ubuntuusers.de

OpenVPN Zugriff auf Internet

Status: Gelöst | Ubuntu-Version: Server 8.04 (Hardy Heron)
Antworten |

Ferio Team-Icon

Avatar von Ferio

Anmeldungsdatum:
24. April 2007

Beiträge: 383

Ich versuche gerade OpenVPN auf meinem vserver zum laufen zu kriegen und bis inzwischen ratlos. Ich leite den ganzen Traffic durch das VPN. ). Zugreifen kann ich danach aber nur auf die externe IP vom Server selbst (nichtmal auf die VPN-IP 10.8.0.1).

Die Konfiguration ist

port 1194

# TCP or UDP server?
;proto tcp
proto udp

dev tun

ca ./easy-rsa2/keys/ca.crt
cert ./easy-rsa2/keys/server.crt
key ./easy-rsa2/keys/server.key    # Diese Datei geheim halten.
dh ./easy-rsa2/keys/dh1024.pem     # Diffie-Hellman-Parameter
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1"

keepalive 10 120


persist-key
persist-tun


verb 3

Route ist angelegt

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o venet0 -j SNAT --to SERVER_IP

Routing in sysctl ist aktiviert. Was übersehe ich?

nbkr

Avatar von nbkr

Anmeldungsdatum:
29. Oktober 2007

Beiträge: 1936

Wohnort: Aschaffenburg

Kann die VM denn überhaupt OpenVPN? Dafür braucht es ein bestimmtes Kernelmodul das auf einigen virtuellen Maschine nicht verfügbar ist.

Ferio Team-Icon

(Themenstarter)
Avatar von Ferio

Anmeldungsdatum:
24. April 2007

Beiträge: 383

Ich gehe mal davon aus. Ich kann verbinden, tun-Device habe ich auch.

nbkr

Avatar von nbkr

Anmeldungsdatum:
29. Oktober 2007

Beiträge: 1936

Wohnort: Aschaffenburg

Was sagt das Log von OpenVPN Client und Server?

Nefarius

Avatar von Nefarius

Anmeldungsdatum:
11. Dezember 2008

Beiträge: 1275

Ferio Team-Icon

(Themenstarter)
Avatar von Ferio

Anmeldungsdatum:
24. April 2007

Beiträge: 383

nbkr schrieb:

Was sagt das Log von OpenVPN Client und Server?

Client log sagt viel

2011-11-05 23:41:37 *Tunnelblick: OS X 10.6.8; Tunnelblick 3.1.7 (build 2190.2413); OpenVPN 2.1.4
2011-11-05 23:41:40 *Tunnelblick: Attempting connection with vserver; Set nameserver = 1; monitoring connection
2011-11-05 23:41:40 *Tunnelblick: /Applications/Utilities/Tunnelblick.app/Contents/Resources/openvpnstart start vserver.conf 1337 1 0 0 0 49
2011-11-05 23:41:40 OpenVPN 2.1.4 i386-apple-darwin10.7.1 [SSL] [LZO2] [PKCS11] built on Mar  1 2011
2011-11-05 23:41:40 MANAGEMENT: TCP Socket listening on 127.0.0.1:1337
2011-11-05 23:41:40 Need hold release from management interface, waiting...
2011-11-05 23:41:40 MANAGEMENT: Client connected from 127.0.0.1:1337
2011-11-05 23:41:40 MANAGEMENT: CMD 'pid'
2011-11-05 23:41:40 MANAGEMENT: CMD 'state on'
2011-11-05 23:41:40 MANAGEMENT: CMD 'state'
2011-11-05 23:41:40 MANAGEMENT: CMD 'hold release'
2011-11-05 23:41:40 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2011-11-05 23:41:40 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
2011-11-05 23:41:40 Socket Buffers: R=[42080->65536] S=[9216->65536]
2011-11-05 23:41:40 MANAGEMENT: >STATE:1320532900,RESOLVE,,,
2011-11-05 23:41:40 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
2011-11-05 23:41:40 Local Options hash (VER=V4): '3514370b'
2011-11-05 23:41:40 Expected Remote Options hash (VER=V4): '239669a8'
2011-11-05 23:41:40 UDPv4 link local: [undef]
2011-11-05 23:41:40 UDPv4 link remote: SERVER_PUBLIC_IP_ADDR:1194
2011-11-05 23:41:40 MANAGEMENT: >STATE:1320532900,WAIT,,,
2011-11-05 23:41:40 *Tunnelblick: openvpnstart: /Applications/Utilities/Tunnelblick.app/Contents/Resources/openvpn --cd /Users/user/Library/Application Support/Tunnelblick/Configurations --daemon --management 127.0.0.1 1337 --config /Users/user/Library/Application Support/Tunnelblick/Configurations/vserver.conf --log /Library/Application Support/Tunnelblick/Logs/-SUsers-Suser-SLibrary-SApplication Support-STunnelblick-SConfigurations-Svserver.conf.1_0_0_0_49.1337.openvpn.log --management-query-passwords --management-hold --script-security 2 --up /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d --down /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d --up-restart
2011-11-05 23:41:41 MANAGEMENT: >STATE:1320532901,AUTH,,,
2011-11-05 23:41:41 TLS: Initial packet from SERVER_PUBLIC_IP_ADDR:1194, sid=8a90a344 b9048607
2011-11-05 23:41:41 VERIFY OK: depth=1, /C=DE/ST=NDS/L=Hannnover/O=private_vpn/CN=private_vpn_CA/emailAddress=noreply@domain.net
2011-11-05 23:41:41 VERIFY OK: nsCertType=SERVER
2011-11-05 23:41:41 VERIFY OK: depth=0, /C=DE/ST=NDS/L=Hannnover/O=private_vpn/CN=domain.net/emailAddress=noreply@domain.net
2011-11-05 23:41:42 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1541', remote='link-mtu 1542'
2011-11-05 23:41:42 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2011-11-05 23:41:42 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2011-11-05 23:41:42 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2011-11-05 23:41:42 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2011-11-05 23:41:42 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2011-11-05 23:41:42 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
2011-11-05 23:41:42 [domain.net] Peer Connection Initiated with SERVER_PUBLIC_IP_ADDR:1194
2011-11-05 23:41:43 MANAGEMENT: >STATE:1320532903,GET_CONFIG,,,
2011-11-05 23:41:44 SENT CONTROL [domain.net]: 'PUSH_REQUEST' (status=1)
2011-11-05 23:41:44 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 85.214.7.22,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
2011-11-05 23:41:44 OPTIONS IMPORT: timers and/or timeouts modified
2011-11-05 23:41:44 OPTIONS IMPORT: --ifconfig/up options modified
2011-11-05 23:41:44 OPTIONS IMPORT: route options modified
2011-11-05 23:41:44 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2011-11-05 23:41:44 ROUTE default_gateway=192.168.1.1
2011-11-05 23:41:44 TUN/TAP device /dev/tun0 opened
2011-11-05 23:41:44 MANAGEMENT: >STATE:1320532904,ASSIGN_IP,,10.8.0.6,
2011-11-05 23:41:44 /sbin/ifconfig tun0 delete
                                        ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2011-11-05 23:41:44 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2011-11-05 23:41:44 /sbin/ifconfig tun0 10.8.0.6 10.8.0.5 mtu 1500 netmask 255.255.255.255 up
2011-11-05 23:41:44 /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d tun0 1500 1541 10.8.0.6 10.8.0.5 init
                                          No such key
2011-11-05 23:41:44 /sbin/route add -net SERVER_PUBLIC_IP_ADDR 192.168.1.1 255.255.255.255
                                        add net SERVER_PUBLIC_IP_ADDR: gateway 192.168.1.1
2011-11-05 23:41:44 /sbin/route add -net 0.0.0.0 10.8.0.5 128.0.0.0
                                        add net 0.0.0.0: gateway 10.8.0.5
2011-11-05 23:41:44 /sbin/route add -net 128.0.0.0 10.8.0.5 128.0.0.0
                                        add net 128.0.0.0: gateway 10.8.0.5
2011-11-05 23:41:44 MANAGEMENT: >STATE:1320532904,ADD_ROUTES,,,
2011-11-05 23:41:44 /sbin/route add -net 10.8.0.1 10.8.0.5 255.255.255.255
                                        add net 10.8.0.1: gateway 10.8.0.5
2011-11-05 23:41:44 Initialization Sequence Completed
2011-11-05 23:41:44 MANAGEMENT: >STATE:1320532904,CONNECTED,SUCCESS,10.8.0.6,SERVER_PUBLIC_IP_ADDR
2011-11-05 23:41:44 *Tunnelblick client.up.tunnelblick.sh: Up to two 'No such key' warnings are normal and may be ignored
2011-11-05 23:41:44 *Tunnelblick client.up.tunnelblick.sh: Saved the DNS and WINS configurations for later use
2011-11-05 23:41:44 *Tunnelblick client.up.tunnelblick.sh: Set up to monitor system configuration with leasewatch
2011-11-05 23:41:44 *Tunnelblick: Flushed the DNS cache
2011-11-05 23:41:49 *Tunnelblick leasewatch: A system configuration change was ignored because it was not relevant
2011-11-05 23:41:56 event_wait : Interrupted system call (code=4)
2011-11-05 23:41:56 TCP/UDP: Closing socket
2011-11-05 23:41:56 /sbin/route delete -net 10.8.0.1 10.8.0.5 255.255.255.255
                                        delete net 10.8.0.1: gateway 10.8.0.5
2011-11-05 23:41:56 /sbin/route delete -net SERVER_PUBLIC_IP_ADDR 192.168.1.1 255.255.255.255
                                        delete net SERVER_PUBLIC_IP_ADDR: gateway 192.168.1.1
2011-11-05 23:41:56 /sbin/route delete -net 0.0.0.0 10.8.0.5 128.0.0.0
                                        delete net 0.0.0.0: gateway 10.8.0.5
2011-11-05 23:41:56 /sbin/route delete -net 128.0.0.0 10.8.0.5 128.0.0.0
                                        delete net 128.0.0.0: gateway 10.8.0.5
2011-11-05 23:41:56 Closing TUN/TAP interface
2011-11-05 23:41:56 /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d tun0 1500 1541 10.8.0.6 10.8.0.5 init
2011-11-05 23:41:56 SIGTERM[hard,] received, process exiting
2011-11-05 23:41:56 MANAGEMENT: >STATE:1320532916,EXITING,SIGTERM,,
2011-11-05 23:41:56 *Tunnelblick client.down.tunnelblick.sh: Cancelled monitoring of system configuration changes
2011-11-05 23:41:56 *Tunnelblick client.down.tunnelblick.sh: Restored the DNS and WINS configurations
2011-11-05 23:41:57 *Tunnelblick: Flushed the DNS cache
2011-11-05 23:46:14 *Tunnelblick: Attempting connection with vserver; Set nameserver = 1; monitoring connection
2011-11-05 23:46:14 *Tunnelblick: /Applications/Utilities/Tunnelblick.app/Contents/Resources/openvpnstart start vserver.conf 1337 1 0 0 0 49
2011-11-05 23:46:14 OpenVPN 2.1.4 i386-apple-darwin10.7.1 [SSL] [LZO2] [PKCS11] built on Mar  1 2011
2011-11-05 23:46:14 MANAGEMENT: TCP Socket listening on 127.0.0.1:1337
2011-11-05 23:46:14 Need hold release from management interface, waiting...
2011-11-05 23:46:14 MANAGEMENT: Client connected from 127.0.0.1:1337
2011-11-05 23:46:14 MANAGEMENT: CMD 'pid'
2011-11-05 23:46:14 MANAGEMENT: CMD 'state on'
2011-11-05 23:46:14 MANAGEMENT: CMD 'state'
2011-11-05 23:46:14 MANAGEMENT: CMD 'hold release'
2011-11-05 23:46:14 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2011-11-05 23:46:14 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
2011-11-05 23:46:14 Socket Buffers: R=[42080->65536] S=[9216->65536]
2011-11-05 23:46:14 MANAGEMENT: >STATE:1320533174,RESOLVE,,,
2011-11-05 23:46:14 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
2011-11-05 23:46:14 Local Options hash (VER=V4): '3514370b'
2011-11-05 23:46:14 Expected Remote Options hash (VER=V4): '239669a8'
2011-11-05 23:46:14 UDPv4 link local: [undef]
2011-11-05 23:46:14 UDPv4 link remote: SERVER_PUBLIC_IP_ADDR:1194
2011-11-05 23:46:14 MANAGEMENT: >STATE:1320533174,WAIT,,,
2011-11-05 23:46:14 MANAGEMENT: >STATE:1320533174,AUTH,,,
2011-11-05 23:46:14 TLS: Initial packet from SERVER_PUBLIC_IP_ADDR:1194, sid=161321db e0dd5104
2011-11-05 23:46:14 VERIFY OK: depth=1, /C=DE/ST=NDS/L=Hannnover/O=private_vpn/CN=private_vpn_CA/emailAddress=noreply@domain.net
2011-11-05 23:46:14 VERIFY OK: nsCertType=SERVER
2011-11-05 23:46:14 VERIFY OK: depth=0, /C=DE/ST=NDS/L=Hannnover/O=private_vpn/CN=domain.net/emailAddress=noreply@domain.net
2011-11-05 23:46:14 *Tunnelblick: openvpnstart: /Applications/Utilities/Tunnelblick.app/Contents/Resources/openvpn --cd /Users/user/Library/Application Support/Tunnelblick/Configurations --daemon --management 127.0.0.1 1337 --config /Users/user/Library/Application Support/Tunnelblick/Configurations/vserver.conf --log /Library/Application Support/Tunnelblick/Logs/-SUsers-Suser-SLibrary-SApplication Support-STunnelblick-SConfigurations-Svserver.conf.1_0_0_0_49.1337.openvpn.log --management-query-passwords --management-hold --script-security 2 --up /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d --down /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d --up-restart
2011-11-05 23:46:15 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1541', remote='link-mtu 1542'
2011-11-05 23:46:15 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2011-11-05 23:46:15 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2011-11-05 23:46:15 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2011-11-05 23:46:15 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2011-11-05 23:46:15 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2011-11-05 23:46:15 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
2011-11-05 23:46:15 [domain.net] Peer Connection Initiated with SERVER_PUBLIC_IP_ADDR:1194
2011-11-05 23:46:16 MANAGEMENT: >STATE:1320533176,GET_CONFIG,,,
2011-11-05 23:46:18 SENT CONTROL [domain.net]: 'PUSH_REQUEST' (status=1)
2011-11-05 23:46:18 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 85.214.7.22,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
2011-11-05 23:46:18 OPTIONS IMPORT: timers and/or timeouts modified
2011-11-05 23:46:18 OPTIONS IMPORT: --ifconfig/up options modified
2011-11-05 23:46:18 OPTIONS IMPORT: route options modified
2011-11-05 23:46:18 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2011-11-05 23:46:18 ROUTE default_gateway=192.168.1.1
2011-11-05 23:46:18 TUN/TAP device /dev/tun0 opened
2011-11-05 23:46:18 MANAGEMENT: >STATE:1320533178,ASSIGN_IP,,10.8.0.6,
2011-11-05 23:46:18 /sbin/ifconfig tun0 delete
                                        ifconfig: 
                                        ioctl (SIOCDIFADDR)
                                        : Can't assign requested address
2011-11-05 23:46:18 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2011-11-05 23:46:18 /sbin/ifconfig tun0 10.8.0.6 10.8.0.5 mtu 1500 netmask 255.255.255.255 up
2011-11-05 23:46:18 /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d tun0 1500 1541 10.8.0.6 10.8.0.5 init
                                          No such key
2011-11-05 23:46:18 /sbin/route add -net SERVER_PUBLIC_IP_ADDR 192.168.1.1 255.255.255.255
                                        add net SERVER_PUBLIC_IP_ADDR: gateway 192.168.1.1
2011-11-05 23:46:18 /sbin/route add -net 0.0.0.0 10.8.0.5 128.0.0.0
                                        add net 0.0.0.0: gateway 10.8.0.5
2011-11-05 23:46:18 /sbin/route add -net 128.0.0.0 10.8.0.5 128.0.0.0
                                        add net 128.0.0.0: gateway 10.8.0.5
2011-11-05 23:46:18 MANAGEMENT: >STATE:1320533178,ADD_ROUTES,,,
2011-11-05 23:46:18 /sbin/route add -net 10.8.0.1 10.8.0.5 255.255.255.255
                                        add net 10.8.0.1: gateway 10.8.0.5
2011-11-05 23:46:18 Initialization Sequence Completed
2011-11-05 23:46:18 MANAGEMENT: >STATE:1320533178,CONNECTED,SUCCESS,10.8.0.6,SERVER_PUBLIC_IP_ADDR
2011-11-05 23:46:18 *Tunnelblick client.up.tunnelblick.sh: Up to two 'No such key' warnings are normal and may be ignored
2011-11-05 23:46:18 *Tunnelblick client.up.tunnelblick.sh: Saved the DNS and WINS configurations for later use
2011-11-05 23:46:18 *Tunnelblick client.up.tunnelblick.sh: Set up to monitor system configuration with leasewatch
2011-11-05 23:46:18 *Tunnelblick: Flushed the DNS cache
2011-11-05 23:46:23 *Tunnelblick leasewatch: A system configuration change was ignored because it was not relevant
2011-11-05 23:46:31 event_wait : Interrupted system call (code=4)
2011-11-05 23:46:31 TCP/UDP: Closing socket
2011-11-05 23:46:31 /sbin/route delete -net 10.8.0.1 10.8.0.5 255.255.255.255
                                        delete net 10.8.0.1: gateway 10.8.0.5
2011-11-05 23:46:31 /sbin/route delete -net SERVER_PUBLIC_IP_ADDR 192.168.1.1 255.255.255.255
                                        delete net SERVER_PUBLIC_IP_ADDR: gateway 192.168.1.1
2011-11-05 23:46:31 /sbin/route delete -net 0.0.0.0 10.8.0.5 128.0.0.0
                                        delete net 0.0.0.0: gateway 10.8.0.5
2011-11-05 23:46:31 /sbin/route delete -net 128.0.0.0 10.8.0.5 128.0.0.0
                                        delete net 128.0.0.0: gateway 10.8.0.5
2011-11-05 23:46:31 Closing TUN/TAP interface
2011-11-05 23:46:31 /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d tun0 1500 1541 10.8.0.6 10.8.0.5 init
2011-11-05 23:46:31 SIGTERM[hard,] received, process exiting
2011-11-05 23:46:31 MANAGEMENT: >STATE:1320533191,EXITING,SIGTERM,,
2011-11-05 23:46:31 *Tunnelblick client.down.tunnelblick.sh: Cancelled monitoring of system configuration changes
2011-11-05 23:46:31 *Tunnelblick client.down.tunnelblick.sh: Restored the DNS and WINS configurations
2011-11-05 23:46:32 *Tunnelblick: Flushed the DNS cache
2011-11-05 23:49:44 *Tunnelblick: Attempting connection with vserver; Set nameserver = 1; monitoring connection
2011-11-05 23:49:44 *Tunnelblick: /Applications/Utilities/Tunnelblick.app/Contents/Resources/openvpnstart start vserver.conf 1337 1 0 0 0 49
2011-11-05 23:49:44 OpenVPN 2.1.4 i386-apple-darwin10.7.1 [SSL] [LZO2] [PKCS11] built on Mar  1 2011
2011-11-05 23:49:44 MANAGEMENT: TCP Socket listening on 127.0.0.1:1337
2011-11-05 23:49:44 Need hold release from management interface, waiting...
2011-11-05 23:49:44 MANAGEMENT: Client connected from 127.0.0.1:1337
2011-11-05 23:49:44 MANAGEMENT: CMD 'pid'
2011-11-05 23:49:44 MANAGEMENT: CMD 'state on'
2011-11-05 23:49:44 MANAGEMENT: CMD 'state'
2011-11-05 23:49:44 MANAGEMENT: CMD 'hold release'
2011-11-05 23:49:44 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2011-11-05 23:49:44 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
2011-11-05 23:49:44 Socket Buffers: R=[42080->65536] S=[9216->65536]
2011-11-05 23:49:44 MANAGEMENT: >STATE:1320533384,RESOLVE,,,
2011-11-05 23:49:44 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
2011-11-05 23:49:44 Local Options hash (VER=V4): '3514370b'
2011-11-05 23:49:44 Expected Remote Options hash (VER=V4): '239669a8'
2011-11-05 23:49:44 UDPv4 link local: [undef]
2011-11-05 23:49:44 UDPv4 link remote: SERVER_PUBLIC_IP_ADDR:1194
2011-11-05 23:49:44 MANAGEMENT: >STATE:1320533384,WAIT,,,
2011-11-05 23:49:44 MANAGEMENT: >STATE:1320533384,AUTH,,,
2011-11-05 23:49:44 TLS: Initial packet from SERVER_PUBLIC_IP_ADDR:1194, sid=b6066c31 60841ebb
2011-11-05 23:49:44 *Tunnelblick: openvpnstart: /Applications/Utilities/Tunnelblick.app/Contents/Resources/openvpn --cd /Users/user/Library/Application Support/Tunnelblick/Configurations --daemon --management 127.0.0.1 1337 --config /Users/user/Library/Application Support/Tunnelblick/Configurations/vserver.conf --log /Library/Application Support/Tunnelblick/Logs/-SUsers-Suser-SLibrary-SApplication Support-STunnelblick-SConfigurations-Svserver.conf.1_0_0_0_49.1337.openvpn.log --management-query-passwords --management-hold --script-security 2 --up /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d --down /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d --up-restart
2011-11-05 23:49:45 VERIFY OK: depth=1, /C=DE/ST=NDS/L=Hannnover/O=private_vpn/CN=private_vpn_CA/emailAddress=noreply@domain.net
2011-11-05 23:49:45 VERIFY OK: nsCertType=SERVER
2011-11-05 23:49:45 VERIFY OK: depth=0, /C=DE/ST=NDS/L=Hannnover/O=private_vpn/CN=domain.net/emailAddress=noreply@domain.net
2011-11-05 23:49:46 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1541', remote='link-mtu 1542'
2011-11-05 23:49:46 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2011-11-05 23:49:46 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2011-11-05 23:49:46 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2011-11-05 23:49:46 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2011-11-05 23:49:46 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2011-11-05 23:49:46 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
2011-11-05 23:49:46 [domain.net] Peer Connection Initiated with SERVER_PUBLIC_IP_ADDR:1194
2011-11-05 23:49:47 MANAGEMENT: >STATE:1320533387,GET_CONFIG,,,
2011-11-05 23:49:48 SENT CONTROL [domain.net]: 'PUSH_REQUEST' (status=1)
2011-11-05 23:49:48 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 85.214.7.22,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
2011-11-05 23:49:48 OPTIONS IMPORT: timers and/or timeouts modified
2011-11-05 23:49:48 OPTIONS IMPORT: --ifconfig/up options modified
2011-11-05 23:49:48 OPTIONS IMPORT: route options modified
2011-11-05 23:49:48 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2011-11-05 23:49:48 ROUTE default_gateway=192.168.1.1
2011-11-05 23:49:48 TUN/TAP device /dev/tun0 opened
2011-11-05 23:49:48 MANAGEMENT: >STATE:1320533388,ASSIGN_IP,,10.8.0.6,
2011-11-05 23:49:48 /sbin/ifconfig tun0 delete
                                        ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2011-11-05 23:49:48 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2011-11-05 23:49:48 /sbin/ifconfig tun0 10.8.0.6 10.8.0.5 mtu 1500 netmask 255.255.255.255 up
2011-11-05 23:49:48 /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d tun0 1500 1541 10.8.0.6 10.8.0.5 init
                                          No such key
2011-11-05 23:49:48 /sbin/route add -net SERVER_PUBLIC_IP_ADDR 192.168.1.1 255.255.255.255
                                        add net SERVER_PUBLIC_IP_ADDR: gateway 192.168.1.1
2011-11-05 23:49:48 /sbin/route add -net 0.0.0.0 10.8.0.5 128.0.0.0
                                        add net 0.0.0.0: gateway 10.8.0.5
2011-11-05 23:49:48 /sbin/route add -net 128.0.0.0 10.8.0.5 128.0.0.0
                                        add net 128.0.0.0: gateway 10.8.0.5
2011-11-05 23:49:48 MANAGEMENT: >STATE:1320533388,ADD_ROUTES,,,
2011-11-05 23:49:48 /sbin/route add -net 10.8.0.1 10.8.0.5 255.255.255.255
                                        add net 10.8.0.1: gateway 10.8.0.5
2011-11-05 23:49:48 Initialization Sequence Completed
2011-11-05 23:49:48 MANAGEMENT: >STATE:1320533388,CONNECTED,SUCCESS,10.8.0.6,SERVER_PUBLIC_IP_ADDR
2011-11-05 23:49:48 *Tunnelblick client.up.tunnelblick.sh: Up to two 'No such key' warnings are normal and may be ignored
2011-11-05 23:49:48 *Tunnelblick client.up.tunnelblick.sh: Saved the DNS and WINS configurations for later use
2011-11-05 23:49:48 *Tunnelblick client.up.tunnelblick.sh: Set up to monitor system configuration with leasewatch
2011-11-05 23:49:48 *Tunnelblick: Flushed the DNS cache
2011-11-05 23:49:53 *Tunnelblick leasewatch: A system configuration change was ignored because it was not relevant
2011-11-05 23:49:55 event_wait : Interrupted system call (code=4)
2011-11-05 23:49:55 TCP/UDP: Closing socket
2011-11-05 23:49:55 /sbin/route delete -net 10.8.0.1 10.8.0.5 255.255.255.255
                                        delete net 10.8.0.1: gateway 10.8.0.5
2011-11-05 23:49:55 /sbin/route delete -net SERVER_PUBLIC_IP_ADDR 192.168.1.1 255.255.255.255
                                        delete net SERVER_PUBLIC_IP_ADDR: gateway 192.168.1.1
2011-11-05 23:49:55 /sbin/route delete -net 0.0.0.0 10.8.0.5 128.0.0.0
                                        delete net 0.0.0.0: gateway 10.8.0.5
2011-11-05 23:49:55 /sbin/route delete -net 128.0.0.0 10.8.0.5 128.0.0.0
                                        delete net 128.0.0.0: gateway 10.8.0.5
2011-11-05 23:49:55 Closing TUN/TAP interface
2011-11-05 23:49:55 /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d tun0 1500 1541 10.8.0.6 10.8.0.5 init
2011-11-05 23:49:55 SIGTERM[hard,] received, process exiting
2011-11-05 23:49:55 MANAGEMENT: >STATE:1320533395,EXITING,SIGTERM,,
2011-11-05 23:49:55 *Tunnelblick client.down.tunnelblick.sh: Cancelled monitoring of system configuration changes
2011-11-05 23:49:55 *Tunnelblick client.down.tunnelblick.sh: Restored the DNS and WINS configurations
2011-11-05 23:49:56 *Tunnelblick: Flushed the DNS cache
2011-11-05 23:50:33 *Tunnelblick: Attempting connection with vserver; Set nameserver = 1; monitoring connection
2011-11-05 23:50:33 *Tunnelblick: /Applications/Utilities/Tunnelblick.app/Contents/Resources/openvpnstart start vserver.conf 1337 1 0 0 0 49
2011-11-05 23:50:33 OpenVPN 2.1.4 i386-apple-darwin10.7.1 [SSL] [LZO2] [PKCS11] built on Mar  1 2011
2011-11-05 23:50:33 MANAGEMENT: TCP Socket listening on 127.0.0.1:1337
2011-11-05 23:50:33 Need hold release from management interface, waiting...
2011-11-05 23:50:33 MANAGEMENT: Client connected from 127.0.0.1:1337
2011-11-05 23:50:33 MANAGEMENT: CMD 'pid'
2011-11-05 23:50:33 MANAGEMENT: CMD 'state on'
2011-11-05 23:50:33 MANAGEMENT: CMD 'state'
2011-11-05 23:50:33 MANAGEMENT: CMD 'hold release'
2011-11-05 23:50:33 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2011-11-05 23:50:33 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
2011-11-05 23:50:33 Socket Buffers: R=[42080->65536] S=[9216->65536]
2011-11-05 23:50:33 MANAGEMENT: >STATE:1320533433,RESOLVE,,,
2011-11-05 23:50:33 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
2011-11-05 23:50:33 Local Options hash (VER=V4): '3514370b'
2011-11-05 23:50:33 Expected Remote Options hash (VER=V4): '239669a8'
2011-11-05 23:50:33 UDPv4 link local: [undef]
2011-11-05 23:50:33 UDPv4 link remote: SERVER_PUBLIC_IP_ADDR:1194
2011-11-05 23:50:33 MANAGEMENT: >STATE:1320533433,WAIT,,,
2011-11-05 23:50:33 MANAGEMENT: >STATE:1320533433,AUTH,,,
2011-11-05 23:50:33 TLS: Initial packet from SERVER_PUBLIC_IP_ADDR:1194, sid=64e6c3bb cf6130de
2011-11-05 23:50:33 VERIFY OK: depth=1, /C=DE/ST=NDS/L=Hannnover/O=private_vpn/CN=private_vpn_CA/emailAddress=noreply@domain.net
2011-11-05 23:50:33 VERIFY OK: nsCertType=SERVER
2011-11-05 23:50:33 VERIFY OK: depth=0, /C=DE/ST=NDS/L=Hannnover/O=private_vpn/CN=domain.net/emailAddress=noreply@domain.net
2011-11-05 23:50:33 *Tunnelblick: openvpnstart: /Applications/Utilities/Tunnelblick.app/Contents/Resources/openvpn --cd /Users/user/Library/Application Support/Tunnelblick/Configurations --daemon --management 127.0.0.1 1337 --config /Users/user/Library/Application Support/Tunnelblick/Configurations/vserver.conf --log /Library/Application Support/Tunnelblick/Logs/-SUsers-Suser-SLibrary-SApplication Support-STunnelblick-SConfigurations-Svserver.conf.1_0_0_0_49.1337.openvpn.log --management-query-passwords --management-hold --script-security 2 --up /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d --down /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d --up-restart
2011-11-05 23:50:34 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1541', remote='link-mtu 1542'
2011-11-05 23:50:34 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2011-11-05 23:50:34 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2011-11-05 23:50:34 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2011-11-05 23:50:34 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2011-11-05 23:50:34 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2011-11-05 23:50:34 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
2011-11-05 23:50:34 [domain.net] Peer Connection Initiated with SERVER_PUBLIC_IP_ADDR:1194
2011-11-05 23:50:35 MANAGEMENT: >STATE:1320533435,GET_CONFIG,,,
2011-11-05 23:50:37 SENT CONTROL [domain.net]: 'PUSH_REQUEST' (status=1)
2011-11-05 23:50:37 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 85.214.7.22,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
2011-11-05 23:50:37 OPTIONS IMPORT: timers and/or timeouts modified
2011-11-05 23:50:37 OPTIONS IMPORT: --ifconfig/up options modified
2011-11-05 23:50:37 OPTIONS IMPORT: route options modified
2011-11-05 23:50:37 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2011-11-05 23:50:37 ROUTE default_gateway=192.168.1.1
2011-11-05 23:50:37 TUN/TAP device /dev/tun0 opened
2011-11-05 23:50:37 MANAGEMENT: >STATE:1320533437,ASSIGN_IP,,10.8.0.6,
2011-11-05 23:50:37 /sbin/ifconfig tun0 delete
                                        ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2011-11-05 23:50:37 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2011-11-05 23:50:37 /sbin/ifconfig tun0 10.8.0.6 10.8.0.5 mtu 1500 netmask 255.255.255.255 up
2011-11-05 23:50:37 /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d tun0 1500 1541 10.8.0.6 10.8.0.5 init
                                          No such key
2011-11-05 23:50:37 /sbin/route add -net SERVER_PUBLIC_IP_ADDR 192.168.1.1 255.255.255.255
                                        add net SERVER_PUBLIC_IP_ADDR: gateway 192.168.1.1
2011-11-05 23:50:37 /sbin/route add -net 0.0.0.0 10.8.0.5 128.0.0.0
                                        add net 0.0.0.0: gateway 10.8.0.5
2011-11-05 23:50:37 /sbin/route add -net 128.0.0.0 10.8.0.5 128.0.0.0
                                        add net 128.0.0.0: gateway 10.8.0.5
2011-11-05 23:50:37 MANAGEMENT: >STATE:1320533437,ADD_ROUTES,,,
2011-11-05 23:50:37 /sbin/route add -net 10.8.0.1 10.8.0.5 255.255.255.255
                                        add net 10.8.0.1: gateway 10.8.0.5
2011-11-05 23:50:37 Initialization Sequence Completed
2011-11-05 23:50:37 MANAGEMENT: >STATE:1320533437,CONNECTED,SUCCESS,10.8.0.6,SERVER_PUBLIC_IP_ADDR
2011-11-05 23:50:37 *Tunnelblick client.up.tunnelblick.sh: Up to two 'No such key' warnings are normal and may be ignored
2011-11-05 23:50:37 *Tunnelblick client.up.tunnelblick.sh: Saved the DNS and WINS configurations for later use
2011-11-05 23:50:37 *Tunnelblick client.up.tunnelblick.sh: Set up to monitor system configuration with leasewatch
2011-11-05 23:50:37 *Tunnelblick: Flushed the DNS cache
2011-11-05 23:50:42 *Tunnelblick leasewatch: A system configuration change was ignored because it was not relevant
2011-11-05 23:51:33 event_wait : Interrupted system call (code=4)
2011-11-05 23:51:33 TCP/UDP: Closing socket
2011-11-05 23:51:33 /sbin/route delete -net 10.8.0.1 10.8.0.5 255.255.255.255
                                        delete net 10.8.0.1: gateway 10.8.0.5
2011-11-05 23:51:33 /sbin/route delete -net SERVER_PUBLIC_IP_ADDR 192.168.1.1 255.255.255.255
                                        delete net SERVER_PUBLIC_IP_ADDR: gateway 192.168.1.1
2011-11-05 23:51:33 /sbin/route delete -net 0.0.0.0 10.8.0.5 128.0.0.0
                                        delete net 0.0.0.0: gateway 10.8.0.5
2011-11-05 23:51:33 /sbin/route delete -net 128.0.0.0 10.8.0.5 128.0.0.0
                                        delete net 128.0.0.0: gateway 10.8.0.5
2011-11-05 23:51:33 Closing TUN/TAP interface
2011-11-05 23:51:33 /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d tun0 1500 1541 10.8.0.6 10.8.0.5 init
2011-11-05 23:51:33 SIGTERM[hard,] received, process exiting
2011-11-05 23:51:33 MANAGEMENT: >STATE:1320533493,EXITING,SIGTERM,,
2011-11-05 23:51:33 *Tunnelblick client.down.tunnelblick.sh: Cancelled monitoring of system configuration changes
2011-11-05 23:51:33 *Tunnelblick client.down.tunnelblick.sh: Restored the DNS and WINS configurations
2011-11-05 23:51:34 *Tunnelblick: Flushed the DNS cache
2011-11-05 23:51:38 *Tunnelblick: Attempting connection with vserver; Set nameserver = 1; monitoring connection
2011-11-05 23:51:38 *Tunnelblick: /Applications/Utilities/Tunnelblick.app/Contents/Resources/openvpnstart start vserver.conf 1338 1 0 0 0 49
2011-11-05 23:51:38 OpenVPN 2.1.4 i386-apple-darwin10.7.1 [SSL] [LZO2] [PKCS11] built on Mar  1 2011
2011-11-05 23:51:38 MANAGEMENT: TCP Socket listening on 127.0.0.1:1338
2011-11-05 23:51:38 Need hold release from management interface, waiting...
2011-11-05 23:51:38 MANAGEMENT: Client connected from 127.0.0.1:1338
2011-11-05 23:51:38 MANAGEMENT: CMD 'pid'
2011-11-05 23:51:38 MANAGEMENT: CMD 'state on'
2011-11-05 23:51:38 MANAGEMENT: CMD 'state'
2011-11-05 23:51:38 MANAGEMENT: CMD 'hold release'
2011-11-05 23:51:38 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2011-11-05 23:51:38 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
2011-11-05 23:51:38 Socket Buffers: R=[42080->65536] S=[9216->65536]
2011-11-05 23:51:38 MANAGEMENT: >STATE:1320533498,RESOLVE,,,
2011-11-05 23:51:38 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
2011-11-05 23:51:38 Local Options hash (VER=V4): '3514370b'
2011-11-05 23:51:38 Expected Remote Options hash (VER=V4): '239669a8'
2011-11-05 23:51:38 UDPv4 link local: [undef]
2011-11-05 23:51:38 UDPv4 link remote: SERVER_PUBLIC_IP_ADDR:1194
2011-11-05 23:51:38 MANAGEMENT: >STATE:1320533498,WAIT,,,
2011-11-05 23:51:38 MANAGEMENT: >STATE:1320533498,AUTH,,,
2011-11-05 23:51:38 TLS: Initial packet from SERVER_PUBLIC_IP_ADDR:1194, sid=051c909e 16cd0f29
2011-11-05 23:51:38 *Tunnelblick: openvpnstart: /Applications/Utilities/Tunnelblick.app/Contents/Resources/openvpn --cd /Users/user/Library/Application Support/Tunnelblick/Configurations --daemon --management 127.0.0.1 1338 --config /Users/user/Library/Application Support/Tunnelblick/Configurations/vserver.conf --log /Library/Application Support/Tunnelblick/Logs/-SUsers-Suser-SLibrary-SApplication Support-STunnelblick-SConfigurations-Svserver.conf.1_0_0_0_49.1338.openvpn.log --management-query-passwords --management-hold --script-security 2 --up /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d --down /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d --up-restart
2011-11-05 23:51:39 VERIFY OK: depth=1, /C=DE/ST=NDS/L=Hannnover/O=private_vpn/CN=private_vpn_CA/emailAddress=noreply@domain.net
2011-11-05 23:51:39 VERIFY OK: nsCertType=SERVER
2011-11-05 23:51:39 VERIFY OK: depth=0, /C=DE/ST=NDS/L=Hannnover/O=private_vpn/CN=domain.net/emailAddress=noreply@domain.net
2011-11-05 23:51:39 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1541', remote='link-mtu 1542'
2011-11-05 23:51:39 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2011-11-05 23:51:39 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2011-11-05 23:51:39 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2011-11-05 23:51:39 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2011-11-05 23:51:39 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2011-11-05 23:51:39 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
2011-11-05 23:51:39 [domain.net] Peer Connection Initiated with SERVER_PUBLIC_IP_ADDR:1194
2011-11-05 23:51:41 MANAGEMENT: >STATE:1320533501,GET_CONFIG,,,
2011-11-05 23:51:42 SENT CONTROL [domain.net]: 'PUSH_REQUEST' (status=1)
2011-11-05 23:51:42 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 85.214.7.22,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
2011-11-05 23:51:42 OPTIONS IMPORT: timers and/or timeouts modified
2011-11-05 23:51:42 OPTIONS IMPORT: --ifconfig/up options modified
2011-11-05 23:51:42 OPTIONS IMPORT: route options modified
2011-11-05 23:51:42 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2011-11-05 23:51:42 ROUTE default_gateway=192.168.1.1
2011-11-05 23:51:42 TUN/TAP device /dev/tun0 opened
2011-11-05 23:51:42 MANAGEMENT: >STATE:1320533502,ASSIGN_IP,,10.8.0.6,
2011-11-05 23:51:42 /sbin/ifconfig tun0 delete
                                        ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2011-11-05 23:51:42 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2011-11-05 23:51:42 /sbin/ifconfig tun0 10.8.0.6 10.8.0.5 mtu 1500 netmask 255.255.255.255 up
2011-11-05 23:51:42 /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d tun0 1500 1541 10.8.0.6 10.8.0.5 init
                                          No such key
2011-11-05 23:51:42 /sbin/route add -net SERVER_PUBLIC_IP_ADDR 192.168.1.1 255.255.255.255
                                        add net SERVER_PUBLIC_IP_ADDR: gateway 192.168.1.1
2011-11-05 23:51:42 /sbin/route add -net 0.0.0.0 10.8.0.5 128.0.0.0
                                        add net 0.0.0.0: gateway 10.8.0.5
2011-11-05 23:51:42 /sbin/route add -net 128.0.0.0 10.8.0.5 128.0.0.0
                                        add net 128.0.0.0: gateway 10.8.0.5
2011-11-05 23:51:42 MANAGEMENT: >STATE:1320533502,ADD_ROUTES,,,
2011-11-05 23:51:42 /sbin/route add -net 10.8.0.1 10.8.0.5 255.255.255.255
                                        add net 10.8.0.1: gateway 10.8.0.5
2011-11-05 23:51:42 Initialization Sequence Completed
2011-11-05 23:51:42 MANAGEMENT: >STATE:1320533502,CONNECTED,SUCCESS,10.8.0.6,SERVER_PUBLIC_IP_ADDR
2011-11-05 23:51:42 *Tunnelblick client.up.tunnelblick.sh: Up to two 'No such key' warnings are normal and may be ignored
2011-11-05 23:51:42 *Tunnelblick client.up.tunnelblick.sh: Saved the DNS and WINS configurations for later use
2011-11-05 23:51:42 *Tunnelblick client.up.tunnelblick.sh: Set up to monitor system configuration with leasewatch
2011-11-05 23:51:42 *Tunnelblick: Flushed the DNS cache
2011-11-05 23:51:47 *Tunnelblick leasewatch: A system configuration change was ignored because it was not relevant
2011-11-05 23:51:49 event_wait : Interrupted system call (code=4)
2011-11-05 23:51:49 TCP/UDP: Closing socket
2011-11-05 23:51:49 /sbin/route delete -net 10.8.0.1 10.8.0.5 255.255.255.255
                                        delete net 10.8.0.1: gateway 10.8.0.5
2011-11-05 23:51:49 /sbin/route delete -net SERVER_PUBLIC_IP_ADDR 192.168.1.1 255.255.255.255
                                        delete net SERVER_PUBLIC_IP_ADDR: gateway 192.168.1.1
2011-11-05 23:51:49 /sbin/route delete -net 0.0.0.0 10.8.0.5 128.0.0.0
                                        delete net 0.0.0.0: gateway 10.8.0.5
2011-11-05 23:51:49 /sbin/route delete -net 128.0.0.0 10.8.0.5 128.0.0.0
                                        delete net 128.0.0.0: gateway 10.8.0.5
2011-11-05 23:51:49 Closing TUN/TAP interface
2011-11-05 23:51:49 /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d tun0 1500 1541 10.8.0.6 10.8.0.5 init
2011-11-05 23:51:49 SIGTERM[hard,] received, process exiting
2011-11-05 23:51:49 MANAGEMENT: >STATE:1320533509,EXITING,SIGTERM,,
2011-11-05 23:51:49 *Tunnelblick client.down.tunnelblick.sh: Cancelled monitoring of system configuration changes
2011-11-05 23:51:49 *Tunnelblick client.down.tunnelblick.sh: Restored the DNS and WINS configurations
2011-11-05 23:51:50 *Tunnelblick: Flushed the DNS cache
2011-11-05 23:54:06 *Tunnelblick: Attempting connection with vserver; Set nameserver = 1; monitoring connection
2011-11-05 23:54:06 *Tunnelblick: /Applications/Utilities/Tunnelblick.app/Contents/Resources/openvpnstart start vserver.conf 1337 1 0 0 0 49
2011-11-05 23:54:06 OpenVPN 2.1.4 i386-apple-darwin10.7.1 [SSL] [LZO2] [PKCS11] built on Mar  1 2011
2011-11-05 23:54:06 MANAGEMENT: TCP Socket listening on 127.0.0.1:1337
2011-11-05 23:54:06 Need hold release from management interface, waiting...
2011-11-05 23:54:06 MANAGEMENT: Client connected from 127.0.0.1:1337
2011-11-05 23:54:06 MANAGEMENT: CMD 'pid'
2011-11-05 23:54:06 MANAGEMENT: CMD 'state on'
2011-11-05 23:54:06 MANAGEMENT: CMD 'state'
2011-11-05 23:54:06 MANAGEMENT: CMD 'hold release'
2011-11-05 23:54:06 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2011-11-05 23:54:06 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
2011-11-05 23:54:06 Socket Buffers: R=[42080->65536] S=[9216->65536]
2011-11-05 23:54:06 MANAGEMENT: >STATE:1320533646,RESOLVE,,,
2011-11-05 23:54:06 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
2011-11-05 23:54:06 Local Options hash (VER=V4): '3514370b'
2011-11-05 23:54:06 Expected Remote Options hash (VER=V4): '239669a8'
2011-11-05 23:54:06 UDPv4 link local: [undef]
2011-11-05 23:54:06 UDPv4 link remote: SERVER_PUBLIC_IP_ADDR:1194
2011-11-05 23:54:06 MANAGEMENT: >STATE:1320533646,WAIT,,,
2011-11-05 23:54:06 MANAGEMENT: >STATE:1320533646,AUTH,,,
2011-11-05 23:54:06 TLS: Initial packet from SERVER_PUBLIC_IP_ADDR:1194, sid=97eb1cc2 2313dd5a
2011-11-05 23:54:06 *Tunnelblick: openvpnstart: /Applications/Utilities/Tunnelblick.app/Contents/Resources/openvpn --cd /Users/user/Library/Application Support/Tunnelblick/Configurations --daemon --management 127.0.0.1 1337 --config /Users/user/Library/Application Support/Tunnelblick/Configurations/vserver.conf --log /Library/Application Support/Tunnelblick/Logs/-SUsers-Suser-SLibrary-SApplication Support-STunnelblick-SConfigurations-Svserver.conf.1_0_0_0_49.1337.openvpn.log --management-query-passwords --management-hold --script-security 2 --up /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d --down /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d --up-restart
2011-11-05 23:54:07 VERIFY OK: depth=1, /C=DE/ST=NDS/L=Hannnover/O=private_vpn/CN=private_vpn_CA/emailAddress=noreply@domain.net
2011-11-05 23:54:07 VERIFY OK: nsCertType=SERVER
2011-11-05 23:54:07 VERIFY OK: depth=0, /C=DE/ST=NDS/L=Hannnover/O=private_vpn/CN=domain.net/emailAddress=noreply@domain.net
2011-11-05 23:54:08 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1541', remote='link-mtu 1542'
2011-11-05 23:54:08 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2011-11-05 23:54:08 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2011-11-05 23:54:08 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2011-11-05 23:54:08 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2011-11-05 23:54:08 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2011-11-05 23:54:08 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
2011-11-05 23:54:08 [domain.net] Peer Connection Initiated with SERVER_PUBLIC_IP_ADDR:1194
2011-11-05 23:54:09 MANAGEMENT: >STATE:1320533649,GET_CONFIG,,,
2011-11-05 23:54:10 SENT CONTROL [domain.net]: 'PUSH_REQUEST' (status=1)
2011-11-05 23:54:10 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 85.214.7.22,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
2011-11-05 23:54:10 OPTIONS IMPORT: timers and/or timeouts modified
2011-11-05 23:54:10 OPTIONS IMPORT: --ifconfig/up options modified
2011-11-05 23:54:10 OPTIONS IMPORT: route options modified
2011-11-05 23:54:10 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2011-11-05 23:54:10 ROUTE default_gateway=192.168.1.1
2011-11-05 23:54:10 TUN/TAP device /dev/tun0 opened
2011-11-05 23:54:10 MANAGEMENT: >STATE:1320533650,ASSIGN_IP,,10.8.0.6,
2011-11-05 23:54:10 /sbin/ifconfig tun0 delete
                                        ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2011-11-05 23:54:10 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2011-11-05 23:54:10 /sbin/ifconfig tun0 10.8.0.6 10.8.0.5 mtu 1500 netmask 255.255.255.255 up
2011-11-05 23:54:10 /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d tun0 1500 1541 10.8.0.6 10.8.0.5 init
                                          No such key
2011-11-05 23:54:10 /sbin/route add -net SERVER_PUBLIC_IP_ADDR 192.168.1.1 255.255.255.255
                                        add net SERVER_PUBLIC_IP_ADDR: gateway 192.168.1.1
2011-11-05 23:54:10 /sbin/route add -net 0.0.0.0 10.8.0.5 128.0.0.0
                                        add net 0.0.0.0: gateway 10.8.0.5
2011-11-05 23:54:10 /sbin/route add -net 128.0.0.0 10.8.0.5 128.0.0.0
                                        add net 128.0.0.0: gateway 10.8.0.5
2011-11-05 23:54:10 MANAGEMENT: >STATE:1320533650,ADD_ROUTES,,,
2011-11-05 23:54:10 /sbin/route add -net 10.8.0.1 10.8.0.5 255.255.255.255
                                        add net 10.8.0.1: gateway 10.8.0.5
2011-11-05 23:54:10 Initialization Sequence Completed
2011-11-05 23:54:10 MANAGEMENT: >STATE:1320533650,CONNECTED,SUCCESS,10.8.0.6,SERVER_PUBLIC_IP_ADDR
2011-11-05 23:54:10 *Tunnelblick client.up.tunnelblick.sh: Up to two 'No such key' warnings are normal and may be ignored
2011-11-05 23:54:10 *Tunnelblick client.up.tunnelblick.sh: Saved the DNS and WINS configurations for later use
2011-11-05 23:54:10 *Tunnelblick client.up.tunnelblick.sh: Set up to monitor system configuration with leasewatch
2011-11-05 23:54:10 *Tunnelblick: Flushed the DNS cache
2011-11-05 23:54:15 *Tunnelblick leasewatch: A system configuration change was ignored because it was not relevant
2011-11-05 23:54:36 event_wait : Interrupted system call (code=4)
2011-11-05 23:54:36 TCP/UDP: Closing socket
2011-11-05 23:54:36 /sbin/route delete -net 10.8.0.1 10.8.0.5 255.255.255.255
                                        delete net 10.8.0.1: gateway 10.8.0.5
2011-11-05 23:54:36 /sbin/route delete -net SERVER_PUBLIC_IP_ADDR 192.168.1.1 255.255.255.255
                                        delete net SERVER_PUBLIC_IP_ADDR: gateway 192.168.1.1
2011-11-05 23:54:36 /sbin/route delete -net 0.0.0.0 10.8.0.5 128.0.0.0
                                        delete net 0.0.0.0: gateway 10.8.0.5
2011-11-05 23:54:36 /sbin/route delete -net 128.0.0.0 10.8.0.5 128.0.0.0
                                        delete net 128.0.0.0: gateway 10.8.0.5
2011-11-05 23:54:36 Closing TUN/TAP interface
2011-11-05 23:54:36 /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d tun0 1500 1541 10.8.0.6 10.8.0.5 init
2011-11-05 23:54:36 *Tunnelblick client.down.tunnelblick.sh: Cancelled monitoring of system configuration changes
2011-11-05 23:54:36 *Tunnelblick client.down.tunnelblick.sh: Restored the DNS and WINS configurations
2011-11-05 23:54:37 SIGTERM[hard,] received, process exiting
2011-11-05 23:54:37 MANAGEMENT: >STATE:1320533677,EXITING,SIGTERM,,
2011-11-05 23:54:38 *Tunnelblick: Flushed the DNS cache
2011-11-06 21:17:25 *Tunnelblick: Attempting connection with vserver; Set nameserver = 1; monitoring connection
2011-11-06 21:17:25 *Tunnelblick: /Applications/Utilities/Tunnelblick.app/Contents/Resources/openvpnstart start vserver.conf 1337 1 0 0 0 49
2011-11-06 21:17:25 OpenVPN 2.1.4 i386-apple-darwin10.7.1 [SSL] [LZO2] [PKCS11] built on Mar  1 2011
2011-11-06 21:17:25 MANAGEMENT: TCP Socket listening on 127.0.0.1:1337
2011-11-06 21:17:25 Need hold release from management interface, waiting...
2011-11-06 21:17:25 MANAGEMENT: Client connected from 127.0.0.1:1337
2011-11-06 21:17:25 MANAGEMENT: CMD 'pid'
2011-11-06 21:17:25 MANAGEMENT: CMD 'state on'
2011-11-06 21:17:25 MANAGEMENT: CMD 'state'
2011-11-06 21:17:25 MANAGEMENT: CMD 'hold release'
2011-11-06 21:17:25 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2011-11-06 21:17:25 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
2011-11-06 21:17:25 Socket Buffers: R=[42080->65536] S=[9216->65536]
2011-11-06 21:17:25 MANAGEMENT: >STATE:1320610645,RESOLVE,,,
2011-11-06 21:17:25 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
2011-11-06 21:17:25 Local Options hash (VER=V4): '3514370b'
2011-11-06 21:17:25 Expected Remote Options hash (VER=V4): '239669a8'
2011-11-06 21:17:25 UDPv4 link local: [undef]
2011-11-06 21:17:25 UDPv4 link remote: SERVER_PUBLIC_IP_ADDR:1194
2011-11-06 21:17:25 MANAGEMENT: >STATE:1320610645,WAIT,,,
2011-11-06 21:17:25 MANAGEMENT: >STATE:1320610645,AUTH,,,
2011-11-06 21:17:25 TLS: Initial packet from SERVER_PUBLIC_IP_ADDR:1194, sid=b2286a40 8d556d7f
2011-11-06 21:17:25 *Tunnelblick: openvpnstart: /Applications/Utilities/Tunnelblick.app/Contents/Resources/openvpn --cd /Users/user/Library/Application Support/Tunnelblick/Configurations --daemon --management 127.0.0.1 1337 --config /Users/user/Library/Application Support/Tunnelblick/Configurations/vserver.conf --log /Library/Application Support/Tunnelblick/Logs/-SUsers-Suser-SLibrary-SApplication Support-STunnelblick-SConfigurations-Svserver.conf.1_0_0_0_49.1337.openvpn.log --management-query-passwords --management-hold --script-security 2 --up /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d --down /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d --up-restart
2011-11-06 21:17:26 VERIFY OK: depth=1, /C=DE/ST=NDS/L=Hannnover/O=private_vpn/CN=private_vpn_CA/emailAddress=noreply@domain.net
2011-11-06 21:17:26 VERIFY OK: nsCertType=SERVER
2011-11-06 21:17:26 VERIFY OK: depth=0, /C=DE/ST=NDS/L=Hannnover/O=private_vpn/CN=domain.net/emailAddress=noreply@domain.net
2011-11-06 21:17:29 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1541', remote='link-mtu 1542'
2011-11-06 21:17:29 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2011-11-06 21:17:29 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2011-11-06 21:17:29 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2011-11-06 21:17:29 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2011-11-06 21:17:29 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2011-11-06 21:17:29 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
2011-11-06 21:17:29 [domain.net] Peer Connection Initiated with SERVER_PUBLIC_IP_ADDR:1194
2011-11-06 21:17:30 MANAGEMENT: >STATE:1320610650,GET_CONFIG,,,
2011-11-06 21:17:32 SENT CONTROL [domain.net]: 'PUSH_REQUEST' (status=1)
2011-11-06 21:17:32 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS SERVER_DNS_ADDRESS,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
2011-11-06 21:17:32 OPTIONS IMPORT: timers and/or timeouts modified
2011-11-06 21:17:32 OPTIONS IMPORT: --ifconfig/up options modified
2011-11-06 21:17:32 OPTIONS IMPORT: route options modified
2011-11-06 21:17:32 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2011-11-06 21:17:32 ROUTE default_gateway=192.168.1.1
2011-11-06 21:17:32 TUN/TAP device /dev/tun0 opened
2011-11-06 21:17:32 MANAGEMENT: >STATE:1320610652,ASSIGN_IP,,10.8.0.6,
2011-11-06 21:17:32 /sbin/ifconfig tun0 delete
                                        ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2011-11-06 21:17:32 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2011-11-06 21:17:32 /sbin/ifconfig tun0 10.8.0.6 10.8.0.5 mtu 1500 netmask 255.255.255.255 up
2011-11-06 21:17:32 /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d tun0 1500 1541 10.8.0.6 10.8.0.5 init
                                          No such key
2011-11-06 21:17:32 /sbin/route add -net SERVER_PUBLIC_IP_ADDR 192.168.1.1 255.255.255.255
                                        add net SERVER_PUBLIC_IP_ADDR: gateway 192.168.1.1
2011-11-06 21:17:32 /sbin/route add -net 0.0.0.0 10.8.0.5 128.0.0.0
                                        add net 0.0.0.0: gateway 10.8.0.5
2011-11-06 21:17:32 /sbin/route add -net 128.0.0.0 10.8.0.5 128.0.0.0
                                        add net 128.0.0.0: gateway 10.8.0.5
2011-11-06 21:17:32 MANAGEMENT: >STATE:1320610652,ADD_ROUTES,,,
2011-11-06 21:17:32 /sbin/route add -net 10.8.0.1 10.8.0.5 255.255.255.255
                                        add net 10.8.0.1: gateway 10.8.0.5
2011-11-06 21:17:32 Initialization Sequence Completed
2011-11-06 21:17:32 MANAGEMENT: >STATE:1320610652,CONNECTED,SUCCESS,10.8.0.6,SERVER_PUBLIC_IP_ADDR
2011-11-06 21:17:32 *Tunnelblick client.up.tunnelblick.sh: Up to two 'No such key' warnings are normal and may be ignored
2011-11-06 21:17:32 *Tunnelblick client.up.tunnelblick.sh: Saved the DNS and WINS configurations for later use
2011-11-06 21:17:32 *Tunnelblick client.up.tunnelblick.sh: Set up to monitor system configuration with leasewatch
2011-11-06 21:17:33 *Tunnelblick: Flushed the DNS cache
2011-11-06 21:17:37 *Tunnelblick leasewatch: A system configuration change was ignored because it was not relevant
2011-11-06 21:17:45 event_wait : Interrupted system call (code=4)
2011-11-06 21:17:45 TCP/UDP: Closing socket
2011-11-06 21:17:45 /sbin/route delete -net 10.8.0.1 10.8.0.5 255.255.255.255
                                        delete net 10.8.0.1: gateway 10.8.0.5
2011-11-06 21:17:45 /sbin/route delete -net SERVER_PUBLIC_IP_ADDR 192.168.1.1 255.255.255.255
                                        delete net SERVER_PUBLIC_IP_ADDR: gateway 192.168.1.1
2011-11-06 21:17:45 /sbin/route delete -net 0.0.0.0 10.8.0.5 128.0.0.0
                                        delete net 0.0.0.0: gateway 10.8.0.5
2011-11-06 21:17:45 /sbin/route delete -net 128.0.0.0 10.8.0.5 128.0.0.0
                                        delete net 128.0.0.0: gateway 10.8.0.5
2011-11-06 21:17:45 Closing TUN/TAP interface
2011-11-06 21:17:45 /Applications/Utilities/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d tun0 1500 1541 10.8.0.6 10.8.0.5 init
2011-11-06 21:17:45 SIGTERM[hard,] received, process exiting
2011-11-06 21:17:45 MANAGEMENT: >STATE:1320610665,EXITING,SIGTERM,,
2011-11-06 21:17:45 *Tunnelblick client.down.tunnelblick.sh: Cancelled monitoring of system configuration changes
2011-11-06 21:17:45 *Tunnelblick client.down.tunnelblick.sh: Restored the DNS and WINS configurations
2011-11-06 21:17:46 *Tunnelblick: Flushed the DNS cache

Server log fast nichts

OpenVPN CLIENT LIST
Updated,Sun Nov  6 21:31:07 2011
Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
ROUTING TABLE
Virtual Address,Common Name,Real Address,Last Ref
GLOBAL STATS
Max bcast/mcast queue length,0
END

nbkr

Avatar von nbkr

Anmeldungsdatum:
29. Oktober 2007

Beiträge: 1936

Wohnort: Aschaffenburg

Laut Log bricht die Verbindung sofort wieder zusammen. Da sind schonmal zwei Warnings:

2011-11-06 21:17:29 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1541', remote='link-mtu 1542'
2011-11-06 21:17:29 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'

das solltest du beseitigen. Gerade das comp-lzo düfte Probleme machen wenn es auf Client und Server unterschiedlich ist. Außerdem versucht die Kiste das Defaultgateway auf 192.168.1.1 zu setzen

ROUTE default_gateway=192.168.1.1

da scheint also auch noch was nicht zu passen.

Ferio Team-Icon

(Themenstarter)
Avatar von Ferio

Anmeldungsdatum:
24. April 2007

Beiträge: 383

nbkr schrieb:

Laut Log bricht die Verbindung sofort wieder zusammen. Da sind schonmal zwei Warnings:

2011-11-06 21:17:29 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1541', remote='link-mtu 1542'
2011-11-06 21:17:29 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'

das solltest du beseitigen. Gerade das comp-lzo düfte Probleme machen wenn es auf Client und Server unterschiedlich ist.

Danke! comp-lzo wars!

Außerdem versucht die Kiste das Defaultgateway auf 192.168.1.1 zu setzen

ROUTE default_gateway=192.168.1.1

da scheint also auch noch was nicht zu passen.

Nein, dass ist schon ok, ist mein Router, den muss er ja trotzdem noch drin haben.

Antworten |