mia erwtisi gia ti syndesi mesw vpn sto EMP

Alexandros Kosiaris alex at noc.ntua.gr
Mon Oct 29 10:52:03 EET 2007


nikos yianaros wrote:
> Geia sas,
> Eimai kainourios sti lista. Edw kai arketes meres prospathw na syndethw
> sto vpn diktyo tou EMP (polytexneio) apo to linux. H dianomi pou exw
> einai to Ubuntu 7.10 32bit.
> 
> Gia ti syndesi apaiteitai openvpn kai username/password kathws kai
> merika arxeia configuration kai episis certification files. Odigies
> genika yparxoun sto
> http://www.noc.ntua.gr/index.php?module=ContentExpress&func=display&ceid=166&meid=175
> <http://www.noc.ntua.gr/index.php?module=ContentExpress&func=display&ceid=166&meid=175>
> 
> To problima mou einai to eksis:
> Ws root dinw tin entoli:
> openvpn --config /etc/openvpn/ntua-udp.ovpn
> (tha ithela na pw oti exw kanei mia mikri allagi sto ntua-udp.ovpn
> # Set log file verbosity.
> verb 4
> 
> i opoia fysika den epireazei to apotelesma, apla einai gia na parw
> perissoteri pliroforia sto log.
> 
> loipon, ola pane kala mexri to simeio:
> Sun Oct 28 20:27:44 2007 us=851723 PUSH: Received control message:
> 'PUSH_REPLY,redirect-gateway,dhcp-option DNS 147.102.222.210
> <http://147.102.222.210>,dhcp-option DNS 147.102.222.220
> <http://147.102.222.220>,dhcp-option DNS 147.102.222.230
> <http://147.102.222.230>,route-gateway 147.102.131.1
> <http://147.102.131.1>,topology subnet,ping 10,ping-restart 120,ifconfig
> 147.102.131.3 <http://147.102.131.3> 255.255.255.128
> <http://255.255.255.128>'
> Sun Oct 28 20:27:44 2007 us=851910 Options error: Unrecognized option or
> missing parameter(s) in [PUSH-OPTIONS]:6: topology ( 2.0.9)
> 
> Parathetw olo to log apo to simeio pou bazw username/password mipws kai
> einai xrisimo:
> Sun Oct 28 20:27:36 2007 us=894587 IMPORTANT: OpenVPN's default port
> number is now 1194, based on an official port number assignment by
> IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
> Sun Oct 28 20:27:36 2007 us=894688 WARNING: No server certificate
> verification method has been enabled.  See
> http://openvpn.net/howto.html#mitm <http://openvpn.net/howto.html#mitm>
> for more info.
> Sun Oct 28 20:27:36 2007 us=896197 LZO compression initialized
> Sun Oct 28 20:27:36 2007 us=896583 Control Channel MTU parms [ L:1542
> D:138 EF:38 EB:0 ET:0 EL:0 ]
> Sun Oct 28 20:27:41 2007 us=994085 Data Channel MTU parms [ L:1542
> D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
> Sun Oct 28 20:27:41 2007 us=994175 Local Options String: 'V4,dev-type
> tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth
> SHA1,keysize 128,key-method 2,tls-client'
> Sun Oct 28 20:27:41 2007 us=994199 Expected Remote Options String:
> 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher
> BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
> Sun Oct 28 20:27:41 2007 us=994268 Local Options hash (VER=V4): '41690919'
> Sun Oct 28 20:27:41 2007 us=994313 Expected Remote Options hash
> (VER=V4): '530fdded'
> Sun Oct 28 20:27:41 2007 us=994358 Socket Buffers: R=[110592->131072]
> S=[110592->131072]
> Sun Oct 28 20:27:41 2007 us=994391 UDPv4 link local: [undef]
> Sun Oct 28 20:27:41 2007 us=994418 UDPv4 link remote:
> 147.102.224.54:1194 <http://147.102.224.54:1194>
> Sun Oct 28 20:27:42 2007 us=87382 TLS: Initial packet from
> 147.102.224.54:1194 <http://147.102.224.54:1194>, sid=3e6cadef d3e36b55
> Sun Oct 28 20:27:43 2007 us=224459 VERIFY OK: depth=2,
> /C=GR/O=NTUA/CN=NTUA_ROOT_CA
> Sun Oct 28 20:27:43 2007 us=228285 VERIFY OK: depth=1,
> /C=GR/O=NTUA/CN=NTUA_CA_2006-2018
> Sun Oct 28 20:27:43 2007 us=229644 VERIFY OK: depth=0,
> /C=gr/O=ntua/OU=servers/CN=vpn.ntua.gr/serialNumber=29
> <http://vpn.ntua.gr/serialNumber=29>
> Sun Oct 28 20:27:43 2007 us=702716 Data Channel Encrypt: Cipher 'BF-CBC'
> initialized with 128 bit key
> Sun Oct 28 20:27:43 2007 us=702773 Data Channel Encrypt: Using 160 bit
> message hash 'SHA1' for HMAC authentication
> Sun Oct 28 20:27:43 2007 us=702922 Data Channel Decrypt: Cipher 'BF-CBC'
> initialized with 128 bit key
> Sun Oct 28 20:27:43 2007 us=702950 Data Channel Decrypt: Using 160 bit
> message hash 'SHA1' for HMAC authentication
> Sun Oct 28 20:27:43 2007 us=703048 Control Channel: TLSv1, cipher
> TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
> Sun Oct 28 20:27:43 2007 us=703106 [vpn.ntua.gr <http://vpn.ntua.gr>]
> Peer Connection Initiated with 147.102.224.54:1194
> <http://147.102.224.54:1194>
> Sun Oct 28 20:27:44 2007 us=757034 SENT CONTROL [ vpn.ntua.gr
> <http://vpn.ntua.gr>]: 'PUSH_REQUEST' (status=1)
> Sun Oct 28 20:27:44 2007 us=851723 PUSH: Received control message:
> 'PUSH_REPLY,redirect-gateway,dhcp-option DNS 147.102.222.210
> <http://147.102.222.210>,dhcp-option DNS 147.102.222.220
> <http://147.102.222.220>,dhcp-option DNS 147.102.222.230
> <http://147.102.222.230>,route-gateway 147.102.131.1
> <http://147.102.131.1>,topology subnet,ping 10,ping-restart 120,ifconfig
> 147.102.131.3 <http://147.102.131.3> 255.255.255.128
> <http://255.255.255.128>'
> Sun Oct 28 20:27:44 2007 us=851910 Options error: Unrecognized option or
> missing parameter(s) in [PUSH-OPTIONS]:6: topology ( 2.0.9)
> Sun Oct 28 20:27:44 2007 us=851956 OPTIONS IMPORT: timers and/or
> timeouts modified
> Sun Oct 28 20:27:44 2007 us=851977 OPTIONS IMPORT: --ifconfig/up options
> modified
> Sun Oct 28 20:27:44 2007 us=851995 OPTIONS IMPORT: route options modified
> Sun Oct 28 20:27:44 2007 us=852014 OPTIONS IMPORT: --ip-win32 and/or
> --dhcp-option options modified
> Sun Oct 28 20:27:44 2007 us=852077 WARNING: Since you are using --dev
> tun, the second argument to --ifconfig must be an IP address.  You are
> using something ( 255.255.255.128 <http://255.255.255.128>) that looks
> more like a netmask. (silence this warning with --ifconfig-nowarn)
> Sun Oct 28 20:27:44 2007 us=855034 TUN/TAP device tun0 opened
> Sun Oct 28 20:27:44 2007 us=855100 TUN/TAP TX queue length set to 100
> Sun Oct 28 20:27:44 2007 us=855157 ifconfig tun0 147.102.131.3
> <http://147.102.131.3> pointopoint 255.255.255.128
> <http://255.255.255.128> mtu 1500
> SIOCSIFDSTADDR: Invalid argument
> Sun Oct 28 20:27:44 2007 us=865300 Linux ifconfig failed: shell command
> exited with error status: 1
> Sun Oct 28 20:27:44 2007 us=865357 Exiting
> 
> 
> Tha ithela na pw episis, oti apo windows den exw kanena problima,
> syndeomai kanonika. Episis to log sta windows einai to idio me to log
> sto linux mexri to simeio pou parousizetai to problima.
> 
> Kapoios eixe proteinei stin idia lista se ena paromoio problima na
> xrisimopoiisei tap sti thesi tou tun (an katalaba kala). Auto de
> douleuei se mena
> 
> Sas euxaristw poli
> nikos

Καλημέρα,

Κατα πρώτον νομίζω θα έπρεπε να μας ρωτήσεις στο Κέντρο Δικτύων του
Πολυτεχνείου για το πρόβλημα που έχεις. Είμαστε εκεί για να βοηθάμε.
Μην κοιτάς που τυχαία είδα το mail σου επειδή είμαι και στην LGU.
Δεν σε ψέγω που έστειλες εδώ mail αλλά νομίζω οτι δεν μεγιστοποιείς τις
πιθανότητες σωστής απάντησης

Δεύτερον χρησιμοποιείς την έκδοση του OpenVPN 2.0.9 ενώ όπως λέμε και
στο site μας είναι απαραίτητη τουλάχιστον η έκδοση 2.1. Τέλος η λύση
οπου κάπου άκουσες για tap αντί για tun είναι παντελώς λάθος στην
συγκεκριμένη(αλλά και στην γενική) περίπτωση.

Αυτά. Ελπίζω να καταφέρεις να σου δουλέψει σύντομα. Εάν πάλι θέλεις για
οτιδήποτε βοήθεια εδώ είμαστε.

-- 
Alexandros Kosiaris 	Network Management Center , NTUA
e-mail : alex at noc.ntua.gr
Public Key Fingerprint :
D6B1 0634 BE65 719C 6C95  7492 8201 4B46 C478 F074
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5200 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.hellug.gr/pipermail/migrate2linux/attachments/20071029/5b00eb58/attachment.bin>


More information about the Migrate2linux mailing list