VPN sous OpenSUSE 11.1 - Sécurité - Systèmes & Réseaux Pro
MarshPosté le 06-11-2009 à 15:19:27
Bonjour à tous,
J'ai essayer de faire un VPN entre deux réseau avec 2 routeur Zyxel 2 plus sous OpenSUSE avec OpenVPN. Coter serveur, openvpn se lance sans soucis en créant une interface TUN comme demander. Mais du coter de mon client qui est sur Windows XP, impossible de faire la connexion...des lignes tourne en boucle comme ceci losque j'essaye de lancer la connexion
Tue Dec 01 15:04:00 2009 us=225131 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct 1 2006 Tue Dec 01 15:04:00 2009 us=225361 WE_INIT maxevents=4 flags=0x00000002 Tue Dec 01 15:04:00 2009 us=225383 WE_INIT maxevents=4 capacity=8 Tue Dec 01 15:04:00 2009 us=228058 LZO compression initialized Tue Dec 01 15:04:00 2009 us=228105 MTU DYNAMIC mtu=0, flags=1, 0 -> 138 Tue Dec 01 15:04:00 2009 us=228260 PID packet_id_init seq_backtrack=64 time_backtrack=15 Tue Dec 01 15:04:00 2009 us=228432 PID packet_id_init seq_backtrack=64 time_backtrack=15 Tue Dec 01 15:04:01 2009 us=9674 PID packet_id_init seq_backtrack=64 time_backtrack=15 Tue Dec 01 15:04:01 2009 us=9798 PID packet_id_init seq_backtrack=64 time_backtrack=15 Tue Dec 01 15:04:01 2009 us=9833 Control Channel MTU parms [ L:1558 D:138 EF:38 EB:0 ET:0 EL:0 ] Tue Dec 01 15:04:01 2009 us=9878 MTU DYNAMIC mtu=1450, flags=2, 1558 -> 1450 Tue Dec 01 15:04:01 2009 us=9907 REMOTE_LIST len=1 current=0 Tue Dec 01 15:04:01 2009 us=9925 [0] 192.168.1.10:1595 Tue Dec 01 15:04:01 2009 us=11674 RESOLVE_REMOTE flags=0x0001 phase=1 rrs=0 sig=-1 status=1 Tue Dec 01 15:04:01 2009 us=11718 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ] Tue Dec 01 15:04:01 2009 us=11785 Local Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client' Tue Dec 01 15:04:01 2009 us=11810 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-server' Tue Dec 01 15:04:01 2009 us=739180 Local Options hash (VER=V4): '66096c33' Tue Dec 01 15:04:01 2009 us=739227 Expected Remote Options hash (VER=V4): '691e95c7' Tue Dec 01 15:04:01 2009 us=739303 Socket Buffers: R=[8192->8192] S=[8192->8192] Tue Dec 01 15:04:01 2009 us=739340 UDPv4 link local: [undef] Tue Dec 01 15:04:01 2009 us=739361 UDPv4 link remote: 192.168.1.10:1595 Tue Dec 01 15:04:01 2009 us=739390 TIMER: coarse timer wakeup 1 seconds Tue Dec 01 15:04:01 2009 us=739430 ACK mark active outgoing ID 0 Tue Dec 01 15:04:01 2009 us=739458 ACK reliable_can_send active=1 current=1 : [1] 0 Tue Dec 01 15:04:01 2009 us=739478 ACK reliable_send ID 0 (size=4 to=2) Tue Dec 01 15:04:01 2009 us=739504 ACK reliable_send_timeout 2 [1] 0 Tue Dec 01 15:04:01 2009 us=739530 RANDOM USEC=54470 Tue Dec 01 15:04:01 2009 us=739557 WE_CTL n=0 ev=0x00469984 rwflags=0x0001 arg=0x00453560 Tue Dec 01 15:04:02 2009 us=432271 WE_CTL n=1 ev=0x009e58d4 rwflags=0x0003 arg=0x00453558 Tue Dec 01 15:04:02 2009 us=432314 I/O WAIT T?|T?|SR1|SW0 [1/54470] Tue Dec 01 15:04:02 2009 us=432337 WE_WAIT enter n=3 to=1054 Tue Dec 01 15:04:02 2009 us=432357 [0] ev=0x00000758 rwflags=0x0001 arg=0x00453560 Tue Dec 01 15:04:02 2009 us=432377 [1] ev=0x00000750 rwflags=0x0002 arg=0x00453558 Tue Dec 01 15:04:02 2009 us=432399 [2] ev=0x00000760 rwflags=0x0001 arg=0x00453558 Tue Dec 01 15:04:02 2009 us=432429 WE_WAIT leave [1,0] rwflags=0x0002 arg=0x00453558 Tue Dec 01 15:04:02 2009 us=432452 WE_WAIT leave [2,1] rwflags=0x0001 arg=0x00453558 Tue Dec 01 15:04:02 2009 us=432472 I/O WAIT status=0x0003 Tue Dec 01 15:04:02 2009 us=432517 UDPv4 WRITE [14] to 192.168.1.10:1595: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0 Tue Dec 01 15:04:02 2009 us=720969 TIMER: coarse timer wakeup 1 seconds Tue Dec 01 15:04:02 2009 us=721023 ACK reliable_can_send active=1 current=0 : [1] 0 Tue Dec 01 15:04:03 2009 us=169566 SSL state (connect): before/connect initialization Tue Dec 01 15:04:03 2009 us=169650 SSL state (connect): SSLv3 write client hello A Tue Dec 01 15:04:03 2009 us=169681 ACK reliable_send_timeout 1 [1] 0 Tue Dec 01 15:04:03 2009 us=169708 WE_CTL n=0 ev=0x00469984 rwflags=0x0001 arg=0x00453560 Tue Dec 01 15:04:03 2009 us=169733 WE_CTL n=1 ev=0x009e58d4 rwflags=0x0001 arg=0x00453558 Tue Dec 01 15:04:03 2009 us=169764 I/O WAIT T?|T?|SR1|Sw1 [1/54470] Tue Dec 01 15:04:03 2009 us=169786 WE_WAIT enter n=2 to=1054 Tue Dec 01 15:04:03 2009 us=169806 [0] ev=0x00000758 rwflags=0x0001 arg=0x00453560 Tue Dec 01 15:04:03 2009 us=169828 [1] ev=0x00000760 rwflags=0x0001 arg=0x00453558 Tue Dec 01 15:04:03 2009 us=169857 WE_WAIT leave [1,0] rwflags=0x0001 arg=0x00453558 Tue Dec 01 15:04:03 2009 us=169876 I/O WAIT status=0x0001 Tue Dec 01 15:04:03 2009 us=169904 UDPv4 READ [-1] from [undef]: DATA UNDEF len=-1 Tue Dec 01 15:04:03 2009 us=169930 ACK reliable_can_send active=1 current=0 : [1] 0 Tue Dec 01 15:04:03 2009 us=847483 ACK reliable_send_timeout 0 [1] 0 Tue Dec 01 15:04:03 2009 us=847520 WE_CTL n=0 ev=0x00469984 rwflags=0x0001 arg=0x00453560 Tue Dec 01 15:04:03 2009 us=847568 WE_CTL n=1 ev=0x009e58d4 rwflags=0x0001 arg=0x00453558 Tue Dec 01 15:04:03 2009 us=847599 I/O WAIT T?|T?|SRQ|Sw1 [1/54470] Tue Dec 01 15:04:03 2009 us=847622 WE_WAIT enter n=2 to=1054 Tue Dec 01 15:04:03 2009 us=847642 [0] ev=0x00000758 rwflags=0x0001 arg=0x00453560 Tue Dec 01 15:04:03 2009 us=847663 [1] ev=0x00000760 rwflags=0x0001 arg=0x00453558 Tue Dec 01 15:04:04 2009 us=908372 I/O WAIT status=0x0020 Tue Dec 01 15:04:04 2009 us=908416 TIMER: coarse timer wakeup 1 seconds Tue Dec 01 15:04:04 2009 us=908448 ACK reliable_can_send active=1 current=1 : [1] 0 Tue Dec 01 15:04:04 2009 us=908468 ACK reliable_send ID 0 (size=4 to=2) Tue Dec 01 15:04:04 2009 us=908492 ACK reliable_send_timeout 2 [1] 0 Tue Dec 01 15:04:04 2009 us=908516 WE_CTL n=0 ev=0x00469984 rwflags=0x0001 arg=0x00453560 Tue Dec 01 15:04:04 2009 us=908539 WE_CTL n=1 ev=0x009e58d4 rwflags=0x0003 arg=0x00453558 Tue Dec 01 15:04:04 2009 us=908570 I/O WAIT T?|T?|SRQ|SW1 [1/54470] Tue Dec 01 15:04:04 2009 us=908592 WE_WAIT enter n=3 to=1054 Tue Dec 01 15:04:04 2009 us=908613 [0] ev=0x00000758 rwflags=0x0001 arg=0x00453560 Tue Dec 01 15:04:04 2009 us=908634 [1] ev=0x00000750 rwflags=0x0002 arg=0x00453558 Tue Dec 01 15:04:04 2009 us=908654 [2] ev=0x00000760 rwflags=0x0001 arg=0x00453558 Tue Dec 01 15:04:04 2009 us=908683 WE_WAIT leave [1,0] rwflags=0x0002 arg=0x00453558 Tue Dec 01 15:04:04 2009 us=908703 I/O WAIT status=0x0002
Marsh Posté le 06-11-2009 à 15:19:27
Bonjour à tous,
J'ai essayer de faire un VPN entre deux réseau avec 2 routeur Zyxel 2 plus sous OpenSUSE avec OpenVPN. Coter serveur, openvpn se lance sans soucis en créant une interface TUN comme demander. Mais du coter de mon client qui est sur Windows XP, impossible de faire la connexion...des lignes tourne en boucle comme ceci losque j'essaye de lancer la connexion
Tue Dec 01 15:04:00 2009 us=225131 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct 1 2006
Tue Dec 01 15:04:00 2009 us=225361 WE_INIT maxevents=4 flags=0x00000002
Tue Dec 01 15:04:00 2009 us=225383 WE_INIT maxevents=4 capacity=8
Tue Dec 01 15:04:00 2009 us=228058 LZO compression initialized
Tue Dec 01 15:04:00 2009 us=228105 MTU DYNAMIC mtu=0, flags=1, 0 -> 138
Tue Dec 01 15:04:00 2009 us=228260 PID packet_id_init seq_backtrack=64 time_backtrack=15
Tue Dec 01 15:04:00 2009 us=228432 PID packet_id_init seq_backtrack=64 time_backtrack=15
Tue Dec 01 15:04:01 2009 us=9674 PID packet_id_init seq_backtrack=64 time_backtrack=15
Tue Dec 01 15:04:01 2009 us=9798 PID packet_id_init seq_backtrack=64 time_backtrack=15
Tue Dec 01 15:04:01 2009 us=9833 Control Channel MTU parms [ L:1558 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Dec 01 15:04:01 2009 us=9878 MTU DYNAMIC mtu=1450, flags=2, 1558 -> 1450
Tue Dec 01 15:04:01 2009 us=9907 REMOTE_LIST len=1 current=0
Tue Dec 01 15:04:01 2009 us=9925 [0] 192.168.1.10:1595
Tue Dec 01 15:04:01 2009 us=11674 RESOLVE_REMOTE flags=0x0001 phase=1 rrs=0 sig=-1 status=1
Tue Dec 01 15:04:01 2009 us=11718 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Dec 01 15:04:01 2009 us=11785 Local Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Tue Dec 01 15:04:01 2009 us=11810 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue Dec 01 15:04:01 2009 us=739180 Local Options hash (VER=V4): '66096c33'
Tue Dec 01 15:04:01 2009 us=739227 Expected Remote Options hash (VER=V4): '691e95c7'
Tue Dec 01 15:04:01 2009 us=739303 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Dec 01 15:04:01 2009 us=739340 UDPv4 link local: [undef]
Tue Dec 01 15:04:01 2009 us=739361 UDPv4 link remote: 192.168.1.10:1595
Tue Dec 01 15:04:01 2009 us=739390 TIMER: coarse timer wakeup 1 seconds
Tue Dec 01 15:04:01 2009 us=739430 ACK mark active outgoing ID 0
Tue Dec 01 15:04:01 2009 us=739458 ACK reliable_can_send active=1 current=1 : [1] 0
Tue Dec 01 15:04:01 2009 us=739478 ACK reliable_send ID 0 (size=4 to=2)
Tue Dec 01 15:04:01 2009 us=739504 ACK reliable_send_timeout 2 [1] 0
Tue Dec 01 15:04:01 2009 us=739530 RANDOM USEC=54470
Tue Dec 01 15:04:01 2009 us=739557 WE_CTL n=0 ev=0x00469984 rwflags=0x0001 arg=0x00453560
Tue Dec 01 15:04:02 2009 us=432271 WE_CTL n=1 ev=0x009e58d4 rwflags=0x0003 arg=0x00453558
Tue Dec 01 15:04:02 2009 us=432314 I/O WAIT T?|T?|SR1|SW0 [1/54470]
Tue Dec 01 15:04:02 2009 us=432337 WE_WAIT enter n=3 to=1054
Tue Dec 01 15:04:02 2009 us=432357 [0] ev=0x00000758 rwflags=0x0001 arg=0x00453560
Tue Dec 01 15:04:02 2009 us=432377 [1] ev=0x00000750 rwflags=0x0002 arg=0x00453558
Tue Dec 01 15:04:02 2009 us=432399 [2] ev=0x00000760 rwflags=0x0001 arg=0x00453558
Tue Dec 01 15:04:02 2009 us=432429 WE_WAIT leave [1,0] rwflags=0x0002 arg=0x00453558
Tue Dec 01 15:04:02 2009 us=432452 WE_WAIT leave [2,1] rwflags=0x0001 arg=0x00453558
Tue Dec 01 15:04:02 2009 us=432472 I/O WAIT status=0x0003
Tue Dec 01 15:04:02 2009 us=432517 UDPv4 WRITE [14] to 192.168.1.10:1595: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
Tue Dec 01 15:04:02 2009 us=720969 TIMER: coarse timer wakeup 1 seconds
Tue Dec 01 15:04:02 2009 us=721023 ACK reliable_can_send active=1 current=0 : [1] 0
Tue Dec 01 15:04:03 2009 us=169566 SSL state (connect): before/connect initialization
Tue Dec 01 15:04:03 2009 us=169650 SSL state (connect): SSLv3 write client hello A
Tue Dec 01 15:04:03 2009 us=169681 ACK reliable_send_timeout 1 [1] 0
Tue Dec 01 15:04:03 2009 us=169708 WE_CTL n=0 ev=0x00469984 rwflags=0x0001 arg=0x00453560
Tue Dec 01 15:04:03 2009 us=169733 WE_CTL n=1 ev=0x009e58d4 rwflags=0x0001 arg=0x00453558
Tue Dec 01 15:04:03 2009 us=169764 I/O WAIT T?|T?|SR1|Sw1 [1/54470]
Tue Dec 01 15:04:03 2009 us=169786 WE_WAIT enter n=2 to=1054
Tue Dec 01 15:04:03 2009 us=169806 [0] ev=0x00000758 rwflags=0x0001 arg=0x00453560
Tue Dec 01 15:04:03 2009 us=169828 [1] ev=0x00000760 rwflags=0x0001 arg=0x00453558
Tue Dec 01 15:04:03 2009 us=169857 WE_WAIT leave [1,0] rwflags=0x0001 arg=0x00453558
Tue Dec 01 15:04:03 2009 us=169876 I/O WAIT status=0x0001
Tue Dec 01 15:04:03 2009 us=169904 UDPv4 READ [-1] from [undef]: DATA UNDEF len=-1
Tue Dec 01 15:04:03 2009 us=169930 ACK reliable_can_send active=1 current=0 : [1] 0
Tue Dec 01 15:04:03 2009 us=847483 ACK reliable_send_timeout 0 [1] 0
Tue Dec 01 15:04:03 2009 us=847520 WE_CTL n=0 ev=0x00469984 rwflags=0x0001 arg=0x00453560
Tue Dec 01 15:04:03 2009 us=847568 WE_CTL n=1 ev=0x009e58d4 rwflags=0x0001 arg=0x00453558
Tue Dec 01 15:04:03 2009 us=847599 I/O WAIT T?|T?|SRQ|Sw1 [1/54470]
Tue Dec 01 15:04:03 2009 us=847622 WE_WAIT enter n=2 to=1054
Tue Dec 01 15:04:03 2009 us=847642 [0] ev=0x00000758 rwflags=0x0001 arg=0x00453560
Tue Dec 01 15:04:03 2009 us=847663 [1] ev=0x00000760 rwflags=0x0001 arg=0x00453558
Tue Dec 01 15:04:04 2009 us=908372 I/O WAIT status=0x0020
Tue Dec 01 15:04:04 2009 us=908416 TIMER: coarse timer wakeup 1 seconds
Tue Dec 01 15:04:04 2009 us=908448 ACK reliable_can_send active=1 current=1 : [1] 0
Tue Dec 01 15:04:04 2009 us=908468 ACK reliable_send ID 0 (size=4 to=2)
Tue Dec 01 15:04:04 2009 us=908492 ACK reliable_send_timeout 2 [1] 0
Tue Dec 01 15:04:04 2009 us=908516 WE_CTL n=0 ev=0x00469984 rwflags=0x0001 arg=0x00453560
Tue Dec 01 15:04:04 2009 us=908539 WE_CTL n=1 ev=0x009e58d4 rwflags=0x0003 arg=0x00453558
Tue Dec 01 15:04:04 2009 us=908570 I/O WAIT T?|T?|SRQ|SW1 [1/54470]
Tue Dec 01 15:04:04 2009 us=908592 WE_WAIT enter n=3 to=1054
Tue Dec 01 15:04:04 2009 us=908613 [0] ev=0x00000758 rwflags=0x0001 arg=0x00453560
Tue Dec 01 15:04:04 2009 us=908634 [1] ev=0x00000750 rwflags=0x0002 arg=0x00453558
Tue Dec 01 15:04:04 2009 us=908654 [2] ev=0x00000760 rwflags=0x0001 arg=0x00453558
Tue Dec 01 15:04:04 2009 us=908683 WE_WAIT leave [1,0] rwflags=0x0002 arg=0x00453558
Tue Dec 01 15:04:04 2009 us=908703 I/O WAIT status=0x0002
Voici le fichier de configuration du client :
client
port 1595
dev tun
proto udp
remote 192.168.1.10 1595
ns-cert-type server
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
ca ca.crt
cert Client.crt
key Client.key
cipher AES-128-CBC
comp-lzo
verb 8
Merci d'avance si quelqu'un a une solution !