|
List Info
Thread: version 0.0b
|
|
| version 0.0b |
|
2006-12-07 06:47:10 |
Olivier Blanc wrote:
> I found some huge bugs, specially on nurbs callback.
> Here is a new version with one more example.
>
> By the way, should I continue to post some new versions
? Are you
> interested by this module ?
Yes. I suggest though that you post the versions to a web
site, and
just post the link here.
Paolo
_______________________________________________
help-smalltalk mailing list
help-smalltalk gnu.org
http://lists.gnu.org/mailman/listinfo/help-smalltalk
|
|
| newbie - vpn connected, however
resources not accessable |
|
2006-12-07 07:47:53 |
|
| Hi,
i'am new on openvpn and i
already have this problem and i have found my solution in that howto:
Juste do that and it will
word. You have to use client-config-dir...
Sorry for my english but i'm
french!
Ludovic.
|
Original
Message |
processed by David
InfoCenter |
|
Subject: |
[Openvpn-users] newbie - vpn connected,
however resources not accessable (07-déc.-2006 2:40) |
|
From: ; |
|
|
To: ; |
|
Good day, I have just ventured into the openvpn territory,
and have a connection working, however any resources I try to access are not
working....
This is a long post due to config and log
info...
Setup:
-linux firewall/vpn server (centos 4.4 latest
patches)
-openvpn-2.0.7
-win xp sp2 client, using the gui installer from
openvpn.se
Server config file (trimmed
to uncommented config for length):
-all other things are commented out
(assuming defaults)
port 1194
proto udp
dev tun
ca
/etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key
/etc/openvpn/keys/server.key
dh /etc/openvpn/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist
ipp.txt
push "route 192.168.90.0 255.255.255.0"
keepalive 10
120
comp-lzo
user nobody
group
nobody
persist-key
persist-tun
verb 3
Clientconfig file
(trimmed to uncommented config for length):
-all other things are commented
out (assuming defaults)
client
dev tun
dev-node vpn
proto
udp
remote xxx.xxx.xxx.xxx 1194
resolv-retry
infinite
nobind
persist-key
persist-tun
ca c:\vpn\ca.crt
cert
c:\vpn\client.crt
key c:\vpn\client.key
comp-lzo
verb 3
I
then start the vpn server with:
openvpn server.conf
Wed Dec 6
16:03:48 2006 OpenVPN 2.0.7 i386-redhat-linux-gnu [SSL] [LZO] [EPOLL] built on
Apr 29 2006
Wed Dec 6 16:03:48 2006 Diffie-Hellman initialized with
1024 bit key
Wed Dec 6 16:03:48 2006 TLS-Auth MTU parms [ L:1542
D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed Dec 6 16:03:48 2006 TUN/TAP device
tun0 opened
Wed Dec 6 16:03:48 2006 /sbin/ip link set dev tun0 up mtu
1500
Wed Dec 6 16:03:48 2006 /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
Wed Dec 6 16:03:48 2006 /sbin/ip
route add 10.8.0.0/24 via 10.8.0.2
Wed Dec 6 16:03:48 2006 Data
Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed
Dec 6 16:03:48 2006 GID set to nobody
Wed Dec 6 16:03:48 2006
UID set to nobody
Wed Dec 6 16:03:48 2006 UDPv4 link local (bound):
[undef]:1194
Wed Dec 6 16:03:48 2006 UDPv4 link remote:
[undef]
Wed Dec 6 16:03:48 2006 MULTI: multi_init called, r=256
v=256
Wed Dec 6 16:03:48 2006 IFCONFIG POOL: base=10.8.0.4 size=62
Wed Dec 6 16:03:48 2006
IFCONFIG POOL LIST
Wed Dec 6 16:03:48 2006 dkrysak,10.8.0.4
Wed Dec 6 16:03:48 2006
Initialization Sequence Completed
Which looks ok to me.
Then I
connect the client by:
openvpn client.ovpn
Wed Dec 06 16:44:32 2006
OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct 1 2006
Wed Dec 06
16:44:32 2006 IMPORTANT: OpenVPN's default port number is now 1194, based on
an official port number assignment by IANA. ; OpenVPN 2.0-beta16 and
earlier used 5000 as the default port.
Wed Dec 06 16:44:32 2006 WARNING: No
server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm
for more info.
Wed Dec 06 16:44:32 2006 LZO compression
initialized
Wed Dec 06 16:44:32 2006 Control Channel MTU parms [ L:1542
D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed Dec 06 16:44:32 2006 Data Channel MTU
parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Dec 06 16:44:32
2006 Local Options hash (VER=V4): '41690919'
Wed Dec 06 16:44:32 2006
Expected Remote Options hash (VER=V4): '530fdded'
Wed Dec 06 16:44:32 2006
UDPv4 link local: [undef]
Wed Dec 06 16:44:32 2006 UDPv4 link remote:
xxx.xxx.xxx.xxx:1194
Wed Dec 06 16:44:32 2006 TLS: Initial packet from
xxx.xxx.xxx.xxx:1194, sid=1d523b5f 31ebc4ac
Wed Dec 06 16:44:32 2006 VERIFY
OK: depth=1, /C=CA/ST=BC/L=Vancouver/O=xxxxxx/OU=IT/emailAddress=xxxxx.com"> supportxxxxx.com
Wed Dec 06 16:44:32
2006 VERIFY OK: depth=0, /C=CA/ST=BC/O=xxxxxx/OU=IT/CN=server/emailAddress=xxxxx.com">supportxxxxx.com
Wed Dec 06 16:44:32
2006 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Dec 06 16:44:32 2006 Data Channel Encrypt: Using 160 bit message hash
'SHA1' for HMAC authentication
Wed Dec 06 16:44:32 2006 Data Channel
Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Dec 06 16:44:32
2006 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC
authentication
Wed Dec 06 16:44:32 2006 Control Channel: TLSv1, cipher
TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Wed Dec 06 16:44:32 2006
[server] Peer Connection Initiated with 204.244.249.170:1194
Wed Dec 06
16:44:33 2006 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Wed Dec 06
16:44:33 2006 PUSH: Received control message: 'PUSH_REPLY,route 192.168.90.0 255.255.255.0,route 10.8.0.1,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Wed Dec 06 16:44:33 2006 OPTIONS
IMPORT: timers and/or timeouts modified
Wed Dec 06 16:44:33 2006 OPTIONS
IMPORT: --ifconfig/up options modified
Wed Dec 06 16:44:33 2006 OPTIONS
IMPORT: route options modified
Wed Dec 06 16:44:33 2006 TAP-WIN32 device
[vpn] opened: \.Global{676A55EB-21B7-426A-95DA-D2C2024B5A95}.tap
Wed
Dec 06 16:44:33 2006 TAP-Win32 Driver Version 8.4
Wed Dec 06 16:44:33 2006
TAP-Win32 MTU=1500
Wed Dec 06 16:44:33 2006 Notified TAP-Win32 driver to
set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on
interface {676A55EB-21B7-426A-95DA-D2C2024B5A95} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
Wed Dec 06
16:44:33 2006 Successful ARP Flush on interface [65540]
{676A55EB-21B7-426A-95DA-D2C2024B5A95}
Wed Dec 06 16:44:33 2006 TEST
ROUTES: 0/0 succeeded len=2 ret=0 a=0 u/d=down
Wed Dec 06 16:44:33 2006
Route: Waiting for TUN/TAP interface to come up...
Wed Dec 06 16:44:35 2006
TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0 u/d=down
Wed Dec 06 16:44:35
2006 Route: Waiting for TUN/TAP interface to come up...
Wed Dec 06 16:44:36
2006 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0 u/d=down
Wed Dec 06
16:44:36 2006 Route: Waiting for TUN/TAP interface to come up...
Wed Dec
06 16:44:37 2006 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0 u/d=down
Wed
Dec 06 16:44:37 2006 Route: Waiting for TUN/TAP interface to come up...
Wed
Dec 06 16:44:38 2006 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0 u/d=down
Wed Dec 06 16:44:38 2006 Route: Waiting for TUN/TAP interface to come
up...
Wed Dec 06 16:44:40 2006 TEST ROUTES: 2/2 succeeded len=2 ret=1 a=0
u/d=up
Wed Dec 06 16:44:40 2006 route ADD 192.168.90.0 MASK 255.255.255.0 10.8.0.5
Wed Dec 06 16:44:40 2006 Route
addition via IPAPI succeeded
Wed Dec 06 16:44:40 2006 route ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.5
Wed Dec 06 16:44:40 2006 Route
addition via IPAPI succeeded
Wed Dec 06 16:44:40 2006 Initialization
Sequence Completed
That too looks good to me.
Now server side
it had appended to the console:
Wed Dec 6 16:05:11 2006 MULTI:
multi_create_instance called
Wed Dec 6 16:05:11 2006
xxx.xxx.xxx.xxx:1250 Re-using SSL/TLS context
Wed Dec 6 16:05:11
2006 xxx.xxx.xxx.xxx:1250 LZO compression initialized
Wed Dec 6
16:05:11 2006 xxx.xxx.xxx.xxx:1250 Control Channel MTU parms [ L:1542 D:138
EF:38 EB:0 ET:0 EL:0 ]
Wed Dec 6 16:05:11 2006 xxx.xxx.xxx.xxx :1250
Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed
Dec 6 16:05:11 2006 xxx.xxx.xxx.xxx:1250 Local Options hash (VER=V4):
'530fdded'
Wed Dec 6 16:05:11 2006 xxx.xxx.xxx.xxx:1250 Expected
Remote Options hash (VER=V4): '41690919'
Wed Dec 6 16:05:11 2006
xxx.xxx.xxx.xxx:1250 TLS: Initial packet from xxx.xxx.xxx.xxx:1250,
sid=6d52a90f f29e6e6c
Wed Dec 6 16:05:11 2006 xxx.xxx.xxx.xxx:1250
VERIFY OK: depth=1, /C=CA/ST=BC/L=Vancouver/O=xxxxx/OU=IT/emailAddress= xxxxx.com">supportxxxxx.com
Wed Dec 6
16:05:11 2006 xxx.xxx.xxx.xxx:1250 VERIFY OK: depth=0,
/C=CA/ST=BC/O=xxxx/CN=dkrysak/emailAddress=xxxxx.com">supportxxxxx.com
Wed Dec 6
16:05:11 2006 xxx.xxx.xxx.xxx:1250 Data Channel Encrypt: Cipher 'BF-CBC'
initialized with 128 bit key
Wed Dec 6 16:05:11 2006
xxx.xxx.xxx.xxx:1250 Data Channel Encrypt: Using 160 bit message hash 'SHA1'
for HMAC authentication
Wed Dec 6 16:05:11 2006 xxx.xxx.xxx.xxx:1250
Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed
Dec 6 16:05:11 2006 xxx.xxx.xxx.xxx:1250 Data Channel Decrypt: Using 160
bit message hash 'SHA1' for HMAC authentication
Wed Dec 6 16:05:11
2006 xxx.xxx.xxx.xxx:1250 Control Channel: TLSv1, cipher TLSv1/SSLv3
DHE-RSA-AES256-SHA, 1024 bit RSA
Wed Dec 6 16:05:11 2006
xxx.xxx.xxx.xxx:1250 [dkrysak] Peer Connection Initiated with xxx.xxx.xxx.xxx
:1250
Wed Dec 6 16:05:11 2006 dkrysak/xxx.xxx.xxx.xxx:1250 MULTI:
Learn: 10.8.0.6 ->
dkrysak/xxx.xxx.xxx.xxx:1250
Wed Dec 6 16:05:11 2006
dkrysak/xxx.xxx.xxx.xxx:1250 MULTI: primary virtual IP for
dkrysak/xxx.xxx.xxx.xxx:1250: 10.8.0.6
Wed
Dec 6 16:05:12 2006 dkrysak/xxx.xxx.xxx.xxx:1250 PUSH: Received control
message: 'PUSH_REQUEST'
Wed Dec 6 16:05:12 2006
dkrysak/xxx.xxx.xxx.xxx:1250 SENT CONTROL [dkrysak]: 'PUSH_REPLY,route 192.168.90.0 255.255.255.0,route 10.8.0.1,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
(status=1)
Wed Dec 6 16:05:22 2006 read UDPv4 [ECONNREFUSED]:
Connection refused (code=111)
Wed Dec 6 16:05:32 2006 read UDPv4
[ECONNREFUSED]: Connection refused (code=111)
Wed Dec 6 16:05:42 2006
read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Wed Dec 6
16:05:53 2006 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Wed
Dec 6 16:05:53 2006 MULTI: multi_create_instance called
Wed Dec
6 16:05:53 2006 xxx.xxx.xxx.xxx:1268 Re-using SSL/TLS context
Wed
Dec 6 16:05:53 2006 xxx.xxx.xxx.xxx:1268 LZO compression
initialized
Wed Dec 6 16:05:53 2006 xxx.xxx.xxx.xxx:1268 Control
Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed Dec 6
16:05:53 2006 xxx.xxx.xxx.xxx :1268 Data Channel MTU parms [ L:1542 D:1450
EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Dec 6 16:05:53 2006
xxx.xxx.xxx.xxx:1268 Local Options hash (VER=V4): '530fdded'
Wed Dec
6 16:05:53 2006 xxx.xxx.xxx.xxx:1268 Expected Remote Options hash (VER=V4):
'41690919'
Wed Dec 6 16:05:53 2006 xxx.xxx.xxx.xxx:1268 TLS: Initial
packet from xxx.xxx.xxx.xxx:1268, sid=30b1de58 5efd5dfe
Wed Dec 6
16:05:54 2006 xxx.xxx.xxx.xxx:1268 VERIFY OK: depth=1,
/C=CA/ST=BC/L=Vancouver/O=xxxxx/OU=IT/emailAddress= xxxxx.com">supportxxxxx.com
Wed Dec 6
16:05:54 2006 xxx.xxx.xxx.xxx:1268 VERIFY OK: depth=0,
/C=CA/ST=BC/O=xxxxx/C | |