Indice del forum www.zeroshell.net
Distribuzione Linux ZeroShell
 
 FAQFAQ   CercaCerca  GruppiGruppi   RegistratiRegistrati 
 ProfiloProfilo  Log inLog in   Messaggi privatiMessaggi privati 

VPN E MIKROTIK

 
Nuovo argomento   Rispondi    Indice del forum -> ZeroShell
Precedente :: Successivo  
Autore Messaggio
VITO



Registrato: 03/04/07 23:29
Messaggi: 352

MessaggioInviato: Mar Mag 19, 2009 7:52 pm    Oggetto: VPN E MIKROTIK Rispondi citando

Caro fulvio e forum
Volevo iniziare ad utilizzare open vpn tra i client mikrotik (visto che in esso è disponibile la funzione Open vpn client) e zero Mikrotik dovrebbe utilizzare solamente user e password .
Su zero ho cliccato su *VPN Enabled come descritto in guida poi ho lasciato impostato only password Nei *Command Line Parameters vuoto.
Non ho modificato alcuna voce in *Password Authentication visto che utilizzo user e password del keberos locale Del tipo EXAMPLE.COM

Nell'interfaccia *Client IP Address Assignment lascio gli ip di default per prova.

Nell'interfaccia *Setup * Network creo un bridge

BRIDGE00 (ETH01,VPN99) Forwarding State (STP: Enabled)
VPN_Client

192.168.250.254 255.255.255.0
10.10.0.1 255.255.255.0

Su mikrotik access point creo lan 10.0.0.4/16 e metto in bridge la wlan e eth dell'APPARATO.
(DOVREBBE ESSERE COSì TRASPARENTE)

Su microti CLIENT (dopo aver creato una eth 192.168.0.1 e un dhcp sulla stessa per servire il pc e configurato la wlan che comunica perfettamente con l'altro access point )creo da *interface list su *+ aggiungo *open vpn client *name ovpn-out1 * dial out *connect to 10.10.0.1 *port 1194 *mode ip poi relative user e password *il resto in default spunta su :*add default route

Attivo il dhcp client su client della wlan dell'apparato ricevente riceve l'indirizzo dhcp impostato dazero di 10.10.0.10/24

Vado su open vpn log e trovo:

20:36:01 10.10.0.10:46598 [test@EXAMPLE.COM] Trying Kerberos 5 (Local KDC) authentication
20:36:01 10.10.0.10:46598 [test@EXAMPLE.COM] Successfully authenticated
20:36:01 10.10.0.10:46598 WARNING: 'dev-type' is used inconsistently, local='dev-type tap', remote='dev-type tun'
20:36:01 10.10.0.10:46598 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1576', remote='link-mtu 1507'
20:36:01 10.10.0.10:46598 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'
20:36:01 10.10.0.10:46598 WARNING: 'comp-lzo' is present in local config but missing in remote config, local='comp-lzo'
20:36:01 10.10.0.10:46598 WARNING: 'cipher' is used inconsistently, local='cipher BF-CBC', remote='cipher [null-cipher]'
20:36:01 10.10.0.10:46598 WARNING: 'auth' is used inconsistently, local='auth SHA1', remote='auth [null-digest]'
20:36:01 10.10.0.10:46598 WARNING: 'keysize' is used inconsistently, local='keysize 128', remote='keysize 0'
20:36:01 10.10.0.10:46598 Connection reset, restarting [0]
20:36:05 Re-using SSL/TLS context
20:36:05 LZO compression initialized
20:36:05 TCP connection established with 10.10.0.10:46599
20:36:05 TCPv4_SERVER link local: [undef]
20:36:05 TCPv4_SERVER link remote: 10.10.0.10:46599
20:36:06 10.10.0.10:46599 [test@EXAMPLE.COM] Trying Kerberos 5 (Local KDC) authentication
20:36:06 10.10.0.10:46599 [test@EXAMPLE.COM] Successfully authenticated
20:36:06 10.10.0.10:46599 WARNING: 'dev-type' is used inconsistently, local='dev-type tap', remote='dev-type tun'
20:36:06 10.10.0.10:46599 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1576', remote='link-mtu 1507'
20:36:06 10.10.0.10:46599 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'
20:36:06 10.10.0.10:46599 WARNING: 'comp-lzo' is present in local config but missing in remote config, local='comp-lzo'
20:36:06 10.10.0.10:46599 WARNING: 'cipher' is used inconsistently, local='cipher BF-CBC', remote='cipher [null-cipher]'
20:36:06 10.10.0.10:46599 WARNING: 'auth' is used inconsistently, local='auth SHA1', remote='auth [null-digest]'
20:36:06 10.10.0.10:46599 WARNING: 'keysize' is used inconsistently, local='keysize 128', remote='keysize 0'
20:36:06 10.10.0.10:46599 Connection reset, restarting [0]
20:36:11 Re-using SSL/TLS context
20:36:11 LZO compression initialized
20:36:11 TCP connection established with 10.10.0.10:46600
20:36:11 TCPv4_SERVER link local: [undef]
20:36:11 TCPv4_SERVER link remote: 10.10.0.10:46600
20:36:12 10.10.0.10:46600 [test@EXAMPLE.COM] Trying Kerberos 5 (Local KDC) authentication
20:36:12 10.10.0.10:46600 [test@EXAMPLE.COM] Successfully authenticated
20:36:12 10.10.0.10:46600 WARNING: 'dev-type' is used inconsistently, local='dev-type tap', remote='dev-type tun'
20:36:12 10.10.0.10:46600 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1576', remote='link-mtu 1507'
20:36:12 10.10.0.10:46600 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'
20:36:12 10.10.0.10:46600 WARNING: 'comp-lzo' is present in local config but missing in remote config, local='comp-lzo'
20:36:12 10.10.0.10:46600 WARNING: 'cipher' is used inconsistently, local='cipher BF-CBC', remote='cipher [null-cipher]'
20:36:12 10.10.0.10:46600 WARNING: 'auth' is used inconsistently, local='auth SHA1', remote='auth [null-digest]'
20:36:12 10.10.0.10:46600 WARNING: 'keysize' is used inconsistently, local='keysize 128', remote='keysize 0'
20:36:12 10.10.0.10:46600 Connection reset, restarting [0]
20:36:16 Re-using SSL/TLS context
20:36:16 LZO compression initialized
20:36:16 TCP connection established with 10.10.0.10:46601
20:36:16 TCPv4_SERVER link local: [undef]
20:36:16 TCPv4_SERVER link remote: 10.10.0.10:46601
20:36:17 10.10.0.10:46601 [test@EXAMPLE.COM] Trying Kerberos 5 (Local KDC) authentication
20:36:17 10.10.0.10:46601 [test@EXAMPLE.COM] Successfully authenticated
20:36:17 10.10.0.10:46601 WARNING: 'dev-type' is used inconsistently, local='dev-type tap', remote='dev-type tun'
20:36:17 10.10.0.10:46601 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1576', remote='link-mtu 1507'
20:36:17 10.10.0.10:46601 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'
20:36:17 10.10.0.10:46601 WARNING: 'comp-lzo' is present in local config but missing in remote config, local='comp-lzo'
20:36:17 10.10.0.10:46601 WARNING: 'cipher' is used inconsistently, local='cipher BF-CBC', remote='cipher [null-cipher]'
20:36:17 10.10.0.10:46601 WARNING: 'auth' is used inconsistently, local='auth SHA1', remote='auth [null-digest]'
20:36:17 10.10.0.10:46601 WARNING: 'keysize' is used inconsistently, local='keysize 128', remote='keysize 0'
20:36:17 10.10.0.10:46601 Connection reset, restarting [0]
20:36:22 Re-using SSL/TLS context
20:36:22 LZO compression initialized
20:36:22 TCP connection established with 10.10.0.10:46602
20:36:22 TCPv4_SERVER link local: [undef]
20:36:22 TCPv4_SERVER link remote: 10.10.0.10:46602
20:37:08 Re-using SSL/TLS context
20:37:08 LZO compression initialized
20:37:08 TCP connection established with 10.10.0.10:46603
20:37:08 TCPv4_SERVER link local: [undef]
20:37:08 TCPv4_SERVER link remote: 10.10.0.10:46603
20:37:08 10.10.0.10:46603 [test@EXAMPLE.COM] Trying Kerberos 5 (Local KDC) authentication
20:37:08 10.10.0.10:46603 [test@EXAMPLE.COM] Successfully authenticated
20:37:08 10.10.0.10:46603 WARNING: 'dev-type' is used inconsistently, local='dev-type tap', remote='dev-type tun'
20:37:08 10.10.0.10:46603 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1576', remote='link-mtu 1507'
20:37:08 10.10.0.10:46603 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'
20:37:08 10.10.0.10:46603 WARNING: 'comp-lzo' is present in local config but missing in remote config, local='comp-lzo'
20:37:08 10.10.0.10:46603 WARNING: 'cipher' is used inconsistently, local='cipher BF-CBC', remote='cipher [null-cipher]'
20:37:08 10.10.0.10:46603 WARNING: 'auth' is used inconsistently, local='auth SHA1', remote='auth [null-digest]'
20:37:08 10.10.0.10:46603 WARNING: 'keysize' is used inconsistently, local='keysize 128', remote='keysize 0'
20:37:09 10.10.0.10:46603 Connection reset, restarting [0]

Succede anche se metto in bridge lato cpe client ovpn con wlan 1 ed asegno al bridge il dhcp client .
Sapreste darmi una dritta?
Cordiali Saluti
Vito
Top
Profilo Invia messaggio privato
Mostra prima i messaggi di:   
Nuovo argomento   Rispondi    Indice del forum -> ZeroShell Tutti i fusi orari sono GMT + 1 ora
Pagina 1 di 1

 
Vai a:  
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi


Powered by phpBB © 2001, 2005 phpBB Group
phpbb.it