mia erwtisi gia ti syndesi mesw vpn sto EMP

nikos yianaros yianaros at gmail.com
Mon Oct 29 22:36:10 EET 2007 

Alexandre euxaristw poly,
sorry de rwtisa amesws se sas. To kalo einai oti twra kseroun arketoi 
gia to problima :)

na eisai kala

Alexandros Kosiaris wrote:
> nikos yianaros wrote:
>> Geia sas,
>> Eimai kainourios sti lista. Edw kai arketes meres prospathw na syndethw
>> sto vpn diktyo tou EMP (polytexneio) apo to linux. H dianomi pou exw
>> einai to Ubuntu 7.10 32bit.
>>
>> Gia ti syndesi apaiteitai openvpn kai username/password kathws kai
>> merika arxeia configuration kai episis certification files. Odigies
>> genika yparxoun sto
>> http://www.noc.ntua.gr/index.php?module=ContentExpress&func=display&ceid=166&meid=175
>> <http://www.noc.ntua.gr/index.php?module=ContentExpress&func=display&ceid=166&meid=175>
>>
>> To problima mou einai to eksis:
>> Ws root dinw tin entoli:
>> openvpn --config /etc/openvpn/ntua-udp.ovpn
>> (tha ithela na pw oti exw kanei mia mikri allagi sto ntua-udp.ovpn
>> # Set log file verbosity.
>> verb 4
>>
>> i opoia fysika den epireazei to apotelesma, apla einai gia na parw
>> perissoteri pliroforia sto log.
>>
>> loipon, ola pane kala mexri to simeio:
>> Sun Oct 28 20:27:44 2007 us=851723 PUSH: Received control message:
>> 'PUSH_REPLY,redirect-gateway,dhcp-option DNS 147.102.222.210
>> <http://147.102.222.210>,dhcp-option DNS 147.102.222.220
>> <http://147.102.222.220>,dhcp-option DNS 147.102.222.230
>> <http://147.102.222.230>,route-gateway 147.102.131.1
>> <http://147.102.131.1>,topology subnet,ping 10,ping-restart 120,ifconfig
>> 147.102.131.3 <http://147.102.131.3> 255.255.255.128
>> <http://255.255.255.128>'
>> Sun Oct 28 20:27:44 2007 us=851910 Options error: Unrecognized option or
>> missing parameter(s) in [PUSH-OPTIONS]:6: topology ( 2.0.9)
>>
>> Parathetw olo to log apo to simeio pou bazw username/password mipws kai
>> einai xrisimo:
>> Sun Oct 28 20:27:36 2007 us=894587 IMPORTANT: OpenVPN's default port
>> number is now 1194, based on an official port number assignment by
>> IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
>> Sun Oct 28 20:27:36 2007 us=894688 WARNING: No server certificate
>> verification method has been enabled.  See
>> http://openvpn.net/howto.html#mitm <http://openvpn.net/howto.html#mitm>
>> for more info.
>> Sun Oct 28 20:27:36 2007 us=896197 LZO compression initialized
>> Sun Oct 28 20:27:36 2007 us=896583 Control Channel MTU parms [ L:1542
>> D:138 EF:38 EB:0 ET:0 EL:0 ]
>> Sun Oct 28 20:27:41 2007 us=994085 Data Channel MTU parms [ L:1542
>> D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
>> Sun Oct 28 20:27:41 2007 us=994175 Local Options String: 'V4,dev-type
>> tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth
>> SHA1,keysize 128,key-method 2,tls-client'
>> Sun Oct 28 20:27:41 2007 us=994199 Expected Remote Options String:
>> 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher
>> BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
>> Sun Oct 28 20:27:41 2007 us=994268 Local Options hash (VER=V4): '41690919'
>> Sun Oct 28 20:27:41 2007 us=994313 Expected Remote Options hash
>> (VER=V4): '530fdded'
>> Sun Oct 28 20:27:41 2007 us=994358 Socket Buffers: R=[110592->131072]
>> S=[110592->131072]
>> Sun Oct 28 20:27:41 2007 us=994391 UDPv4 link local: [undef]
>> Sun Oct 28 20:27:41 2007 us=994418 UDPv4 link remote:
>> 147.102.224.54:1194 <http://147.102.224.54:1194>
>> Sun Oct 28 20:27:42 2007 us=87382 TLS: Initial packet from
>> 147.102.224.54:1194 <http://147.102.224.54:1194>, sid=3e6cadef d3e36b55
>> Sun Oct 28 20:27:43 2007 us=224459 VERIFY OK: depth=2,
>> /C=GR/O=NTUA/CN=NTUA_ROOT_CA
>> Sun Oct 28 20:27:43 2007 us=228285 VERIFY OK: depth=1,
>> /C=GR/O=NTUA/CN=NTUA_CA_2006-2018
>> Sun Oct 28 20:27:43 2007 us=229644 VERIFY OK: depth=0,
>> /C=gr/O=ntua/OU=servers/CN=vpn.ntua.gr/serialNumber=29
>> <http://vpn.ntua.gr/serialNumber=29>
>> Sun Oct 28 20:27:43 2007 us=702716 Data Channel Encrypt: Cipher 'BF-CBC'
>> initialized with 128 bit key
>> Sun Oct 28 20:27:43 2007 us=702773 Data Channel Encrypt: Using 160 bit
>> message hash 'SHA1' for HMAC authentication
>> Sun Oct 28 20:27:43 2007 us=702922 Data Channel Decrypt: Cipher 'BF-CBC'
>> initialized with 128 bit key
>> Sun Oct 28 20:27:43 2007 us=702950 Data Channel Decrypt: Using 160 bit
>> message hash 'SHA1' for HMAC authentication
>> Sun Oct 28 20:27:43 2007 us=703048 Control Channel: TLSv1, cipher
>> TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
>> Sun Oct 28 20:27:43 2007 us=703106 [vpn.ntua.gr <http://vpn.ntua.gr>]
>> Peer Connection Initiated with 147.102.224.54:1194
>> <http://147.102.224.54:1194>
>> Sun Oct 28 20:27:44 2007 us=757034 SENT CONTROL [ vpn.ntua.gr
>> <http://vpn.ntua.gr>]: 'PUSH_REQUEST' (status=1)
>> Sun Oct 28 20:27:44 2007 us=851723 PUSH: Received control message:
>> 'PUSH_REPLY,redirect-gateway,dhcp-option DNS 147.102.222.210
>> <http://147.102.222.210>,dhcp-option DNS 147.102.222.220
>> <http://147.102.222.220>,dhcp-option DNS 147.102.222.230
>> <http://147.102.222.230>,route-gateway 147.102.131.1
>> <http://147.102.131.1>,topology subnet,ping 10,ping-restart 120,ifconfig
>> 147.102.131.3 <http://147.102.131.3> 255.255.255.128
>> <http://255.255.255.128>'
>> Sun Oct 28 20:27:44 2007 us=851910 Options error: Unrecognized option or
>> missing parameter(s) in [PUSH-OPTIONS]:6: topology ( 2.0.9)
>> Sun Oct 28 20:27:44 2007 us=851956 OPTIONS IMPORT: timers and/or
>> timeouts modified
>> Sun Oct 28 20:27:44 2007 us=851977 OPTIONS IMPORT: --ifconfig/up options
>> modified
>> Sun Oct 28 20:27:44 2007 us=851995 OPTIONS IMPORT: route options modified
>> Sun Oct 28 20:27:44 2007 us=852014 OPTIONS IMPORT: --ip-win32 and/or
>> --dhcp-option options modified
>> Sun Oct 28 20:27:44 2007 us=852077 WARNING: Since you are using --dev
>> tun, the second argument to --ifconfig must be an IP address.  You are
>> using something ( 255.255.255.128 <http://255.255.255.128>) that looks
>> more like a netmask. (silence this warning with --ifconfig-nowarn)
>> Sun Oct 28 20:27:44 2007 us=855034 TUN/TAP device tun0 opened
>> Sun Oct 28 20:27:44 2007 us=855100 TUN/TAP TX queue length set to 100
>> Sun Oct 28 20:27:44 2007 us=855157 ifconfig tun0 147.102.131.3
>> <http://147.102.131.3> pointopoint 255.255.255.128
>> <http://255.255.255.128> mtu 1500
>> SIOCSIFDSTADDR: Invalid argument
>> Sun Oct 28 20:27:44 2007 us=865300 Linux ifconfig failed: shell command
>> exited with error status: 1
>> Sun Oct 28 20:27:44 2007 us=865357 Exiting
>>
>>
>> Tha ithela na pw episis, oti apo windows den exw kanena problima,
>> syndeomai kanonika. Episis to log sta windows einai to idio me to log
>> sto linux mexri to simeio pou parousizetai to problima.
>>
>> Kapoios eixe proteinei stin idia lista se ena paromoio problima na
>> xrisimopoiisei tap sti thesi tou tun (an katalaba kala). Auto de
>> douleuei se mena
>>
>> Sas euxaristw poli
>> nikos
> 
> Καλημέρα,
> 
> Κατα πρώτον νομίζω θα έπρεπε να μας ρωτήσεις στο Κέντρο Δικτύων του
> Πολυτεχνείου για το πρόβλημα που έχεις. Είμαστε εκεί για να βοηθάμε.
> Μην κοιτάς που τυχαία είδα το mail σου επειδή είμαι και στην LGU.
> Δεν σε ψέγω που έστειλες εδώ mail αλλά νομίζω οτι δεν μεγιστοποιείς τις
> πιθανότητες σωστής απάντησης
> 
> Δεύτερον χρησιμοποιείς την έκδοση του OpenVPN 2.0.9 ενώ όπως λέμε και
> στο site μας είναι απαραίτητη τουλάχιστον η έκδοση 2.1. Τέλος η λύση
> οπου κάπου άκουσες για tap αντί για tun είναι παντελώς λάθος στην
> συγκεκριμένη(αλλά και στην γενική) περίπτωση.
> 
> Αυτά. Ελπίζω να καταφέρεις να σου δουλέψει σύντομα. Εάν πάλι θέλεις για
> οτιδήποτε βοήθεια εδώ είμαστε.
>

More information about the Migrate2linux mailing list