Hallo Sven-Ola,
habe gerade versucht auf der UraltFW VPN03 zum laufen zu bekommen, leider ohne
Erfolg.
Es hagelte Fehlermeldungen und der Tunnel baute sich ständig auf und ab.
Ich habe in der GUI die neuen certs und keys per copy and paste in die Felder
eingefügt, das kann man doch so machen, oder? Jedenfalls lief die alte
Konfiguration nach dem zurück kopieren der Slowenien Certs über die GUI wieder
erfolgreich.
Ich habe im Anhang mal zwei Dateien angehängt mit den Ausgaben von logread beim
starten den Tunnels. Könntets Du oder jemand anders mit Ahnung mal drüber
schauen und evtl. sagen wo es da klemmt.
Ich habe auch bei Bedarf auch noch einen "nvram show" das würde ich dann aber
OL schicken, da ja dort die certs enthalten sind.
Danke vom Bernd aus Potsdam
root@0-96-waschbar-managed:~# logread -f
Jan 4 19:48:52 (none) kern.err openvpn[966]: Authenticate/Decrypt packet
error: cipher final failed
Jan 4 19:48:52 (none) kern.err openvpn[970]: read UDPv4 [EMSGSIZE
Path-MTU=1480]: Message too long (code=97)
Jan 4 19:49:01 (none) kern.err openvpn[970]: read UDPv4 [EMSGSIZE
Path-MTU=1480]: Message too long (code=97)
Jan 4 19:49:01 (none) kern.err openvpn[966]: Authenticate/Decrypt packet
error: cipher final failed
Jan 4 19:49:05 (none) daemon.warn dnsmasq[556]: Ignoring domain 0 for DHCP
host name Neo2
Jan 4 19:49:07 (none) daemon.warn dnsmasq[556]: Ignoring domain 0 for DHCP
host name Neo2
Jan 4 19:49:08 (none) kern.err openvpn[970]: read UDPv4 [EMSGSIZE
Path-MTU=1480]: Message too long (code=97)
Jan 4 19:49:09 (none) daemon.warn dnsmasq[556]: Ignoring domain 0 for DHCP
host name Neo2
Jan 4 19:49:11 (none) kern.err openvpn[966]: Authenticate/Decrypt packet
error: cipher final failed
Jan 4 19:49:13 (none) kern.err openvpn[970]: read UDPv4 [EMSGSIZE
Path-MTU=1480]: Message too long (code=97)
Jan 4 19:49:14 (none) daemon.warn dnsmasq[556]: Ignoring domain 0 for DHCP
host name Neo2
Jan 4 19:49:17 (none) daemon.info dnsmasq[556]: DHCPDISCOVER(eth1)
20:a2:e4:7d:b9:b7
Jan 4 19:49:17 (none) daemon.info dnsmasq[556]: DHCPOFFER(eth1) 10.22.0.115
20:a2:e4:7d:b9:b7
Jan 4 19:49:17 (none) daemon.warn dnsmasq[556]: Ignoring domain 0 for DHCP
host name Neo2
Jan 4 19:49:17 (none) daemon.info dnsmasq[556]: DHCPDISCOVER(eth1)
20:a2:e4:7d:b9:b7
Jan 4 19:49:17 (none) daemon.info dnsmasq[556]: DHCPOFFER(eth1) 10.22.0.115
20:a2:e4:7d:b9:b7
Jan 4 19:49:18 (none) daemon.warn dnsmasq[556]: Ignoring domain 0 for DHCP
host name Neo2
Jan 4 19:49:18 (none) daemon.info dnsmasq[556]: DHCPREQUEST(eth1) 10.22.0.115
20:a2:e4:7d:b9:b7
Jan 4 19:49:18 (none) daemon.info dnsmasq[556]: DHCPACK(eth1) 10.22.0.115
20:a2:e4:7d:b9:b7 Neo2
Jan 4 19:49:21 (none) kern.err openvpn[966]: Authenticate/Decrypt packet
error: cipher final failed
Jan 4 19:49:22 (none) kern.notice openvpn[966]: [77.87.48.10] Inactivity
timeout (--ping-restart), restarting
Jan 4 19:49:22 (none) kern.notice openvpn[966]: /usr/sbin/ip addr del dev tun0
172.31.240.153/20
Jan 4 19:49:22 (none) kern.notice openvpn[966]: /etc/openvpn/freifunk-updown
tun0 1500 1541 172.31.240.153 255.255.240.0 init
Jan 4 19:49:22 (none) kern.err openvpn[970]: read UDPv4 [EMSGSIZE
Path-MTU=1480]: Message too long (code=97)
Jan 4 19:49:22 (none) kern.notice openvpn[966]: SIGUSR1[soft,ping-restart]
received, process restarting
Jan 4 19:49:24 (none) kern.warn openvpn[966]: NOTE: the current
--script-security setting may allow this configuration to call user-defined
scripts
Jan 4 19:49:24 (none) kern.notice openvpn[966]: UDPv4 link local: [undef]
Jan 4 19:49:24 (none) kern.notice openvpn[966]: UDPv4 link remote:
77.87.49.66:1194
Jan 4 19:49:26 (none) kern.notice openvpn[966]: [77.87.48.10] Peer Connection
Initiated with 77.87.49.66:1194
Jan 4 19:49:29 (none) kern.notice openvpn[966]: TUN/TAP device tun0 opened
Jan 4 19:49:29 (none) kern.notice openvpn[966]: /usr/sbin/ip link set dev tun0
up mtu 1500
Jan 4 19:49:29 (none) kern.notice openvpn[966]: /usr/sbin/ip addr add dev tun0
172.31.240.45/20 broadcast 172.31.255.255
Jan 4 19:49:29 (none) kern.notice openvpn[966]: /etc/openvpn/freifunk-updown
tun0 1500 1541 172.31.240.45 255.255.240.0 init
Jan 4 19:49:30 (none) kern.err openvpn[970]: read UDPv4 [EMSGSIZE
Path-MTU=1480]: Message too long (code=97)
Jan 4 19:49:31 (none) kern.notice openvpn[966]: Initialization Sequence
Completed
Jan 4 19:49:33 (none) kern.err openvpn[970]: read UDPv4 [EMSGSIZE
Path-MTU=1480]: Message too long (code=97)
Jan 4 19:49:39 (none) kern.err openvpn[966]: Authenticate/Decrypt packet
error: cipher final failed
Jan 4 19:49:43 (none) kern.err openvpn[970]: read UDPv4 [EMSGSIZE
Path-MTU=1480]: Message too long (code=97)
Jan 4 19:49:48 (none) kern.err openvpn[966]: Authenticate/Decrypt packet
error: cipher final failed
Jan 4 19:49:58 (none) kern.err openvpn[966]: Authenticate/Decrypt packet
error: cipher final failed
Jan 4 19:50:08 (none) kern.err openvpn[966]: Authenticate/Decrypt packet
error: cipher final failed
Jan 4 19:50:18 (none) kern.err openvpn[966]: Authenticate/Decrypt packet
error: cipher final failed
Jan 4 19:50:29 (none) kern.notice openvpn[966]: [77.87.48.10] Inactivity
timeout (--ping-restart), restarting
Jan 4 19:50:29 (none) kern.notice openvpn[966]: /usr/sbin/ip addr del dev tun0
172.31.240.45/20
Jan 4 19:50:29 (none) kern.notice openvpn[966]: /etc/openvpn/freifunk-updown
tun0 1500 1541 172.31.240.45 255.255.240.0 init
Jan 4 19:50:29 (none) kern.notice openvpn[966]: SIGUSR1[soft,ping-restart]
received, process restarting
Jan 4 19:50:29 (none) kern.err openvpn[970]: read UDPv4 [EMSGSIZE
Path-MTU=1480]: Message too long (code=97)
Jan 4 19:50:31 (none) kern.warn openvpn[966]: NOTE: the current
--script-security setting may allow this configuration to call user-defined
scripts
Jan 4 19:50:31 (none) kern.notice openvpn[966]: UDPv4 link local: [undef]
Jan 4 19:50:31 (none) kern.notice openvpn[966]: UDPv4 link remote:
77.87.48.10:1194
Jan 4 19:50:37 (none) kern.notice openvpn[966]: [77.87.48.10] Peer Connection
Initiated with 77.87.48.10:1194
Jan 4 19:50:40 (none) kern.err openvpn[966]: Options error: Unrecognized
option or missing parameter(s) in [PUSH-OPTIONS]:1: ifconfig-ipv6 (2.1.1)
Jan 4 19:50:40 (none) kern.err openvpn[966]: Options error: Unrecognized
option or missing parameter(s) in [PUSH-OPTIONS]:8: route-ipv6 (2.1.1)
Jan 4 19:50:40 (none) kern.notice openvpn[966]: TUN/TAP device tun0 opened
Jan 4 19:50:40 (none) kern.notice openvpn[966]: /usr/sbin/ip link set dev tun0
up mtu 1500
Jan 4 19:50:40 (none) kern.notice openvpn[966]: /usr/sbin/ip addr add dev tun0
172.31.240.153/20 broadcast 172.31.255.255
Jan 4 19:50:40 (none) kern.notice openvpn[966]: /etc/openvpn/freifunk-updown
tun0 1500 1541 172.31.240.153 255.255.240.0 init
Jan 4 19:50:42 (none) kern.notice openvpn[966]: Initialization Sequence
Completed
Jan 4 19:50:43 (none) kern.err openvpn[970]: read UDPv4 [EMSGSIZE
Path-MTU=1480]: Message too long (code=97)
Jan 4 19:50:44 (none) kern.err openvpn[970]: read UDPv4 [EMSGSIZE
Path-MTU=1480]: Message too long (code=97)
Jan 4 19:50:49 (none) kern.err openvpn[966]: Authenticate/Decrypt packet
error: cipher final failed
Jan 4 19:50:59 (none) kern.err openvpn[966]: Authenticate/Decrypt packet
error: cipher final failed
Jan 4 19:51:09 (none) kern.err openvpn[966]: Authenticate/Decrypt packet
error: cipher final failed
Jan 4 19:51:20 (none) kern.err openvpn[966]: Authenticate/Decrypt packet
error: cipher final failed
Jan 4 19:51:29 (none) kern.err openvpn[966]: Authenticate/Decrypt packet
error: cipher final failed
Jan 4 19:51:39 (none) kern.err openvpn[966]: Authenticate/Decrypt packet
error: cipher final failed
Jan 4 19:51:40 (none) kern.notice openvpn[966]: [77.87.48.10] Inactivity
timeout (--ping-restart), restarting
Jan 4 19:51:40 (none) kern.notice openvpn[966]: /usr/sbin/ip addr del dev tun0
172.31.240.153/20
Jan 4 19:51:40 (none) kern.notice openvpn[966]: /etc/openvpn/freifunk-updown
tun0 1500 1541 172.31.240.153 255.255.240.0 init
Jan 4 19:51:40 (none) kern.notice openvpn[966]: SIGUSR1[soft,ping-restart]
received, process restarting
Jan 4 19:51:40 (none) kern.err openvpn[970]: read UDPv4 [EMSGSIZE
Path-MTU=1480]: Message too long (code=97)
Jan 4 19:51:42 (none) kern.warn openvpn[966]: NOTE: the current
--script-security setting may allow this configuration to call user-defined
scripts
Jan 4 19:51:42 (none) kern.notice openvpn[966]: UDPv4 link local: [undef]
Jan 4 19:51:42 (none) kern.notice openvpn[966]: UDPv4 link remote:
77.87.49.66:1194
Jan 4 19:51:47 (none) kern.info dropbear[3425]: Child connection from
10.22.0.116:64641
Jan 4 19:51:47 (none) kern.notice openvpn[966]: [77.87.48.10] Peer Connection
Initiated with 77.87.49.66:1194
Jan 4 19:51:50 (none) kern.notice openvpn[966]: TUN/TAP device tun0 opened
Jan 4 19:51:50 (none) kern.notice openvpn[966]: /usr/sbin/ip link set dev tun0
up mtu 1500
Jan 4 19:51:50 (none) kern.notice openvpn[966]: /usr/sbin/ip addr add dev tun0
172.31.240.45/20 broadcast 172.31.255.255
Jan 4 19:51:50 (none) kern.notice openvpn[966]: /etc/openvpn/freifunk-updown
tun0 1500 1541 172.31.240.45 255.255.240.0 init
Jan 4 19:51:51 (none) kern.notice dropbear[3425]: password auth succeeded for
'root' from 10.22.0.116:64641
Jan 4 19:51:52 (none) kern.err openvpn[970]: read UDPv4 [EMSGSIZE
Path-MTU=1480]: Message too long (code=97)
Jan 4 19:51:52 (none) kern.notice openvpn[966]: Initialization Sequence
Completed
_______________________________________________
Users mailing list
[email protected]
https://lists.freifunk-potsdam.de/listinfo/users
