OpenVPN - conexao instavel

brebreone
(usa Ubuntu)

Enviado em 13/09/2017 - 11:45h

sudo openvpn --config client1.ovpn 

Wed Sep 13 16:35:25 2017 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017

Wed Sep 13 16:35:25 2017 library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08

Wed Sep 13 16:35:25 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Wed Sep 13 16:35:25 2017 Control Channel Authentication: tls-auth using INLINE static key file

Wed Sep 13 16:35:25 2017 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication

Wed Sep 13 16:35:25 2017 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication

Wed Sep 13 16:35:25 2017 Socket Buffers: R=[87380->87380] S=[16384->16384]

Wed Sep 13 16:35:25 2017 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay

Wed Sep 13 16:35:25 2017 Attempting to establish TCP connection with [AF_INET]192.xxx.x.xx:443 [nonblock]

Wed Sep 13 16:35:25 2017 TCP connection established with [AF_INET]192.xxx.x.xx:443

Wed Sep 13 16:35:25 2017 TCPv4_CLIENT link local: [undef]

Wed Sep 13 16:35:25 2017 TCPv4_CLIENT link remote: [AF_INET]192.xxx.x.xx:443

Wed Sep 13 16:35:25 2017 Connection reset, restarting [0]

Wed Sep 13 16:35:25 2017 SIGUSR1[soft,connection-reset] received, process restarting

Wed Sep 13 16:35:25 2017 Restart pause, 5 second(s)

 

LSSilva
(usa Outra)

Enviado em 13/09/2017 - 20:19h

sudo openvpn --config client1.ovpn 

Wed Sep 13 16:35:25 2017 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017

Wed Sep 13 16:35:25 2017 library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08

Wed Sep 13 16:35:25 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Wed Sep 13 16:35:25 2017 Control Channel Authentication: tls-auth using INLINE static key file

Wed Sep 13 16:35:25 2017 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication

Wed Sep 13 16:35:25 2017 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication

Wed Sep 13 16:35:25 2017 Socket Buffers: R=[87380->87380] S=[16384->16384]

Wed Sep 13 16:35:25 2017 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay

Wed Sep 13 16:35:25 2017 Attempting to establish TCP connection with [AF_INET]192.xxx.x.xx:443 [nonblock]

Wed Sep 13 16:35:25 2017 TCP connection established with [AF_INET]192.xxx.x.xx:443

Wed Sep 13 16:35:25 2017 TCPv4_CLIENT link local: [undef]

Wed Sep 13 16:35:25 2017 TCPv4_CLIENT link remote: [AF_INET]192.xxx.x.xx:443

Wed Sep 13 16:35:25 2017 Connection reset, restarting [0]

Wed Sep 13 16:35:25 2017 SIGUSR1[soft,connection-reset] received, process restarting

Wed Sep 13 16:35:25 2017 Restart pause, 5 second(s)

 

brebreone
(usa Ubuntu)

Enviado em 14/09/2017 - 04:36h

sudo nano /etc/openvpn/server.conf 

Thu Sep 14 09:32:03 2017 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017

Thu Sep 14 09:32:03 2017 library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08

Thu Sep 14 09:32:03 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Thu Sep 14 09:32:03 2017 Control Channel Authentication: tls-auth using INLINE static key file

Thu Sep 14 09:32:03 2017 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication

Thu Sep 14 09:32:03 2017 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication

Thu Sep 14 09:32:03 2017 Socket Buffers: R=[87380->87380] S=[16384->16384]

Thu Sep 14 09:32:03 2017 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay

Thu Sep 14 09:32:03 2017 Attempting to establish TCP connection with [AF_INET]192.168.0.25:443 [nonblock]

Thu Sep 14 09:32:03 2017 TCP connection established with [AF_INET]192.168.0.25:443

Thu Sep 14 09:32:03 2017 TCPv4_CLIENT link local: [undef]

Thu Sep 14 09:32:03 2017 TCPv4_CLIENT link remote: [AF_INET]192.168.0.25:443

Thu Sep 14 09:32:03 2017 Connection reset, restarting [0]

Thu Sep 14 09:32:03 2017 SIGUSR1[soft,connection-reset] received, process restarting

Thu Sep 14 09:32:03 2017 Restart pause, 5 second(s)

 

spikey
(usa Debian)

Enviado em 14/09/2017 - 08:33h

LSSilva
(usa Outra)

Enviado em 14/09/2017 - 09:01h

sudo nano /etc/openvpn/server.conf 

Thu Sep 14 09:32:03 2017 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017

Thu Sep 14 09:32:03 2017 library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08

Thu Sep 14 09:32:03 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Thu Sep 14 09:32:03 2017 Control Channel Authentication: tls-auth using INLINE static key file

Thu Sep 14 09:32:03 2017 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication

Thu Sep 14 09:32:03 2017 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication

Thu Sep 14 09:32:03 2017 Socket Buffers: R=[87380->87380] S=[16384->16384]

Thu Sep 14 09:32:03 2017 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay

Thu Sep 14 09:32:03 2017 Attempting to establish TCP connection with [AF_INET]192.168.0.25:443 [nonblock]

Thu Sep 14 09:32:03 2017 TCP connection established with [AF_INET]192.168.0.25:443

Thu Sep 14 09:32:03 2017 TCPv4_CLIENT link local: [undef]

Thu Sep 14 09:32:03 2017 TCPv4_CLIENT link remote: [AF_INET]192.168.0.25:443

Thu Sep 14 09:32:03 2017 Connection reset, restarting [0]

Thu Sep 14 09:32:03 2017 SIGUSR1[soft,connection-reset] received, process restarting

Thu Sep 14 09:32:03 2017 Restart pause, 5 second(s)

 

brebreone
(usa Ubuntu)

Enviado em 14/09/2017 - 16:23h

 server.conf



;local a.b.c.d

port 443

;proto udp

proto tcp

;dev tap

dev tun

;dev-node MyTap

ca ca.crt

cert server.crt

key server.key  # This file should be kept secret

dh dh2048.pem

;topology subnet

server 10.8.0.0 255.255.255.0

ifconfig-pool-persist ipp.txt

;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100

;server-bridge

;push "route 192.168.10.0 255.255.255.0"

;push "route 192.168.20.0 255.255.255.0"

;client-config-dir ccd

;route 192.168.40.128 255.255.255.248

;client-config-dir ccd

;route 10.9.0.0 255.255.255.252

;learn-address ./script

push "redirect-gateway def1 bypass-dhcp"

push "dhcp-option DNS 208.67.222.222"

push "dhcp-option DNS 208.67.220.220"

;client-to-client

duplicate-cn

keepalive 10 120

tls-auth ta.key 0 # This file is secret

key-direction 0

;cipher BF-CBC        # Blowfish (default)

cipher AES-128-CBC   # AES

;cipher DES-EDE3-CBC  # Triple-DES

auth SHA256

comp-lzo

;max-clients 100

user nobody

group nogroup

persist-key

persist-tun

status openvpn-status.log

;log         openvpn.log

;log-append  openvpn.log

verb 3

;mute 20 

client.ovpn



client

;dev tap

dev tun

;dev-node MyTap

;proto udp

proto tcp

remote 192.168.0.25 443

;remote 192.168.0.25 443

;remote-random

resolv-retry infinite

nobind

user nobody

group nogroup

persist-key

persist-tun

;http-proxy-retry # retry on connection failures

;http-proxy [proxy server] [proxy port #]

;mute-replay-warnings

#ca ca.crt

#cert client.crt

#key client.key

remote-cert-tls server

;tls-auth ta.key 1

cipher AES-128-CBC

auth SHA256

key-direction 1

script-security 2

up /etc/openvpn/update-resolv-conf

down /etc/openvpn/update-resolv-conf

comp-lzo

verb 3

;mute 20

<ca>

#Depois vem certificado e chave etc... 

Trying 192.168.0.25...

Connected to 192.168.0.25.

Escape character is '^]'.

^CConnection closed by foreign host. 

spikey
(usa Debian)

Enviado em 14/09/2017 - 16:31h

brebreone
(usa Ubuntu)

Enviado em 14/09/2017 - 16:34h

spikey
(usa Debian)

Enviado em 14/09/2017 - 16:41h

LSSilva
(usa Outra)

Enviado em 14/09/2017 - 17:44h

 server.conf



;local a.b.c.d

port 443

;proto udp

proto tcp

;dev tap

dev tun

;dev-node MyTap

ca ca.crt

cert server.crt

key server.key  # This file should be kept secret

dh dh2048.pem

;topology subnet

server 10.8.0.0 255.255.255.0

ifconfig-pool-persist ipp.txt

;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100

;server-bridge

;push "route 192.168.10.0 255.255.255.0"

;push "route 192.168.20.0 255.255.255.0"

;client-config-dir ccd

;route 192.168.40.128 255.255.255.248

;client-config-dir ccd

;route 10.9.0.0 255.255.255.252

;learn-address ./script

push "redirect-gateway def1 bypass-dhcp"

push "dhcp-option DNS 208.67.222.222"

push "dhcp-option DNS 208.67.220.220"

;client-to-client

duplicate-cn

keepalive 10 120

tls-auth ta.key 0 # This file is secret

key-direction 0

;cipher BF-CBC        # Blowfish (default)

cipher AES-128-CBC   # AES

;cipher DES-EDE3-CBC  # Triple-DES

auth SHA256

comp-lzo

;max-clients 100

user nobody

group nogroup

persist-key

persist-tun

status openvpn-status.log

;log         openvpn.log

;log-append  openvpn.log

verb 3

;mute 20 

client.ovpn



client

;dev tap

dev tun

;dev-node MyTap

;proto udp

proto tcp

remote 192.168.0.25 443

;remote 192.168.0.25 443

;remote-random

resolv-retry infinite

nobind

user nobody

group nogroup

persist-key

persist-tun

;http-proxy-retry # retry on connection failures

;http-proxy [proxy server] [proxy port #]

;mute-replay-warnings

#ca ca.crt

#cert client.crt

#key client.key

remote-cert-tls server

;tls-auth ta.key 1

cipher AES-128-CBC

auth SHA256

key-direction 1

script-security 2

up /etc/openvpn/update-resolv-conf

down /etc/openvpn/update-resolv-conf

comp-lzo

verb 3

;mute 20

<ca>

#Depois vem certificado e chave etc... 

Trying 192.168.0.25...

Connected to 192.168.0.25.

Escape character is '^]'.

^CConnection closed by foreign host. 

spikey
(usa Debian)

Enviado em 14/09/2017 - 18:36h

brebreone
(usa Ubuntu)

Enviado em 15/09/2017 - 06:38h

sudo openvpn --config client1.conf 

Fri Sep 15 11:23:58 2017 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017

Fri Sep 15 11:23:58 2017 library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08

Fri Sep 15 11:23:58 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Fri Sep 15 11:23:58 2017 Control Channel Authentication: tls-auth using INLINE static key file

Fri Sep 15 11:23:58 2017 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication

Fri Sep 15 11:23:58 2017 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication

Fri Sep 15 11:23:58 2017 Socket Buffers: R=[87380->87380] S=[16384->16384]

Fri Sep 15 11:23:58 2017 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay

Fri Sep 15 11:23:58 2017 Attempting to establish TCP connection with [AF_INET]192.168.0.25:443 [nonblock]

Fri Sep 15 11:23:58 2017 TCP connection established with [AF_INET]192.168.0.25:443

Fri Sep 15 11:23:58 2017 TCPv4_CLIENT link local: [undef]

Fri Sep 15 11:23:58 2017 TCPv4_CLIENT link remote: [AF_INET]192.168.0.25:443

Fri Sep 15 11:23:58 2017 Connection reset, restarting [0]

Fri Sep 15 11:23:58 2017 SIGUSR1[soft,connection-reset] received, process restarting

Fri Sep 15 11:23:58 2017 Restart pause, 5 second(s)

Fri Sep 15 11:24:03 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Fri Sep 15 11:24:03 2017 Socket Buffers: R=[87380->87380] S=[16384->16384]

Fri Sep 15 11:24:03 2017 Attempting to establish TCP connection with [AF_INET]192.168.0.25:443 [nonblock]

 

Fri Sep 15 11:33:21 2017 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017

Fri Sep 15 11:33:21 2017 library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08

Fri Sep 15 11:33:21 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Fri Sep 15 11:33:21 2017 Control Channel Authentication: tls-auth using INLINE static key file

Fri Sep 15 11:33:21 2017 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication

Fri Sep 15 11:33:21 2017 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication

Fri Sep 15 11:33:21 2017 Socket Buffers: R=[87380->87380] S=[16384->16384]

Fri Sep 15 11:33:21 2017 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay

Fri Sep 15 11:33:21 2017 Attempting to establish TCP connection with [AF_INET]192.168.0.25:1194 [nonblock]

Fri Sep 15 11:33:21 2017 TCP: connect to [AF_INET]192.168.0.25:1194 failed, will try again in 5 seconds: Connection refused