abclinuxu.cz AbcLinuxu.cz itbiz.cz ITBiz.cz HDmag.cz HDmag.cz abcprace.cz AbcPráce.cz
Inzerujte na AbcPráce.cz od 950 Kč
Rozšířené hledání
Přihlášení | Registrace
×
napište » Zprávičky
inzerujte » Pracovní nabídky
    ESPHome 2024.4.0
    dnes 01:00 | Nová verze

    ESPHome, tj. open source systém umožňující nastavovat zařízení s čipy ESP (i dalšími) pomocí konfiguračních souborů a připojit je do domácí automatizace, například do Home Assistantu, byl vydán ve verzi 2024.4.0.

    Ladislav Hagara | Komentářů: 0
    Open Platform for Enterprise AI (OPEA)
    včera 22:11 | IT novinky

    LF AI & Data Foundation patřící pod Linux Foundation spustila Open Platform for Enterprise AI (OPEA).

    Ladislav Hagara | Komentářů: 0
    OpenXR 1.1
    včera 20:55 | Nová verze

    Neziskové průmyslové konsorcium Khronos Group vydalo verzi 1.1 specifikace OpenXR (Wikipedie), tj. standardu specifikujícího přístup k platformám a zařízením pro XR, tj. platformám a zařízením pro AR (rozšířenou realitu) a VR (virtuální realitu). Do základu se z rozšíření dostalo XR_EXT_local_floor. Společnost Collabora implementuje novou verzi specifikace do platformy Monado, tj. open source implementace OpenXR.

    Ladislav Hagara | Komentářů: 2
    mpv 0.38.0
    včera 17:22 | Nová verze

    Byla vydána nová verze 0.38.0 multimediálního přehrávače mpv (Wikipedie) vycházejícího z přehrávačů MPlayer a mplayer2. Přehled novinek, změn a oprav na GitHubu. Požadován je FFmpeg 4.4 nebo novější a také libplacebo 6.338.2 nebo novější.

    Ladislav Hagara | Komentářů: 1
    ClamAV 1.3.1, 1.2.3 a 1.0.6
    včera 17:11 | Nová verze

    ClamAV (Wikipedie), tj. multiplatformní antivirový engine s otevřeným zdrojovým kódem pro detekci trojských koní, virů, malwaru a dalších škodlivých hrozeb, byl vydán ve verzích 1.3.1, 1.2.3 a 1.0.6. Ve verzi 1.3.1 je mimo jiné řešena bezpečnostní chyba CVE-2024-20380.

    Ladislav Hagara | Komentářů: 1
    Mobilní aplikace Portál občana je ode dneška oficiálně venku
    včera 12:11 | IT novinky

    Digitální a informační agentura (DIA) oznámila (PDF, X a Facebook), že mobilní aplikace Portál občana je ode dneška oficiálně venku.

    Ladislav Hagara | Komentářů: 7
    #HACKUJBRNO 2024
    včera 05:11 | Komunita

    #HACKUJBRNO 2024, byly zveřejněny výsledky a výstupy hackathonu města Brna nad otevřenými městskými daty, který se konal 13. a 14. dubna 2024.

    Ladislav Hagara | Komentářů: 2
    Volla Tablet na Kickstarteru
    17.4. 17:55 | IT novinky

    Společnost Volla Systeme stojící za telefony Volla spustila na Kickstarteru kampaň na podporu tabletu Volla Tablet s Volla OS nebo Ubuntu Touch.

    Ladislav Hagara | Komentářů: 3
    Robot HD Atlas šel do důchodu. Nastupuje nová vylepšená elektrická varianta
    17.4. 17:44 | IT novinky

    Společnost Boston Dynamics oznámila, že humanoidní hydraulický robot HD Atlas šel do důchodu (YouTube). Nastupuje nová vylepšená elektrická varianta (YouTube).

    Ladislav Hagara | Komentářů: 1
    LXQt 2.0.0
    17.4. 15:11 | Nová verze

    Desktopové prostředí LXQt (Lightweight Qt Desktop Environment, Wikipedie) vzniklé sloučením projektů Razor-qt a LXDE bylo vydáno ve verzi 2.0.0. Přehled novinek v poznámkách k vydání.

    Ladislav Hagara | Komentářů: 5
    Centrum | Napsat | Starší
    navrhněte » Anketa
    KDE Plasma 6
     (68%)
     (10%)
     (2%)
     (19%)
    Celkem 556 hlasů
     Komentářů: 4, poslední 6.4. 15:51
    Rozcestník
    AbcLinuxu
    HDmag.cz
    AbcLinuxu:/ Poradna / Linuxová poradna / Nefunkční openVPN
    Štítky: bez, cache, crt, distribuce, error, heslo, Internet, klient, konfigurace, Linux, nastavení, OpenSSL, OpenVPN, problém, route, server, sítě, SSL, Ubuntu, VPN

    Dotaz: Nefunkční openVPN

    svido avatar 20.1.2015 20:41 svido | skóre: 28
    Nefunkční openVPN
    Přečteno: 471×
    Ahoj, mám problém s OpenVPN. Podle správce sítě by mělo VPN fungovat, ale me prostě nefunguje. V logu je nějaký error, ale nepřišel jsem na to, co ho generuje. Dostal jsem samozřejmě certifikáty a heslo, včetně konfigurace. 
    spejbl openVPN # openvpn --config work.ovpn --verb 1
Tue Jan 20 19:25:26 2015 OpenVPN 2.3.6 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jan 13 2015
Tue Jan 20 19:25:26 2015 library versions: OpenSSL 1.0.1l 15 Jan 2015, LZO 2.08
Enter Private Key Password:
Tue Jan 20 19:25:29 2015 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Jan 20 19:25:29 2015 WARNING: file '/home/hurvajs/certificates/prog92.key' is group or others accessible
Tue Jan 20 19:25:29 2015 UDPv4 link local: [undef]
Tue Jan 20 19:25:29 2015 UDPv4 link remote: [AF_INET]176.62.234.2:21194
Tue Jan 20 19:25:31 2015 [praha.xxxxx.cz] Peer Connection Initiated with [AF_INET]176.62.234.2:21194
Tue Jan 20 19:25:34 2015 TUN/TAP device tap0 opened
Tue Jan 20 19:25:34 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Tue Jan 20 19:25:34 2015 /bin/ifconfig tap0 192.168.12.59 netmask 255.255.255.0 mtu 1500 broadcast 192.168.12.255
SIOCADDRT: File exists
Tue Jan 20 19:25:36 2015 ERROR: Linux route add command failed: external program exited with error status: 7
Tue Jan 20 19:25:36 2015 Initialization Sequence Completed
    Kolegovi, který používá Ubuntu to také vrací ERROR, ale s kódem 2 a VPN mu údajně funguje.

    Konfigurace, co jsem dostal, zkoušel jsem ji měnit ale ani nic nezabralo. Připojení kk internetu funguje dál, ale na servery uvnitř VPN nevidím. 
    client
#ve win bez cisla, v unixu s cislem(tap0)
dev tap

proto udp

#adresa serveru
remote vpn.xxxxx.cz 21194

#dulezite, dovoluje stahnout nastaveni od serveru
#pull

#route-metric 10

route-delay 2

tls-client # SSL klient
ca /home/hurvajs/certificates/ca.crt
cert /home/hurvajs/certificates/prog92.crt
key /home/hurvajs/certificates/prog92.key
ns-cert-type server
auth SHA1
cipher aes-256-cbc
nobind
comp-lzo
persist-key
#persist-tun
verb 5
    Neporadil by jste někdo, prosím? Děkuji
    Nástroje: Začni sledovat (0) ?Zašle upozornění na váš email při vložení nového komentáře.

    Odpovědi

    20.1.2015 21:09 GeorgeWH | skóre: 42
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    tap je pouzite schvalne?

    pouzivam len tun, kde prakticky netreba nic konfigurovat, co sa podla tohto o bridgovani povedat neda...
    svido avatar 20.1.2015 22:08 svido | skóre: 28
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    Tak mi to poslal správce sítě. Zkoušel jsem dát i tun a nefungovalo to stejně.
    svido avatar 20.1.2015 22:29 svido | skóre: 28
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    teď jsem ještě zkoušel tun - tak už to padá na hubu rovnou... 
    spejbl openVPN # openvpn --config xxxxx.ovpn --verb 2
Tue Jan 20 21:21:36 2015 OpenVPN 2.3.6 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jan 13 2015
Tue Jan 20 21:21:36 2015 library versions: OpenSSL 1.0.1l 15 Jan 2015, LZO 2.08
Enter Private Key Password:
Tue Jan 20 21:21:43 2015 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Jan 20 21:21:43 2015 WARNING: file '/home/hurvajs/certificates/xxxxx/prog92.key' is group or others accessible
Tue Jan 20 21:21:43 2015 UDPv4 link local: [undef]
Tue Jan 20 21:21:43 2015 UDPv4 link remote: [AF_INET]176.62.234.2:21194
Tue Jan 20 21:21:43 2015 VERIFY OK: depth=1, C=CZ, ST=Czech Republic, L=Prague, O=xxxxx, CN=xxxxx, emailAddress=xxxxx@xxxxx.cz
Tue Jan 20 21:21:43 2015 VERIFY OK: nsCertType=SERVER
Tue Jan 20 21:21:43 2015 VERIFY OK: depth=0, C=CZ, ST=Czech Republic, L=Prague, O=xxxxx, CN=xxxxx, emailAddress=xxxxx@xxxxx.cz
Tue Jan 20 21:21:44 2015 WARNING: 'dev-type' is used inconsistently, local='dev-type tun', remote='dev-type tap'
Tue Jan 20 21:21:44 2015 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1558', remote='link-mtu 1590'
Tue Jan 20 21:21:44 2015 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1500', remote='tun-mtu 1532'
Tue Jan 20 21:21:44 2015 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Tue Jan 20 21:21:44 2015 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Jan 20 21:21:44 2015 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Tue Jan 20 21:21:44 2015 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Jan 20 21:21:44 2015 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Jan 20 21:21:44 2015 [praha.xxxxx.cz] Peer Connection Initiated with [AF_INET]176.62.234.2:21194
Tue Jan 20 21:21:47 2015 WARNING: Since you are using --dev tun with a point-to-point topology, the second argument to --ifconfig must be an IP address.  You are using something (255.255.255.0) that looks more like a netmask. (silence this warning with --ifconfig-nowarn)
Tue Jan 20 21:21:47 2015 TUN/TAP device tun0 opened
Tue Jan 20 21:21:47 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Tue Jan 20 21:21:47 2015 /bin/ifconfig tun0 192.168.12.59 pointopoint 255.255.255.0 mtu 1500
SIOCSIFDSTADDR: Invalid argument
Tue Jan 20 21:21:47 2015 Linux ifconfig failed: external program exited with error status: 1
Tue Jan 20 21:21:47 2015 Exiting due to fatal error
    Podle mne se to ale bridguje samo, detailní log... 
    spejbl openVPN # openvpn --config xxxxx.ovpn --verb 5
Tue Jan 20 21:26:47 2015 us=614205 Current Parameter Settings:
Tue Jan 20 21:26:47 2015 us=614241   config = 'xxxxx.ovpn'
Tue Jan 20 21:26:47 2015 us=614250   mode = 0
Tue Jan 20 21:26:47 2015 us=614257   persist_config = DISABLED
Tue Jan 20 21:26:47 2015 us=614264   persist_mode = 1
Tue Jan 20 21:26:47 2015 us=614270   show_ciphers = DISABLED
Tue Jan 20 21:26:47 2015 us=614277   show_digests = DISABLED
Tue Jan 20 21:26:47 2015 us=614284   show_engines = DISABLED
Tue Jan 20 21:26:47 2015 us=614291   genkey = DISABLED
Tue Jan 20 21:26:47 2015 us=614298   key_pass_file = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=614305   show_tls_ciphers = DISABLED
Tue Jan 20 21:26:47 2015 us=614312 Connection profiles [default]:
Tue Jan 20 21:26:47 2015 us=614318   proto = udp
Tue Jan 20 21:26:47 2015 us=614325   local = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=614331   local_port = 0
Tue Jan 20 21:26:47 2015 us=614338   remote = 'vpn.xxxxx.cz'
Tue Jan 20 21:26:47 2015 us=614345   remote_port = 21194
Tue Jan 20 21:26:47 2015 us=614351   remote_float = DISABLED
Tue Jan 20 21:26:47 2015 us=614357   bind_defined = DISABLED
Tue Jan 20 21:26:47 2015 us=614363   bind_local = DISABLED
Tue Jan 20 21:26:47 2015 us=614370   connect_retry_seconds = 5
Tue Jan 20 21:26:47 2015 us=614377   connect_timeout = 10
Tue Jan 20 21:26:47 2015 us=614383   connect_retry_max = 0
Tue Jan 20 21:26:47 2015 us=614390   socks_proxy_server = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=614397   socks_proxy_port = 0
Tue Jan 20 21:26:47 2015 us=614403   socks_proxy_retry = DISABLED
Tue Jan 20 21:26:47 2015 us=614410   tun_mtu = 1500
Tue Jan 20 21:26:47 2015 us=614416   tun_mtu_defined = ENABLED
Tue Jan 20 21:26:47 2015 us=614422   link_mtu = 1500
Tue Jan 20 21:26:47 2015 us=614429   link_mtu_defined = DISABLED
Tue Jan 20 21:26:47 2015 us=614435   tun_mtu_extra = 32
Tue Jan 20 21:26:47 2015 us=614442   tun_mtu_extra_defined = ENABLED
Tue Jan 20 21:26:47 2015 us=614449   mtu_discover_type = -1
Tue Jan 20 21:26:47 2015 us=614455   fragment = 0
Tue Jan 20 21:26:47 2015 us=614461   mssfix = 1450
Tue Jan 20 21:26:47 2015 us=614468   explicit_exit_notification = 0
Tue Jan 20 21:26:47 2015 us=614474 Connection profiles END
Tue Jan 20 21:26:47 2015 us=614480   remote_random = DISABLED
Tue Jan 20 21:26:47 2015 us=614486   ipchange = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=614493   dev = 'tap'
Tue Jan 20 21:26:47 2015 us=614499   dev_type = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=614505   dev_node = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=614511   lladdr = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=614518   topology = 1
Tue Jan 20 21:26:47 2015 us=614524   tun_ipv6 = DISABLED
Tue Jan 20 21:26:47 2015 us=614530   ifconfig_local = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=614537   ifconfig_remote_netmask = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=614544   ifconfig_noexec = DISABLED
Tue Jan 20 21:26:47 2015 us=614550   ifconfig_nowarn = DISABLED
Tue Jan 20 21:26:47 2015 us=614557   ifconfig_ipv6_local = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=614568   ifconfig_ipv6_netbits = 0
Tue Jan 20 21:26:47 2015 us=614575   ifconfig_ipv6_remote = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=614582   shaper = 0
Tue Jan 20 21:26:47 2015 us=614588   mtu_test = 0
Tue Jan 20 21:26:47 2015 us=614594   mlock = DISABLED
Tue Jan 20 21:26:47 2015 us=614601   keepalive_ping = 0
Tue Jan 20 21:26:47 2015 us=614609   keepalive_timeout = 0
Tue Jan 20 21:26:47 2015 us=614617   inactivity_timeout = 0
Tue Jan 20 21:26:47 2015 us=614623   ping_send_timeout = 0
Tue Jan 20 21:26:47 2015 us=614629   ping_rec_timeout = 0
Tue Jan 20 21:26:47 2015 us=614636   ping_rec_timeout_action = 0
Tue Jan 20 21:26:47 2015 us=614642   ping_timer_remote = DISABLED
Tue Jan 20 21:26:47 2015 us=614649   remap_sigusr1 = 0
Tue Jan 20 21:26:47 2015 us=614655   persist_tun = DISABLED
Tue Jan 20 21:26:47 2015 us=614661   persist_local_ip = DISABLED
Tue Jan 20 21:26:47 2015 us=614668   persist_remote_ip = DISABLED
Tue Jan 20 21:26:47 2015 us=614675   persist_key = ENABLED
Tue Jan 20 21:26:47 2015 us=614681   passtos = DISABLED
Tue Jan 20 21:26:47 2015 us=614688   resolve_retry_seconds = 1000000000
Tue Jan 20 21:26:47 2015 us=614694   username = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=614700   groupname = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=614707   chroot_dir = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=614713   cd_dir = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=614719   writepid = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=614725   up_script = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=614732   down_script = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=614738   down_pre = DISABLED
Tue Jan 20 21:26:47 2015 us=614745   up_restart = DISABLED
Tue Jan 20 21:26:47 2015 us=614751   up_delay = DISABLED
Tue Jan 20 21:26:47 2015 us=614758   daemon = DISABLED
Tue Jan 20 21:26:47 2015 us=614764   inetd = 0
Tue Jan 20 21:26:47 2015 us=614770   log = DISABLED
Tue Jan 20 21:26:47 2015 us=614777   suppress_timestamps = DISABLED
Tue Jan 20 21:26:47 2015 us=614783   nice = 0
Tue Jan 20 21:26:47 2015 us=614790   verbosity = 5
Tue Jan 20 21:26:47 2015 us=614796   mute = 0
Tue Jan 20 21:26:47 2015 us=614803   gremlin = 0
Tue Jan 20 21:26:47 2015 us=614809   status_file = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=614815   status_file_version = 1
Tue Jan 20 21:26:47 2015 us=614822   status_file_update_freq = 60
Tue Jan 20 21:26:47 2015 us=614832   occ = ENABLED
Tue Jan 20 21:26:47 2015 us=614838   rcvbuf = 65536
Tue Jan 20 21:26:47 2015 us=614845   sndbuf = 65536
Tue Jan 20 21:26:47 2015 us=614851   mark = 0
Tue Jan 20 21:26:47 2015 us=614857   sockflags = 0
Tue Jan 20 21:26:47 2015 us=614863   fast_io = DISABLED
Tue Jan 20 21:26:47 2015 us=614870   lzo = 7
Tue Jan 20 21:26:47 2015 us=614876   route_script = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=614882   route_default_gateway = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=614889   route_default_metric = 0
Tue Jan 20 21:26:47 2015 us=614896   route_noexec = DISABLED
Tue Jan 20 21:26:47 2015 us=614904   route_delay = 10
Tue Jan 20 21:26:47 2015 us=614911   route_delay_window = 30
Tue Jan 20 21:26:47 2015 us=614918   route_delay_defined = ENABLED
Tue Jan 20 21:26:47 2015 us=614932   route_nopull = DISABLED
Tue Jan 20 21:26:47 2015 us=614944   route_gateway_via_dhcp = DISABLED
Tue Jan 20 21:26:47 2015 us=614953   max_routes = 100
Tue Jan 20 21:26:47 2015 us=614960   allow_pull_fqdn = DISABLED
Tue Jan 20 21:26:47 2015 us=614967   management_addr = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=614974   management_port = 0
Tue Jan 20 21:26:47 2015 us=614980   management_user_pass = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=614987   management_log_history_cache = 250
Tue Jan 20 21:26:47 2015 us=614993   management_echo_buffer_size = 100
Tue Jan 20 21:26:47 2015 us=615000   management_write_peer_info_file = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=615007   management_client_user = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=615014   management_client_group = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=615020   management_flags = 0
Tue Jan 20 21:26:47 2015 us=615027   shared_secret_file = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=615033   key_direction = 0
Tue Jan 20 21:26:47 2015 us=615040   ciphername_defined = ENABLED
Tue Jan 20 21:26:47 2015 us=615047   ciphername = 'aes-256-cbc'
Tue Jan 20 21:26:47 2015 us=615053   authname_defined = ENABLED
Tue Jan 20 21:26:47 2015 us=615060   authname = 'SHA1'
Tue Jan 20 21:26:47 2015 us=615066   prng_hash = 'SHA1'
Tue Jan 20 21:26:47 2015 us=615073   prng_nonce_secret_len = 16
Tue Jan 20 21:26:47 2015 us=615079   keysize = 0
Tue Jan 20 21:26:47 2015 us=615086   engine = DISABLED
Tue Jan 20 21:26:47 2015 us=615093   replay = ENABLED
Tue Jan 20 21:26:47 2015 us=615099   mute_replay_warnings = DISABLED
Tue Jan 20 21:26:47 2015 us=615106   replay_window = 64
Tue Jan 20 21:26:47 2015 us=615112   replay_time = 15
Tue Jan 20 21:26:47 2015 us=615119   packet_id_file = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=615126   use_iv = ENABLED
Tue Jan 20 21:26:47 2015 us=615132   test_crypto = DISABLED
Tue Jan 20 21:26:47 2015 us=615138   tls_server = DISABLED
Tue Jan 20 21:26:47 2015 us=615145   tls_client = ENABLED
Tue Jan 20 21:26:47 2015 us=615151   key_method = 2
Tue Jan 20 21:26:47 2015 us=615158   ca_file = '/home/hurvajs/certificates/xxxxx/ca.crt'
Tue Jan 20 21:26:47 2015 us=615164   ca_path = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=615171   dh_file = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=615182   cert_file = '/home/hurvajs/certificates/xxxxx/prog92.crt'
Tue Jan 20 21:26:47 2015 us=615189   priv_key_file = '/home/hurvajs/certificates/xxxxx/prog92.key'
Tue Jan 20 21:26:47 2015 us=615195   pkcs12_file = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=615202   cipher_list = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=615218   tls_verify = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=615223   tls_export_cert = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=615229   verify_x509_type = 0
Tue Jan 20 21:26:47 2015 us=615235   verify_x509_name = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=615240   crl_file = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=615246   ns_cert_type = 1
Tue Jan 20 21:26:47 2015 us=615251   remote_cert_ku[i] = 0
Tue Jan 20 21:26:47 2015 us=615257   remote_cert_ku[i] = 0
Tue Jan 20 21:26:47 2015 us=615262   remote_cert_ku[i] = 0
Tue Jan 20 21:26:47 2015 us=615268   remote_cert_ku[i] = 0
Tue Jan 20 21:26:47 2015 us=615273   remote_cert_ku[i] = 0
Tue Jan 20 21:26:47 2015 us=615278   remote_cert_ku[i] = 0
Tue Jan 20 21:26:47 2015 us=615284   remote_cert_ku[i] = 0
Tue Jan 20 21:26:47 2015 us=615289   remote_cert_ku[i] = 0
Tue Jan 20 21:26:47 2015 us=615295   remote_cert_ku[i] = 0
Tue Jan 20 21:26:47 2015 us=615300   remote_cert_ku[i] = 0
Tue Jan 20 21:26:47 2015 us=615305   remote_cert_ku[i] = 0
Tue Jan 20 21:26:47 2015 us=615311   remote_cert_ku[i] = 0
Tue Jan 20 21:26:47 2015 us=615316   remote_cert_ku[i] = 0
Tue Jan 20 21:26:47 2015 us=615321   remote_cert_ku[i] = 0
Tue Jan 20 21:26:47 2015 us=615327   remote_cert_ku[i] = 0
Tue Jan 20 21:26:47 2015 us=615332   remote_cert_ku[i] = 0
Tue Jan 20 21:26:47 2015 us=615338   remote_cert_eku = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=615343   ssl_flags = 0
Tue Jan 20 21:26:47 2015 us=615348   tls_timeout = 2
Tue Jan 20 21:26:47 2015 us=615354   renegotiate_bytes = 0
Tue Jan 20 21:26:47 2015 us=615359   renegotiate_packets = 0
Tue Jan 20 21:26:47 2015 us=615365   renegotiate_seconds = 3600
Tue Jan 20 21:26:47 2015 us=615370   handshake_window = 60
Tue Jan 20 21:26:47 2015 us=615376   transition_window = 3600
Tue Jan 20 21:26:47 2015 us=615381   single_session = DISABLED
Tue Jan 20 21:26:47 2015 us=615387   push_peer_info = DISABLED
Tue Jan 20 21:26:47 2015 us=615392   tls_exit = DISABLED
Tue Jan 20 21:26:47 2015 us=615398   tls_auth_file = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=615405   server_network = 0.0.0.0
Tue Jan 20 21:26:47 2015 us=615411   server_netmask = 0.0.0.0
Tue Jan 20 21:26:47 2015 us=615421   server_network_ipv6 = ::
Tue Jan 20 21:26:47 2015 us=615427   server_netbits_ipv6 = 0
Tue Jan 20 21:26:47 2015 us=615433   server_bridge_ip = 0.0.0.0
Tue Jan 20 21:26:47 2015 us=615440   server_bridge_netmask = 0.0.0.0
Tue Jan 20 21:26:47 2015 us=615445   server_bridge_pool_start = 0.0.0.0
Tue Jan 20 21:26:47 2015 us=615451   server_bridge_pool_end = 0.0.0.0
Tue Jan 20 21:26:47 2015 us=615457   ifconfig_pool_defined = DISABLED
Tue Jan 20 21:26:47 2015 us=615463   ifconfig_pool_start = 0.0.0.0
Tue Jan 20 21:26:47 2015 us=615469   ifconfig_pool_end = 0.0.0.0
Tue Jan 20 21:26:47 2015 us=615475   ifconfig_pool_netmask = 0.0.0.0
Tue Jan 20 21:26:47 2015 us=615481   ifconfig_pool_persist_filename = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=615487   ifconfig_pool_persist_refresh_freq = 600
Tue Jan 20 21:26:47 2015 us=615493   ifconfig_ipv6_pool_defined = DISABLED
Tue Jan 20 21:26:47 2015 us=615499   ifconfig_ipv6_pool_base = ::
Tue Jan 20 21:26:47 2015 us=615504   ifconfig_ipv6_pool_netbits = 0
Tue Jan 20 21:26:47 2015 us=615510   n_bcast_buf = 256
Tue Jan 20 21:26:47 2015 us=615515   tcp_queue_limit = 64
Tue Jan 20 21:26:47 2015 us=615521   real_hash_size = 256
Tue Jan 20 21:26:47 2015 us=615526   virtual_hash_size = 256
Tue Jan 20 21:26:47 2015 us=615532   client_connect_script = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=615537   learn_address_script = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=615543   client_disconnect_script = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=615548   client_config_dir = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=615554   ccd_exclusive = DISABLED
Tue Jan 20 21:26:47 2015 us=615559   tmp_dir = '/tmp'
Tue Jan 20 21:26:47 2015 us=615565   push_ifconfig_defined = DISABLED
Tue Jan 20 21:26:47 2015 us=615571   push_ifconfig_local = 0.0.0.0
Tue Jan 20 21:26:47 2015 us=615577   push_ifconfig_remote_netmask = 0.0.0.0
Tue Jan 20 21:26:47 2015 us=615582   push_ifconfig_ipv6_defined = DISABLED
Tue Jan 20 21:26:47 2015 us=615588   push_ifconfig_ipv6_local = ::/0
Tue Jan 20 21:26:47 2015 us=615594   push_ifconfig_ipv6_remote = ::
Tue Jan 20 21:26:47 2015 us=615600   enable_c2c = DISABLED
Tue Jan 20 21:26:47 2015 us=615606   duplicate_cn = DISABLED
Tue Jan 20 21:26:47 2015 us=615611   cf_max = 0
Tue Jan 20 21:26:47 2015 us=615616   cf_per = 0
Tue Jan 20 21:26:47 2015 us=615622   max_clients = 1024
Tue Jan 20 21:26:47 2015 us=615627   max_routes_per_client = 256
Tue Jan 20 21:26:47 2015 us=615633   auth_user_pass_verify_script = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=615639   auth_user_pass_verify_script_via_file = DISABLED
Tue Jan 20 21:26:47 2015 us=615645   port_share_host = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=615651   port_share_port = 0
Tue Jan 20 21:26:47 2015 us=615657   client = ENABLED
Tue Jan 20 21:26:47 2015 us=615662   pull = ENABLED
Tue Jan 20 21:26:47 2015 us=615669   auth_user_pass_file = '[UNDEF]'
Tue Jan 20 21:26:47 2015 us=615675 OpenVPN 2.3.6 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jan 13 2015
Tue Jan 20 21:26:47 2015 us=615685 library versions: OpenSSL 1.0.1l 15 Jan 2015, LZO 2.08
Enter Private Key Password:
Tue Jan 20 21:26:49 2015 us=571480 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Jan 20 21:26:49 2015 us=571687 WARNING: file '/home/hurvajs/certificates/xxxxx/prog92.key' is group or others accessible
Tue Jan 20 21:26:49 2015 us=572081 LZO compression initialized
Tue Jan 20 21:26:49 2015 us=572216 Control Channel MTU parms [ L:1590 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Jan 20 21:26:49 2015 us=572275 Socket Buffers: R=[212992->131072] S=[212992->131072]
Tue Jan 20 21:26:49 2015 us=624119 Data Channel MTU parms [ L:1590 D:1450 EF:58 EB:135 ET:32 EL:0 AF:3/1 ]
Tue Jan 20 21:26:49 2015 us=624167 Local Options String: 'V4,dev-type tap,link-mtu 1590,tun-mtu 1532,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Tue Jan 20 21:26:49 2015 us=624175 Expected Remote Options String: 'V4,dev-type tap,link-mtu 1590,tun-mtu 1532,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Tue Jan 20 21:26:49 2015 us=624192 Local Options hash (VER=V4): 'c6c7c21a'
Tue Jan 20 21:26:49 2015 us=624202 Expected Remote Options hash (VER=V4): '1a6d5c5d'
Tue Jan 20 21:26:49 2015 us=624213 UDPv4 link local: [undef]
Tue Jan 20 21:26:49 2015 us=624222 UDPv4 link remote: [AF_INET]176.62.234.2:21194
WRTue Jan 20 21:26:49 2015 us=671547 TLS: Initial packet from [AF_INET]176.62.234.2:21194, sid=1ae9aec5 ba101435
WWWRRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRTue Jan 20 21:26:49 2015 us=968866 VERIFY OK: depth=1, C=CZ, ST=Czech Republic, L=Prague, O=xxxxx, CN=xxxxx, emailAddress=xxxxx@xxxxx.cz
Tue Jan 20 21:26:49 2015 us=969145 VERIFY OK: nsCertType=SERVER
Tue Jan 20 21:26:49 2015 us=969162 VERIFY OK: depth=0, C=CZ, ST=Czech Republic, L=Prague, O=xxxxx, CN=praha.xxxxx.cz, emailAddress=xxxxx@xxxxx.cz
WRWRWRWRWRWRWWWWRRRWWRWWRRRRWWWWRRRRWWWWRRRRWWWWRWRRRWWWRRRWRWWWRRRRWRWRTue Jan 20 21:26:50 2015 us=428105 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Tue Jan 20 21:26:50 2015 us=428125 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Jan 20 21:26:50 2015 us=428131 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Tue Jan 20 21:26:50 2015 us=428136 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
WTue Jan 20 21:26:50 2015 us=428173 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Jan 20 21:26:50 2015 us=428191 [praha.xxxxx.cz] Peer Connection Initiated with [AF_INET]176.62.234.2:21194
Tue Jan 20 21:26:52 2015 us=781808 SENT CONTROL [praha.xxxxx.cz]: 'PUSH_REQUEST' (status=1)
WRRWRWRWRWRWRWRRRWRWRWRWRTue Jan 20 21:26:56 2015 us=901120 PUSH: Received control message: 'PUSH_REPLY,route 192.168.3.0 255.255.255.0,route 192.168.5.0 255.255.255.0,route 192.168.100.0 255.255.255.0,route 192.168.101.0 255.255.255.0,route 192.168.102.0 255.255.255.0,route 176.62.234.14 255.255.255.255,route 195.250.149.128 255.255.255.192,route 77.93.217.64 255.255.255.192,route 178.238.38.128 255.255.255.192,route 77.93.222.8 255.255.255.252,route 195.122.208.0 255.255.255.240,route 195.122.208.128 255.255.255.224,route 188.120.192.44 255.255.255.255,route 188.120.196.48 255.255.255.240,route 64.14.225.0 255.255.255.0,route 64.14.236.228 255.255.255.255,route 216.33.74.9 255.255.255.255,route 216.64.211.84 255.255.255.255,route 216.64.211.196 255.255.255.255,route 216.35.168.0 255.255.255.0,route 216.35.169.215 255.255.255.255,route 216.64.208.119 255.255.255.255,route 216.64.208.196 255.255.255.255,route 216.64.209.4 255.255.255.255,route 216.64.209.51 255.255.255.255,route 216.64.209.52 255.255.255.255,push-continuation 2'
WRWRWRWRWRWRWRWRWRWRTue Jan 20 21:26:57 2015 us=224128 PUSH: Received control message: 'PUSH_REPLY,route 212.41.251.141 255.255.255.255,route 216.64.211.4 255.255.255.255,route 93.185.101.130 255.255.255.255,route 92.62.231.50 255.255.255.255,route 82.208.49.228 255.255.255.255,route 82.208.14.140 255.255.255.255,route 194.228.175.203 255.255.255.255,route 194.228.175.218 255.255.255.255,route 194.228.175.223 255.255.255.255,route 194.228.175.242 255.255.255.255,route 5.79.12.121 255.255.255.255,route 5.79.61.226 255.255.255.255,route 5.79.9.110 255.255.255.255,route 5.79.9.111 255.255.255.255,route 176.62.234.6 255.255.255.255,route 90.176.150.210 255.255.255.255,route 90.176.150.211 255.255.255.255,route 81.0.231.81 255.255.255.255,route 81.0.231.82 255.255.255.255,route 81.0.231.83 255.255.255.255,route 81.0.231.84 255.255.255.255,route 217.11.236.225 255.255.255.255,route 77.93.219.184 255.255.255.255,route 77.93.219.185 255.255.255.255,route 62.77.114.18 255.255.255.255,route 90.182.205.232 255.255.255.255,push-continuation 2'
WRWRWRWRWRWRWRWRTue Jan 20 21:26:57 2015 us=353850 PUSH: Received control message: 'PUSH_REPLY,route 90.182.205.243 255.255.255.255,route 54.194.15.77 255.255.255.255,route 54.194.150.200 255.255.255.255,route 54.194.189.101 255.255.255.255,route 54.229.184.75 255.255.255.255,route 72.21.203.197 255.255.255.255,route 176.34.147.136 255.255.255.255,route 176.34.149.93 255.255.255.255,route 176.34.149.183 255.255.255.255,route 176.34.150.14 255.255.255.255,route 176.34.155.53 255.255.255.255,route 194.203.40.19 255.255.255.255,route 194.203.40.142 255.255.255.255,route 54.229.184.75 255.255.255.255,route 88.86.101.58 255.255.255.255,route 77.78.101.2 255.255.255.255,route-gateway 192.168.12.1,ping 10,ping-restart 120,ifconfig 192.168.12.59 255.255.255.0,push-continuation 1'
Tue Jan 20 21:26:57 2015 us=354120 OPTIONS IMPORT: timers and/or timeouts modified
Tue Jan 20 21:26:57 2015 us=354147 OPTIONS IMPORT: --ifconfig/up options modified
Tue Jan 20 21:26:57 2015 us=354160 OPTIONS IMPORT: route options modified
Tue Jan 20 21:26:57 2015 us=354171 OPTIONS IMPORT: route-related options modified
Tue Jan 20 21:26:57 2015 us=354425 ROUTE_GATEWAY 192.168.2.1/255.255.255.0 IFACE=enp3s0 HWADDR=28:d2:44:cc:92:44
Tue Jan 20 21:26:57 2015 us=357137 TUN/TAP device tap0 opened
Tue Jan 20 21:26:57 2015 us=357324 TUN/TAP TX queue length set to 100
Tue Jan 20 21:26:57 2015 us=357441 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Tue Jan 20 21:26:57 2015 us=357582 /bin/ifconfig tap0 192.168.12.59 netmask 255.255.255.0 mtu 1500 broadcast 192.168.12.255
WrWrWrWrWrWrWrWRwrWRwRwRwRTue Jan 20 21:26:59 2015 us=762690 PID_ERR replay-window backtrack occurred [1] [SSL-0] [0_0__0044] 0:9 0:8 t=1421789219[0] r=[-4,64,15,1,1] sl=[55,9,64,528]
wRwRTue Jan 20 21:26:59 2015 us=762733 PID_ERR replay-window backtrack occurred [6] [SSL-0] [0_000__0044] 0:11 0:5 t=1421789219[0] r=[-4,64,15,6,1] sl=[53,11,64,528]
wRwRwRwRwRwRwRwrWRwRwrWTue Jan 20 21:27:07 2015 us=648205 /bin/route add -net 192.168.3.0 netmask 255.255.255.0 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=648981 /bin/route add -net 192.168.5.0 netmask 255.255.255.0 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=649612 /bin/route add -net 192.168.100.0 netmask 255.255.255.0 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=650644 /bin/route add -net 192.168.101.0 netmask 255.255.255.0 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=651359 /bin/route add -net 192.168.102.0 netmask 255.255.255.0 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=652509 /bin/route add -net 176.62.234.14 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=653297 /bin/route add -net 195.250.149.128 netmask 255.255.255.192 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=654158 /bin/route add -net 77.93.217.64 netmask 255.255.255.192 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=654939 /bin/route add -net 178.238.38.128 netmask 255.255.255.192 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=655680 /bin/route add -net 77.93.222.8 netmask 255.255.255.252 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=656429 /bin/route add -net 195.122.208.0 netmask 255.255.255.240 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=657129 /bin/route add -net 195.122.208.128 netmask 255.255.255.224 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=657812 /bin/route add -net 188.120.192.44 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=658493 /bin/route add -net 188.120.196.48 netmask 255.255.255.240 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=659166 /bin/route add -net 64.14.225.0 netmask 255.255.255.0 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=659841 /bin/route add -net 64.14.236.228 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=660369 /bin/route add -net 216.33.74.9 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=661095 /bin/route add -net 216.64.211.84 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=661815 /bin/route add -net 216.64.211.196 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=662559 /bin/route add -net 216.35.168.0 netmask 255.255.255.0 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=663348 /bin/route add -net 216.35.169.215 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=664226 /bin/route add -net 216.64.208.119 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=665204 /bin/route add -net 216.64.208.196 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=665959 /bin/route add -net 216.64.209.4 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=666644 /bin/route add -net 216.64.209.51 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=667336 /bin/route add -net 216.64.209.52 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=668154 /bin/route add -net 212.41.251.141 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=669373 /bin/route add -net 216.64.211.4 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=670393 /bin/route add -net 93.185.101.130 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=671129 /bin/route add -net 92.62.231.50 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=671809 /bin/route add -net 82.208.49.228 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=672458 /bin/route add -net 82.208.14.140 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=673147 /bin/route add -net 194.228.175.203 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=673841 /bin/route add -net 194.228.175.218 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=674526 /bin/route add -net 194.228.175.223 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=675199 /bin/route add -net 194.228.175.242 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=675862 /bin/route add -net 5.79.12.121 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=676582 /bin/route add -net 5.79.61.226 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=677290 /bin/route add -net 5.79.9.110 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=678025 /bin/route add -net 5.79.9.111 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=678655 /bin/route add -net 176.62.234.6 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=679328 /bin/route add -net 90.176.150.210 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=679974 /bin/route add -net 90.176.150.211 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=680824 /bin/route add -net 81.0.231.81 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=681550 /bin/route add -net 81.0.231.82 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=682254 /bin/route add -net 81.0.231.83 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=682958 /bin/route add -net 81.0.231.84 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=684191 /bin/route add -net 217.11.236.225 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=684819 /bin/route add -net 77.93.219.184 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=685477 /bin/route add -net 77.93.219.185 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=686146 /bin/route add -net 62.77.114.18 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=686771 /bin/route add -net 90.182.205.232 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=687397 /bin/route add -net 90.182.205.243 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=688068 /bin/route add -net 54.194.15.77 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=688753 /bin/route add -net 54.194.150.200 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=689389 /bin/route add -net 54.194.189.101 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=690039 /bin/route add -net 54.229.184.75 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=690700 /bin/route add -net 72.21.203.197 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=691579 /bin/route add -net 176.34.147.136 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=692289 /bin/route add -net 176.34.149.93 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=693005 /bin/route add -net 176.34.149.183 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=693698 /bin/route add -net 176.34.150.14 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=694438 /bin/route add -net 176.34.155.53 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=695128 /bin/route add -net 194.203.40.19 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=695794 /bin/route add -net 194.203.40.142 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=696457 /bin/route add -net 54.229.184.75 netmask 255.255.255.255 gw 192.168.12.1
SIOCADDRT: File exists
Tue Jan 20 21:27:07 2015 us=697141 ERROR: Linux route add command failed: external program exited with error status: 7
Tue Jan 20 21:27:07 2015 us=697176 /bin/route add -net 88.86.101.58 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=697835 /bin/route add -net 77.78.101.2 netmask 255.255.255.255 gw 192.168.12.1
Tue Jan 20 21:27:07 2015 us=698430 Initialization Sequence Completed
    20.1.2015 21:25 creon | skóre: 18 | blog: creonsnotes
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    pod kterym uzivatelem se spousti VPN?
    svido avatar 20.1.2015 22:09 svido | skóre: 28
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    Pod rootem. Zkoušel jsem Ing konfigu přidat nobody, nepomohlo to
    20.1.2015 22:26 Matlák
    Rozbalit Rozbalit vše Re: Nefunkční openVPN 
    ....
Tue Jan 20 19:25:34 2015 /bin/ifconfig tap0 192.168.12.59 netmask 255.255.255.0 mtu 1500 broadcast 192.168.12.255
SIOCADDRT: File exists
Tue Jan 20 19:25:36 2015 ERROR: Linux route add command failed: external program exited with error status: 7
....
    Podle toho výpisu jste připojen... Možná by to chtělo po spuštění openvpn jen zkontrolovat, jestli se jde dostat do té sítě 192.168.12.0/24. A routy vypíšete třeba příkazem 
    ip r show
    20.1.2015 22:29 Matlák
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    Připojení kk internetu funguje dál, ale na servery uvnitř VPN nevidím.

    Jaké to jsou servery? Mají taky adresy z rozsahu 192.168.12.0/24 ? Nebo jsou úplně někde jinde, a v té síti je jen nějaká brána k nim?
    20.1.2015 22:33 Matlák
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    Aha tak podle přiloženého výpisu to vypadá že brána je 192.168.12.1 a ty servery by tam měly být (měly by jít pingnout podle IP adresy). Zkusil bych nejdřív zkusit tu bránu a pak některý z těch serverů...
    svido avatar 20.1.2015 22:42 svido | skóre: 28
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    jasně, to je můj domácí switch. Z něj to přes Wi-Fi router leze providerovi. Moje domácí sít je 192.168.2.0/24 a brána je: 192.168.2.1

    Sít funguje. Nejde jen vlastní VPN, resp. servery co bych měl vidět díky VPN nevidím.
    21.1.2015 06:19 Matlák
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    Myslel jsem síť 192.168.12.0/24. Že je VPN připojená do této sítě je vidět ve výpisu logu: 
    Tue Jan 20 19:25:34 2015 /bin/ifconfig tap0 192.168.12.59 netmask 255.255.255.0 mtu 1500 broadcast 192.168.12.255
    Je logické, že ta síť je v privátním rozsahu, přeci jen je to virtuální privátní síť...
    svido avatar 20.1.2015 22:39 svido | skóre: 28
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    tohle je development server, který by měl být v naší interní síti. Možná je jen chybná konfigurace na serveru, zkoušel jsem trace a po čase skončím... 
    spejbl ~ # tracepath 46.28.107.243
 1?: [LOCALHOST]                                         pmtu 1500
 1:  192.168.2.1                                           0.506ms
 1:  192.168.2.1                                           0.397ms
 2:  10.19.17.49                                           2.215ms
 3:  10.19.17.1                                            7.597ms
 4:  10.19.0.33                                          477.296ms
 5:  10.1.0.1                                             91.885ms
 6:  10.0.90.14                                           46.560ms
 7:  2.144.230.94.awnet.cz                                21.168ms
 8:  gw-78-24-8-201.vshosting.cz                          79.700ms asymm  9
 9:  gw-vshsitpeer.kaora.cz                               23.657ms asymm 10
10:  wedos-sitel.kaora.cz                                 50.223ms asymm 11
11:  r12-a.wedos.net                                      45.235ms asymm 12
12:  no reply
13:  no reply
14:  no reply
15:  no reply
    Toto je stage server, který je i mimo naší firemní sít (spravuje ho třetí strana), ale z práce na něj vidím... 
    spejbl ~ # tracepath 212.100.246.25
 1?: [LOCALHOST]                                         pmtu 1500
 1:  192.168.2.1                                           0.531ms
 1:  192.168.2.1                                           0.497ms
 2:  10.19.17.49                                           2.250ms
 3:  10.19.17.1                                           14.123ms
 4:  10.19.0.33                                           76.885ms
 5:  10.1.0.1                                             17.781ms
 6:  10.0.90.14                                           35.234ms
 7:  1.144.230.94.awnet.cz                                47.213ms
 8:  unassigned-ip.vshosting.cz                           42.303ms
 9:  backbone-sitel-mx.vshosting.cz                       36.551ms
10:  78.152.46.37                                         37.957ms
11:  eth1-3.r1.vie1.at.as5580.net                         48.053ms
12:  eth1-6.r1.fra1.de.as5580.net                         58.032ms asymm 11
13:  eth13-1.core1.par2.fr.as5580.net                     45.877ms asymm 12
14:  eth7-1.core1.lon2.uk.as5580.net                      82.960ms asymm 15
15:  eth7-2.r1.lon1.uk.as5580.net                         72.726ms
16:  94.31.31.17                                          48.989ms
17:  ae5.mpr2.lhr2.uk.zip.zayo.com                        55.336ms
18:  ae6.mpr1.lhr23.uk.zip.zayo.com                       97.621ms
19:  94.31.42.254.IPYX-076520-ZYO.above.net               81.987ms
20:  coreb-edge4.lon3.rackspace.net                      104.708ms
21:  core3-corea.lon3.rackspace.net                       54.273ms
22:  aggr331a-2-core3.lon3.rackspace.net                  97.227ms
23:  no reply
24:  no reply
    21.1.2015 06:24 Matlák
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    Toto je stage server, který je i mimo naší firemní sít (spravuje ho třetí strana), ale z práce na něj vidím... 
    spejbl ~ # tracepath 212.100.246.25


    Tak zkuste zadat routu ručně, přes síť která je na tap0 - třeba takhle: 
    ip r add 212.100.246.25 via 192.168.12.1
    BTW. asi bylo vhodné, po tom co VPN najede (objeví se "Initialization sequence completed") kouknout jestli jsou všechny interfacy správně nastavené 
    ip a show
    je možné i to že tam něco koliduje...
    21.1.2015 09:28 pet
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    Ani 46.28.107.243 ani 212.100.246.25 není podle toho dlouhého výpisu routované do VPN, proto traceroute jde přímo do internetu. Co takhle zkusit něco z toho, co je přes VPN routované? Těch mašin je v tom výpisu dost, všechny co mají netmask 255.255.255.255 jsou jednotlivé stroje.
    20.1.2015 22:30 NN
    Rozbalit Rozbalit vše Re: Nefunkční openVPN 
    /bin/ifconfig tap0 192.168.12.59 netmask 255.255.255.0 mtu 1500 broadcast 192.168.12.255
SIOCADDRT: File exists
    To vypada, ze uz na tom tapu neco visi..

    Založit nové vláknoNahoru

    Tiskni Sdílej: Linkuj Jaggni to Vybrali.sme.sk Google Del.icio.us Facebook

    Píšeme jinde
    ISSN 1214-1267   www.czech-server.cz
    Redakce | Inzerce | Podmínky použití | Osobní údaje
    © 1999-2015 Nitemedia s. r. o. Všechna práva vyhrazena.