000 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0

u/d=down
Tue Apr 28 16:51:40 2009 us=703000 Route: Waiting for TUN/TAP interface to come

up...
Tue Apr 28 16:51:41 2009 us=859000 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0

u/d=down
Tue Apr 28 16:51:41 2009 us=859000 C:\WINDOWS\system32\route.exe ADD 192.168.0.0

MASK 255.255.255.0 192.168.200.5
Tue Apr 28 16:51:41 2009 us=890000 C:\WINDOWS\system32\route.exe ADD 192.168.200.1

MASK 255.255.255.255 192.168.200.5
SYSTEM ROUTING TABLE
0.0.0.0 0.0.0.0 192.168.1.1 p=0 i=65540 t=0 pr=3 a=0 h=0 m=1/1/1/10/3
127.0.0.0 255.0.0.0 127.0.0.1 p=0 i=1 t=0 pr=2 a=0 h=0 m=1/1/1/1/1
127.0.0.1 255.255.255.255 127.0.0.1 p=0 i=1 t=0 pr=2 a=0 h=0 m=1/1/1/1/1
169.254.0.0 255.255.0.0 169.254.157.255 p=0 i=2 t=0 pr=2 a=0 h=0 m=30/30/30/1/3
169.254.157.255 255.255.255.255 127.0.0.1 p=0 i=1 t=0 pr=2 a=0 h=0 m=30/30/30/1/1
169.254.255.255 255.255.255.255 169.254.157.255 p=0 i=2 t=0 pr=2 a=0 h=0

m=30/30/30/1/3
192.168.1.0 255.255.255.0 192.168.1.10 p=0 i=65540 t=0 pr=2 a=0 h=0 m=20/20/20/1/3
192.168.1.10 255.255.255.255 127.0.0.1 p=0 i=1 t=0 pr=2 a=0 h=0 m=20/20/20/1/1
192.168.1.255 255.255.255.255 192.168.1.10 p=0 i=65540 t=0 pr=2 a=0 h=0

m=20/20/20/1/3
224.0.0.0 240.0.0.0 169.254.157.255 p=0 i=2 t=0 pr=2 a=0 h=0 m=30/30/30/1/3
224.0.0.0 240.0.0.0 192.168.1.10 p=0 i=65540 t=0 pr=2 a=0 h=0 m=20/20/20/1/3
255.255.255.255 255.255.255.255 169.254.157.255 p=0 i=2 t=0 pr=2 a=0 h=0 m=1/1/1/1/3
255.255.255.255 255.255.255.255 192.168.1.10 p=0 i=65540 t=0 pr=2 a=0 h=0

m=1/1/1/1/3
SYSTEM ADAPTER LIST
TAP-Win32 Adapter V9
Index = 2
GUID = {7BA79274-A6BF-4170-AC33-19711433AE67}
IP = 169.254.157.255/255.255.0.0
MAC = 00:ff:7b:a7:92:74
GATEWAY =
DHCP SERV = 255.255.255.255
DHCP LEASE OBTAINED = Tue Apr 28 16:50:25 2009
DHCP LEASE EXPIRES = Tue Jan 19 04:14:07 2038
DNS SERV =
HP NC105i PCIe Gigabit Server Adapter
Index = 65540
GUID = {B8B41406-58A1-4932-A5C2-D13F7C157012}
IP = 192.168.1.10/255.255.255.0
MAC = 00:24:81:d1:e4:af
GATEWAY = 192.168.1.1/0.0.0.0
PRI WINS = 192.168.0.115/0.0.0.0
SEC WINS = 0.0.0.0/0.0.0.0
DNS SERV = 192.168.1.10
Tue Apr 28 16:51:41 2009 us=890000 Initialization Sequence Completed With Errors (

see http://openvpn.net/faq.html#dhcpclientserv )



Il file di configurazione del client VPN č il seguente:

float
port 1194
dev tun
dev-node OPENVPN
proto udp
remote <ip pubblico> 1194
resolv-retry infinite
ping 10
persist-tun
persist-key
tls-client
ca ca.crt
cert client1.crt
key client1.key
ns-cert-type server
comp-lzo
route-method exe
pull
verb 4


Il problema č che il client openvpn non riesce a costruire corretamente le route.

Qualcuno ha provato a farlo manualmente ? Come ?
Top
Profilo Invia messaggio privato
Mostra prima i messaggi di:   
Nuovo argomento   Rispondi    Indice del forum -> ZeroShell Tutti i fusi orari sono GMT + 1 ora
Pagina 1 di 1

 
Vai a:  
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi


Powered by phpBB © 2001, 2005 phpBB Group
phpbb.it