azerty30 DD-WRT Novice
Joined: 22 Aug 2010 Posts: 1
|
Posted: Sun Aug 22, 2010 13:08 Post subject: probleme vpn sur wrt54gl avec arethusa vpntunnel |
|
bonjour,
j'essaie depuis plusieurs jours de configurer openvpn avec les clés d'arethusa, vpntunnel.se et cryptocloud sur un wrt54gl .
Le wrt54gl est serveur dhcp et est connecté en dhcp sur une freebox qui n'est pas en mode routeur .
J'ai suivi à la lettre les tutoriaux suivants :
http://www.plugngeek.net/routeur-vpn-maison-et-arethusa
http://www.plugngeek.net/routeur-vpn-maison-et-vpntunnel-darknetvpn
http://www.plugngeek.net/routeur-vpn-maison-et-cryptocloud-torrentfreedom
Mon ip change bien mais impossible de surfer ou de telecharger quoi que ce soit, je peux de temps en temps pinger des sites avec tracert.
dois-je ouvrir des ports ou ai-je oublier quelque chose ?
merci
si cela peut aider quand je me connecte en ssh sur le routeur avec les cles arethusa cela me donne ceci(merci à skalp pour la manip) :
root@DD-WRT:~# killall /sbin/openvpn
root@DD-WRT:~# openvpn /tmp/openvpn/openvpn.conf
Wed Aug 18 13:46:34 2010 OpenVPN 2.1.1 mipsel-unknown-linux-gnu
[SSL] [LZO2] [EPOLL] built on Aug 7 2010
Wed Aug 18 13:46:34 2010 WARNING: file '/tmp/openvpn/key.pem' is
group or others accessible
Wed Aug 18 13:46:34 2010 LZO compression initialized
Wed Aug 18 13:46:34 2010 Control Channel MTU parms [ L:1560
D:140 EF:40 EB:0 ET:0 EL:0 ]
Wed Aug 18 13:46:34 2010 Data Channel MTU parms [ L:1560 D:1450
EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Aug 18 13:46:34 2010 Attempting to establish TCP connection
with 212.117.167.27:443 [nonblock]
Wed Aug 18 13:46:35 2010 TCP connection established with
212.117.167.27:443
Wed Aug 18 13:46:35 2010 Socket Buffers: R=[43689->65534] S=
[16384->65534]
Wed Aug 18 13:46:35 2010 TCPv4_CLIENT link local: [undef]
Wed Aug 18 13:46:35 2010 TCPv4_CLIENT link remote:
212.117.167.27:443
Wed Aug 18 13:46:35 2010 TLS: Initial packet from
212.117.167.27:443, sid=7ce951d4 dad6118f
Wed Aug 18 13:46:35 2010 WARNING: this configuration may cache
passwords in memory -- use the auth-nocache option to prevent
this
Wed Aug 18 13:46:36 2010 VERIFY OK: depth=1,
/C=AQ/ST=Antarctica/L=Mount_Vinson/O=S6N/CN=S6N_CA/emailAddress=
roots6n.org
Wed Aug 18 13:46:36 2010 VERIFY OK: nsCertType=SERVER
Wed Aug 18 13:46:36 2010 VERIFY OK: depth=0,
/C=AQ/ST=Antarctica/L=Mount_Vinson/O=S6N/CN=lu1.tunsrv.s6n.net/e
mailAddress=roots6n.org
Wed Aug 18 13:46:40 2010 Data Channel Encrypt: Cipher 'AES-256-
CBC' initialized with 256 bit key
Wed Aug 18 13:46:40 2010 Data Channel Encrypt: Using 160 bit
message hash 'SHA1' for HMAC authentication
Wed Aug 18 13:46:40 2010 Data Channel Decrypt: Cipher 'AES-256-
CBC' initialized with 256 bit key
Wed Aug 18 13:46:40 2010 Data Channel Decrypt: Using 160 bit
message hash 'SHA1' for HMAC authentication
Wed Aug 18 13:46:40 2010 Control Channel: TLSv1, cipher
TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Wed Aug 18 13:46:40 2010 [lu1.tunsrv.s6n.net] Peer Connection
Initiated with 212.117.167.27:443
Wed Aug 18 13:46:43 2010 SENT CONTROL [lu1.tunsrv.s6n.net]:
'PUSH_REQUEST' (status=1)
Wed Aug 18 13:46:43 2010 PUSH: Received control message:
'PUSH_REPLY,topo logy subnet,route-gateway 10.10.4.254,socket-
flags TCP_NODELAY,dhc p-option DNS 10.10.10.10,dhcp-option DNS
8.8.8.8,ping 10,ping-restart 120,ifconfig 10.10.4.16
255.255.255.0'
Wed Aug 18 13:46:43 2010 OPTIONS IMPORT: timers and/or timeouts
modified
Wed Aug 18 13:46:43 2010 OPTIONS IMPORT: --socket-flags option
modified
Wed Aug 18 13:46:43 2010 OPTIONS IMPORT: --ifconfig/up options
modified
Wed Aug 18 13:46:43 2010 OPTIONS IMPORT: route-related options
modified
Wed Aug 18 13:46:43 2010 OPTIONS IMPORT: --ip-win32 and/or --
dhcp-option options modified
Wed Aug 18 13:46:43 2010 TUN/TAP device tun1 opened
Wed Aug 18 13:46:43 2010 TUN/TAP TX queue length set to 100
Wed Aug 18 13:46:43 2010 /sbin/ifconfig tun1 10.10.4.16 netmask
255.255.255.0 mtu 1500 broadcast 10.10.4.255
Wed Aug 18 13:46:43 2010 /sbin/route add -net 212.117.167.27
netmask 255.255.255.255 gw 81.56.89.254
Wed Aug 18 13:46:43 2010 /sbin/route add -net 0.0.0.0 netmask
128.0.0.0 gw 10.10.4.254
Wed Aug 18 13:46:43 2010 ERROR: Linux route add command failed:
external program exited with error status: 255
Wed Aug 18 13:46:43 2010 /sbin/route add -net 128.0.0.0 netmask
128.0.0.0 gw 10.10.4.254
Wed Aug 18 13:46:43 2010 Initialization Sequence Completed
Wed Aug 18 13:46:51 2010 Connection reset, restarting [0]
Wed Aug 18 13:46:51 2010 TCP/UDP: Closing socket
Wed Aug 18 13:46:51 2010 SIGUSR1[soft,connectio n-reset]
received, process restarting
Wed Aug 18 13:46:51 2010 Restart pause, 5 second(s)
Wed Aug 18 13:46:56 2010 Re-using SSL/TLS context
Wed Aug 18 13:46:56 2010 LZO compression initialized
Wed Aug 18 13:46:56 2010 Control Channel MTU parms [ L:1560
D:140 EF:40 EB:0 ET:0 EL:0 ]
Wed Aug 18 13:46:56 2010 Data Channel MTU parms [ L:1560 D:1450
EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Aug 18 13:46:56 2010 Attempting to establish TCP connection
with 212.117.167.27:443 [nonblock]
Wed Aug 18 13:46:57 2010 TCP connection established with
212.117.167.27:443
Wed Aug 18 13:46:57 2010 Socket Buffers: R=[43689->65534] S=
[16384->65534]
Wed Aug 18 13:46:57 2010 TCPv4_CLIENT link local: [undef]
Wed Aug 18 13:46:57 2010 TCPv4_CLIENT link remote:
212.117.167.27:443
Wed Aug 18 13:46:57 2010 TLS: Initial packet from
212.117.167.27:443, sid=39c5de45 906264f0
Wed Aug 18 13:46:57 2010 WARNING: this configuration may cache
passwords in memory -- use the auth-nocache option to prevent
this
Wed Aug 18 13:46:57 2010 VERIFY OK: depth=1,
/C=AQ/ST=Antarctica/L=Mount_Vinson/O=S6N/CN=S6N_CA/emailAddress=
roots6n.org
Wed Aug 18 13:46:57 2010 VERIFY OK: nsCertType=SERVER
Wed Aug 18 13:46:57 2010 VERIFY OK: depth=0,
/C=AQ/ST=Antarctica/L=Mount_Vinson/O=S6N/CN=lu1.tunsrv.s6n.net/e
mailAddress=roots6n.org
Wed Aug 18 13:47:02 2010 Data Channel Encrypt: Cipher 'AES-256-
CBC' initialized with 256 bit key
Wed Aug 18 13:47:02 2010 Data Channel Encrypt: Using 160 bit
message hash 'SHA1' for HMAC authentication
Wed Aug 18 13:47:02 2010 Data Channel Decrypt: Cipher 'AES-256-
CBC' initialized with 256 bit key
Wed Aug 18 13:47:02 2010 Data Channel Decrypt: Using 160 bit
message hash 'SHA1' for HMAC authentication
Wed Aug 18 13:47:02 2010 Control Channel: TLSv1, cipher
TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Wed Aug 18 13:47:02 2010 [lu1.tunsrv.s6n.net] Peer Connection
Initiated with 212.117.167.27:443
Wed Aug 18 13:47:04 2010 SENT CONTROL [lu1.tunsrv.s6n.net]:
'PUSH_REQUEST' (status=1)
Wed Aug 18 13:47:04 2010 PUSH: Received control message:
'PUSH_REPLY,topo logy subnet,route-gateway 10.10.4.254,socket-
flags TCP_NODELAY,dhc p-option DNS 10.10.10.10,dhcp-option DNS
8.8.8.8,ping 10,ping-restart 120,ifconfig 10.10.4.16
255.255.255.0'
Wed Aug 18 13:47:04 2010 OPTIONS IMPORT: timers and/or timeouts
modified
Wed Aug 18 13:47:04 2010 OPTIONS IMPORT: --socket-flags option
modified
Wed Aug 18 13:47:04 2010 OPTIONS IMPORT: --ifconfig/up options
modified
Wed Aug 18 13:47:04 2010 OPTIONS IMPORT: route-related options
modified
Wed Aug 18 13:47:04 2010 OPTIONS IMPORT: --ip-win32 and/or --
dhcp-option options modified
Wed Aug 18 13:47:04 2010 Preserving previous TUN/TAP instance:
tun1
Wed Aug 18 13:47:04 2010 Initialization Sequence Completed
Wed Aug 18 13:47:08 2010 event_wait : Interrupted system call
(code=4)
Wed Aug 18 13:47:08 2010 TCP/UDP: Closing socket
Wed Aug 18 13:47:08 2010 /sbin/route del -net 212.117.167.27
netmask 255.255.255.255
Wed Aug 18 13:47:08 2010 /sbin/route del -net 0.0.0.0 netmask
128.0.0.0
Wed Aug 18 13:47:08 2010 /sbin/route del -net 128.0.0.0 netmask
128.0.0.0
Wed Aug 18 13:47:08 2010 Closing TUN/TAP interface
Wed Aug 18 13:47:08 2010 /sbin/ifconfig tun1 0.0.0.0
Wed Aug 18 13:47:08 2010 SIGINT[hard,] received, process exiting |
|