Kimito Sakata

Forum Replies Created

Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
    Posts
  • in reply to: VPN Setup #45307

    OK – I’m learning on my own (actually I found the answer on this forum).
    I did the bridge trick you talked about with the console ‘B’ key.

    Now I can ping both ETH01 networks on both Box1 & Box2. But now, it seems to disconnect very frequently. Looking at the VPN log from Box2:

    03:27:33 Initialization Sequence Completed
    03:27:46 MANAGEMENT: Client connected from 127.0.0.1:34000
    03:27:46 MANAGEMENT: Client disconnected
    03:28:25 [Box1 WAN Addr] Inactivity timeout (–ping-restart), restarting
    03:28:25 TCP/UDP: Closing socket
    03:28:25 Closing TUN/TAP interface
    03:28:25 SIGUSR1[soft,ping-restart] received, process restarting
    03:28:25 Restart pause, 2 second(s)
    03:28:27 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    03:28:27 Control Channel Authentication: using ‘/root/static.key’ as a OpenVPN static key file
    03:28:27 Outgoing Control Channel Authentication: Using 160 bit message hash ‘SHA1’ for HMAC authentication
    03:28:27 Incoming Control Channel Authentication: Using 160 bit message hash ‘SHA1’ for HMAC authentication
    03:28:27 LZO compression initialized
    03:28:27 Control Channel MTU parms [ L:1574 D:166 EF:66 EB:0 ET:0 EL:0 ]
    03:28:27 TUN/TAP device VPN00 opened
    03:28:27 TUN/TAP TX queue length set to 100
    03:28:27 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
    03:28:27 Local Options String: ‘V4,dev-type tap,link-mtu 1574,tun-mtu 1532,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client’
    03:28:27 Expected Remote Options String: ‘V4,dev-type tap,link-mtu 1574,tun-mtu 1532,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server’
    03:28:27 Local Options hash (VER=V4): ’46a60371′
    03:28:27 Expected Remote Options hash (VER=V4): ‘f7b041bb’
    03:28:27 Socket Buffers: R=[108544->131072] S=[108544->131072]
    03:28:27 UDPv4 link local (bound): [undef]:1194
    03:28:27 UDPv4 link remote: Box1 WAN Addr:1194
    03:28:27 TLS Error: local/remote TLS keys are out of sync: Box1 WAN Addr:1194 [0]
    03:28:27 TLS: Initial packet from Box1 WAN Addr:1194, sid=be93f0b6 fb9724bc
    03:28:29 TLS Error: local/remote TLS keys are out of sync: Box1 WAN Addr:1194 [0]
    03:28:30 VERIFY OK: depth=1, /C=IT/O=Zeroshell.net/OU=Example/CN=Zer … oshell.net
    03:28:30 VERIFY OK: depth=0, /OU=hosts/CN=Box1 WAN Addr
    03:28:30 TLS Error: local/remote TLS keys are out of sync: Box1 WAN Addr:1194 [0]
    03:28:31 TLS Error: local/remote TLS keys are out of sync: Box1 WAN Addr:1194 [0]
    03:28:32 MANAGEMENT: Client connected from 127.0.0.1:34000
    03:28:32 MANAGEMENT: Client disconnected
    03:28:34 TLS Error: local/remote TLS keys are out of sync: Box1 WAN Addr:1194 [0]
    03:28:34 [Box1 WAN Addr] Inactivity timeout (–ping-restart), restarting
    03:28:34 TCP/UDP: Closing socket
    03:28:34 Closing TUN/TAP interface
    03:28:34 SIGUSR1[soft,ping-restart] received, process restarting
    03:28:34 Restart pause, 2 second(s)
    03:28:36 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    03:28:36 Control Channel Authentication: using ‘/root/static.key’ as a OpenVPN static key file
    03:28:36 Outgoing Control Channel Authentication: Using 160 bit message hash ‘SHA1’ for HMAC authentication
    03:28:36 Incoming Control Channel Authentication: Using 160 bit message hash ‘SHA1’ for HMAC authentication
    03:28:36 LZO compression initialized
    03:28:36 Control Channel MTU parms [ L:1574 D:166 EF:66 EB:0 ET:0 EL:0 ]
    03:28:36 TUN/TAP device VPN00 opened
    03:28:36 TUN/TAP TX queue length set to 100
    03:28:36 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
    03:28:36 Local Options String: ‘V4,dev-type tap,link-mtu 1574,tun-mtu 1532,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client’
    03:28:36 Expected Remote Options String: ‘V4,dev-type tap,link-mtu 1574,tun-mtu 1532,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server’
    03:28:36 Local Options hash (VER=V4): ’46a60371′
    03:28:36 Expected Remote Options hash (VER=V4): ‘f7b041bb’
    03:28:36 Socket Buffers: R=[108544->131072] S=[108544->131072]
    03:28:36 UDPv4 link local (bound): [undef]:1194
    03:28:36 UDPv4 link remote: Box1 WAN Addr:1194
    03:28:36 TLS Error: Unroutable control packet received from Box1 WAN Addr:1194 (si=3 op=P_ACK_V1)

    Do I just have very bad Internet connection? or do I need to tweek a setting?

    in reply to: VPN Setup #45306

    OK – I’m progressing.

    I got home and did the same to Box2:
    1) took out the parameter except for –verb 5 –tls-auth /root/static.key
    2) set the VPN00 IP to 11.8.0.3

    Vola! I can ping 11.8.0.1 from the Box2 at home.

    Now how do I access the other network attached to either boxes? The plan is to be able to ping from home the 10.0.0.x network at the office (Box1).

    in reply to: VPN Setup #45305

    From the web interface, how do you specify the remote IP address (the vpn IP address, not the hostname)?

    In openvpn, they show that an argument of ifconfig is given l & rn where l=local IP, and rn=remote IP.

    in reply to: VPN Setup #45304

    After I used the web interface to add the IP 11.8.0.1 (which was successful), the vpn log shows:

    6:07:31 TLS: new session incoming connection from x.x.x.x:1194
    16:07:36 VERIFY OK: depth=1, /C=IT/O=Zeroshell.net/OU=Example/CN=Zer … oshell.net
    16:07:36 VERIFY OK: depth=0, /OU=hosts/CN=flexstar.com
    16:07:36 WARNING: ‘ifconfig’ is present in remote config but missing in local config, remote=’ifconfig 10.0.0.0 255.0.0.0′
    16:07:36 Data Channel Encrypt: Cipher ‘BF-CBC’ initialized with 128 bit key
    16:07:36 Data Channel Encrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
    16:07:36 Data Channel Decrypt: Cipher ‘BF-CBC’ initialized with 128 bit key
    16:07:36 Data Channel Decrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
    16:07:36 TLS: move_session: dest=TM_ACTIVE src=TM_UNTRUSTED reinit_src=1
    16:07:36 TLS: tls_multi_process: untrusted session promoted to trusted
    16:07:36 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
    16:09:41 MANAGEMENT: Client connected from 127.0.0.1:34000
    16:09:41 MANAGEMENT: Client disconnected
    16:10:31 MANAGEMENT: Client connected from 127.0.0.1:34000
    16:10:31 MANAGEMENT: Client disconnected

    It seems like ifconfig is complaining.

    in reply to: backup file #45301

    Oh – I see. Thanks

    in reply to: VPN Setup #45303

    When I tried to do that, the bottom status window shows:
    Apr 20 15:57,39 SUCCESS: VPN00 successfully configured.
    Apr 20 16:10,08 ERROR: IP 10.8.0.1/255.0.0.0 not added to VPN00 : 10.0.0.0/8 overlaps 10.0.0.0/8 (ETH01)

    in reply to: VPN setup #45293

    I do use Firefox. My desktop is Linux and I use Firefox 1.0.4.

Viewing 7 posts - 1 through 7 (of 7 total)