It is currently 22.08.2017 12:49


All times are UTC




Post new topic Reply to topic  [ 1 post ] 
Author Message
 Post subject: client connected, but no trafic
PostPosted: 01.10.2011 13:35 
DES
DES

Joined: 01.10.2011 13:33
Posts: 1
Hello, here is the scenario :

My local computer : windows 7
a dedicated server hosted somewhere : debian
a virtual machine on my local computer : windows XP

I installed and configured OpenVPN and dnsmasq on the debian server, and OpenVPN Gui on the virtual machine.

here is the server configuration on /etc/openvpn/server.conf:
Code:
port 1194
proto udp
dev tun
server 10.8.0.0 255.255.255.0
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1"
push "dhcp-option DNS 10.8.0.1"
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3


here is the content of /etc/rc.local
Code:
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT
iptables -A FORWARD -j REJECT
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
/etc/init.d/dnsmasq restart
exit 0


and the virtual machine client1.ovpn
Code:
client
dev tun
dev-node tap
proto udp
remote ____IP_____ 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\client1.crt"
key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\client1.key"
ns-cert-type server
comp-lzo
verb 3


When I run OpenVPN GUI on the virtual machine, he connect very well to the server with no errors, but after that, I'm unable to use internet.
I can Ping 10.8.0.6, but any ping to an external IP the request time out.

Here is the OpenVPN Gui connection log:
Code:
Fri Sep 30 16:25:35 2011 OpenVPN 2.2.1 Win32-MSVC++ [SSL] [LZO2] built on Jul  1 2011
Fri Sep 30 16:25:35 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Fri Sep 30 16:25:35 2011 LZO compression initialized
Fri Sep 30 16:25:35 2011 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Fri Sep 30 16:25:35 2011 Socket Buffers: R=[8192->8192] S=[8192->8192]
Fri Sep 30 16:25:35 2011 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Fri Sep 30 16:25:36 2011 Local Options hash (VER=V4): '41690919'
Fri Sep 30 16:25:36 2011 Expected Remote Options hash (VER=V4): '530fdded'
Fri Sep 30 16:25:36 2011 UDPv4 link local: [undef]
Fri Sep 30 16:25:36 2011 UDPv4 link remote: ____IP____:1194
Fri Sep 30 16:25:36 2011 TLS: Initial packet from ____IP____:1194, sid=08d0fe98 9073db29
Fri Sep 30 16:25:37 2011 VERIFY OK: depth=1, /C=__/ST=__/L=__/O=____/CN=____/emailAddress=___@___.__
Fri Sep 30 16:25:37 2011 VERIFY OK: nsCertType=SERVER
Fri Sep 30 16:25:37 2011 VERIFY OK: depth=0, /C=__/ST=__/L=_____/O=______/CN=server/emailAddress=____@_____.__
Fri Sep 30 16:25:40 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Sep 30 16:25:40 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Sep 30 16:25:40 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Sep 30 16:25:40 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Sep 30 16:25:40 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Fri Sep 30 16:25:40 2011 [server] Peer Connection Initiated with ____IP____:1194
Fri Sep 30 16:25:42 2011 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Fri Sep 30 16:25:42 2011 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.8.0.1,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Fri Sep 30 16:25:42 2011 OPTIONS IMPORT: timers and/or timeouts modified
Fri Sep 30 16:25:42 2011 OPTIONS IMPORT: --ifconfig/up options modified
Fri Sep 30 16:25:42 2011 OPTIONS IMPORT: route options modified
Fri Sep 30 16:25:42 2011 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Sep 30 16:25:42 2011 ROUTE default_gateway=10.0.2.2
Fri Sep 30 16:25:42 2011 TAP-WIN32 device [tap] opened: \\.\Global\{53877D45-021D-4D2B-A4A9-27829394F7B7}.tap
Fri Sep 30 16:25:42 2011 TAP-Win32 Driver Version 9.8
Fri Sep 30 16:25:42 2011 TAP-Win32 MTU=1500
Fri Sep 30 16:25:42 2011 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {53877D45-021D-4D2B-A4A9-27829394F7B7} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
Fri Sep 30 16:25:42 2011 Successful ARP Flush on interface [3] {53877D45-021D-4D2B-A4A9-27829394F7B7}
Fri Sep 30 16:25:47 2011 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
Fri Sep 30 16:25:47 2011 Route: Waiting for TUN/TAP interface to come up...
Fri Sep 30 16:25:52 2011 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
Fri Sep 30 16:25:52 2011 C:\WINDOWS\system32\route.exe ADD ____IP____ MASK 255.255.255.255 10.0.2.2
Fri Sep 30 16:25:52 2011 Route addition via IPAPI succeeded [adaptive]
Fri Sep 30 16:25:52 2011 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.5
Fri Sep 30 16:25:52 2011 Route addition via IPAPI succeeded [adaptive]
Fri Sep 30 16:25:52 2011 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.5
Fri Sep 30 16:25:52 2011 Route addition via IPAPI succeeded [adaptive]
Fri Sep 30 16:25:52 2011 C:\WINDOWS\system32\route.exe ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.5
Fri Sep 30 16:25:52 2011 Route addition via IPAPI succeeded [adaptive]
Fri Sep 30 16:25:52 2011 Initialization Sequence Completed


So, where is the problem ?

Thanks in advance.


Top
Offline Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ]  Moderator: Moderators

All times are UTC


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Theme created StylerBB.net