Leo Vetterli | 1 Feb 18:29 2004
Picon

Clients are routed, but Server is not..

I have the following network setup:

Network0 192.168.0.0 mask 255.255.255.0
              |
Server0  192.168.0.221
         212.55.220.221 ---Internet
         192.168.10.1 (openvpn)
              |
Server1  192.168.10.2 (openvpn)
         62.12.129.138 ----Internet
         192.168.1.1
              |
Network1 192.168.0.0 mask 255.255.255.0

Now, the routing from Network0 to Network1 visa-versa is working fine.

But from Server1 I can only access Server0 and not Network0, and..
From Server 0 I can only access Server1 and not Network1
But again, networkclients are routed fine.

I have been trying for 2 day now - but no progress! Has anybody a clue?

I am using Win 2003 Server with RRAS installed.

Enclosed are Routing Tables and Ipconfig.

Almost hopeless...

Leo

(Continue reading)

Christian Hubinger | 1 Feb 19:06 2004
Picon

Strange Warning in log file


Hi!

I'm trieing to setup OpenVPN between my linux (server) and  windows box.
The tunnel uses tun on both sides and seperate subnets.
When i start the VPN on the windows box i get following entries in /var/log/
messages and nothing works (no ping):

openvpn[7056]: Peer Connection Initiated with 62.xxx.xxx.xxx:8000

openvpn[7056]: WARNING: Actual Remote Options ('V3,dev-type tun,link-mtu 
1542,tun-mtu 1500,proto UDPv4,ifconfig 10.7.0.5 10.7.0.6,comp-lzo,cipher 
BF-CBC,auth SHA1,keysize 128,tls-client') are inconsistent with Expected 
Remote Options ('V3,dev-type tun,link-mtu 1541,tun-mtu 1500,proto 
UDPv4,ifconfig 10.7.0.5 10.7.0.6,cipher BF-CBC,auth SHA1,keysize 
128,tls-client')

I have allmost the same setup (is the same just other subnets) for 4 linux 
clients and they all work without any problem - what can be wrong here.

thanks and greetings,
Chris

--

-- 
If it compiles, commit to CVS.
If it links, ship to customer.
It it runs without bugs, ..., nah, never had that case.
Christoph | 1 Feb 16:59 2004
Picon
Picon

OpenVPN - WLAN - WEP

Hi all,

I am using OpenVPN 1.5.0 on Linux. To connect to this OpenVPN I'am using 
my WinXP Laptop. The Laptop ist connected via WLAN to a WLAN-Router wich 
connects me to AOL. If I use WLAN and start OpenVPN, the TAP device on 
Windows fails. With a wired connection, also with AOL, everything is in 
best order.

Does anybody have the same problemes or has an idea about this phenomenon?

Thanks in advance

Christoph

-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
Anssi Kolehmainen | 1 Feb 19:24 2004
Picon
Picon

RE: Strange Warning in log file

> I'm trieing to setup OpenVPN between my linux (server) and windows 
> box.
> The tunnel uses tun on both sides and seperate subnets.
> When i start the VPN on the windows box i get following entries in 
> /var/log/ messages and nothing works (no ping):
> 
> openvpn[7056]: Peer Connection Initiated with 62.xxx.xxx.xxx:8000
> 
> openvpn[7056]: WARNING: Actual Remote Options ('V3,dev-type 
> tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,ifconfig 10.7.0.5 
> 10.7.0.6,comp-lzo,cipher BF-CBC,auth SHA1,keysize
> 128,tls-client') are inconsistent with Expected Remote Options 
> ('V3,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,ifconfig 
> 10.7.0.5 10.7.0.6,cipher BF-CBC,auth SHA1,keysize
> 128,tls-client')

Read those actual and expected remote options carefully.

Param       Actual     Expected
            V3         V3
dev-type    tun        tun
link-mtu    1542       1541
tun-mtu     1500       1500
proto       UDPv4      UDPv4
ifconfig    10.7.0.5   10.7.0.5
            10.7.0.6   10.7.0.6
(comp)      comp-lzo   (none)
cipher      BF-CBC     BF-CBC
auth        SHA1       SHA1
keysize     128        128
(Continue reading)

James Yonan | 1 Feb 23:25 2004
Picon

Fwd: Note on SSL server vs. client certs

Forwarded From: Gordon Schumacher, whiplash at this domain: pobox.com

> Something I ran into while building RSA certificates for my VPN - it's 
> "obvious" if you've played with OpenSSL a bunch, but not so much if you 
> haven't.  You might want to add a bit on it to the FAQ (though kudos for 
> making it some thorough - it's one of the best I've seen covering RSA key 
> generation out there!)
> 
> When making the key/cert pair for the server-side machine, the user will 
> need to change nsCertType to reflect this function - it will need to be set 
> to server instead of client.  I don't know if this is a recent change in 
> 1.5, but when I tried to connect a 1.5 Win32 client to the 1.42 server that 
> ships with SuSE 9.0, the client barfed...
> 
> Anyway, thanks again!  With that change, it worked like a charm...

-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
James Yonan | 2 Feb 02:07 2004
Picon

OpenVPN 1.6-beta5 released


See change log here:

http://openvpn.sourceforge.net/changelog.html

James

-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
Chezem,David | 2 Feb 02:34 2004
Picon

No route to host.

I started setting up OPENVPN.  It appears to be installed correctly.  I am testing between a RH 7.3 box and an XP
Pro box.

I run the following lineon the XP box:

openvpn --remote 192.168.1.101 --dev tun1 --port 6000 --ifconfig 10.4.0.1 10.4.0.2 --verb 6

And the following line on the RH box:

openvpn --remote 192.168.1.100 --dev tun1 --ifconfig 10.4.0.2 10.4.0.1 --verb 6

I am unable to ping either box through the tunnel.  When I do ping the RH box I get:

UDPv4 READ [-1] from [undef]: DATA UNDEF len=-1
UDPv4 READ [60] from 192.168.1.100:6000: Data len=60
UDPv4 WRITE [60] to 192.168.1.100:6000: DATA len=60

Read UDPv4 [EHOSTUNREACH]: No route to host (code=113)

On the XP box I get:

UDPv4 WRITE [60] to 192.168.1.101:6000: DATA len=60

Which repeats.

Why can I not ping either box.  Why do I get the no route to host error.

Thanks

David
(Continue reading)

Renato Salles | 2 Feb 05:21 2004
Picon

Re: Strange Warning in log file

Try to mirror the same link-mtu parameter to see what happens. This is the
only config parameter different between both hosts.

HTH,

RSalles
Christian Hubinger disse:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi!
>
> I'm trieing to setup OpenVPN between my linux (server) and  windows box.
> The tunnel uses tun on both sides and seperate subnets.
> When i start the VPN on the windows box i get following entries in
> /var/log/
> messages and nothing works (no ping):
>
> openvpn[7056]: Peer Connection Initiated with 62.xxx.xxx.xxx:8000
>
> openvpn[7056]: WARNING: Actual Remote Options ('V3,dev-type tun,link-mtu
> 1542,tun-mtu 1500,proto UDPv4,ifconfig 10.7.0.5 10.7.0.6,comp-lzo,cipher
> BF-CBC,auth SHA1,keysize 128,tls-client') are inconsistent with Expected
> Remote Options ('V3,dev-type tun,link-mtu 1541,tun-mtu 1500,proto
> UDPv4,ifconfig 10.7.0.5 10.7.0.6,cipher BF-CBC,auth SHA1,keysize
> 128,tls-client')
>
> I have allmost the same setup (is the same just other subnets) for 4 linux
> clients and they all work without any problem - what can be wrong here.
>
(Continue reading)

Renato Salles | 2 Feb 05:24 2004
Picon

RE: Strange Warning in log file

For sure, i bypassed this parameter in my previuos mail to Anssi.

Sds,

RSalles

Anssi Kolehmainen disse:
>> I'm trieing to setup OpenVPN between my linux (server) and windows
>> box.
>> The tunnel uses tun on both sides and seperate subnets.
>> When i start the VPN on the windows box i get following entries in
>> /var/log/ messages and nothing works (no ping):
>>
>> openvpn[7056]: Peer Connection Initiated with 62.xxx.xxx.xxx:8000
>>
>> openvpn[7056]: WARNING: Actual Remote Options ('V3,dev-type
>> tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,ifconfig 10.7.0.5
>> 10.7.0.6,comp-lzo,cipher BF-CBC,auth SHA1,keysize
>> 128,tls-client') are inconsistent with Expected Remote Options
>> ('V3,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,ifconfig
>> 10.7.0.5 10.7.0.6,cipher BF-CBC,auth SHA1,keysize
>> 128,tls-client')
>
> Read those actual and expected remote options carefully.
>
> Param       Actual     Expected
>             V3         V3
> dev-type    tun        tun
> link-mtu    1542       1541
> tun-mtu     1500       1500
(Continue reading)

Henri Wahl | 2 Feb 07:45 2004
Picon

Re: OpenVPN over PCMCIA

Hi,
I run openvpn with --verb 9 and got a lot ouf output, which I dont understand 
- only see between all the masses of messages the on which always appears on 
the console when unplugging the pcmcia card:

write UDPv4 []: No buffer space available (code=105)

A little piece of the output with --verb 9 is:

Sun Feb  1 19:53:32 2004 us=865367 2450[0]: UDPv4 write returned -1
Sun Feb  1 19:53:32 2004 us=865454 2451[0]: write UDPv4 []: No buffer space 
available (code=105)
Sun Feb  1 19:53:32 2004 us=865519 2452[0]: SELECT TR|tw|SR|sw 3/0
Sun Feb  1 19:53:32 2004 us=865580 2453[0]:  select returned 1
Sun Feb  1 19:53:32 2004 us=865641 2454[0]:  read from TUN/TAP returned 88
Sun Feb  1 19:53:32 2004 us=865908 2455[0]: TUN READ [88]: 45000058 030d409a 
4011399a c0a80102 c0a87b01 bfe3bfcd 5f56e739 6b77126[more...] md5=2f36e605 
679f0111 a66878c3 1634bdf4
Sun Feb  1 19:53:32 2004 us=865986 2456[0]: ENCRYPT IV: 3b715fd9 e738437a
Sun Feb  1 19:53:32 2004 us=866228 2457[0]: ENCRYPT FROM: 000000d2 401d4b29 
45000058 030d409a 4011399a c0a80102 c0a87b01 bfe3bfc[more...]
Sun Feb  1 19:53:32 2004 us=866661 2458[0]: ENCRYPT TO: 3b715fd9 e738437a 
d2f399d1 005e51e9 a3f320e4 926746f0 a450e0b4 7dd4cc8[more...]
Sun Feb  1 19:53:32 2004 us=866762 2459[0]: SELECT tr|tw|SR|SW 31536000/0
Sun Feb  1 19:53:32 2004 us=866824 2460[0]:  select returned 1
Sun Feb  1 19:53:32 2004 us=867156 2461[0]: UDPv4 WRITE [132] to 
192.168.123.1:5000:  DATA 1ea2c432 46d94453 d4a7f33d 727b87a1 a998eb1d 
3b715fd9 e738437a d2f399d[more...]
Sun Feb  1 19:53:32 2004 us=867230 2462[0]: UDPv4 write returned 132
Sun Feb  1 19:53:32 2004 us=867293 2463[0]: SELECT TR|tw|SR|sw 3/0
(Continue reading)


Gmane