On Feb 6, 2008 5:05 PM, Cere <[EMAIL PROTECTED]> wrote:
> Salut,
>
> Se da un server de OpenVPN pe linux si un client pe
> windows. Desi conexiunea clien-server se face fara erori, de pe client
> nu pot nici macar sa pinguiesc ip-ul privat de pe server. Pe client
> s-a dat jos fw, s-a restartat serviciul de DHCP, pana si calculatorul.
> Pe interfata de pe windos se primeste un IP cu masca /30, dar pe cea
> de pe linux se primeste un ip din alt /30. Concret:
> ip add sh tun0
> 53: tun0: <POINTOPOINT,MULTICAST,NOARP,UP> mtu 1400 qdisc pfifo_fast qlen
> 500
> link/[65534]
> inet 10.100.3.1 peer 10.100.3.2/32 scope global tun0
>
> Pe windows se primeste 10.100.3.6.
> Si loguri relevante
> server--------------------
> dev tun
> tun-mtu 1400
> mode server
> server 10.100.3.0 255.255.255.0
> port 8888
> push "redirect-gateway"
> push "ip-win32 ipapi"
> ca ca.crt
> cert acasa.crt
> key acasa.key
> dh dh1024.pem
> keepalive 15 120
> tls-server
> comp-lzo
> verb 3
> client-------------
>
> Wed Feb 06 23:57:51 2008 SENT CONTROL [acasa]: 'PUSH_REQUEST' (status=1)
> Wed Feb 06 23:57:51 2008 PUSH: Received control message:
> 'PUSH_REPLY,redirect-gateway,ip-win32 ipapi,route 10.100.3.1,ping
> 15,ping-restart 120,ifconfig 10.100.3.6 10.100.3.5'
> Wed Feb 06 23:57:51 2008 OPTIONS IMPORT: timers and/or timeouts modified
> Wed Feb 06 23:57:51 2008 OPTIONS IMPORT: --ifconfig/up options modified
> Wed Feb 06 23:57:51 2008 OPTIONS IMPORT: route options modified
> Wed Feb 06 23:57:51 2008 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option
> options modified
> Wed Feb 06 23:57:51 2008 TAP-WIN32 device [tun] opened:
> \\.\Global\{ECAD4C14-33E9-4B07-AD5F-53F92C5380CF}.tap
> Wed Feb 06 23:57:51 2008 TAP-Win32 Driver Version 8.4
> Wed Feb 06 23:57:51 2008 TAP-Win32 MTU=1500
> Wed Feb 06 23:57:51 2008 Successful ARP Flush on interface [196612]
> {ECAD4C14-33E9-4B07-AD5F-53F92C5380CF}
> Wed Feb 06 23:57:51 2008 Succeeded in adding a temporary IP/netmask of
> 10.100.3.6/255.255.255.252 to interface
> {ECAD4C14-33E9-4B07-AD5F-53F92C5380CF} using the Win32 IP Helper API
> Wed Feb 06 23:57:51 2008 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
> Wed Feb 06 23:57:51 2008 route ADD x.x.51.3 MASK 255.255.255.255 y.y.6.1
> Wed Feb 06 23:57:51 2008 Route addition via IPAPI succeeded
> Wed Feb 06 23:57:51 2008 route DELETE 0.0.0.0 MASK 0.0.0.0 y.y.6.1
> Wed Feb 06 23:57:51 2008 Route deletion via IPAPI succeeded
> Wed Feb 06 23:57:51 2008 route ADD 0.0.0.0 MASK 0.0.0.0 10.100.3.5
> Wed Feb 06 23:57:51 2008 Route addition via IPAPI succeeded
> Wed Feb 06 23:57:51 2008 route ADD 10.100.3.1 MASK 255.255.255.255
> 10.100.3.5
> Wed Feb 06 23:57:51 2008 Route addition via IPAPI succeeded
> Wed Feb 06 23:57:51 2008 Initialization Sequence Completed
>
> Ceva idei de troubleshooting?Si tcpdump/tshark/wireshark ce zice? Incearca si pe interfata de tun/tap si pe ethernet, la ambele capete. Vezi daca trece ceva. Incearca in ambele sensuri. Pe interfata de tunel uita-te dupa ARP si ICMP iar pe ethernet filtreaza cu "(host ip_eth_de_la_calc2 and udp) or icmp". > _______________________________________________ > RLUG mailing list > [email protected] > http://lists.lug.ro/mailman/listinfo/rlug > _______________________________________________ RLUG mailing list [email protected] http://lists.lug.ro/mailman/listinfo/rlug
