deb10er0
22.07.2010
view14711
view9
0
Goto Top

OpenVPN geht einfach nicht

FrageMicrosoftWindows Netzwerk
Ich habe nun schon alles versucht aber irgendwie bekomme ich keine Verbindung her.

Hallo Leute,

ich brauch eure Hilfe. Ich bekomme einfach keine Verbindung her. Beim Client ist das OpenVPN-Symbol immer gelb wenn ich verbinde. Auf der Firewall ist der Port 1194 für meinen Server frei.

Meine Server Logs.:
openvpn.log
Thu Jul 22 10:44:07 2010 OpenVPN 2.1.1 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Dec 11 2009
Thu Jul 22 10:44:07 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Thu Jul 22 10:44:09 2010 Diffie-Hellman initialized with 1024 bit key
Thu Jul 22 10:44:09 2010 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Thu Jul 22 10:44:09 2010 ROUTE default_gateway=192.168.249.1
Thu Jul 22 10:44:09 2010 TAP-WIN32 device [OPENVPN] opened: \\.\Global\{95269189-BC7A-4172-9177-B23ACAE8B78C}.tap
Thu Jul 22 10:44:09 2010 TAP-Win32 Driver Version 9.6
Thu Jul 22 10:44:09 2010 TAP-Win32 MTU=1500
Thu Jul 22 10:44:09 2010 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.8.0.1/255.255.255.252 on interface {95269189-BC7A-4172-9177-B23ACAE8B78C} [DHCP-serv: 10.8.0.2, lease-time: 31536000]
Thu Jul 22 10:44:09 2010 Sleeping for 10 seconds...
Thu Jul 22 10:44:19 2010 Successful ARP Flush on interface [11] {95269189-BC7A-4172-9177-B23ACAE8B78C}
Thu Jul 22 10:44:19 2010 C:\WINDOWS\system32\route.exe ADD 10.8.0.0 MASK 255.255.255.0 10.8.0.2
Thu Jul 22 10:44:19 2010 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=10 and dwForwardType=4
Thu Jul 22 10:44:19 2010 Route addition via IPAPI succeeded [adaptive]
Thu Jul 22 10:44:19 2010 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Thu Jul 22 10:44:19 2010 Socket Buffers: R=[8192->8192] S=[8192->8192]
Thu Jul 22 10:44:19 2010 UDPv4 link local (bound): [undef]:1194
Thu Jul 22 10:44:19 2010 UDPv4 link remote: [undef]
Thu Jul 22 10:44:19 2010 MULTI: multi_init called, r=256 v=256
Thu Jul 22 10:44:19 2010 IFCONFIG POOL: base=10.8.0.4 size=62
Thu Jul 22 10:44:19 2010 IFCONFIG POOL LIST
Thu Jul 22 10:44:19 2010 Initialization Sequence Completed
Thu Jul 22 10:51:16 2010 TCP/UDP: Closing socket
Thu Jul 22 10:51:16 2010 C:\WINDOWS\system32\route.exe DELETE 10.8.0.0 MASK 255.255.255.0 10.8.0.2
Thu Jul 22 10:51:16 2010 Route deletion via IPAPI succeeded [adaptive]
Thu Jul 22 10:51:16 2010 Closing TUN/TAP interface
Thu Jul 22 10:51:17 2010 SIGTERM[hard,] received, process exiting

openvpn-status.log
OpenVPN CLIENT LIST
Updated,Thu Jul 22 10:50:30 2010
Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
ROUTING TABLE
Virtual Address,Common Name,Real Address,Last Ref
GLOBAL STATS
Max bcast/mcast queue length,0
END

server.log ist leer

Meine Client Logs.:
client.log
Thu Jul 22 10:54:33 2010 OpenVPN 2.1.1 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Dec 11 2009
Thu Jul 22 10:54:33 2010 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Thu Jul 22 10:54:33 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Thu Jul 22 10:54:33 2010 LZO compression initialized
Thu Jul 22 10:54:33 2010 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Thu Jul 22 10:54:33 2010 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Thu Jul 22 10:54:33 2010 Local Options hash (VER=V4): '41690919'
Thu Jul 22 10:54:33 2010 Expected Remote Options hash (VER=V4): '530fdded'
Thu Jul 22 10:54:33 2010 Socket Buffers: R=[8192->8192] S=[8192->8192]
Thu Jul 22 10:54:33 2010 UDPv4 link local: [undef]
Thu Jul 22 10:54:33 2010 UDPv4 link remote: x.x.x.x:1194 meine Internet-IP vom Server (wieistmeineip.de)

Aufbau:
Habe eine Windows Server 2008 auf ESX. (Dort ist sonst nichts drauf, nur OpenVPN)

SERVER:
OpenVPN Version 2.1.1
OpenVPN Dienst steht auf automatisch und ist gestartet.
In der Firewall hab ich eine Ausnahme für den Port 1194 und für OpenVPN hinzugefügt.

Unter C:\Programme\OpenVPN\config
ca.crt
dh1024.pem
servername.crt
servername.key
server.ovpn

Meine server.ovpn sieht so aus:
port 1194
proto udp
dev tun
dh dh1024.pem
ca ca.crt
cert servername.crt
key servername.key
server 10.8.0.0 255.255.255.0für was ist diese IP wichtig? Ist das die IP für mein VPN-Netz? Also die TAP-Verbindung?
ifconfig-pool-persist ipp.txt
client-to-client
push "route x.x.x.x 255.255.255.0" kommt hier mein Netz rein, also z.B. 192.168.0.0?
push "dhcp-option DNS x.x.x.x"hier steht mein DHCP-Server
keepalive 10 120
comp-lzo
max-clients 10
persist-key
persist-tun
status C:\\Programme\\OpenVPN\\log\\openvpn-status.log
log C:\\Programme\\OpenVPN\\log\\openvpn.log
log-append C:\\Programme\\OpenVPN\\log\\openvpn.log
verb 3

CLIENT (Vista, über UMTS im Internet)

OpenVPN Version 2.1.1
OpenVPN Dienst steht auf automatisch und ist gestartet.
In der Firewall hab ich eine Ausnahme für den Port 1194 und für OpenVPN hinzugefügt.
OpenVPN Gui mit Adminrechte ausgeführt

Unter C:\Programme\OpenVPN\config
ca.crt
clientname.crt
clientname.key
client.ovpn

Meine client.ovpn sieht so aus:
client
dev tun
proto udp
remote x.x.x.x 1194 //hier hab ich meine Internet-IP vom Server (vom Server aus auf der Seite wieistmeineip.de). Ist das richtig?
resolv-retry infinite
nobind
persist-key
persist-tun
route-method exe
route-delay 2
ca ca.crt
cert clientname.crt
key clientname.key
comp-lzo
verb 3
ShareTeilen
Auf Facebook teilen Auf Twitter teilen Auf Reddit teilen Auf Linkedin teilen

Content-ID: 147411

Url: https://administrator.de/contentid/147411

Ausgedruckt am: 22.11.2024 um 17:11 Uhr

9 Kommentare
Neuester Kommentar
Goto Top
Connor1980
Connor1980 22.07.2010 um 12:35:50 Uhr
Goto Top
Hallo,

zwei Punkte:
1. Anhand der Zeiten sieht man, dass dein Server die Verbindung dicht macht, bevor du mit dem Client verbindest. Schraub mal das Log-Level am Server höher und starte den Dienst neu (verb 6).
2. hast du ein Portforwarding in deinem Router eingerichtet, also die 1194 auf die IP deines Servers?

Der Rest müsste stimmen.

Grüße
deb10er0
deb10er0 22.07.2010 um 12:44:14 Uhr
Goto Top
1. Socket bind failed on local address x.x.x.x (LAN-Server adresse): Die angeforderte Adresse ist in diesem Kontext ungültig,
2. Port wurde auf IP freigeschaltet.
mrtux
mrtux 22.07.2010 um 12:46:12 Uhr
Goto Top
Hi !

Zitat von @Connor1980:
2. hast du ein Portforwarding in deinem Router eingerichtet, also die 1194 auf die IP deines Servers?

Richtig, meist genügt es nicht nur eine Firewallregel zu setzen, sondern für den Port (Standard ist 1194 udp) auch einen Forward an die OpenVPN-Box zu setzen, die Firewall muss ja wissen wo sie die ankommenden Pakete hinschicken soll...

mrtux
deb10er0
deb10er0 22.07.2010 um 13:20:54 Uhr
Goto Top
also soweit ich das nun mitbeokommen von unserm Firewalltypen (sitzt in belgien). Ist der Port 1194 udp auf meine Server-IP freigeschalten. Sollte ja reichen, oder?
Ist es normal, sobald ich den OpenVPN-dienst laufen hab, dass ich nicht mehr ins internet (bzw. in normale Netz komme, von meinem Server aus)?
Kann mich auch nicht mehr per ip auf den VPN-Server aufwählen.


Ist eine Bridge beim Server nötig?

Das ist die aktuelle server-log:
Thu Jul 22 12:40:43 2010 us=812000 Current Parameter Settings:
Thu Jul 22 12:40:43 2010 us=812000 config = 'server.ovpn'
Thu Jul 22 12:40:43 2010 us=812000 mode = 1
Thu Jul 22 12:40:43 2010 us=812000 show_ciphers = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 show_digests = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 show_engines = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 genkey = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 key_pass_file = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 show_tls_ciphers = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 Connection profiles [default]:
Thu Jul 22 12:40:43 2010 us=812000 proto = udp
Thu Jul 22 12:40:43 2010 us=812000 local = '192.168.249.71'
Thu Jul 22 12:40:43 2010 us=812000 local_port = 1194
Thu Jul 22 12:40:43 2010 us=812000 remote = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 remote_port = 1194
Thu Jul 22 12:40:43 2010 us=812000 remote_float = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 bind_defined = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 bind_local = ENABLED
Thu Jul 22 12:40:43 2010 us=812000 connect_retry_seconds = 5
Thu Jul 22 12:40:43 2010 us=812000 connect_timeout = 10
Thu Jul 22 12:40:43 2010 us=812000 connect_retry_max = 0
Thu Jul 22 12:40:43 2010 us=812000 socks_proxy_server = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 socks_proxy_port = 0
Thu Jul 22 12:40:43 2010 us=812000 socks_proxy_retry = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 Connection profiles END
Thu Jul 22 12:40:43 2010 us=812000 remote_random = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 ipchange = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 dev = 'tap'
Thu Jul 22 12:40:43 2010 us=812000 dev_type = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 dev_node = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 lladdr = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 topology = 1
Thu Jul 22 12:40:43 2010 us=812000 tun_ipv6 = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 ifconfig_local = '10.8.0.1'
Thu Jul 22 12:40:43 2010 us=812000 ifconfig_remote_netmask = '255.255.255.0'
Thu Jul 22 12:40:43 2010 us=812000 ifconfig_noexec = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 ifconfig_nowarn = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 shaper = 0
Thu Jul 22 12:40:43 2010 us=812000 tun_mtu = 1500
Thu Jul 22 12:40:43 2010 us=812000 tun_mtu_defined = ENABLED
Thu Jul 22 12:40:43 2010 us=812000 link_mtu = 1500
Thu Jul 22 12:40:43 2010 us=812000 link_mtu_defined = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 tun_mtu_extra = 32
Thu Jul 22 12:40:43 2010 us=812000 tun_mtu_extra_defined = ENABLED
Thu Jul 22 12:40:43 2010 us=812000 fragment = 0
Thu Jul 22 12:40:43 2010 us=812000 mtu_discover_type = -1
Thu Jul 22 12:40:43 2010 us=812000 mtu_test = 0
Thu Jul 22 12:40:43 2010 us=812000 mlock = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 keepalive_ping = 10
Thu Jul 22 12:40:43 2010 us=812000 keepalive_timeout = 120
Thu Jul 22 12:40:43 2010 us=812000 inactivity_timeout = 0
Thu Jul 22 12:40:43 2010 us=812000 ping_send_timeout = 10
Thu Jul 22 12:40:43 2010 us=812000 ping_rec_timeout = 240
Thu Jul 22 12:40:43 2010 us=812000 ping_rec_timeout_action = 2
Thu Jul 22 12:40:43 2010 us=812000 ping_timer_remote = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 remap_sigusr1 = 0
Thu Jul 22 12:40:43 2010 us=812000 explicit_exit_notification = 0
Thu Jul 22 12:40:43 2010 us=812000 persist_tun = ENABLED
Thu Jul 22 12:40:43 2010 us=812000 persist_local_ip = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 persist_remote_ip = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 persist_key = ENABLED
Thu Jul 22 12:40:43 2010 us=812000 mssfix = 1400
Thu Jul 22 12:40:43 2010 us=812000 resolve_retry_seconds = 1000000000
Thu Jul 22 12:40:43 2010 us=812000 username = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 groupname = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 chroot_dir = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 cd_dir = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 writepid = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 up_script = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 down_script = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 down_pre = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 up_restart = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 up_delay = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 daemon = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 inetd = 0
Thu Jul 22 12:40:43 2010 us=812000 log = ENABLED
Thu Jul 22 12:40:43 2010 us=812000 suppress_timestamps = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 nice = 0
Thu Jul 22 12:40:43 2010 us=812000 verbosity = 6
Thu Jul 22 12:40:43 2010 us=812000 mute = 0
Thu Jul 22 12:40:43 2010 us=812000 gremlin = 0
Thu Jul 22 12:40:43 2010 us=812000 status_file = 'C:\Programme\OpenVPN\log\openvpn-status.log'
Thu Jul 22 12:40:43 2010 us=812000 status_file_version = 1
Thu Jul 22 12:40:43 2010 us=812000 status_file_update_freq = 60
Thu Jul 22 12:40:43 2010 us=812000 occ = ENABLED
Thu Jul 22 12:40:43 2010 us=812000 rcvbuf = 0
Thu Jul 22 12:40:43 2010 us=812000 sndbuf = 0
Thu Jul 22 12:40:43 2010 us=812000 sockflags = 0
Thu Jul 22 12:40:43 2010 us=812000 fast_io = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 lzo = 7
Thu Jul 22 12:40:43 2010 us=812000 route_script = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 route_default_gateway = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 route_default_metric = 0
Thu Jul 22 12:40:43 2010 us=812000 route_noexec = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 route_delay = 0
Thu Jul 22 12:40:43 2010 us=812000 route_delay_window = 30
Thu Jul 22 12:40:43 2010 us=812000 route_delay_defined = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 route_nopull = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 route_gateway_via_dhcp = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 max_routes = 100
Thu Jul 22 12:40:43 2010 us=812000 allow_pull_fqdn = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 management_addr = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 management_port = 0
Thu Jul 22 12:40:43 2010 us=812000 management_user_pass = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 management_log_history_cache = 250
Thu Jul 22 12:40:43 2010 us=812000 management_echo_buffer_size = 100
Thu Jul 22 12:40:43 2010 us=812000 management_write_peer_info_file = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 management_client_user = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 management_client_group = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 management_flags = 0
Thu Jul 22 12:40:43 2010 us=812000 shared_secret_file = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 key_direction = 0
Thu Jul 22 12:40:43 2010 us=812000 ciphername_defined = ENABLED
Thu Jul 22 12:40:43 2010 us=812000 ciphername = 'BF-CBC'
Thu Jul 22 12:40:43 2010 us=812000 authname_defined = ENABLED
Thu Jul 22 12:40:43 2010 us=812000 authname = 'SHA1'
Thu Jul 22 12:40:43 2010 us=812000 prng_hash = 'SHA1'
Thu Jul 22 12:40:43 2010 us=812000 prng_nonce_secret_len = 16
Thu Jul 22 12:40:43 2010 us=812000 keysize = 0
Thu Jul 22 12:40:43 2010 us=812000 engine = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 replay = ENABLED
Thu Jul 22 12:40:43 2010 us=812000 mute_replay_warnings = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 replay_window = 64
Thu Jul 22 12:40:43 2010 us=812000 replay_time = 15
Thu Jul 22 12:40:43 2010 us=812000 packet_id_file = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 use_iv = ENABLED
Thu Jul 22 12:40:43 2010 us=812000 test_crypto = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 tls_server = ENABLED
Thu Jul 22 12:40:43 2010 us=812000 tls_client = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 key_method = 2
Thu Jul 22 12:40:43 2010 us=812000 ca_file = 'ca.crt'
Thu Jul 22 12:40:43 2010 us=812000 ca_path = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 dh_file = 'dh1024.pem'
Thu Jul 22 12:40:43 2010 us=812000 cert_file = 'sailer-vpn.crt'
Thu Jul 22 12:40:43 2010 us=812000 priv_key_file = 'sailer-vpn.key'
Thu Jul 22 12:40:43 2010 us=812000 pkcs12_file = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 cryptoapi_cert = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 cipher_list = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 tls_verify = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 tls_remote = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 crl_file = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 ns_cert_type = 0
Thu Jul 22 12:40:43 2010 us=812000 remote_cert_ku[i] = 0
Thu Jul 22 12:40:43 2010 us=812000 remote_cert_ku[i] = 0
Thu Jul 22 12:40:43 2010 us=812000 remote_cert_ku[i] = 0
Thu Jul 22 12:40:43 2010 us=812000 remote_cert_ku[i] = 0
Thu Jul 22 12:40:43 2010 us=812000 remote_cert_ku[i] = 0
Thu Jul 22 12:40:43 2010 us=812000 remote_cert_ku[i] = 0
Thu Jul 22 12:40:43 2010 us=812000 remote_cert_ku[i] = 0
Thu Jul 22 12:40:43 2010 us=812000 remote_cert_ku[i] = 0
Thu Jul 22 12:40:43 2010 us=812000 remote_cert_ku[i] = 0
Thu Jul 22 12:40:43 2010 us=812000 remote_cert_ku[i] = 0
Thu Jul 22 12:40:43 2010 us=812000 remote_cert_ku[i] = 0
Thu Jul 22 12:40:43 2010 us=812000 remote_cert_ku[i] = 0
Thu Jul 22 12:40:43 2010 us=812000 remote_cert_ku[i] = 0
Thu Jul 22 12:40:43 2010 us=812000 remote_cert_ku[i] = 0
Thu Jul 22 12:40:43 2010 us=812000 remote_cert_ku[i] = 0
Thu Jul 22 12:40:43 2010 us=812000 remote_cert_ku[i] = 0
Thu Jul 22 12:40:43 2010 us=812000 remote_cert_eku = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 tls_timeout = 2
Thu Jul 22 12:40:43 2010 us=812000 renegotiate_bytes = 0
Thu Jul 22 12:40:43 2010 us=812000 renegotiate_packets = 0
Thu Jul 22 12:40:43 2010 us=812000 renegotiate_seconds = 3600
Thu Jul 22 12:40:43 2010 us=812000 handshake_window = 60
Thu Jul 22 12:40:43 2010 us=812000 transition_window = 3600
Thu Jul 22 12:40:43 2010 us=812000 single_session = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 tls_exit = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 tls_auth_file = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=812000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 12:40:43 2010 us=812000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_private_mode = 00000000
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_private_mode = 00000000
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_private_mode = 00000000
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_private_mode = 00000000
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_private_mode = 00000000
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_private_mode = 00000000
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_private_mode = 00000000
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_private_mode = 00000000
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_private_mode = 00000000
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_private_mode = 00000000
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_private_mode = 00000000
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_private_mode = 00000000
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_private_mode = 00000000
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_private_mode = 00000000
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_private_mode = 00000000
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_private_mode = 00000000
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_cert_private = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_cert_private = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_cert_private = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_cert_private = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_cert_private = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_cert_private = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_cert_private = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_cert_private = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_cert_private = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_cert_private = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_cert_private = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_cert_private = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_cert_private = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_cert_private = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_cert_private = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_cert_private = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_pin_cache_period = -1
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_id = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=828000 pkcs11_id_management = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 server_network = 10.8.0.0
Thu Jul 22 12:40:43 2010 us=828000 server_netmask = 255.255.255.0
Thu Jul 22 12:40:43 2010 us=828000 server_bridge_ip = 0.0.0.0
Thu Jul 22 12:40:43 2010 us=828000 server_bridge_netmask = 0.0.0.0
Thu Jul 22 12:40:43 2010 us=828000 server_bridge_pool_start = 0.0.0.0
Thu Jul 22 12:40:43 2010 us=828000 server_bridge_pool_end = 0.0.0.0
Thu Jul 22 12:40:43 2010 us=828000 push_entry = 'dhcp-option DNS x.x.x.x (DNS1)'
Thu Jul 22 12:40:43 2010 us=828000 push_entry = 'dhcp-option DNS x.x.x.x (DNS2)'
Thu Jul 22 12:40:43 2010 us=828000 push_entry = 'route-gateway 10.8.0.1'
Thu Jul 22 12:40:43 2010 us=828000 push_entry = 'ping 10'
Thu Jul 22 12:40:43 2010 us=828000 push_entry = 'ping-restart 120'
Thu Jul 22 12:40:43 2010 us=828000 ifconfig_pool_defined = ENABLED
Thu Jul 22 12:40:43 2010 us=828000 ifconfig_pool_start = 10.8.0.2
Thu Jul 22 12:40:43 2010 us=828000 ifconfig_pool_end = 10.8.0.254
Thu Jul 22 12:40:43 2010 us=828000 ifconfig_pool_netmask = 255.255.255.0
Thu Jul 22 12:40:43 2010 us=828000 ifconfig_pool_persist_filename = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=828000 ifconfig_pool_persist_refresh_freq = 600
Thu Jul 22 12:40:43 2010 us=828000 n_bcast_buf = 256
Thu Jul 22 12:40:43 2010 us=828000 tcp_queue_limit = 64
Thu Jul 22 12:40:43 2010 us=828000 real_hash_size = 256
Thu Jul 22 12:40:43 2010 us=828000 virtual_hash_size = 256
Thu Jul 22 12:40:43 2010 us=828000 client_connect_script = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=828000 learn_address_script = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=828000 client_disconnect_script = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=828000 client_config_dir = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=828000 ccd_exclusive = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 tmp_dir = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=828000 push_ifconfig_defined = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 push_ifconfig_local = 0.0.0.0
Thu Jul 22 12:40:43 2010 us=828000 push_ifconfig_remote_netmask = 0.0.0.0
Thu Jul 22 12:40:43 2010 us=828000 enable_c2c = ENABLED
Thu Jul 22 12:40:43 2010 us=828000 duplicate_cn = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 cf_max = 0
Thu Jul 22 12:40:43 2010 us=828000 cf_per = 0
Thu Jul 22 12:40:43 2010 us=828000 max_clients = 10
Thu Jul 22 12:40:43 2010 us=828000 max_routes_per_client = 256
Thu Jul 22 12:40:43 2010 us=828000 auth_user_pass_verify_script = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=828000 auth_user_pass_verify_script_via_file = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 ssl_flags = 0
Thu Jul 22 12:40:43 2010 us=828000 client = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 pull = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 auth_user_pass_file = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=828000 show_net_up = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 route_method = 0
Thu Jul 22 12:40:43 2010 us=828000 ip_win32_defined = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 ip_win32_type = 3
Thu Jul 22 12:40:43 2010 us=828000 dhcp_masq_offset = 0
Thu Jul 22 12:40:43 2010 us=828000 dhcp_lease_time = 31536000
Thu Jul 22 12:40:43 2010 us=828000 tap_sleep = 10
Thu Jul 22 12:40:43 2010 us=828000 dhcp_options = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 dhcp_renew = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 dhcp_pre_release = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 dhcp_release = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 domain = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=828000 netbios_scope = '[UNDEF]'
Thu Jul 22 12:40:43 2010 us=828000 netbios_node_type = 0
Thu Jul 22 12:40:43 2010 us=828000 disable_nbt = DISABLED
Thu Jul 22 12:40:43 2010 us=828000 OpenVPN 2.1.1 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Dec 11 2009
Thu Jul 22 12:40:43 2010 us=843000 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Thu Jul 22 12:40:44 2010 us=234000 Diffie-Hellman initialized with 1024 bit key
Thu Jul 22 12:40:44 2010 us=234000 TLS-Auth MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
Thu Jul 22 12:40:44 2010 us=234000 TCP/UDP: Socket bind failed on local address x.x.x.x (LAN-IP meines VPN-Servers):1194: Die angeforderte Adresse ist in diesem Kontext ungültig.
Thu Jul 22 12:40:44 2010 us=234000 Exiting
deb10er0
deb10er0 22.07.2010 um 13:23:32 Uhr
Goto Top
Noch ne blöde Frage. Muss ich am Server die OpenVPN 1.0.3 GUI starten?

Bei meinem letzten log muss ich dazu sagen ich habe in der server.opnv den Punkt "lokal x.x.x.x" (Lokale IP-Adresse des Servers) eingetragen.
deb10er0
deb10er0 22.07.2010 um 13:31:15 Uhr
Goto Top
in meine server.log schreibt er garnix. Behauptet er hat keine rechte, obwohl ich als Admin starte.
deb10er0
deb10er0 22.07.2010 um 13:47:34 Uhr
Goto Top
aktuelles log ohne den Punkt local in der config:
Thu Jul 22 13:35:33 2010 us=312000 Current Parameter Settings:
Thu Jul 22 13:35:33 2010 us=328000 config = 'server.ovpn'
Thu Jul 22 13:35:33 2010 us=328000 mode = 1
Thu Jul 22 13:35:33 2010 us=328000 show_ciphers = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 show_digests = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 show_engines = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 genkey = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 key_pass_file = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 show_tls_ciphers = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 Connection profiles [default]:
Thu Jul 22 13:35:33 2010 us=328000 proto = udp
Thu Jul 22 13:35:33 2010 us=328000 local = '192.168.249.225'
Thu Jul 22 13:35:33 2010 us=328000 local_port = 1194
Thu Jul 22 13:35:33 2010 us=328000 remote = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 remote_port = 1194
Thu Jul 22 13:35:33 2010 us=328000 remote_float = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 bind_defined = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 bind_local = ENABLED
Thu Jul 22 13:35:33 2010 us=328000 connect_retry_seconds = 5
Thu Jul 22 13:35:33 2010 us=328000 connect_timeout = 10
Thu Jul 22 13:35:33 2010 us=328000 connect_retry_max = 0
Thu Jul 22 13:35:33 2010 us=328000 socks_proxy_server = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 socks_proxy_port = 0
Thu Jul 22 13:35:33 2010 us=328000 socks_proxy_retry = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 Connection profiles END
Thu Jul 22 13:35:33 2010 us=328000 remote_random = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 ipchange = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 dev = 'tap'
Thu Jul 22 13:35:33 2010 us=328000 dev_type = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 dev_node = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 lladdr = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 topology = 1
Thu Jul 22 13:35:33 2010 us=328000 tun_ipv6 = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 ifconfig_local = '10.8.0.1'
Thu Jul 22 13:35:33 2010 us=328000 ifconfig_remote_netmask = '255.255.255.0'
Thu Jul 22 13:35:33 2010 us=328000 ifconfig_noexec = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 ifconfig_nowarn = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 shaper = 0
Thu Jul 22 13:35:33 2010 us=328000 tun_mtu = 1500
Thu Jul 22 13:35:33 2010 us=328000 tun_mtu_defined = ENABLED
Thu Jul 22 13:35:33 2010 us=328000 link_mtu = 1500
Thu Jul 22 13:35:33 2010 us=328000 link_mtu_defined = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 tun_mtu_extra = 32
Thu Jul 22 13:35:33 2010 us=328000 tun_mtu_extra_defined = ENABLED
Thu Jul 22 13:35:33 2010 us=328000 fragment = 0
Thu Jul 22 13:35:33 2010 us=328000 mtu_discover_type = -1
Thu Jul 22 13:35:33 2010 us=328000 mtu_test = 0
Thu Jul 22 13:35:33 2010 us=328000 mlock = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 keepalive_ping = 10
Thu Jul 22 13:35:33 2010 us=328000 keepalive_timeout = 120
Thu Jul 22 13:35:33 2010 us=328000 inactivity_timeout = 0
Thu Jul 22 13:35:33 2010 us=328000 ping_send_timeout = 10
Thu Jul 22 13:35:33 2010 us=328000 ping_rec_timeout = 240
Thu Jul 22 13:35:33 2010 us=328000 ping_rec_timeout_action = 2
Thu Jul 22 13:35:33 2010 us=328000 ping_timer_remote = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 remap_sigusr1 = 0
Thu Jul 22 13:35:33 2010 us=328000 explicit_exit_notification = 0
Thu Jul 22 13:35:33 2010 us=328000 persist_tun = ENABLED
Thu Jul 22 13:35:33 2010 us=328000 persist_local_ip = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 persist_remote_ip = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 persist_key = ENABLED
Thu Jul 22 13:35:33 2010 us=328000 mssfix = 1400
Thu Jul 22 13:35:33 2010 us=328000 resolve_retry_seconds = 1000000000
Thu Jul 22 13:35:33 2010 us=328000 username = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 groupname = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 chroot_dir = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 cd_dir = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 writepid = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 up_script = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 down_script = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 down_pre = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 up_restart = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 up_delay = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 daemon = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 inetd = 0
Thu Jul 22 13:35:33 2010 us=328000 log = ENABLED
Thu Jul 22 13:35:33 2010 us=328000 suppress_timestamps = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 nice = 0
Thu Jul 22 13:35:33 2010 us=328000 verbosity = 6
Thu Jul 22 13:35:33 2010 us=328000 mute = 0
Thu Jul 22 13:35:33 2010 us=328000 gremlin = 0
Thu Jul 22 13:35:33 2010 us=328000 status_file = 'C:\Programme\OpenVPN\log\openvpn-status.log'
Thu Jul 22 13:35:33 2010 us=328000 status_file_version = 1
Thu Jul 22 13:35:33 2010 us=328000 status_file_update_freq = 60
Thu Jul 22 13:35:33 2010 us=328000 occ = ENABLED
Thu Jul 22 13:35:33 2010 us=328000 rcvbuf = 0
Thu Jul 22 13:35:33 2010 us=328000 sndbuf = 0
Thu Jul 22 13:35:33 2010 us=328000 sockflags = 0
Thu Jul 22 13:35:33 2010 us=328000 fast_io = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 lzo = 7
Thu Jul 22 13:35:33 2010 us=328000 route_script = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 route_default_gateway = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 route_default_metric = 0
Thu Jul 22 13:35:33 2010 us=328000 route_noexec = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 route_delay = 0
Thu Jul 22 13:35:33 2010 us=328000 route_delay_window = 30
Thu Jul 22 13:35:33 2010 us=328000 route_delay_defined = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 route_nopull = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 route_gateway_via_dhcp = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 max_routes = 100
Thu Jul 22 13:35:33 2010 us=328000 allow_pull_fqdn = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 management_addr = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 management_port = 0
Thu Jul 22 13:35:33 2010 us=328000 management_user_pass = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 management_log_history_cache = 250
Thu Jul 22 13:35:33 2010 us=328000 management_echo_buffer_size = 100
Thu Jul 22 13:35:33 2010 us=328000 management_write_peer_info_file = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 management_client_user = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 management_client_group = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 management_flags = 0
Thu Jul 22 13:35:33 2010 us=328000 shared_secret_file = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 key_direction = 0
Thu Jul 22 13:35:33 2010 us=328000 ciphername_defined = ENABLED
Thu Jul 22 13:35:33 2010 us=328000 ciphername = 'BF-CBC'
Thu Jul 22 13:35:33 2010 us=328000 authname_defined = ENABLED
Thu Jul 22 13:35:33 2010 us=328000 authname = 'SHA1'
Thu Jul 22 13:35:33 2010 us=328000 prng_hash = 'SHA1'
Thu Jul 22 13:35:33 2010 us=328000 prng_nonce_secret_len = 16
Thu Jul 22 13:35:33 2010 us=328000 keysize = 0
Thu Jul 22 13:35:33 2010 us=328000 engine = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 replay = ENABLED
Thu Jul 22 13:35:33 2010 us=328000 mute_replay_warnings = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 replay_window = 64
Thu Jul 22 13:35:33 2010 us=328000 replay_time = 15
Thu Jul 22 13:35:33 2010 us=328000 packet_id_file = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 use_iv = ENABLED
Thu Jul 22 13:35:33 2010 us=328000 test_crypto = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 tls_server = ENABLED
Thu Jul 22 13:35:33 2010 us=328000 tls_client = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 key_method = 2
Thu Jul 22 13:35:33 2010 us=328000 ca_file = 'ca.crt'
Thu Jul 22 13:35:33 2010 us=328000 ca_path = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 dh_file = 'dh1024.pem'
Thu Jul 22 13:35:33 2010 us=328000 cert_file = 'sailer-vpn.crt'
Thu Jul 22 13:35:33 2010 us=328000 priv_key_file = 'sailer-vpn.key'
Thu Jul 22 13:35:33 2010 us=328000 pkcs12_file = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 cryptoapi_cert = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 cipher_list = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 tls_verify = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 tls_remote = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 crl_file = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 ns_cert_type = 0
Thu Jul 22 13:35:33 2010 us=328000 remote_cert_ku[i] = 0
Thu Jul 22 13:35:33 2010 us=328000 remote_cert_ku[i] = 0
Thu Jul 22 13:35:33 2010 us=328000 remote_cert_ku[i] = 0
Thu Jul 22 13:35:33 2010 us=328000 remote_cert_ku[i] = 0
Thu Jul 22 13:35:33 2010 us=328000 remote_cert_ku[i] = 0
Thu Jul 22 13:35:33 2010 us=328000 remote_cert_ku[i] = 0
Thu Jul 22 13:35:33 2010 us=328000 remote_cert_ku[i] = 0
Thu Jul 22 13:35:33 2010 us=328000 remote_cert_ku[i] = 0
Thu Jul 22 13:35:33 2010 us=328000 remote_cert_ku[i] = 0
Thu Jul 22 13:35:33 2010 us=328000 remote_cert_ku[i] = 0
Thu Jul 22 13:35:33 2010 us=328000 remote_cert_ku[i] = 0
Thu Jul 22 13:35:33 2010 us=328000 remote_cert_ku[i] = 0
Thu Jul 22 13:35:33 2010 us=328000 remote_cert_ku[i] = 0
Thu Jul 22 13:35:33 2010 us=328000 remote_cert_ku[i] = 0
Thu Jul 22 13:35:33 2010 us=328000 remote_cert_ku[i] = 0
Thu Jul 22 13:35:33 2010 us=328000 remote_cert_ku[i] = 0
Thu Jul 22 13:35:33 2010 us=328000 remote_cert_eku = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 tls_timeout = 2
Thu Jul 22 13:35:33 2010 us=328000 renegotiate_bytes = 0
Thu Jul 22 13:35:33 2010 us=328000 renegotiate_packets = 0
Thu Jul 22 13:35:33 2010 us=328000 renegotiate_seconds = 3600
Thu Jul 22 13:35:33 2010 us=328000 handshake_window = 60
Thu Jul 22 13:35:33 2010 us=328000 transition_window = 3600
Thu Jul 22 13:35:33 2010 us=328000 single_session = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 tls_exit = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 tls_auth_file = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_protected_authentication = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_private_mode = 00000000
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_private_mode = 00000000
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_private_mode = 00000000
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_private_mode = 00000000
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_private_mode = 00000000
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_private_mode = 00000000
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_private_mode = 00000000
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_private_mode = 00000000
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_private_mode = 00000000
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_private_mode = 00000000
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_private_mode = 00000000
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_private_mode = 00000000
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_private_mode = 00000000
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_private_mode = 00000000
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_private_mode = 00000000
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_private_mode = 00000000
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_cert_private = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_cert_private = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_cert_private = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_cert_private = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_cert_private = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_cert_private = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_cert_private = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_cert_private = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_cert_private = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_cert_private = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_cert_private = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_cert_private = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_cert_private = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_cert_private = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_cert_private = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_cert_private = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_pin_cache_period = -1
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_id = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=328000 pkcs11_id_management = DISABLED
Thu Jul 22 13:35:33 2010 us=328000 server_network = 10.8.0.0
Thu Jul 22 13:35:33 2010 us=328000 server_netmask = 255.255.255.0
Thu Jul 22 13:35:33 2010 us=328000 server_bridge_ip = 0.0.0.0
Thu Jul 22 13:35:33 2010 us=328000 server_bridge_netmask = 0.0.0.0
Thu Jul 22 13:35:33 2010 us=328000 server_bridge_pool_start = 0.0.0.0
Thu Jul 22 13:35:33 2010 us=328000 server_bridge_pool_end = 0.0.0.0
Thu Jul 22 13:35:33 2010 us=328000 push_entry = 'dhcp-option DNS 192.168.249.67'
Thu Jul 22 13:35:33 2010 us=328000 push_entry = 'dhcp-option DNS 192.168.249.73'
Thu Jul 22 13:35:33 2010 us=328000 push_entry = 'route-gateway 10.8.0.1'
Thu Jul 22 13:35:33 2010 us=328000 push_entry = 'ping 10'
Thu Jul 22 13:35:33 2010 us=328000 push_entry = 'ping-restart 120'
Thu Jul 22 13:35:33 2010 us=328000 ifconfig_pool_defined = ENABLED
Thu Jul 22 13:35:33 2010 us=328000 ifconfig_pool_start = 10.8.0.2
Thu Jul 22 13:35:33 2010 us=343000 ifconfig_pool_end = 10.8.0.254
Thu Jul 22 13:35:33 2010 us=343000 ifconfig_pool_netmask = 255.255.255.0
Thu Jul 22 13:35:33 2010 us=343000 ifconfig_pool_persist_filename = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=343000 ifconfig_pool_persist_refresh_freq = 600
Thu Jul 22 13:35:33 2010 us=343000 n_bcast_buf = 256
Thu Jul 22 13:35:33 2010 us=343000 tcp_queue_limit = 64
Thu Jul 22 13:35:33 2010 us=343000 real_hash_size = 256
Thu Jul 22 13:35:33 2010 us=343000 virtual_hash_size = 256
Thu Jul 22 13:35:33 2010 us=343000 client_connect_script = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=343000 learn_address_script = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=343000 client_disconnect_script = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=343000 client_config_dir = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=343000 ccd_exclusive = DISABLED
Thu Jul 22 13:35:33 2010 us=343000 tmp_dir = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=343000 push_ifconfig_defined = DISABLED
Thu Jul 22 13:35:33 2010 us=343000 push_ifconfig_local = 0.0.0.0
Thu Jul 22 13:35:33 2010 us=343000 push_ifconfig_remote_netmask = 0.0.0.0
Thu Jul 22 13:35:33 2010 us=343000 enable_c2c = ENABLED
Thu Jul 22 13:35:33 2010 us=343000 duplicate_cn = DISABLED
Thu Jul 22 13:35:33 2010 us=343000 cf_max = 0
Thu Jul 22 13:35:33 2010 us=343000 cf_per = 0
Thu Jul 22 13:35:33 2010 us=343000 max_clients = 10
Thu Jul 22 13:35:33 2010 us=343000 max_routes_per_client = 256
Thu Jul 22 13:35:33 2010 us=343000 auth_user_pass_verify_script = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=343000 auth_user_pass_verify_script_via_file = DISABLED
Thu Jul 22 13:35:33 2010 us=343000 ssl_flags = 0
Thu Jul 22 13:35:33 2010 us=343000 client = DISABLED
Thu Jul 22 13:35:33 2010 us=343000 pull = DISABLED
Thu Jul 22 13:35:33 2010 us=343000 auth_user_pass_file = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=343000 show_net_up = DISABLED
Thu Jul 22 13:35:33 2010 us=343000 route_method = 0
Thu Jul 22 13:35:33 2010 us=343000 ip_win32_defined = DISABLED
Thu Jul 22 13:35:33 2010 us=343000 ip_win32_type = 3
Thu Jul 22 13:35:33 2010 us=343000 dhcp_masq_offset = 0
Thu Jul 22 13:35:33 2010 us=343000 dhcp_lease_time = 31536000
Thu Jul 22 13:35:33 2010 us=343000 tap_sleep = 10
Thu Jul 22 13:35:33 2010 us=343000 dhcp_options = DISABLED
Thu Jul 22 13:35:33 2010 us=343000 dhcp_renew = DISABLED
Thu Jul 22 13:35:33 2010 us=343000 dhcp_pre_release = DISABLED
Thu Jul 22 13:35:33 2010 us=343000 dhcp_release = DISABLED
Thu Jul 22 13:35:33 2010 us=343000 domain = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=343000 netbios_scope = '[UNDEF]'
Thu Jul 22 13:35:33 2010 us=343000 netbios_node_type = 0
Thu Jul 22 13:35:33 2010 us=343000 disable_nbt = DISABLED
Thu Jul 22 13:35:33 2010 us=343000 OpenVPN 2.1.1 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Dec 11 2009
Thu Jul 22 13:35:33 2010 us=343000 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Thu Jul 22 13:35:34 2010 us=93000 Diffie-Hellman initialized with 1024 bit key
Thu Jul 22 13:35:34 2010 us=93000 TLS-Auth MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
Thu Jul 22 13:35:34 2010 us=109000 TAP-WIN32 device [OPENVPN] opened: \\.\Global\{95269189-BC7A-4172-9177-B23ACAE8B78C}.tap
Thu Jul 22 13:35:34 2010 us=109000 TAP-Win32 Driver Version 9.6
Thu Jul 22 13:35:34 2010 us=109000 TAP-Win32 MTU=1500
Thu Jul 22 13:35:34 2010 us=109000 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.8.0.1/255.255.255.0 on interface {95269189-BC7A-4172-9177-B23ACAE8B78C} [DHCP-serv: 10.8.0.0, lease-time: 31536000]
Thu Jul 22 13:35:34 2010 us=140000 Sleeping for 10 seconds...
Thu Jul 22 13:35:44 2010 us=140000 Successful ARP Flush on interface [11] {95269189-BC7A-4172-9177-B23ACAE8B78C}
Thu Jul 22 13:35:44 2010 us=140000 Data Channel MTU parms [ L:1574 D:1400 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Jul 22 13:35:44 2010 us=140000 Socket Buffers: R=[8192->8192] S=[8192->8192]
Thu Jul 22 13:35:44 2010 us=140000 UDPv4 link local (bound): 192.168.249.225:1194
Thu Jul 22 13:35:44 2010 us=140000 UDPv4 link remote: [undef]
Thu Jul 22 13:35:44 2010 us=140000 MULTI: multi_init called, r=256 v=256
Thu Jul 22 13:35:44 2010 us=140000 IFCONFIG POOL: base=10.8.0.2 size=253
Thu Jul 22 13:35:44 2010 us=140000 Initialization Sequence Completed
Connor1980
Connor1980 22.07.2010 um 14:08:03 Uhr
Goto Top
Hallo,

Zitat von @deb10er0:
Noch ne blöde Frage. Muss ich am Server die OpenVPN 1.0.3 GUI starten?
die Gui brauchst nicht starten, entweder GUI ODER Dienst ...

Bei meinem letzten log muss ich dazu sagen ich habe in der server.opnv den Punkt "lokal x.x.x.x" (Lokale IP-Adresse des
Servers) eingetragen.

verstehe ich nicht.

in meine server.log schreibt er garnix. Behauptet er hat keine rechte, obwohl ich als Admin starte.
Schau in deine config. dort stehen openvpn.log und openvpn-status.log, nirgendwo steht eine server.log.

Den Rest schau ich mir heute Abend mal an.

Hilfreich wäre noch nach dem Start des OPenVPN Dienstes mal ein ipconfig/all und ein route print auszugeben.

Grüße
deb10er0
deb10er0 22.07.2010 um 16:22:55 Uhr
Goto Top
Ipconfig:
C:\Programme\openvpn\config>ipconfig /all

Windows-IP-Konfiguration

Hostname . . . . . . . . . . . . : VPN-SErver
Primäres DNS-Suffix . . . . . . . : Domäne
Knotentyp . . . . . . . . . . . . : Hybrid
IP-Routing aktiviert . . . . . . : Ja
WINS-Proxy aktiviert . . . . . . : Nein
DNS-Suffixsuchliste . . . . . . . : Domäne

Ethernet-Adapter OPENVPN:

Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : TAP-Win32 Adapter V9
Physikalische Adresse . . . . . . : MAC
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Verbindungslokale IPv6-Adresse . : fe80::8495:7a6a:c57c:45dd%11(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 10.8.0.1(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.252
Lease erhalten. . . . . . . . . . : Donnerstag, 22. Juli 2010 14:29:57
Lease läuft ab. . . . . . . . . . : Freitag, 22. Juli 2011 14:29:56
Standardgateway . . . . . . . . . :
DHCP-Server . . . . . . . . . . . : 10.8.0.2
DNS-Server . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS über TCP/IP . . . . . . . : Aktiviert

Ethernet-Adapter LAN-Verbindung:

Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Intel(R) PRO/1000 MT-Netzwerkverbindung
Physikalische Adresse . . . . . . : MAC
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
IPv4-Adresse . . . . . . . . . . : 192.168.249.71(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Standardgateway . . . . . . . . . : 192.168.249.1
DNS-Server . . . . . . . . . . . : 192.168.249.67
192.168.249.73
NetBIOS über TCP/IP . . . . . . . : Aktiviert

Tunneladapter LAN-Verbindung*:

Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja

Tunneladapter LAN-Verbindung* 8:

Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : isatap.{95269189-BC7A-4172-9177-B23ACAE8
78C}
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja

C:\Programme\openvpn\config>

route
IPv4-Routentabelle
Aktive Routen:
Netzwerkziel Netzwerkmaske Gateway Schnittstelle Metrik
0.0.0.0 0.0.0.0 192.168.249.1 192.168.249.71 266
10.8.0.0 255.255.255.0 10.8.0.2 10.8.0.1 30
10.8.0.0 255.255.255.252 Auf Verbindung 10.8.0.1 286
10.8.0.1 255.255.255.255 Auf Verbindung 10.8.0.1 286
10.8.0.3 255.255.255.255 Auf Verbindung 10.8.0.1 286
127.0.0.0 255.0.0.0 Auf Verbindung 127.0.0.1 306
127.0.0.1 255.255.255.255 Auf Verbindung 127.0.0.1 306
127.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
192.168.249.0 255.255.255.0 Auf Verbindung 192.168.249.71 266
192.168.249.71 255.255.255.255 Auf Verbindung 192.168.249.71 266
192.168.249.255 255.255.255.255 Auf Verbindung 192.168.249.71 266
224.0.0.0 240.0.0.0 Auf Verbindung 127.0.0.1 306
224.0.0.0 240.0.0.0 Auf Verbindung 10.8.0.1 286
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.249.71 266
255.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
255.255.255.255 255.255.255.255 Auf Verbindung 10.8.0.1 286
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.249.71 266
Ständige Routen:
Netzwerkadresse Netzmaske Gatewayadresse Metrik
0.0.0.0 0.0.0.0 192.168.249.1 Standard

IPv6-Routentabelle
Aktive Routen:
If Metrik Netzwerkziel Gateway
1 306 ::1/128 Auf Verbindung
11 286 fe80::/64 Auf Verbindung
11 286 fe80::8495:7a6a:c57c:45dd/128
Auf Verbindung
1 306 ff00::/8 Auf Verbindung
11 286 ff00::/8 Auf Verbindung
Ständige Routen:
Keine

Aktuelle server.opnv:
server 10.8.0.0 255.255.255.0
port 1194
proto udp
dev tun
ca ca.crt
cert servername.crt
key servername.key
dh dh1024.pem
cipher AES-256-CBC
ifconfig-pool-persist ipp.txt
push "route 10.8.0.0 255.255.255.0"
push "redirect-gateway"
push "DISABLE-NBT"
push "dhcp-option DNS 192.168.249.67"
keepalive 15 60

comp-lzo
persist-key
persist-tun

  1. ----------------------------------------------
  2. Logging
  3. ----------------------------------------------

status openvpn-status.txt
log-append openvpn.log
verb 4
mute 15
FrageMicrosoftWindows Netzwerk
Mehr von deb10er0deb10er0Suche Möglichkeiten für ein Intranetdeb10er0 - 9 Kommentaredeb10er0Sicherheitsprotokoll volldeb10er0 - 12 Kommentaredeb10er0Suche eine lokale Inventarisierungssoftware (on premise)deb10er0 - 12 Kommentaredeb10er0Office 365 Outlook Ordnerberechtigungen vererbendeb10er0
Heiß diskutiert
superfun2k24Sophos SFOS 20 DNAT funktioniert nichtsuperfun2k24 - 26 Kommentareuser217Kaufberatung Hardware - Hyper-V Cluster 3 Nodesuser217 - 25 KommentarePharaunIntel-E810 QSFP28 to Mikrotik QSPF+ mit 40Gbit VerbindungPharaun - 24 Kommentareprplemk2Testumgebung bauen (Grundlegend)prplemk2 - 19 KommentareaufdemmarsHP Z620 USB hat kein Strom beim Startenaufdemmars - 17 KommentareTJ.Hooker74Dom.Admin-Passwort ändern - Auswirkungen auf EX, HCW, AADCTJ.Hooker74 - 15 KommentareadmtechEntwicklertagebuch: Release 6.4 - Filteradmtech - 13 KommentareUnluckyProccess1999Creo 4.0 Lizenz Server (LMTOOLS)UnluckyProccess1999 - 13 KommentaremaisenkaiserSwitch ohne STP ins Netzwerkmaisenkaiser - 13 KommentareJudgelgZertifikate in die Exchange Online GAL hochladenJudgelg - 13 KommentareleberkaeseFB7590 ISDN Fax-Funktionleberkaese - 12 KommentareHemingwayWord Makro soll aktuelle Datei regelmäßig kopieren und speichernHemingway - 11 Kommentare