sabot105mm
Regular Contributor
openvpn server cant connect (solved)
router ip 10.9.10.1 255.255.255.240
openvpn subnet 10.8.0.0 255.255.255.0
client computer win 7 cant connect
routes
router log
client log
[/CODE]
router ip 10.9.10.1 255.255.255.240
openvpn subnet 10.8.0.0 255.255.255.0
client computer win 7 cant connect
Code:
iptables[CODE]Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:1194
ACCEPT all -- anywhere anywhere
ACCEPT udp -- anywhere anywhere udp dpt:1194
ACCEPT udp -- anywhere anywhere udp dpt:4672
ACCEPT udp -- anywhere anywhere udp dpt:4665
ACCEPT tcp -- anywhere anywhere tcp dpt:4662
ACCEPT tcp -- anywhere anywhere tcp dpt:51413
ACCEPT udp -- anywhere anywhere udp dpt:51413
logdrop all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere state NEW
ACCEPT all -- anywhere anywhere state NEW
ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc
ACCEPT tcp -- anywhere www.asusnetwork.net tcp dpt:www
ACCEPT tcp -- anywhere www.asusnetwork.net tcp dpt:8443
ACCEPT tcp -- anywhere anywhere tcp dpt:8082
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:1723
ACCEPT gre -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:https
logdrop all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
logdrop all -- anywhere anywhere
logdrop all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 1/sec burst 5
ACCEPT tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5
ACCEPT icmp -- anywhere anywhere icmp echo-request limit: avg 1/sec burst 5
ACCEPT all -- anywhere anywhere ctstate DNAT
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:4672
ACCEPT udp -- anywhere anywhere udp dpt:4665
ACCEPT tcp -- anywhere anywhere tcp dpt:4662
Chain FUPNP (0 references)
target prot opt source destination
ACCEPT tcp -- anywhere Gary-PC tcp dpt:6783
ACCEPT tcp -- anywhere Gary-PC tcp dpt:6784
ACCEPT tcp -- anywhere Gary-PC tcp dpt:6785
Chain PControls (0 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain logaccept (0 references)
target prot opt source destination
LOG all -- anywhere anywhere state NEW LOG level warning tcp-sequence tcp-options ip-options prefix `ACCEPT '
ACCEPT all -- anywhere anywhere
Chain logdrop (4 references)
target prot opt source destination
LOG all -- anywhere anywhere state NEW LOG level warning tcp-sequence tcp-options ip-options prefix `DROP'
DROP all -- anywhere anywhere
Code:
Destination Gateway Genmask Flags Metric Ref Use Iface
10.8.0.2 * 255.255.255.255 UH 0 0 0 tun21
Xxxx. * 255.255.255.255 UH 0 0 0 WAN
10.9.10.0 * 255.255.255.240 U 0 0 0 LAN
10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun21
Xxxx * 255.255.252.0 U 0 0 0 WAN
default Xxxx 0.0.0.0 UG 0 0 0 WAN
Code:
eb 20 00:35:42 notify_rc : start_vpnserver1
Feb 20 00:35:42 kernel: tun: Universal TUN/TAP device driver, 1.6
Feb 20 00:35:42 kernel: tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
Feb 20 00:35:42 kernel: device tun21 entered promiscuous mode
Feb 20 00:35:42 openvpn[16877]: OpenVPN 2.3.0 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Feb 13 2013
Feb 20 00:35:42 openvpn[16877]: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Feb 20 00:35:42 openvpn[16877]: Diffie-Hellman initialized with 1024 bit key
Feb 20 00:35:42 openvpn[16877]: Socket Buffers: R=[114688->131072] S=[114688->131072]
Feb 20 00:35:42 openvpn[16877]: TUN/TAP device tun21 opened
Feb 20 00:35:42 openvpn[16877]: TUN/TAP TX queue length set to 100
Feb 20 00:35:42 openvpn[16877]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Feb 20 00:35:42 openvpn[16877]: /sbin/ifconfig tun21 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
Feb 20 00:35:42 openvpn[16877]: /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2
Feb 20 00:35:42 openvpn[16885]: UDPv4 link local (bound): [undef]
Feb 20 00:35:42 openvpn[16885]: UDPv4 link remote: [undef]
Feb 20 00:35:42 openvpn[16885]: MULTI: multi_init called, r=256 v=256
Feb 20 00:35:42 openvpn[16885]: IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Feb 20 00:35:42 openvpn[16885]: Initialization Sequence Completed
Feb 20 00:35:42 openvpn[16885]: 10.9.10.5:63644 TLS: Initial packet from [AF_INET]10.9.10.5:63644, sid=9b36932a 2e4d0df2
Feb 20 00:36:15 openvpn[16885]: 10.9.10.5:63645 TLS: Initial packet from [AF_INET]10.9.10.5:63645, sid=6d9c5462 264435ef
Feb 20 00:36:17 kernel: printk: 15 messages suppressed.
Feb 20 00:36:17 kernel: protocol 0000 is buggy, dev eth0
Code:
Wed Feb 20 00:36:14 2013 OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Aug 20 2010
Wed Feb 20 00:36:14 2013 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Wed Feb 20 00:36:14 2013 Control Channel MTU parms [ L:1557 D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed Feb 20 00:36:14 2013 Socket Buffers: R=[8192->8192] S=[8192->8192]
Wed Feb 20 00:36:14 2013 Data Channel MTU parms [ L:1557 D:1450 EF:57 EB:4 ET:0 EL:0 ]
Wed Feb 20 00:36:14 2013 Local Options hash (VER=V4): '8326dbaa'
Wed Feb 20 00:36:14 2013 Expected Remote Options hash (VER=V4): 'b7f67de4'
Wed Feb 20 00:36:14 2013 UDPv4 link local: [undef]
Wed Feb 20 00:36:14 2013 UDPv4 link remote: x.x.x.x:1194
Wed Feb 20 00:36:44 2013 TCP/UDP: Incoming packet rejected from 10.9.10.1:1194[2], expected peer address: x.x.x.x:1194 (all
ow this incoming source address/port by removing --remote or adding --float)
Wed Feb 20 00:37:14 2013 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Feb 20 00:37:14 2013 TLS Error: TLS handshake failed
Wed Feb 20 00:37:14 2013 TCP/UDP: Closing socket
Wed Feb 20 00:37:14 2013 SIGUSR1[soft,tls-error] received, process restarting
Wed Feb 20 00:37:14 2013 Restart pause, 2 second(s)
Wed Feb 20 00:37:16 2013 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Wed Feb 20 00:37:16 2013 Re-using SSL/TLS context
Wed Feb 20 00:37:16 2013 Control Channel MTU parms [ L:1557 D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed Feb 20 00:37:16 2013 Socket Buffers: R=[8192->8192] S=[8192->8192]
Wed Feb 20 00:37:16 2013 Data Channel MTU parms [ L:1557 D:1450 EF:57 EB:4 ET:0 EL:0 ]
Wed Feb 20 00:37:16 2013 Local Options hash (VER=V4): '8326dbaa'
Wed Feb 20 00:37:16 2013 Expected Remote Options hash (VER=V4): 'b7f67de4'
Wed Feb 20 00:37:16 2013 UDPv4 link local: [undef]
Wed Feb 20 00:37:16 2013 UDPv4 link remote: xxxx:1194
Wed Feb 20 00:37:16 2013 TCP/UDP: Incoming packet rejected from 10.9.10.1:1194[2], expected peer address: xxxx:1194 (all
ow this incoming source address/port by removing --remote or adding --float
[/CODE]
Last edited: