Проблема с OpenVPN - Сети

Ronaldinio · 14.03.2007, 19:49

Cобственно вот такая проблема у меня выделенная линия (lan) как включаю впн,то почему то через некоторое время просто проподает инет. соединение..При включение openvpn исходящие пакеты идут,но не принимаются в результате чего просто вырубается интернет. Как можно решить эту проблему?
p.s. выложил лог может кто нибудь найдёт решение этой проблемы.

Wed Mar 14 18:35:05 2007 LZO compression initialized
Wed Mar 14 18:35:05 2007 Control Channel MTU parms [ L:1544 D:168 EF:68 EB:0 ET:0 EL:0 ]
Wed Mar 14 18:35:05 2007 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Mar 14 18:35:05 2007 Local Options hash (VER=V4): 'ee93268d'
Wed Mar 14 18:35:05 2007 Expected Remote Options hash (VER=V4): 'bd577cd1'
Wed Mar 14 18:35:05 2007 Attempting to establish TCP connection with 66.79.163.14:5002
Wed Mar 14 18:35:05 2007 TCP connection established with 66.79.163.14:5002
Wed Mar 14 18:35:05 2007 TCPv4_CLIENT link local: [undef]
Wed Mar 14 18:35:05 2007 TCPv4_CLIENT link remote: 66.79.163.14:5002
Wed Mar 14 18:35:05 2007 TLS: Initial packet from 66.79.163.14:5002, sid=aab7add0 a90f0dc2
Wed Mar 14 18:35:08 2007 VERIFY OK: depth=0, /C=NE/ST=EW/L=EW_in_EW/O=VPNService/OU=VPNservice/CN=server/emailAddress=admin@vpnservice.org
Wed Mar 14 18:35:12 2007 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Mar 14 18:35:12 2007 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Mar 14 18:35:12 2007 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Mar 14 18:35:12 2007 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Mar 14 18:35:12 2007 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Wed Mar 14 18:35:12 2007 [server] Peer Connection Initiated with 66.79.163.14:5002
Wed Mar 14 18:35:13 2007 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Wed Mar 14 18:35:14 2007 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway,ping 10,ping-restart 120,route 10.8.51.1,dhcp-option DNS 10.8.0.1,redirect-gateway,ifconfig 10.8.51.150 10.8.51.149'
Wed Mar 14 18:35:14 2007 OPTIONS IMPORT: timers and/or timeouts modified
Wed Mar 14 18:35:14 2007 OPTIONS IMPORT: --ifconfig/up options modified
Wed Mar 14 18:35:14 2007 OPTIONS IMPORT: route options modified
Wed Mar 14 18:35:14 2007 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed Mar 14 18:35:14 2007 TAP-WIN32 device [Local Area Connection 6] opened: \\.\Global\{25F01E20-615D-4270-9E9A-DE199F224A50}.tap
Wed Mar 14 18:35:14 2007 TAP-Win32 Driver Version 8.1
Wed Mar 14 18:35:14 2007 TAP-Win32 MTU=1500
Wed Mar 14 18:35:14 2007 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.8.51.150/255.255.255.252 on interface {25F01E20-615D-4270-9E9A-DE199F224A50} [DHCP-serv: 10.8.51.149, lease-time: 31536000]
Wed Mar 14 18:35:14 2007 Successful ARP Flush on interface [3] {25F01E20-615D-4270-9E9A-DE199F224A50}
Wed Mar 14 18:35:14 2007 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
Wed Mar 14 18:35:14 2007 Route: Waiting for TUN/TAP interface to come up...
Wed Mar 14 18:35:15 2007 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
Wed Mar 14 18:35:15 2007 Route: Waiting for TUN/TAP interface to come up...
Wed Mar 14 18:35:16 2007 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
Wed Mar 14 18:35:16 2007 Route: Waiting for TUN/TAP interface to come up...
Wed Mar 14 18:35:17 2007 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
Wed Mar 14 18:35:17 2007 route ADD 66.79.163.14 MASK 255.255.255.255 85.29.227.254
Wed Mar 14 18:35:17 2007 Warning: route gateway is not reachable on any active network adapters: 85.29.227.254
Wed Mar 14 18:35:17 2007 Route addition via IPAPI failed
Wed Mar 14 18:35:17 2007 route DELETE 0.0.0.0 MASK 0.0.0.0 85.29.227.254
Wed Mar 14 18:35:17 2007 Warning: route gateway is not reachable on any active network adapters: 85.29.227.254
Wed Mar 14 18:35:17 2007 Route deletion via IPAPI failed
Wed Mar 14 18:35:17 2007 route ADD 0.0.0.0 MASK 0.0.0.0 10.8.51.149
Wed Mar 14 18:35:17 2007 Route addition via IPAPI succeeded
Wed Mar 14 18:35:17 2007 route ADD 10.8.51.1 MASK 255.255.255.255 10.8.51.149
Wed Mar 14 18:35:17 2007 Route addition via IPAPI succeeded
Wed Mar 14 18:35:17 2007 Initialization Sequence Completed
Wed Mar 14 18:36:03 2007 write TCPv4_CLIENT: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Mar 14 18:36:03 2007 Connection reset, restarting [-1]
Wed Mar 14 18:36:03 2007 TCP/UDP: Closing socket
Wed Mar 14 18:36:03 2007 route DELETE 10.8.51.1 MASK 255.255.255.255 10.8.51.149
Wed Mar 14 18:36:03 2007 Route deletion via IPAPI succeeded
Wed Mar 14 18:36:03 2007 route DELETE 66.79.163.14 MASK 255.255.255.255 85.29.227.254
Wed Mar 14 18:36:03 2007 Warning: route gateway is not reachable on any active network adapters: 85.29.227.254
Wed Mar 14 18:36:03 2007 Route deletion via IPAPI failed
Wed Mar 14 18:36:03 2007 route DELETE 0.0.0.0 MASK 0.0.0.0 10.8.51.149
Wed Mar 14 18:36:03 2007 Route deletion via IPAPI succeeded
Wed Mar 14 18:36:03 2007 route ADD 0.0.0.0 MASK 0.0.0.0 85.29.227.254
Wed Mar 14 18:36:03 2007 Warning: route gateway is not reachable on any active network adapters: 85.29.227.254
Wed Mar 14 18:36:03 2007 Route addition via IPAPI failed
Wed Mar 14 18:36:03 2007 Closing TUN/TAP interface
Wed Mar 14 18:36:03 2007 SIGUSR1[soft,connection-reset] received, process restarting
Wed Mar 14 18:36:03 2007 Restart pause, 5 second(s)
Wed Mar 14 18:36:08 2007 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Wed Mar 14 18:36:08 2007 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Wed Mar 14 18:36:08 2007 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Wed Mar 14 18:36:08 2007 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Mar 14 18:36:08 2007 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication

Sgt_Mitchel · 14.03.2007, 20:53

Во первых: подробней - что за система?
Во вторых: что за система выступает в роли VPN-сервера?

Бросается в глаза проблема с маршрутизацией.

Код:

route ADD 66.79.163.14 MASK 255.255.255.255 85.29.227.254
          Wed Mar 14 18:35:17 2007 Warning: route gateway is not reachable on any active network adapters: 85.29.227.254
          Wed Mar 14 18:35:17 2007 Route addition via IPAPI failed

И откуда берется

Код:

Wed Mar 14 18:35:17 2007 route ADD 10.8.51.1 MASK 255.255.255.255 10.8.51.149

?

В третьих - таблицу марщрутов до и после поднятия VPN в студию

Jaded · 21.02.2010, 12:38

Доброго времени суток!
Вопрос в следующем: есть OpenVPN 2.1_rc22 Client установлен в системе Win7, необходимо организовать автологин для сабжа, т.е. чтобы при старте OpenVPN автоматически коннектился и не запрашивал имя/пароль. В нэте поискал пока ответа не нашел...

14.03.2007, 19:49	# 1
Ronaldinio Full Member Регистрация: 26.08.2002 Адрес: Estonia Сообщения: 654	Проблема с OpenVPN Cобственно вот такая проблема у меня выделенная линия (lan) как включаю впн,то почему то через некоторое время просто проподает инет. соединение..При включение openvpn исходящие пакеты идут,но не принимаются в результате чего просто вырубается интернет. Как можно решить эту проблему? p.s. выложил лог может кто нибудь найдёт решение этой проблемы. Wed Mar 14 18:35:05 2007 LZO compression initialized Wed Mar 14 18:35:05 2007 Control Channel MTU parms [ L:1544 D:168 EF:68 EB:0 ET:0 EL:0 ] Wed Mar 14 18:35:05 2007 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ] Wed Mar 14 18:35:05 2007 Local Options hash (VER=V4): 'ee93268d' Wed Mar 14 18:35:05 2007 Expected Remote Options hash (VER=V4): 'bd577cd1' Wed Mar 14 18:35:05 2007 Attempting to establish TCP connection with 66.79.163.14:5002 Wed Mar 14 18:35:05 2007 TCP connection established with 66.79.163.14:5002 Wed Mar 14 18:35:05 2007 TCPv4_CLIENT link local: [undef] Wed Mar 14 18:35:05 2007 TCPv4_CLIENT link remote: 66.79.163.14:5002 Wed Mar 14 18:35:05 2007 TLS: Initial packet from 66.79.163.14:5002, sid=aab7add0 a90f0dc2 Wed Mar 14 18:35:08 2007 VERIFY OK: depth=0, /C=NE/ST=EW/L=EW_in_EW/O=VPNService/OU=VPNservice/CN=server/emailAddress=admin@vpnservice.org Wed Mar 14 18:35:12 2007 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Wed Mar 14 18:35:12 2007 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Wed Mar 14 18:35:12 2007 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Wed Mar 14 18:35:12 2007 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Wed Mar 14 18:35:12 2007 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA Wed Mar 14 18:35:12 2007 [server] Peer Connection Initiated with 66.79.163.14:5002 Wed Mar 14 18:35:13 2007 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) Wed Mar 14 18:35:14 2007 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway,ping 10,ping-restart 120,route 10.8.51.1,dhcp-option DNS 10.8.0.1,redirect-gateway,ifconfig 10.8.51.150 10.8.51.149' Wed Mar 14 18:35:14 2007 OPTIONS IMPORT: timers and/or timeouts modified Wed Mar 14 18:35:14 2007 OPTIONS IMPORT: --ifconfig/up options modified Wed Mar 14 18:35:14 2007 OPTIONS IMPORT: route options modified Wed Mar 14 18:35:14 2007 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Wed Mar 14 18:35:14 2007 TAP-WIN32 device [Local Area Connection 6] opened: \\.\Global\{25F01E20-615D-4270-9E9A-DE199F224A50}.tap Wed Mar 14 18:35:14 2007 TAP-Win32 Driver Version 8.1 Wed Mar 14 18:35:14 2007 TAP-Win32 MTU=1500 Wed Mar 14 18:35:14 2007 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.8.51.150/255.255.255.252 on interface {25F01E20-615D-4270-9E9A-DE199F224A50} [DHCP-serv: 10.8.51.149, lease-time: 31536000] Wed Mar 14 18:35:14 2007 Successful ARP Flush on interface [3] {25F01E20-615D-4270-9E9A-DE199F224A50} Wed Mar 14 18:35:14 2007 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down Wed Mar 14 18:35:14 2007 Route: Waiting for TUN/TAP interface to come up... Wed Mar 14 18:35:15 2007 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down Wed Mar 14 18:35:15 2007 Route: Waiting for TUN/TAP interface to come up... Wed Mar 14 18:35:16 2007 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down Wed Mar 14 18:35:16 2007 Route: Waiting for TUN/TAP interface to come up... Wed Mar 14 18:35:17 2007 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up Wed Mar 14 18:35:17 2007 route ADD 66.79.163.14 MASK 255.255.255.255 85.29.227.254 Wed Mar 14 18:35:17 2007 Warning: route gateway is not reachable on any active network adapters: 85.29.227.254 Wed Mar 14 18:35:17 2007 Route addition via IPAPI failed Wed Mar 14 18:35:17 2007 route DELETE 0.0.0.0 MASK 0.0.0.0 85.29.227.254 Wed Mar 14 18:35:17 2007 Warning: route gateway is not reachable on any active network adapters: 85.29.227.254 Wed Mar 14 18:35:17 2007 Route deletion via IPAPI failed Wed Mar 14 18:35:17 2007 route ADD 0.0.0.0 MASK 0.0.0.0 10.8.51.149 Wed Mar 14 18:35:17 2007 Route addition via IPAPI succeeded Wed Mar 14 18:35:17 2007 route ADD 10.8.51.1 MASK 255.255.255.255 10.8.51.149 Wed Mar 14 18:35:17 2007 Route addition via IPAPI succeeded Wed Mar 14 18:35:17 2007 Initialization Sequence Completed Wed Mar 14 18:36:03 2007 write TCPv4_CLIENT: Connection reset by peer (WSAECONNRESET) (code=10054) Wed Mar 14 18:36:03 2007 Connection reset, restarting [-1] Wed Mar 14 18:36:03 2007 TCP/UDP: Closing socket Wed Mar 14 18:36:03 2007 route DELETE 10.8.51.1 MASK 255.255.255.255 10.8.51.149 Wed Mar 14 18:36:03 2007 Route deletion via IPAPI succeeded Wed Mar 14 18:36:03 2007 route DELETE 66.79.163.14 MASK 255.255.255.255 85.29.227.254 Wed Mar 14 18:36:03 2007 Warning: route gateway is not reachable on any active network adapters: 85.29.227.254 Wed Mar 14 18:36:03 2007 Route deletion via IPAPI failed Wed Mar 14 18:36:03 2007 route DELETE 0.0.0.0 MASK 0.0.0.0 10.8.51.149 Wed Mar 14 18:36:03 2007 Route deletion via IPAPI succeeded Wed Mar 14 18:36:03 2007 route ADD 0.0.0.0 MASK 0.0.0.0 85.29.227.254 Wed Mar 14 18:36:03 2007 Warning: route gateway is not reachable on any active network adapters: 85.29.227.254 Wed Mar 14 18:36:03 2007 Route addition via IPAPI failed Wed Mar 14 18:36:03 2007 Closing TUN/TAP interface Wed Mar 14 18:36:03 2007 SIGUSR1[soft,connection-reset] received, process restarting Wed Mar 14 18:36:03 2007 Restart pause, 5 second(s) Wed Mar 14 18:36:08 2007 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Wed Mar 14 18:36:08 2007 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Wed Mar 14 18:36:08 2007 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file Wed Mar 14 18:36:08 2007 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Wed Mar 14 18:36:08 2007 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication __________________ note.

14.03.2007, 20:53	# 2
Sgt_Mitchel Junior Member Регистрация: 13.01.2003 Адрес: Ukraine Сообщения: 83	Во первых: подробней - что за система? Во вторых: что за система выступает в роли VPN-сервера? Бросается в глаза проблема с маршрутизацией. Код: route ADD 66.79.163.14 MASK 255.255.255.255 85.29.227.254 Wed Mar 14 18:35:17 2007 Warning: route gateway is not reachable on any active network adapters: 85.29.227.254 Wed Mar 14 18:35:17 2007 Route addition via IPAPI failed И откуда берется Код: Wed Mar 14 18:35:17 2007 route ADD 10.8.51.1 MASK 255.255.255.255 10.8.51.149 ? В третьих - таблицу марщрутов до и после поднятия VPN в студию __________________ Imagine, there is no spoon...

21.02.2010, 12:38	# 3
Jaded Moderator Регистрация: 02.11.2002 Адрес: -=Ейск=- Пол: Male Сообщения: 1 752	Доброго времени суток! Вопрос в следующем: есть OpenVPN 2.1_rc22 Client установлен в системе Win7, необходимо организовать автологин для сабжа, т.е. чтобы при старте OpenVPN автоматически коннектился и не запрашивал имя/пароль. В нэте поискал пока ответа не нашел... __________________ Потер старик рыбке спинку, вылез из рыбки джинн, дал старику по тыкве и отпустило старика... Последний раз редактировалось Jaded; 21.02.2010 в 12:57.