Aller au contenu

nicotontige

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    1

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par nicotontige

  1. nicotontige
    Bonjour tout le monde, J'espère être dans le bon forum pour cette discussion. Je vous explique les faits. J'ai actuellement un réseau vpn qui fonctionne parfaitement entre plusieurs serveurs ovh. Afin de faire des backups en local de mes serveurs distants, je voudrais que mon syno puisse se connecter au réseau VPN. Bien entendu, la faible configuration possible d'un vpn client en ligne graphique étant mis à disposition, j'ai attaqué directement les fichiers de configuration en ligne de commande (en root bien sur !). Maintenant, quand je lance la connexion du VPN (par l'interface graphique) : - La connexion reste sur "En cours de connexion" - la carte réseau virtuelle a bien pris son IP tap0 Link encap:Ethernet HWaddr 0E:95:04:B0:87:8A inet addr:10.10.110.21 Bcast:10.10.110.255 Mask:255.255.255.0 inet6 addr: fe80::c95:4ff:feb0:878a/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:237 errors:0 dropped:0 overruns:0 frame:0 TX packets:33 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:140932 (137.6 KiB) TX bytes:7901 (7.7 KiB) - J'arrive parfaitement a pinger les autres machines sur le réseau VPN (je parle bien de pinger les adresses 10.10.110.xxx, et non l'adresse publique). Tout fonctionne me direz-vous. Seulement voilà, allez savoir pourquoi, la connexion se coupe au bout de 30 secondes, sans aucune raison apparente. S'en suit, les différents fichiers de log et configuration : /usr/syno/etc/synovpnclient/openvpn/openvpn.log Fri May 30 09:22:41 2014 OpenVPN 2.1.4 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] built on Apr 8 2014 Fri May 30 09:22:41 2014 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Fri May 30 09:22:41 2014 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Fri May 30 09:22:41 2014 PLUGIN_INIT: POST /lib/openvpn/openvpn-down-root.so '[/lib/openvpn/openvpn-down-root.so] [/usr/syno/etc.defaults/synovpnclient/scripts/ip-down]' intercepted=PLUGIN_UP|PLUGIN_DOWN Fri May 30 09:22:41 2014 PLUGIN_INIT: POST /lib/openvpn/openvpn-down-root.so '[/lib/openvpn/openvpn-down-root.so] [/etc/ppp/ip-down]' intercepted=PLUGIN_UP|PLUGIN_DOWN Fri May 30 09:22:41 2014 WARNING: file 'XXX-client01.key' is group or others accessible Fri May 30 09:22:41 2014 WARNING: file 'ta.key' is group or others accessible Fri May 30 09:22:41 2014 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file Fri May 30 09:22:41 2014 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Fri May 30 09:22:41 2014 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Fri May 30 09:22:41 2014 LZO compression initialized Fri May 30 09:22:41 2014 Control Channel MTU parms [ L:1578 D:166 EF:66 EB:0 ET:0 EL:0 ] Fri May 30 09:22:41 2014 Socket Buffers: R=[229376->131072] S=[229376->131072] Fri May 30 09:22:41 2014 Data Channel MTU parms [ L:1578 D:1300 EF:46 EB:135 ET:32 EL:0 AF:3/1 ] Fri May 30 09:22:41 2014 Fragmentation MTU parms [ L:1578 D:1300 EF:45 EB:135 ET:33 EL:0 AF:3/1 ] Fri May 30 09:22:41 2014 Local Options hash (VER=V4): 'a257ef04' Fri May 30 09:22:41 2014 Expected Remote Options hash (VER=V4): '8f3da10b' Fri May 30 09:22:41 2014 UDPv4 link local (bound): [undef]:1194 Fri May 30 09:22:41 2014 UDPv4 link remote: X.X.X.X:1194 Fri May 30 09:22:41 2014 TLS: Initial packet from X.X.X.X:1194, sid=90cf68c5 a0d02561 Fri May 30 09:22:41 2014 TLS Error: local/remote TLS keys are out of sync: X.X.X.X:1194 [0] Fri May 30 09:22:41 2014 VERIFY OK: depth=1, /C=FR/ST=HE/L=XXX/O=XXX/CN=XXX_CA/emailAddress=admin@XXX.com Fri May 30 09:22:41 2014 VERIFY OK: nsCertType=SERVER Fri May 30 09:22:41 2014 VERIFY OK: depth=0, /C=FR/ST=HE/L=XXX/O=XXX/CN=XXX-srv02/emailAddress=admin@XXX.com Fri May 30 09:22:41 2014 TLS Error: local/remote TLS keys are out of sync: X.X.X.X:1194 [0] Fri May 30 09:22:42 2014 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Fri May 30 09:22:42 2014 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Fri May 30 09:22:42 2014 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Fri May 30 09:22:42 2014 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Fri May 30 09:22:42 2014 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Fri May 30 09:22:42 2014 [XXX-srv02] Peer Connection Initiated with X.X.X.X:1194 Fri May 30 09:22:44 2014 SENT CONTROL [XXX-srv02]: 'PUSH_REQUEST' (status=1) Fri May 30 09:22:44 2014 PUSH: Received control message: 'PUSH_REPLY,route-gateway 10.10.110.10,ping 10,ping-restart 120,ifconfig 10.10.110.21 255.255.255.0' Fri May 30 09:22:44 2014 OPTIONS IMPORT: timers and/or timeouts modified Fri May 30 09:22:44 2014 OPTIONS IMPORT: --ifconfig/up options modified Fri May 30 09:22:44 2014 OPTIONS IMPORT: route-related options modified Fri May 30 09:22:44 2014 TUN/TAP device tap0 opened Fri May 30 09:22:44 2014 TUN/TAP TX queue length set to 100 Fri May 30 09:22:44 2014 /sbin/ifconfig tap0 10.10.110.21 netmask 255.255.255.0 mtu 1500 broadcast 10.10.110.255 Fri May 30 09:22:44 2014 PLUGIN_CALL: POST /lib/openvpn/openvpn-down-root.so/PLUGIN_UP status=0 Fri May 30 09:22:44 2014 PLUGIN_CALL: POST /lib/openvpn/openvpn-down-root.so/PLUGIN_UP status=0 Fri May 30 09:22:44 2014 Initialization Sequence Completed /var/log/messages May 30 09:22:57 ds412plus SystemInfo.cgi: SystemInfo.cpp:272 get network error. May 30 09:23:31 ds412plus SystemInfo.cgi: SystemInfo.cpp:272 get network error. May 30 09:23:58 ds412plus SystemInfo.cgi: SystemInfo.cpp:272 get network error. May 30 09:24:14 ds412plus synovpnc: connection.c:917 Wait 30 seconds; Failed to get net card info 'tun0' [0x3600] May 30 09:24:15 ds412plus synovpnc: connection.c:1230 CreateOVPNConnection(o1401292124) failed May 30 09:24:15 ds412plus synovpnc: synovpnc.c:375 VPN id 'o1401292124' is failed to create /usr/syno/etc/synovpnclient/client_xxxxx dev tap remote X.X.X.X 1194 tls-client pull proto udp ca ca_xxxxx.crt ns-cert-type server cert client01.crt key client01.key script-security 2 float explicit-exit-notify plugin /lib/openvpn/openvpn-down-root.so /usr/syno/etc.defaults/synovpnclient/scripts/ip-down tls-auth ta.key 1 log-append openvpn.log comp-lzo verb 3 mssfix 1300 fragment 1300 plugin /lib/openvpn/openvpn-down-root.so /etc/ppp/ip-down /usr/syno/etc/synovpnclient/ovpnclient.conf [xxxxx] nat=no redirect-gateway=no comp-lzo=yes pass= reconnect=yes conf_name=VPN user=nobody remote=X.X.X.X 1194 Server OpenVpn : /etc/openvpn/openvpn.log .... Fri May 30 09:24:01 2014 client01/X.X.X.X:57975 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Fri May 30 09:24:01 2014 client01/X.X.X.X:57975 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Fri May 30 09:24:01 2014 client01/X.X.X.X:57975 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Fri May 30 09:24:01 2014 client01/X.X.X.X:57975 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Fri May 30 09:24:01 2014 client01/X.X.X.X:57975 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Fri May 30 09:24:17 2014 read UDPv4 [ECONNREFUSED]: Connection refused (code=111) Fri May 30 09:24:17 2014 read UDPv4 [ECONNREFUSED]: Connection refused (code=111) Toute aide sera la bienvenue, car la je ne vois pas trop pourquoi ça fonctionne, et que ça coupe pour rien ... Merci
×
×
  • Créer...

Information importante

Nous avons placé des cookies sur votre appareil pour aider à améliorer ce site. Vous pouvez choisir d’ajuster vos paramètres de cookie, sinon nous supposerons que vous êtes d’accord pour continuer.