Hola amigos. Tengo Server Zentyal(ex eBox) configurado como Gateway-Infrastructure-Office. La idea es hacer una vpn road warriors, segui los pasos de configuracion de http://doc.zentyal.org/es/vpn.html y http://www.youtube.com/watch?v=L_CUiicCwEU .
El problema puntual es: si alguien me puede orientar por donde esta fallando porque no lo encuentro :( Les dejo algunos datos para orientarlos. Ping desde WAN --------------------------------------------------------------------------- ping tunnel-001.homelinux.net =========================================================================== PING tunnel-001.homelinux.net (186.59.101.162) 56(84) bytes of data. 64 bytes from 186-59-101-162.speedy.com.ar (186.59.101.162): icmp_req=1 ttl=248 time=461 ms 64 bytes from 186-59-101-162.speedy.com.ar (186.59.101.162): icmp_req=2 ttl=248 time=800 ms ^C --- tunnel-001.homelinux.net ping statistics --- 6 packets transmitted, 5 received, 16% packet loss, time 6305ms rtt min/avg/max/mdev = 91.448/505.339/894.163/304.299 ms --------------------------------------------------------------------------- route -n =========================================================================== Tabla de rutas IP del núcleo Destino Pasarela Genmask Indic Métric Ref Uso Interfaz 200.63.148.79 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 192.168.160.0 0.0.0.0 255.255.255.0 U 0 0 0 tap0 192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 br1 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 --------------------------------------------------------------------------- gksu leafpad /var/log/ebox/ebox.log =========================================================================== 2011/05/19 00:30:17 INFO> Base.pm:773 EBox::Module::Base::_hook - Running hook: /etc/ebox/hooks/firewall.postservice 1 2011/05/19 00:30:20 INFO> Base.pm:151 EBox::Module::Base::save - Restarting service for module: openvpn 2011/05/19 00:33:28 INFO> Base.pm:773 EBox::Module::Base::_hook - Running hook: /etc/ebox/hooks/firewall.postservice 1 SUGERENCIA: Ninguna función coincide en el nombre y tipos de argumentos. Puede desear agregar conversión explícita de tipos. 2011/05/19 01:17:06 DEBUG> PgDBEngine.pm:349 EBox::PgDBEngine::query - Error querying data: SELECT rfc931 AS username, remotehost AS ip, domain_from_url(url) AS domain, event, code, SUM(bytes) AS bytes, COUNT(event) AS hits FROM squid_access WHERE (squid_access.timestamp >= '1971-4-1 00:00:00' AND squid_access.timestamp < date '1971-4-01 00:00:00' + interval '1 month') GROUP BY username, ip, domain, event, code ; , ERROR: no existe la función domain_from_url(character varying) LÍNEA 1: SELECT rfc931 AS username, remotehost AS ip, domain_from_url... --------------------------------------------------------------------------- gksu leafpad /var/log/ebox/openvpn.log =========================================================================== Thu May 19 01:43:05 2011 Linux ip addr del failed: external program exited with error status: 255 Thu May 19 01:43:05 2011 SIGTERM[hard,] received, process exiting Thu May 19 01:43:05 2011 OpenVPN 2.1.0 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 20 2010 Thu May 19 01:43:05 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Thu May 19 01:43:05 2011 Diffie-Hellman initialized with 1024 bit key Thu May 19 01:43:05 2011 WARNING: file '/var/lib/ebox/CA/private/tunnel-001.homelinux.net.pem' is group or others accessible Thu May 19 01:43:05 2011 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted> Thu May 19 01:43:06 2011 TLS-Auth MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ] Thu May 19 01:43:06 2011 TUN/TAP device tap0 opened Thu May 19 01:43:06 2011 TUN/TAP TX queue length set to 100 Thu May 19 01:43:06 2011 /sbin/ifconfig tap0 192.168.160.1 netmask 255.255.255.0 mtu 1500 broadcast 192.168.160.255 Thu May 19 01:43:06 2011 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ] Thu May 19 01:43:06 2011 GID set to nogroup Thu May 19 01:43:06 2011 UID set to nobody Thu May 19 01:43:06 2011 Socket Buffers: R=[124928->131072] S=[124928->131072] Thu May 19 01:43:06 2011 UDPv4 link local (bound): [AF_INET] 186.59.6.220:1194 Thu May 19 01:43:06 2011 UDPv4 link remote: [undef] Thu May 19 01:43:06 2011 MULTI: multi_init called, r=256 v=256 Thu May 19 01:43:06 2011 IFCONFIG POOL: base=192.168.160.2 size=253 Thu May 19 01:43:06 2011 IFCONFIG POOL LIST Thu May 19 01:43:06 2011 Initialization Sequence Completed --------------------------------------------------------------------------- log openvpn win client =========================================================================== Thu May 19 02:02:57 2011 OpenVPN 2.1_rc20 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Oct 1 2009 Thu May 19 02:02:57 2011 WARNING: Make sure you understand the semantics of --tls-remote before using it (see the man page). Thu May 19 02:02:57 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Thu May 19 02:02:58 2011 LZO compression initialized Thu May 19 02:02:58 2011 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ] Thu May 19 02:02:58 2011 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ] Thu May 19 02:02:58 2011 Local Options hash (VER=V4): 'd79ca330' Thu May 19 02:02:58 2011 Expected Remote Options hash (VER=V4): 'f7df56b8' Thu May 19 02:02:58 2011 Socket Buffers: R=[8192->8192] S=[8192->8192] Thu May 19 02:02:58 2011 UDPv4 link local: [undef] Thu May 19 02:02:58 2011 UDPv4 link remote: 186.59.101.162:1194 Thu May 19 02:03:58 2011 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Thu May 19 02:03:58 2011 TLS Error: TLS handshake failed Thu May 19 02:03:58 2011 TCP/UDP: Closing socket
Lanux - Grupo de usuarios de GNU/Linux de Lanus Visitanos en: http://www.lanux.org.ar Reglas de etiqueta para el posteo de mensajes a la lista: http://www.lanux.org.ar/?page_id=35 Articulos y noticias por rss: http://www.lanux.org.ar/?feed=rss2 Lanux por irc: irc.freenode.net -> #lanux. _______________________________________________ General mailing list [email protected] http://listas.lanux.org.ar/cgi-bin/mailman/listinfo/general
