Search Results

Search found 33 results on 2 pages for 'pkcs11'.

Page 2/2 | < Previous Page | 1 2 

  • Unable to connect to OpenVPN server

    - by Incognito
    I'm trying to get a working setup of OpenVPN on my VM and authenticate into it from a client. I'm not sure but it looks to me like it's socket related, as it's not set to LISTEN, and localhost seems wrong. I've never set up VPN before. # netstat -tulpn | grep vpn Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name udp 0 0 127.0.0.1:1194 0.0.0.0:* 24059/openvpn I don't think this is set up correctly. Here's some detail into what I've done. I have a VPS from MediaTemple: These are my interfaces before starting openvpn: lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:39482 errors:0 dropped:0 overruns:0 frame:0 TX packets:39482 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:3237452 (3.2 MB) TX bytes:3237452 (3.2 MB) venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:127.0.0.1 P-t-P:127.0.0.1 Bcast:0.0.0.0 Mask:255.255.255.255 UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1 RX packets:4885284 errors:0 dropped:0 overruns:0 frame:0 TX packets:4679884 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:835278537 (835.2 MB) TX bytes:1989289617 (1.9 GB) venet0:0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:205.[redacted] P-t-P:205.186.148.82 Bcast:0.0.0.0 Mask:255.255.255.255 UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1 I've followed this guide on setting up a basic server and getting a .p12 file, however, I was receiving an error that stated /dev/net/tun was missing, so I created it mkdir -p /dev/net mknod /dev/net/tun c 10 200 chmod 600 /dev/net/tun This resolved the error preventing the service from launching, however, I am unable to connect. On the server I've set up the myserver.conf file (as per the tutorial) to indicate local 127.0.0.1 (I've also attempted with the public IP address, perhaps I don't understand what they mean by local IP?). The server launches without error, this is what the log looks like when it starts: Sun Apr 1 17:21:27 2012 OpenVPN 2.1.3 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Mar 11 2011 Sun Apr 1 17:21:27 2012 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Sun Apr 1 17:21:27 2012 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Sun Apr 1 17:21:27 2012 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted> Sun Apr 1 17:21:27 2012 TUN/TAP device tun0 opened Sun Apr 1 17:21:27 2012 /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1500 Sun Apr 1 17:21:27 2012 GID set to openvpn Sun Apr 1 17:21:27 2012 UID set to openvpn Sun Apr 1 17:21:27 2012 UDPv4 link local (bound): [AF_INET]127.0.0.1:1194 Sun Apr 1 17:21:27 2012 UDPv4 link remote: [undef] Sun Apr 1 17:21:27 2012 Initialization Sequence Completed This creates a tun0 interface that looks like this: tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) And the netstat command still indicates the state is not set to LISTEN. On the client-side I've installed the p12 certs onto two devices (one is an android tablet, the other is an Ubuntu desktop). I don't see port 1194 as open either. Both clients install the cert files and then ask me for the L2TP secret (which was set on the file), but then they oddly ask me for a username and a password, which I don't know where I could possibly get those from. I attempted all of my logins, and some whacky guesses that were frantically pulling at straws. If there's any more information I could provide let me know.

    Read the article

  • Openvpn issue with linux

    - by catsy
    So I've tried to setup openvpn, I followed some guide but it's stuck att "initialization sequence completed" with no connection and I can't find any working solution... here's the log: $Sun Sep 23 19:14:32 2012 OpenVPN 2.1.0 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 20 2010 Enter Auth Username:pumpedup Enter Auth Password: Sun Sep 23 19:14:37 2012 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Sun Sep 23 19:14:37 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Sun Sep 23 19:14:37 2012 LZO compression initialized Sun Sep 23 19:14:37 2012 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] Sun Sep 23 19:14:38 2012 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Sun Sep 23 19:14:38 2012 Local Options hash (VER=V4): '41690919' Sun Sep 23 19:14:38 2012 Expected Remote Options hash (VER=V4): '530fdded' Sun Sep 23 19:14:38 2012 Socket Buffers: R=[163840-131072] S=[163840-131072] Sun Sep 23 19:14:38 2012 UDPv4 link local: [undef] Sun Sep 23 19:14:38 2012 UDPv4 link remote: [AF_INET]192.162.102.162:1194 Sun Sep 23 19:14:38 2012 TLS: Initial packet from [AF_INET]192.162.102.162:1194, sid=87a95723 a6d7b7f9 Sun Sep 23 19:14:38 2012 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Sun Sep 23 19:14:38 2012 VERIFY OK: depth=1, /C=NV/ST=NV/L=nVPN/O=nVpn/CN=nVpn_CA/[email protected] Sun Sep 23 19:14:38 2012 VERIFY OK: depth=0, /C=NV/ST=NV/L=nVPN/O=nVpn/CN=server/[email protected] Sun Sep 23 19:14:39 2012 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1542', remote='link-mtu 6042' Sun Sep 23 19:14:39 2012 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1500', remote='tun-mtu 6000' Sun Sep 23 19:14:39 2012 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Sun Sep 23 19:14:39 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Sun Sep 23 19:14:39 2012 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Sun Sep 23 19:14:39 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Sun Sep 23 19:14:39 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Sun Sep 23 19:14:39 2012 [server] Peer Connection Initiated with [AF_INET]192.162.102.162:1194 Sun Sep 23 19:14:41 2012 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) Sun Sep 23 19:14:41 2012 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.8.8,route 10.102.162.1,topology net30,ping 10,ping-restart 120,ifconfig 10.102.162.6 10.102.162.5' Sun Sep 23 19:14:41 2012 OPTIONS IMPORT: timers and/or timeouts modified Sun Sep 23 19:14:41 2012 OPTIONS IMPORT: --ifconfig/up options modified Sun Sep 23 19:14:41 2012 OPTIONS IMPORT: route options modified Sun Sep 23 19:14:41 2012 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Sun Sep 23 19:14:41 2012 ROUTE default_gateway=10.0.2.2 Sun Sep 23 19:14:41 2012 TUN/TAP device tun0 opened Sun Sep 23 19:14:41 2012 TUN/TAP TX queue length set to 100 Sun Sep 23 19:14:41 2012 /sbin/ifconfig tun0 10.102.162.6 pointopoint 10.102.162.5 mtu 1500 Sun Sep 23 19:14:41 2012 /sbin/route add -net 192.162.102.162 netmask 255.255.255.255 gw 10.0.2.2 Sun Sep 23 19:14:41 2012 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.102.162.5 Sun Sep 23 19:14:41 2012 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.102.162.5 Sun Sep 23 19:14:41 2012 /sbin/route add -net 10.102.162.1 netmask 255.255.255.255 gw 10.102.162.5 Sun Sep 23 19:14:41 2012 Initialization Sequence Completed

    Read the article

  • OpenVPN on Ubuntu 11.10 - unable to redirect default gateway

    - by Vladimir Kadalashvili
    I'm trying to connect to connect to OpenVPN server from my Ubuntu 11.10 machine. I use the following command to do it (under root user): openvpn --config /home/vladimir/client.ovpn Everything seems to be OK, it connects normally without any warnings and errors, but when I try to browse the internet I see that I still use my own IP address, so VPN connection doesn't work. When I run openvpn command, it displays the following message among others: NOTE: unable to redirect default gateway -- Cannot read current default gateway from system I think it's the cause of this problem, but unfortunately I don't know how to fix it. Below is full output of openvpn command: Sat Jun 9 23:51:36 2012 OpenVPN 2.2.0 x86_64-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Jul 4 2011 Sat Jun 9 23:51:36 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Sat Jun 9 23:51:36 2012 Control Channel Authentication: tls-auth using INLINE static key file Sat Jun 9 23:51:36 2012 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Sat Jun 9 23:51:36 2012 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Sat Jun 9 23:51:36 2012 LZO compression initialized Sat Jun 9 23:51:36 2012 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ] Sat Jun 9 23:51:36 2012 Socket Buffers: R=[126976->200000] S=[126976->200000] Sat Jun 9 23:51:36 2012 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Sat Jun 9 23:51:36 2012 Local Options hash (VER=V4): '504e774e' Sat Jun 9 23:51:36 2012 Expected Remote Options hash (VER=V4): '14168603' Sat Jun 9 23:51:36 2012 UDPv4 link local: [undef] Sat Jun 9 23:51:36 2012 UDPv4 link remote: [AF_INET]94.229.78.130:1194 Sat Jun 9 23:51:37 2012 TLS: Initial packet from [AF_INET]94.229.78.130:1194, sid=13fd921b b42072ab Sat Jun 9 23:51:37 2012 VERIFY OK: depth=1, /CN=OpenVPN_CA Sat Jun 9 23:51:37 2012 VERIFY OK: nsCertType=SERVER Sat Jun 9 23:51:37 2012 VERIFY OK: depth=0, /CN=OpenVPN_Server Sat Jun 9 23:51:38 2012 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Sat Jun 9 23:51:38 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Sat Jun 9 23:51:38 2012 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Sat Jun 9 23:51:38 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Sat Jun 9 23:51:38 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Sat Jun 9 23:51:38 2012 [OpenVPN_Server] Peer Connection Initiated with [AF_INET]94.229.78.130:1194 Sat Jun 9 23:51:40 2012 SENT CONTROL [OpenVPN_Server]: 'PUSH_REQUEST' (status=1) Sat Jun 9 23:51:40 2012 PUSH: Received control message: 'PUSH_REPLY,explicit-exit-notify,topology subnet,route-delay 5 30,dhcp-pre-release,dhcp-renew,dhcp-release,route-metric 101,ping 5,ping-restart 40,redirect-gateway def1,redirect-gateway bypass-dhcp,redirect-gateway autolocal,route-gateway 5.5.0.1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,register-dns,comp-lzo yes,ifconfig 5.5.117.43 255.255.0.0' Sat Jun 9 23:51:40 2012 Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:4: dhcp-pre-release (2.2.0) Sat Jun 9 23:51:40 2012 Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:5: dhcp-renew (2.2.0) Sat Jun 9 23:51:40 2012 Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:6: dhcp-release (2.2.0) Sat Jun 9 23:51:40 2012 Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:16: register-dns (2.2.0) Sat Jun 9 23:51:40 2012 OPTIONS IMPORT: timers and/or timeouts modified Sat Jun 9 23:51:40 2012 OPTIONS IMPORT: explicit notify parm(s) modified Sat Jun 9 23:51:40 2012 OPTIONS IMPORT: LZO parms modified Sat Jun 9 23:51:40 2012 OPTIONS IMPORT: --ifconfig/up options modified Sat Jun 9 23:51:40 2012 OPTIONS IMPORT: route options modified Sat Jun 9 23:51:40 2012 OPTIONS IMPORT: route-related options modified Sat Jun 9 23:51:40 2012 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Sat Jun 9 23:51:40 2012 ROUTE: default_gateway=UNDEF Sat Jun 9 23:51:40 2012 TUN/TAP device tun0 opened Sat Jun 9 23:51:40 2012 TUN/TAP TX queue length set to 100 Sat Jun 9 23:51:40 2012 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Sat Jun 9 23:51:40 2012 /sbin/ifconfig tun0 5.5.117.43 netmask 255.255.0.0 mtu 1500 broadcast 5.5.255.255 Sat Jun 9 23:51:45 2012 NOTE: unable to redirect default gateway -- Cannot read current default gateway from system Sat Jun 9 23:51:45 2012 Initialization Sequence Completed Output of route command: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default * 0.0.0.0 U 0 0 0 ppp0 5.5.0.0 * 255.255.0.0 U 0 0 0 tun0 link-local * 255.255.0.0 U 1000 0 0 wlan0 192.168.0.0 * 255.255.255.0 U 0 0 0 wlan0 stream-ts1.net. * 255.255.255.255 UH 0 0 0 ppp0 Output of ifconfig command: eth0 Link encap:Ethernet HWaddr 6c:62:6d:44:0d:12 inet6 addr: fe80::6e62:6dff:fe44:d12/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:54594 errors:0 dropped:0 overruns:0 frame:0 TX packets:59897 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:44922107 (44.9 MB) TX bytes:8839969 (8.8 MB) Interrupt:41 Base address:0x8000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:4561 errors:0 dropped:0 overruns:0 frame:0 TX packets:4561 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:685425 (685.4 KB) TX bytes:685425 (685.4 KB) ppp0 Link encap:Point-to-Point Protocol inet addr:213.206.63.44 P-t-P:213.206.34.4 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1 RX packets:53577 errors:0 dropped:0 overruns:0 frame:0 TX packets:58892 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:43667387 (43.6 MB) TX bytes:7504776 (7.5 MB) tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:5.5.117.43 P-t-P:5.5.117.43 Mask:255.255.0.0 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) wlan0 Link encap:Ethernet HWaddr 00:27:19:f6:b5:cf inet addr:192.168.0.1 Bcast:0.0.0.0 Mask:255.255.255.0 inet6 addr: fe80::227:19ff:fef6:b5cf/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:12079 errors:0 dropped:0 overruns:0 frame:0 TX packets:11178 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1483691 (1.4 MB) TX bytes:4307899 (4.3 MB) So my question is - how to make OpenVPN redirect default gateway? Thanks!

    Read the article

  • Connecting a LAN to an OpenVPN server via a windows 7 client gateway

    - by user705142
    I've got OpenVPN set up between my windows 7 client and linux server. The goal is that I'll get secure access to a webapp running on the server from any computer on the client LAN. I'm using ccd to assign static ip addresses to each client connection, with key authentication. It's working on my client machine (10.83.41.9), and when you go to the gateway IP address (10.83.41.1), it loads up the webapp. Now I really need the other computers on the client LAN to be able to connect to the webapp as well, via the windows machine. The client has a static IP address of 192.168.2.100 on the LAN, and I've enabled IP forwarding in windows (confirmed by ipconfig /all). In my router I've forwarded 10.83.41.1 / 255.255.255.255 to 192.168.2.100. In server.conf I have.. route 192.168.2.0 255.255.255.0 And in the office ccd.. ifconfig-push 10.83.41.9 10.83.41.10 iroute 192.168.2.0 255.255.255.0 The client log is as follows: Thu Mar 15 20:19:56 2012 OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2] [PKCS11] built on Dec 15 2011 Thu Mar 15 20:19:56 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Thu Mar 15 20:19:56 2012 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file Thu Mar 15 20:19:56 2012 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Thu Mar 15 20:19:56 2012 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Thu Mar 15 20:19:56 2012 LZO compression initialized Thu Mar 15 20:19:56 2012 Control Channel MTU parms [ L:1558 D:166 EF:66 EB:0 ET:0 EL:0 ] Thu Mar 15 20:19:56 2012 Socket Buffers: R=[8192->8192] S=[64512->64512] Thu Mar 15 20:19:56 2012 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ] Thu Mar 15 20:19:56 2012 Local Options hash (VER=V4): '9e7066d2' Thu Mar 15 20:19:56 2012 Expected Remote Options hash (VER=V4): '162b04de' Thu Mar 15 20:19:56 2012 UDPv4 link local: [undef] Thu Mar 15 20:19:56 2012 UDPv4 link remote: 111.65.224.202:1194 Thu Mar 15 20:19:56 2012 TLS: Initial packet from 111.65.224.202:1194, sid=ceb04c22 8cc6d151 Thu Mar 15 20:19:56 2012 VERIFY OK: depth=1, /C=NZ/O=XXX./CN=XXX Thu Mar 15 20:19:56 2012 VERIFY OK: nsCertType=SERVER Thu Mar 15 20:19:56 2012 VERIFY OK: depth=0, /C=NZ/O=XXX./CN=XXX Thu Mar 15 20:19:56 2012 Replay-window backtrack occurred [1] Thu Mar 15 20:19:56 2012 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Thu Mar 15 20:19:56 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Thu Mar 15 20:19:56 2012 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Thu Mar 15 20:19:56 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Thu Mar 15 20:19:56 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Thu Mar 15 20:19:56 2012 [server] Peer Connection Initiated with 111.65.224.202:1194 Thu Mar 15 20:19:58 2012 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) Thu Mar 15 20:19:59 2012 PUSH: Received control message: 'PUSH_REPLY,route 10.83.41.1,topology net30,ping 10,ping-restart 120,ifconfig 10.83.41.9 10.83.41.10' Thu Mar 15 20:19:59 2012 OPTIONS IMPORT: timers and/or timeouts modified Thu Mar 15 20:19:59 2012 OPTIONS IMPORT: --ifconfig/up options modified Thu Mar 15 20:19:59 2012 OPTIONS IMPORT: route options modified Thu Mar 15 20:19:59 2012 ROUTE default_gateway=192.168.2.1 Thu Mar 15 20:19:59 2012 TAP-WIN32 device [OpenVPN] opened: \\.\Global\{B32D85C9-1942-42E2-80BA-7E0B5BB5185F}.tap Thu Mar 15 20:19:59 2012 TAP-Win32 Driver Version 9.9 Thu Mar 15 20:19:59 2012 TAP-Win32 MTU=1500 Thu Mar 15 20:19:59 2012 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.83.41.9/255.255.255.252 on interface {B32D85C9-1942-42E2-80BA-7E0B5BB5185F} [DHCP-serv: 10.83.41.10, lease-time: 31536000] Thu Mar 15 20:19:59 2012 Successful ARP Flush on interface [45] {B32D85C9-1942-42E2-80BA-7E0B5BB5185F} Thu Mar 15 20:20:04 2012 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up Thu Mar 15 20:20:04 2012 C:\WINDOWS\system32\route.exe ADD 10.83.41.1 MASK 255.255.255.255 10.83.41.10 Thu Mar 15 20:20:04 2012 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4 Thu Mar 15 20:20:04 2012 Route addition via IPAPI succeeded [adaptive] Thu Mar 15 20:20:04 2012 Initialization Sequence Completed From the other machines I can ping 192.169.2.100, but not 10.83.41.1. In the how-to, it mentions "Make sure your network interface is in promiscuous mode." as well. I can't find in the windows network config, so this may or may not be part of it. Ideally this would be achieved without any special configuration the other LAN computers. Not sure how far I'm going to get on my own at this point, any ideas? Is there something I'm missing, or anything I should need to know?

    Read the article

  • OpenVPN stopped working, what could have happened?

    - by jaja
    I have Openvpn, and it worked great when I used it on PC (Windows 8), then I copied all files (Certificates and config) to an Android 4 phone to use them. Now, Openvpn works on the phone, but not the PC. Specifically, when I open Google I get: The server at www.google.com can't be found, because the DNS lookup failed, but the VPN seems to be connected. I have a simple question, could the problem be because I copied the same files? Routing table before connecting:- IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.101 25 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.1.0 255.255.255.0 On-link 192.168.1.101 281 192.168.1.101 255.255.255.255 On-link 192.168.1.101 281 192.168.1.255 255.255.255.255 On-link 192.168.1.101 281 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.1.101 281 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.1.101 281 =========================================================================== Routing table after connecting:- IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.101 25 0.0.0.0 128.0.0.0 10.8.0.5 10.8.0.6 30 10.8.0.1 255.255.255.255 10.8.0.5 10.8.0.6 30 10.8.0.4 255.255.255.252 On-link 10.8.0.6 286 10.8.0.6 255.255.255.255 On-link 10.8.0.6 286 10.8.0.7 255.255.255.255 On-link 10.8.0.6 286 **.**.***.** 255.255.255.255 192.168.1.254 192.168.1.101 25 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 128.0.0.0 128.0.0.0 10.8.0.5 10.8.0.6 30 192.168.1.0 255.255.255.0 On-link 192.168.1.101 281 192.168.1.101 255.255.255.255 On-link 192.168.1.101 281 192.168.1.255 255.255.255.255 On-link 192.168.1.101 281 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.1.101 281 224.0.0.0 240.0.0.0 On-link 10.8.0.6 286 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.1.101 281 255.255.255.255 255.255.255.255 On-link 10.8.0.6 286 =========================================================================== Server conf:- port 1194 proto udp dev tun ca ca.crt cert myservername.crt key myservername.key dh dh1024.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt duplicate-cn keepalive 10 120 comp-lzo persist-key persist-tun status openvpn-status.log verb 3 push "redirect-gateway def1" Client conf:- client dev tun proto udp remote 89.32.148.35 1194 resolv-retry infinite nobind persist-key persist-tun mute-replay-warnings ca ca.crt cert client1.crt key client1.key verb 3 comp-lzo redirect-gateway def1 Here is the log file:- Tue Dec 18 16:34:27 2012 OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2] [PKCS11] built on Dec 15 2011 Tue Dec 18 16:34:27 2012 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Tue Dec 18 16:34:27 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Tue Dec 18 16:34:27 2012 LZO compression initialized Tue Dec 18 16:34:27 2012 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] Tue Dec 18 16:34:27 2012 Socket Buffers: R=[65536-65536] S=[65536-65536] Tue Dec 18 16:34:27 2012 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Tue Dec 18 16:34:27 2012 Local Options hash (VER=V4): '41690919' Tue Dec 18 16:34:27 2012 Expected Remote Options hash (VER=V4): '530fdded' Tue Dec 18 16:34:27 2012 UDPv4 link local: [undef] Tue Dec 18 16:34:27 2012 UDPv4 link remote: ..*.:1194 Tue Dec 18 16:34:27 2012 TLS: Initial packet from ..*.:1194, sid=4d1496ad 2079a5fa Tue Dec 18 16:34:28 2012 VERIFY OK: depth=1, /C=/ST=/L=/O=/OU=/CN=/name=/emailAddress= Tue Dec 18 16:34:28 2012 VERIFY OK: depth=0, /C=/ST=/L=/O=/OU=/CN=/name=/emailAddress= Tue Dec 18 16:34:29 2012 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Tue Dec 18 16:34:29 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Dec 18 16:34:29 2012 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Tue Dec 18 16:34:29 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Dec 18 16:34:29 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Tue Dec 18 16:34:29 2012 [myservername] Peer Connection Initiated with ..*.:1194 Tue Dec 18 16:34:32 2012 SENT CONTROL [myservername]: 'PUSH_REQUEST' (status=1) Tue Dec 18 16:34:32 2012 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' Tue Dec 18 16:34:32 2012 OPTIONS IMPORT: timers and/or timeouts modified Tue Dec 18 16:34:32 2012 OPTIONS IMPORT: --ifconfig/up options modified Tue Dec 18 16:34:32 2012 OPTIONS IMPORT: route options modified Tue Dec 18 16:34:32 2012 ROUTE default_gateway=192.168.1.254 Tue Dec 18 16:34:32 2012 TAP-WIN32 device [Local Area Connection] opened: \.\Global{F0CFEBBF-9B1B-4CFB-8A82-027330974C30}.tap Tue Dec 18 16:34:32 2012 TAP-Win32 Driver Version 9.9 Tue Dec 18 16:34:32 2012 TAP-Win32 MTU=1500 Tue Dec 18 16:34:32 2012 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {F0CFEBBF-9B1B-4CFB-8A82-027330974C30} [DHCP-serv: 10.8.0.5, lease-time: 31536000] Tue Dec 18 16:34:32 2012 Successful ARP Flush on interface [26] {F0CFEBBF-9B1B-4CFB-8A82-027330974C30} Tue Dec 18 16:34:37 2012 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up Tue Dec 18 16:34:37 2012 C:\WINDOWS\system32\route.exe ADD ..*. MASK 255.255.255.255 192.168.1.254 Tue Dec 18 16:34:37 2012 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=25 and dwForwardType=4 Tue Dec 18 16:34:37 2012 Route addition via IPAPI succeeded [adaptive] Tue Dec 18 16:34:37 2012 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.5 Tue Dec 18 16:34:37 2012 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4 Tue Dec 18 16:34:37 2012 Route addition via IPAPI succeeded [adaptive] Tue Dec 18 16:34:37 2012 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.5 Tue Dec 18 16:34:37 2012 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4 Tue Dec 18 16:34:37 2012 Route addition via IPAPI succeeded [adaptive] Tue Dec 18 16:34:37 2012 C:\WINDOWS\system32\route.exe ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.5 Tue Dec 18 16:34:37 2012 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4 Tue Dec 18 16:34:37 2012 Route addition via IPAPI succeeded [adaptive] Tue Dec 18 16:34:37 2012 Initialization Sequence Completed

    Read the article

  • Error Installing MS office in ubuntu 13.04

    - by Birendra
    While I am installing ms office 10 or 13 using wine it says the following: Unhandled exception: 0xc06d007e in 32-bit code (0x7b83ae0b). Register dump: CS:0023 SS:002b DS:002b ES:002b FS:0063 GS:006b EIP:7b83ae0b ESP:0a6cd3f8 EBP:0a6cd45c EFLAGS:00000287( - -- I S - -P-C) EAX:7b826449 EBX:7b8b0000 ECX:0a6cd480 EDX:0a6cd41c ESI:00dd2428 EDI:00000000 Stack dump: 0x0a6cd3f8: 0a6cd4d0 00000004 000a0009 c06d007e 0x0a6cd408: 00000000 00000000 7b83ae0b 00000001 0x0a6cd418: 0a6cd480 7b8589db 7ffd0c00 00000000 0x0a6cd428: 00000000 00000000 00000000 00000000 0x0a6cd438: 00000000 7ffd0c00 00000000 7b8b0000 0x0a6cd448: 0a6cd468 7b858b2e 00dd24c0 00000000 Backtrace: =>0 0x7b83ae0b in kernel32 (+0x2ae0b) (0x0a6cd45c) 1 0x00dc93bb in msi7bec.tmp (+0x493ba) (0x0a6cd4c4) 2 0x00dc78d8 in msi7bec.tmp (+0x478d7) (0x0a6cd704) 3 0x00dc28cd in msi7bec.tmp (+0x428cc) (0x0a6cd940) 4 0x00d9caf8 in msi7bec.tmp (+0x1caf7) (0x0a6ce83c) 5 0x7def9393 CUSTOMPROC_wrapper+0xa() in msi (0x0a6ce848) 6 0x7def9671 CUSTOMPROC_wrapper+0x2e8() in msi (0x0a6ce9a8) 7 0x7def994f CUSTOMPROC_wrapper+0x5c6() in msi (0x0a6ce9f8) 8 0x7bc7f84c call_thread_func_wrapper+0xb() in ntdll (0x0a6cea08) 9 0x7bc7f89b call_thread_func+0x44() in ntdll (0x0a6ceae8) 10 0x7bc7f82a in ntdll (+0x6f829) (0x0a6ceb08) 11 0x7bc871f3 in ntdll (+0x771f2) (0x0a6cf368) 12 0xf75c5d78 start_thread+0xd7() in libpthread.so.0 (0x0a6cf468) 13 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 14 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 15 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 16 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 17 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 18 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 19 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 20 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 21 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 22 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 23 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 24 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 25 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 26 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 27 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 28 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 29 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 30 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 31 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 32 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 33 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 34 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 35 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 36 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 37 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 38 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 39 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 40 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 41 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 42 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 43 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 44 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 45 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 46 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 47 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 48 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 49 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 50 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 51 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 52 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 53 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 54 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 55 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 56 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 57 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 58 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 59 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 60 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 61 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 62 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 63 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 64 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 65 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 66 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 67 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 68 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 69 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 70 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 71 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 72 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 73 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 74 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 75 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 76 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 77 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 78 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 79 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 80 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 81 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 82 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 83 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 84 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 85 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 86 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 87 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 88 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 89 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 90 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 91 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 92 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 93 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 94 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 95 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 96 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 97 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 98 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 99 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 100 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 101 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 102 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 103 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 104 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 105 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 106 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 107 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 108 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 109 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 110 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 111 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 112 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 113 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 114 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 115 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 116 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 117 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 118 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 119 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 120 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 121 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 122 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 123 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 124 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 125 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 126 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 127 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 128 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 129 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 130 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 131 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 132 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 133 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 134 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 135 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 136 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 137 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 138 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 139 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 140 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 141 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 142 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 143 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 144 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 145 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 146 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 147 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 148 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 149 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 150 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 151 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 152 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 153 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 154 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 155 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 156 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 157 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 158 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 159 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 160 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 161 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 162 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 163 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 164 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 165 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 166 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 167 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 168 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 169 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 170 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 171 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 172 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 173 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 174 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 175 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 176 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 177 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 178 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 179 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 180 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 181 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 182 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 183 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 184 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 185 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 186 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 187 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 188 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 189 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 190 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 191 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 192 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 193 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 194 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 195 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 196 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 197 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 198 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 199 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 200 0xf74fc3de __clone+0x5d() in libc.so.6 (0x00000000) 0x7b83ae0b: subl $4,%esp Modules: Module Address Debug info Name (149 modules) PE 840000- 86f000 Deferred osetupui PE ba0000- ba7000 Deferred msi7c0d.tmp PE d40000- d51000 Deferred msi7bb6.tmp PE d80000- ddd000 Export msi7bec.tmp PE de0000- df8000 Deferred msi83ed.tmp PE e00000- e0a000 Deferred msi83f8.tmp PE f40000- 1072000 Deferred pidgenx PE 1440000- 145a000 Deferred msi958a.tmp PE 9e80000- 9edb000 Deferred msi889c.tmp PE 9ee0000- 9f0a000 Deferred msi9130.tmp PE 10000000-10593000 Deferred osetup PE 2e000000-2e119000 Deferred setup PE 41110000-41155000 Deferred msi7bd6.tmp PE 504a0000-504c7000 Deferred msi9112.tmp PE 504d0000-504f0000 Deferred msi8b04.tmp ELF 7b800000-7ba44000 Dwarf kernel32<elf> \-PE 7b810000-7ba44000 \ kernel32 ELF 7bab6000-7bb00000 Deferred libdbus-1.so.3 ELF 7bc00000-7bce4000 Dwarf ntdll<elf> \-PE 7bc10000-7bce4000 \ ntdll ELF 7be0f000-7be32000 Deferred localspl<elf> \-PE 7be10000-7be32000 \ localspl ELF 7be32000-7bf00000 Deferred libkrb5.so.3 ELF 7bf00000-7bf04000 Deferred <wine-loader> ELF 7bf09000-7bf25000 Deferred spoolss<elf> \-PE 7bf10000-7bf25000 \ spoolss ELF 7bf25000-7bf3c000 Deferred libresolv.so.2 ELF 7bf3c000-7bf64000 Deferred libk5crypto.so.3 ELF 7bf64000-7bfa1000 Deferred libgssapi_krb5.so.2 ELF 7bfa1000-7c000000 Deferred libcups.so.2 ELF 7c208000-7c2aa000 Deferred msvcrt<elf> \-PE 7c220000-7c2aa000 \ msvcrt ELF 7c2aa000-7c400000 Deferred libxml2.so.2 ELF 7c40c000-7c415000 Deferred librt.so.1 ELF 7c415000-7c427000 Deferred libavahi-client.so.3 ELF 7c427000-7c468000 Deferred winspool<elf> \-PE 7c430000-7c468000 \ winspool ELF 7c468000-7c485000 Deferred libgcc_s.so.1 ELF 7c485000-7c4c2000 Deferred libxslt.so.1 ELF 7c4c2000-7c4e9000 Deferred liblzma.so.5 ELF 7c4e9000-7c59e000 Deferred msxml3<elf> \-PE 7c4f0000-7c59e000 \ msxml3 ELF 7c59e000-7c5cd000 Deferred msxml6<elf> \-PE 7c5a0000-7c5cd000 \ msxml6 ELF 7d0e1000-7d0ea000 Deferred libkrb5support.so.0 ELF 7d0ea000-7d0f8000 Deferred libavahi-common.so.3 ELF 7d5b5000-7d5b9000 Deferred libkeyutils.so.1 ELF 7d5b9000-7d5be000 Deferred libcom_err.so.2 ELF 7d5d6000-7d63e000 Deferred riched20<elf> \-PE 7d5e0000-7d63e000 \ riched20 ELF 7d63e000-7d672000 Deferred hhctrl<elf> \-PE 7d640000-7d672000 \ hhctrl ELF 7d672000-7d696000 Deferred hlink<elf> \-PE 7d680000-7d696000 \ hlink ELF 7d696000-7d6b6000 Deferred oleacc<elf> \-PE 7d6a0000-7d6b6000 \ oleacc ELF 7d6b6000-7d6fa000 Deferred rsaenh<elf> \-PE 7d6c0000-7d6fa000 \ rsaenh ELF 7d6fa000-7d715000 Deferred imagehlp<elf> \-PE 7d700000-7d715000 \ imagehlp ELF 7d72d000-7d764000 Deferred uxtheme<elf> \-PE 7d730000-7d764000 \ uxtheme ELF 7d764000-7d76b000 Deferred libxfixes.so.3 ELF 7d76b000-7d776000 Deferred libxcursor.so.1 ELF 7d7f6000-7d81e000 Deferred libexpat.so.1 ELF 7d81e000-7d857000 Deferred libfontconfig.so.1 ELF 7d857000-7d867000 Deferred libxi.so.6 ELF 7d867000-7d872000 Deferred libxrandr.so.2 ELF 7d872000-7d87c000 Deferred libxrender.so.1 ELF 7d87c000-7d882000 Deferred libxxf86vm.so.1 ELF 7d882000-7d8a6000 Deferred imm32<elf> \-PE 7d890000-7d8a6000 \ imm32 ELF 7d8a6000-7d8ad000 Deferred libxdmcp.so.6 ELF 7d8ad000-7d8cf000 Deferred libxcb.so.1 ELF 7d8cf000-7d8d5000 Deferred libuuid.so.1 ELF 7d8d5000-7d8ef000 Deferred libice.so.6 ELF 7d8ef000-7da26000 Deferred libx11.so.6 ELF 7da26000-7da38000 Deferred libxext.so.6 ELF 7da38000-7da41000 Deferred libsm.so.6 ELF 7da41000-7daf2000 Deferred winex11<elf> \-PE 7da50000-7daf2000 \ winex11 ELF 7daf2000-7db8d000 Deferred libfreetype.so.6 ELF 7dba5000-7dbb9000 Deferred libp11-kit.so.0 ELF 7dbb9000-7dbcb000 Deferred libtasn1.so.3 ELF 7dbcb000-7dc4f000 Deferred libgcrypt.so.11 ELF 7dc4f000-7dd14000 Deferred libgnutls.so.26 ELF 7dd14000-7dd38000 Deferred cabinet<elf> \-PE 7dd20000-7dd38000 \ cabinet ELF 7dd38000-7dd61000 Deferred mpr<elf> \-PE 7dd40000-7dd61000 \ mpr ELF 7dd61000-7dd7a000 Deferred libz.so.1 ELF 7dd7b000-7dd7f000 Deferred libxcomposite.so.1 ELF 7dd7f000-7dd92000 Deferred gnome-keyring-pkcs11.so ELF 7dd92000-7de0c000 Deferred wininet<elf> \-PE 7dda0000-7de0c000 \ wininet ELF 7de0c000-7deb9000 Deferred urlmon<elf> \-PE 7de20000-7deb9000 \ urlmon ELF 7deb9000-7dfdb000 Dwarf msi<elf> \-PE 7dec0000-7dfdb000 \ msi ELF 7dfdb000-7e04b000 Deferred dbghelp<elf> \-PE 7dfe0000-7e04b000 \ dbghelp ELF 7e04b000-7e121000 Deferred crypt32<elf> \-PE 7e050000-7e121000 \ crypt32 ELF 7e121000-7e15b000 Deferred wintrust<elf> \-PE 7e130000-7e15b000 \ wintrust ELF 7e15b000-7e27a000 Deferred comctl32<elf> \-PE 7e160000-7e27a000 \ comctl32 ELF 7e27a000-7e2f0000 Deferred shlwapi<elf> \-PE 7e290000-7e2f0000 \ shlwapi ELF 7e2f0000-7e52e000 Deferred shell32<elf> \-PE 7e300000-7e52e000 \ shell32 ELF 7e52e000-7e673000 Deferred oleaut32<elf> \-PE 7e540000-7e673000 \ oleaut32 ELF 7e673000-7e754000 Deferred gdi32<elf> \-PE 7e680000-7e754000 \ gdi32 ELF 7e754000-7e8c4000 Deferred user32<elf> \-PE 7e770000-7e8c4000 \ user32 ELF 7e8c4000-7ea26000 Deferred ole32<elf> \-PE 7e8e0000-7ea26000 \ ole32 ELF 7ea26000-7eab0000 Deferred rpcrt4<elf> \-PE 7ea30000-7eab0000 \ rpcrt4 ELF 7eab0000-7eae4000 Deferred ws2_32<elf> \-PE 7eac0000-7eae4000 \ ws2_32 ELF 7eae4000-7eb56000 Deferred advapi32<elf> \-PE 7eaf0000-7eb56000 \ advapi32 ELF 7eb56000-7eb7b000 Deferred iphlpapi<elf> \-PE 7eb60000-7eb7b000 \ iphlpapi ELF 7eb7b000-7ebaa000 Deferred netapi32<elf> \-PE 7eb80000-7ebaa000 \ netapi32 ELF 7ebaa000-7ebdf000 Deferred secur32<elf> \-PE 7ebb0000-7ebdf000 \ secur32 ELF 7ebdf000-7ebfa000 Deferred version<elf> \-PE 7ebe0000-7ebfa000 \ version ELF 7ebfa000-7ec07000 Deferred libnss_files.so.2 ELF 7ec07000-7ec13000 Deferred libnss_nis.so.2 ELF 7ec13000-7ec2c000 Deferred libnsl.so.1 ELF 7ec2c000-7ec35000 Deferred libnss_compat.so.2 ELF 7efa5000-7efe8000 Deferred libm.so.6 ELF 7efe8000-7efec000 Deferred libxinerama.so.1 ELF 7efec000-7f000000 Deferred psapi<elf> \-PE 7eff0000-7f000000 \ psapi ELF f7401000-f7405000 Deferred libxau.so.6 ELF f7406000-f740b000 Deferred libdl.so.2 ELF f740b000-f75be000 Dwarf libc.so.6 ELF f75bf000-f75da000 Dwarf libpthread.so.0 ELF f75da000-f75df000 Deferred libgpg-error.so.0 ELF f75f2000-f7736000 Dwarf libwine.so.1 ELF f7738000-f775a000 Deferred ld-linux.so.2 ELF f775a000-f775b000 Deferred [vdso].so Threads: process tid prio (all id:s are in hex) 0000000e services.exe 0000005b 0 0000005c 0 00000059 0 0000002e 0 0000001f 0 00000015 0 00000010 0 0000000f 0 00000012 winedevice.exe 0000001d 0 0000001a 0 00000014 0 00000013 0 0000001b plugplay.exe 00000021 0 0000001e 0 0000001c 0 00000022 explorer.exe 00000023 0 0000002a (D) C:\users\birendra\Desktop\OFFICE 2010\setup.exe 0000005d 0 <== 0000002f 0 0000002b 0 00000042 OSE.EXE 00000045 0 00000047 0 0000002d 0 00000036 0 00000040 0 00000017 0 00000018 0 00000034 0 System information: Wine build: wine-1.4.1 Platform: i386 (WOW64) Host system: Linux Host version: 3.8.0-19-generic Anybody give me suggestion how to fix the problem to install it.

    Read the article

  • openvpn WARNING: No server certificate verification method has been enabled

    - by tmedtcom
    I tried to install openvpn on debian squeez (server) and connect from my fedora 17 as (client). Here is my configuration: server configuration ###cat server.conf # Serveur TCP ** proto tcp** port 1194 dev tun # Cles et certificats ca /etc/openvpn/easy-rsa/keys/ca.crt cert /etc/openvpn/easy-rsa/keys/server.crt key /etc/openvpn/easy-rsa/keys/server.key dh /etc/openvpn/easy-rsa/keys/dh1024.pem # Reseau #Adresse virtuel du reseau vpn server 192.170.70.0 255.255.255.0 #Cette ligne ajoute sur le client la route du reseau vers le serveur push "route 192.168.1.0 255.255.255.0" #Creer une route du server vers l'interface tun. #route 192.170.70.0 255.255.255.0 # Securite keepalive 10 120 #type d'encryptage des données **cipher AES-128-CBC** #activation de la compression comp-lzo #nombre maximum de clients autorisés max-clients 10 #pas d'utilisateur et groupe particuliers pour l'utilisation du VPN user nobody group nogroup #pour rendre la connexion persistante persist-key persist-tun #Log d'etat d'OpenVPN status /var/log/openvpn-status.log #logs openvpnlog /var/log/openvpn.log log-append /var/log/openvpn.log #niveau de verbosité verb 5 ###cat client.conf # Client client dev tun [COLOR="Red"]proto tcp-client[/COLOR] remote <my server wan IP> 1194 resolv-retry infinite **cipher AES-128-CBC** # Cles ca ca.crt cert client.crt key client.key # Securite nobind persist-key persist-tun comp-lzo verb 3 Message from the host client (fedora 17) in the log file / var / log / messages: Dec 6 21:56:00 GlobalTIC NetworkManager[691]: <info> Starting VPN service 'openvpn'... Dec 6 21:56:00 GlobalTIC NetworkManager[691]: <info> VPN service 'openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 7470 Dec 6 21:56:00 GlobalTIC NetworkManager[691]: <info> VPN service 'openvpn' appeared; activating connections Dec 6 21:56:00 GlobalTIC NetworkManager[691]: <info> VPN plugin state changed: starting (3) Dec 6 21:56:01 GlobalTIC NetworkManager[691]: <info> VPN connection 'Connexion VPN 1' (Connect) reply received. Dec 6 21:56:01 GlobalTIC nm-openvpn[7472]: OpenVPN 2.2.2 x86_64-redhat-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] built on Sep 5 2012 Dec 6 21:56:01 GlobalTIC nm-openvpn[7472]:[COLOR="Red"][U][B] WARNING: No server certificate verification method has been enabled.[/B][/U][/COLOR] See http://openvpn.net/howto.html#mitm for more info. Dec 6 21:56:01 GlobalTIC nm-openvpn[7472]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Dec 6 21:56:01 GlobalTIC nm-openvpn[7472]:[COLOR="Red"] WARNING: file '/home/login/client/client.key' is group or others accessible[/COLOR] Dec 6 21:56:01 GlobalTIC nm-openvpn[7472]: UDPv4 link local: [undef] Dec 6 21:56:01 GlobalTIC nm-openvpn[7472]: UDPv4 link remote: [COLOR="Red"]<my server wan IP>[/COLOR]:1194 Dec 6 21:56:01 GlobalTIC nm-openvpn[7472]: [COLOR="Red"]read UDPv4 [ECONNREFUSED]: Connection refused (code=111)[/COLOR] Dec 6 21:56:03 GlobalTIC nm-openvpn[7472]: [COLOR="Red"]read UDPv4[/COLOR] [ECONNREFUSED]: Connection refused (code=111) Dec 6 21:56:07 GlobalTIC nm-openvpn[7472]: read UDPv4 [ECONNREFUSED]: Connection refused (code=111) Dec 6 21:56:15 GlobalTIC nm-openvpn[7472]: read UDPv4 [ECONNREFUSED]: Connection refused (code=111) Dec 6 21:56:31 GlobalTIC nm-openvpn[7472]: read UDPv4 [ECONNREFUSED]: Connection refused (code=111) Dec 6 21:56:41 GlobalTIC NetworkManager[691]: <warn> VPN connection 'Connexion VPN 1' (IP Conf[/CODE] ifconfig on server host(debian): ifconfig eth0 Link encap:Ethernet HWaddr 08:00:27:16:21:ac inet addr:192.168.1.6 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::a00:27ff:fe16:21ac/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:9059 errors:0 dropped:0 overruns:0 frame:0 TX packets:5660 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:919427 (897.8 KiB) TX bytes:1273891 (1.2 MiB) tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:192.170.70.1 P-t-P:192.170.70.2 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) ifconfig on the client host (fedora 17) as0t0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500 inet 5.5.0.1 netmask 255.255.252.0 destination 5.5.0.1 unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 200 (UNSPEC) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 2 bytes 321 (321.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 as0t1: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500 inet 5.5.4.1 netmask 255.255.252.0 destination 5.5.4.1 unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 200 (UNSPEC) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 2 bytes 321 (321.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 as0t2: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500 inet 5.5.8.1 netmask 255.255.252.0 destination 5.5.8.1 unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 200 (UNSPEC) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 2 bytes 321 (321.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 as0t3: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500 inet 5.5.12.1 netmask 255.255.252.0 destination 5.5.12.1 unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 200 (UNSPEC) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 2 bytes 321 (321.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 **p255p1**: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.1.2 netmask 255.255.255.0 broadcast 192.168.1.255 inet6 fe80::21d:baff:fe20:b7e6 prefixlen 64 scopeid 0x20<link> ether 00:1d:ba:20:b7:e6 txqueuelen 1000 (Ethernet) RX packets 4842070 bytes 3579798184 (3.3 GiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 3996158 bytes 2436442882 (2.2 GiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 device interrupt 16 p255p1 is label for eth0 interface and on the server : root@hoteserver:/etc/openvpn# tree . +-- client ¦** +-- ca.crt ¦** +-- client.conf ¦** +-- client.crt ¦** +-- client.csr ¦** +-- client.key ¦** +-- client.ovpn ¦* ¦** +-- easy-rsa ¦** +-- build-ca ¦** +-- build-dh ¦** +-- build-inter ¦** +-- build-key ¦** +-- build-key-pass ¦** +-- build-key-pkcs12 ¦** +-- build-key-server ¦** +-- build-req ¦** +-- build-req-pass ¦** +-- clean-all ¦** +-- inherit-inter ¦** +-- keys ¦** ¦** +-- 01.pem ¦** ¦** +-- 02.pem ¦** ¦** +-- ca.crt ¦** ¦** +-- ca.key ¦** ¦** +-- client.crt ¦** ¦** +-- client.csr ¦** ¦** +-- client.key ¦** ¦** +-- dh1024.pem ¦** ¦** +-- index.txt ¦** ¦** +-- index.txt.attr ¦** ¦** +-- index.txt.attr.old ¦** ¦** +-- index.txt.old ¦** ¦** +-- serial ¦** ¦** +-- serial.old ¦** ¦** +-- server.crt ¦** ¦** +-- server.csr ¦** ¦** +-- server.key ¦** +-- list-crl ¦** +-- Makefile ¦** +-- openssl-0.9.6.cnf.gz ¦** +-- openssl.cnf ¦** +-- pkitool ¦** +-- README.gz ¦** +-- revoke-full ¦** +-- sign-req ¦** +-- vars ¦** +-- whichopensslcnf +-- openvpn.log +-- openvpn-status.log +-- server.conf +-- update-resolv-conf on the client: [login@hoteclient openvpn]$ tree . |-- easy-rsa | |-- 1.0 | | |-- build-ca | | |-- build-dh | | |-- build-inter | | |-- build-key | | |-- build-key-pass | | |-- build-key-pkcs12 | | |-- build-key-server | | |-- build-req | | |-- build-req-pass | | |-- clean-all | | |-- list-crl | | |-- make-crl | | |-- openssl.cnf | | |-- README | | |-- revoke-crt | | |-- revoke-full | | |-- sign-req | | `-- vars | `-- 2.0 | |-- build-ca | |-- build-dh | |-- build-inter | |-- build-key | |-- build-key-pass | |-- build-key-pkcs12 | |-- build-key-server | |-- build-req | |-- build-req-pass | |-- clean-all | |-- inherit-inter | |-- keys [error opening dir] | |-- list-crl | |-- Makefile | |-- openssl-0.9.6.cnf | |-- openssl-0.9.8.cnf | |-- openssl-1.0.0.cnf | |-- pkitool | |-- README | |-- revoke-full | |-- sign-req | |-- vars | `-- whichopensslcnf |-- keys -> ./easy-rsa/2.0/keys/ `-- server.conf the problem source is cipher AES-128-CBC ,proto tcp-client or UDP or the interface p255p1 on fedora17 or file authentification ta.key is not found ????

    Read the article

  • OpenVPN - Windows 8 to Windows 2008 Server, not connecting

    - by niico
    I have followed this tutorial about setting up an OpenVPN Server on Windows Server - and a client on Windows (in this case Windows 8). The server appears to be running fine - but it is not connecting with this error: Mon Jul 22 19:09:04 2013 Warning: cannot open --log file: C:\Program Files\OpenVPN\log\my-laptop.log: Access is denied. (errno=5) Mon Jul 22 19:09:04 2013 OpenVPN 2.3.2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Jun 3 2013 Mon Jul 22 19:09:04 2013 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340 Mon Jul 22 19:09:04 2013 Need hold release from management interface, waiting... Mon Jul 22 19:09:05 2013 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340 Mon Jul 22 19:09:05 2013 MANAGEMENT: CMD 'state on' Mon Jul 22 19:09:05 2013 MANAGEMENT: CMD 'log all on' Mon Jul 22 19:09:05 2013 MANAGEMENT: CMD 'hold off' Mon Jul 22 19:09:05 2013 MANAGEMENT: CMD 'hold release' Mon Jul 22 19:09:05 2013 Socket Buffers: R=[65536->65536] S=[65536->65536] Mon Jul 22 19:09:05 2013 UDPv4 link local: [undef] Mon Jul 22 19:09:05 2013 UDPv4 link remote: [AF_INET]66.666.66.666:9999 Mon Jul 22 19:09:05 2013 MANAGEMENT: >STATE:1374494945,WAIT,,, Mon Jul 22 19:10:05 2013 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Mon Jul 22 19:10:05 2013 TLS Error: TLS handshake failed Mon Jul 22 19:10:05 2013 SIGUSR1[soft,tls-error] received, process restarting Mon Jul 22 19:10:05 2013 MANAGEMENT: >STATE:1374495005,RECONNECTING,tls-error,, Mon Jul 22 19:10:05 2013 Restart pause, 2 second(s) Note I have changed the IP and port no (it uses a non-standard port for security reasons). That port is open on the hardware firewall. The server logs are showing a connection attempt from my client: TLS: Initial packet from [AF_INET]118.68.xx.xx:65011, sid=081af4ed xxxxxxxx Mon Jul 22 14:19:15 2013 118.68.xx.xx:65011 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) How can I problem solve this & find the problem? Thx Update - Client config file: ############################################## # Sample client-side OpenVPN 2.0 config file # # for connecting to multi-client server. # # # # This configuration can be used by multiple # # clients, however each client should have # # its own cert and key files. # # # # On Windows, you might want to rename this # # file so it has a .ovpn extension # ############################################## # Specify that we are a client and that we # will be pulling certain config file directives # from the server. client # Use the same setting as you are using on # the server. # On most systems, the VPN will not function # unless you partially or fully disable # the firewall for the TUN/TAP interface. ;dev tap dev tun # Windows needs the TAP-Win32 adapter name # from the Network Connections panel # if you have more than one. On XP SP2, # you may need to disable the firewall # for the TAP adapter. ;dev-node MyTap # Are we connecting to a TCP or # UDP server? Use the same setting as # on the server. ;proto tcp proto udp # The hostname/IP and port of the server. # You can have multiple remote entries # to load balance between the servers. remote 00.00.00.00 1194 ;remote 00.00.00.00 9999 ;remote my-server-2 1194 # Choose a random host from the remote # list for load-balancing. Otherwise # try hosts in the order specified. ;remote-random # Keep trying indefinitely to resolve the # host name of the OpenVPN server. Very useful # on machines which are not permanently connected # to the internet such as laptops. resolv-retry infinite # Most clients don't need to bind to # a specific local port number. nobind # Downgrade privileges after initialization (non-Windows only) ;user nobody ;group nobody # Try to preserve some state across restarts. persist-key persist-tun # If you are connecting through an # HTTP proxy to reach the actual OpenVPN # server, put the proxy server/IP and # port number here. See the man page # if your proxy server requires # authentication. ;http-proxy-retry # retry on connection failures ;http-proxy [proxy server] [proxy port #] # Wireless networks often produce a lot # of duplicate packets. Set this flag # to silence duplicate packet warnings. ;mute-replay-warnings # SSL/TLS parms. # See the server config file for more # description. It's best to use # a separate .crt/.key file pair # for each client. A single ca # file can be used for all clients. ca "C:\\Program Files\\OpenVPN\\config\\ca.crt" cert "C:\\Program Files\\OpenVPN\\config\\my-laptop.crt" key "C:\\Program Files\\OpenVPN\\config\\my-laptop.key" # Verify server certificate by checking # that the certicate has the nsCertType # field set to "server". This is an # important precaution to protect against # a potential attack discussed here: # http://openvpn.net/howto.html#mitm # # To use this feature, you will need to generate # your server certificates with the nsCertType # field set to "server". The build-key-server # script in the easy-rsa folder will do this. ns-cert-type server # If a tls-auth key is used on the server # then every client must also have the key. ;tls-auth ta.key 1 # Select a cryptographic cipher. # If the cipher option is used on the server # then you must also specify it here. ;cipher x # Enable compression on the VPN link. # Don't enable this unless it is also # enabled in the server config file. comp-lzo # Set log file verbosity. verb 3 # Silence repeating messages ;mute 20 Server config file: ################################################# # Sample OpenVPN 2.0 config file for # # multi-client server. # # # # This file is for the server side # # of a many-clients <-> one-server # # OpenVPN configuration. # # # # OpenVPN also supports # # single-machine <-> single-machine # # configurations (See the Examples page # # on the web site for more info). # # # # This config should work on Windows # # or Linux/BSD systems. Remember on # # Windows to quote pathnames and use # # double backslashes, e.g.: # # "C:\\Program Files\\OpenVPN\\config\\foo.key" # # # # Comments are preceded with '#' or ';' # ################################################# # Which local IP address should OpenVPN # listen on? (optional) ;local 00.00.00.00 # Which TCP/UDP port should OpenVPN listen on? # If you want to run multiple OpenVPN instances # on the same machine, use a different port # number for each one. You will need to # open up this port on your firewall. std 1194 port 1194 # TCP or UDP server? ;proto tcp proto udp # "dev tun" will create a routed IP tunnel, # "dev tap" will create an ethernet tunnel. # Use "dev tap0" if you are ethernet bridging # and have precreated a tap0 virtual interface # and bridged it with your ethernet interface. # If you want to control access policies # over the VPN, you must create firewall # rules for the the TUN/TAP interface. # On non-Windows systems, you can give # an explicit unit number, such as tun0. # On Windows, use "dev-node" for this. # On most systems, the VPN will not function # unless you partially or fully disable # the firewall for the TUN/TAP interface. ;dev tap dev tun # Windows needs the TAP-Win32 adapter name # from the Network Connections panel if you # have more than one. On XP SP2 or higher, # you may need to selectively disable the # Windows firewall for the TAP adapter. # Non-Windows systems usually don't need this. ;dev-node MyTap # SSL/TLS root certificate (ca), certificate # (cert), and private key (key). Each client # and the server must have their own cert and # key file. The server and all clients will # use the same ca file. # # See the "easy-rsa" directory for a series # of scripts for generating RSA certificates # and private keys. Remember to use # a unique Common Name for the server # and each of the client certificates. # # Any X509 key management system can be used. # OpenVPN can also use a PKCS #12 formatted key file # (see "pkcs12" directive in man page). ca "C:\\Program Files\\OpenVPN\\config\\ca.crt" cert "C:\\Program Files\\OpenVPN\\config\\server.crt" key "C:\\Program Files\\OpenVPN\\config\\server.key" # Diffie hellman parameters. # Generate your own with: # openssl dhparam -out dh1024.pem 1024 # Substitute 2048 for 1024 if you are using # 2048 bit keys. dh "C:\\Program Files\\OpenVPN\\config\\dh2048.pem" # Configure server mode and supply a VPN subnet # for OpenVPN to draw client addresses from. # The server will take 10.8.0.1 for itself, # the rest will be made available to clients. # Each client will be able to reach the server # on 10.8.0.1. Comment this line out if you are # ethernet bridging. See the man page for more info. server 10.8.0.0 255.255.255.0 # Maintain a record of client <-> virtual IP address # associations in this file. If OpenVPN goes down or # is restarted, reconnecting clients can be assigned # the same virtual IP address from the pool that was # previously assigned. ifconfig-pool-persist ipp.txt # Configure server mode for ethernet bridging. # You must first use your OS's bridging capability # to bridge the TAP interface with the ethernet # NIC interface. Then you must manually set the # IP/netmask on the bridge interface, here we # assume 10.8.0.4/255.255.255.0. Finally we # must set aside an IP range in this subnet # (start=10.8.0.50 end=10.8.0.100) to allocate # to connecting clients. Leave this line commented # out unless you are ethernet bridging. ;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100 # Configure server mode for ethernet bridging # using a DHCP-proxy, where clients talk # to the OpenVPN server-side DHCP server # to receive their IP address allocation # and DNS server addresses. You must first use # your OS's bridging capability to bridge the TAP # interface with the ethernet NIC interface. # Note: this mode only works on clients (such as # Windows), where the client-side TAP adapter is # bound to a DHCP client. ;server-bridge # Push routes to the client to allow it # to reach other private subnets behind # the server. Remember that these # private subnets will also need # to know to route the OpenVPN client # address pool (10.8.0.0/255.255.255.0) # back to the OpenVPN server. ;push "route 192.168.10.0 255.255.255.0" ;push "route 192.168.20.0 255.255.255.0" # To assign specific IP addresses to specific # clients or if a connecting client has a private # subnet behind it that should also have VPN access, # use the subdirectory "ccd" for client-specific # configuration files (see man page for more info). # EXAMPLE: Suppose the client # having the certificate common name "Thelonious" # also has a small subnet behind his connecting # machine, such as 192.168.40.128/255.255.255.248. # First, uncomment out these lines: ;client-config-dir ccd ;route 192.168.40.128 255.255.255.248 # Then create a file ccd/Thelonious with this line: # iroute 192.168.40.128 255.255.255.248 # This will allow Thelonious' private subnet to # access the VPN. This example will only work # if you are routing, not bridging, i.e. you are # using "dev tun" and "server" directives. # EXAMPLE: Suppose you want to give # Thelonious a fixed VPN IP address of 10.9.0.1. # First uncomment out these lines: ;client-config-dir ccd ;route 10.9.0.0 255.255.255.252 # Then add this line to ccd/Thelonious: # ifconfig-push 10.9.0.1 10.9.0.2 # Suppose that you want to enable different # firewall access policies for different groups # of clients. There are two methods: # (1) Run multiple OpenVPN daemons, one for each # group, and firewall the TUN/TAP interface # for each group/daemon appropriately. # (2) (Advanced) Create a script to dynamically # modify the firewall in response to access # from different clients. See man # page for more info on learn-address script. ;learn-address ./script # If enabled, this directive will configure # all clients to redirect their default # network gateway through the VPN, causing # all IP traffic such as web browsing and # and DNS lookups to go through the VPN # (The OpenVPN server machine may need to NAT # or bridge the TUN/TAP interface to the internet # in order for this to work properly). ;push "redirect-gateway def1 bypass-dhcp" # Certain Windows-specific network settings # can be pushed to clients, such as DNS # or WINS server addresses. CAVEAT: # http://openvpn.net/faq.html#dhcpcaveats # The addresses below refer to the public # DNS servers provided by opendns.com. ;push "dhcp-option DNS 208.67.222.222" ;push "dhcp-option DNS 208.67.220.220" # Uncomment this directive to allow differenta # clients to be able to "see" each other. # By default, clients will only see the server. # To force clients to only see the server, you # will also need to appropriately firewall the # server's TUN/TAP interface. ;client-to-client # Uncomment this directive if multiple clients # might connect with the same certificate/key # files or common names. This is recommended # only for testing purposes. For production use, # each client should have its own certificate/key # pair. # # IF YOU HAVE NOT GENERATED INDIVIDUAL # CERTIFICATE/KEY PAIRS FOR EACH CLIENT, # EACH HAVING ITS OWN UNIQUE "COMMON NAME", # UNCOMMENT THIS LINE OUT. ;duplicate-cn # The keepalive directive causes ping-like # messages to be sent back and forth over # the link so that each side knows when # the other side has gone down. # Ping every 10 seconds, assume that remote # peer is down if no ping received during # a 120 second time period. keepalive 10 120 # For extra security beyond that provided # by SSL/TLS, create an "HMAC firewall" # to help block DoS attacks and UDP port flooding. # # Generate with: # openvpn --genkey --secret ta.key # # The server and each client must have # a copy of this key. # The second parameter should be '0' # on the server and '1' on the clients. ;tls-auth ta.key 0 # This file is secret # Select a cryptographic cipher. # This config item must be copied to # the client config file as well. ;cipher BF-CBC # Blowfish (default) ;cipher AES-128-CBC # AES ;cipher DES-EDE3-CBC # Triple-DES # Enable compression on the VPN link. # If you enable it here, you must also # enable it in the client config file. comp-lzo # The maximum number of concurrently connected # clients we want to allow. ;max-clients 100 # It's a good idea to reduce the OpenVPN # daemon's privileges after initialization. # # You can uncomment this out on # non-Windows systems. ;user nobody ;group nobody # The persist options will try to avoid # accessing certain resources on restart # that may no longer be accessible because # of the privilege downgrade. persist-key persist-tun # Output a short status file showing # current connections, truncated # and rewritten every minute. status openvpn-status.log # By default, log messages will go to the syslog (or # on Windows, if running as a service, they will go to # the "\Program Files\OpenVPN\log" directory). # Use log or log-append to override this default. # "log" will truncate the log file on OpenVPN startup, # while "log-append" will append to it. Use one # or the other (but not both). ;log openvpn.log ;log-append openvpn.log # Set the appropriate level of log # file verbosity. # # 0 is silent, except for fatal errors # 4 is reasonable for general usage # 5 and 6 can help to debug connection problems # 9 is extremely verbose verb 3 # Silence repeating messages. At most 20 # sequential messages of the same message # category will be output to the log. ;mute 20 I have changed IP's for security

    Read the article

< Previous Page | 1 2