(RESOLVIDO) Ultima Tentativa VPN
-
Galera bom eu deletei tudo e configurei novamente a OPEN VPN, consegui fazer o tunel porem a disgraça do negocio não funciona segue abaixo:
Nao consigo acertar na rota minha estrutura ta assim:
Matriz - LAN 192.168.2.0/24
Filial - LAN 192.168.1.0/24
Tunel 172.16.0.0/24
Quando eu pingo o servidor que esta na matriz (192.168.2.100) da este relatorio:
PING 192.168.2.100 (192.168.2.100) from 192.168.1.1: 56 data bytes 92 bytes from 192.168.2.100: Dest Unreachable, Bad Code: 6 Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 5400 26c9 0 0000 40 01 cf2a 192.168.1.1 192.168.2.100 92 bytes from 192.168.2.100: Dest Unreachable, Bad Code: 6 Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 5400 3a49 0 0000 40 01 bbaa 192.168.1.1 192.168.2.100 92 bytes from 192.168.2.100: Dest Unreachable, Bad Code: 6 Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 5400 9ffc 0 0000 40 01 55f7 192.168.1.1 192.168.2.100 –- 192.168.2.100 ping statistics --- 3 packets transmitted, 0 packets received, 100.0% packet loss
Vou postar as SS das config da OPENVPN logs da OPEN VPN ABAIXO
Servidor -
Client -
Logs Do OPENVPN Client
Dec 9 12:44:23 openvpn[28019]: [UNDEF] Inactivity timeout (--ping-restart), restarting Dec 9 12:44:23 openvpn[28019]: SIGUSR1[soft,ping-restart] received, process restarting Dec 9 12:44:25 openvpn[28019]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Dec 9 12:44:25 openvpn[28019]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Dec 9 12:44:25 openvpn[28019]: UDPv4 link local (bound): [AF_INET]192.168.0.11 Dec 9 12:44:25 openvpn[28019]: UDPv4 link remote: [AF_INET]179.223.136.239:1194 Dec 9 12:44:33 openvpn[28019]: event_wait : Interrupted system call (code=4) Dec 9 12:44:33 openvpn[28019]: SIGTERM[hard,] received, process exiting Dec 9 12:44:34 openvpn[74440]: OpenVPN 2.3.2 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Jul 24 2013 Dec 9 12:44:34 openvpn[74440]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Dec 9 12:44:34 openvpn[74440]: TUN/TAP device ovpnc1 exists previously, keep at program end Dec 9 12:44:34 openvpn[74440]: TUN/TAP device /dev/tun1 opened Dec 9 12:44:34 openvpn[74440]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0 Dec 9 12:44:34 openvpn[74440]: /sbin/ifconfig ovpnc1 172.16.0.2 172.16.0.1 mtu 1500 netmask 255.255.255.255 up Dec 9 12:44:34 openvpn[74440]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1560 172.16.0.2 172.16.0.1 init Dec 9 12:44:34 openvpn[74440]: ERROR: FreeBSD route add command failed: external program exited with error status: 1 Dec 9 12:44:34 openvpn[75254]: UDPv4 link local (bound): [AF_INET]192.168.0.11 Dec 9 12:44:34 openvpn[75254]: UDPv4 link remote: [AF_INET]179.223.136.239:1194 Dec 9 12:44:42 openvpn[75254]: Peer Connection Initiated with [AF_INET]179.223.136.239:1194 Dec 9 12:44:44 openvpn[75254]: Initialization Sequence Completed Dec 9 13:19:34 openvpn[75254]: event_wait : Interrupted system call (code=4) Dec 9 13:19:34 openvpn[75254]: /usr/local/sbin/ovpn-linkdown ovpnc1 1500 1560 172.16.0.2 172.16.0.1 init Dec 9 13:19:34 openvpn[75254]: SIGTERM[hard,] received, process exiting Dec 9 13:19:35 openvpn[68899]: OpenVPN 2.3.2 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Jul 24 2013 Dec 9 13:19:35 openvpn[68899]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Dec 9 13:19:35 openvpn[68899]: TUN/TAP device ovpnc1 exists previously, keep at program end Dec 9 13:19:35 openvpn[68899]: TUN/TAP device /dev/tun1 opened Dec 9 13:19:35 openvpn[68899]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0 Dec 9 13:19:35 openvpn[68899]: /sbin/ifconfig ovpnc1 172.16.0.2 172.16.0.1 mtu 1500 netmask 255.255.255.255 up Dec 9 13:19:35 openvpn[68899]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1560 172.16.0.2 172.16.0.1 init Dec 9 13:19:35 openvpn[68899]: ERROR: FreeBSD route add command failed: external program exited with error status: 1 Dec 9 13:19:35 openvpn[69927]: UDPv4 link local (bound): [AF_INET]192.168.0.11 Dec 9 13:19:35 openvpn[69927]: UDPv4 link remote: [AF_INET]179.223.136.239:1194 Dec 9 13:19:39 openvpn[69927]: Peer Connection Initiated with [AF_INET]179.223.136.239:1194 Dec 9 13:19:39 openvpn[69927]: Initialization Sequence Completed Dec 9 18:59:07 openvpn[69927]: event_wait : Interrupted system call (code=4) Dec 9 18:59:07 openvpn[69927]: /usr/local/sbin/ovpn-linkdown ovpnc1 1500 1560 172.16.0.2 172.16.0.1 init Dec 9 18:59:08 openvpn[69927]: SIGTERM[hard,] received, process exiting Dec 9 18:59:08 openvpn[87360]: OpenVPN 2.3.2 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Jul 24 2013 Dec 9 18:59:08 openvpn[87360]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Dec 9 18:59:08 openvpn[87360]: TUN/TAP device ovpnc1 exists previously, keep at program end Dec 9 18:59:08 openvpn[87360]: TUN/TAP device /dev/tun1 opened Dec 9 18:59:08 openvpn[87360]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0 Dec 9 18:59:08 openvpn[87360]: /sbin/ifconfig ovpnc1 172.16.0.2 172.16.0.1 mtu 1500 netmask 255.255.255.255 up Dec 9 18:59:08 openvpn[87360]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1560 172.16.0.2 172.16.0.1 init Dec 9 18:59:08 openvpn[87360]: ERROR: FreeBSD route add command failed: external program exited with error status: 1 Dec 9 18:59:08 openvpn[88401]: UDPv4 link local (bound): [AF_INET]192.168.0.11 Dec 9 18:59:08 openvpn[88401]: UDPv4 link remote: [AF_INET]179.223.136.239:1194 Dec 9 18:59:10 openvpn[88401]: Peer Connection Initiated with [AF_INET]179.223.136.239:1194 Dec 9 18:59:10 openvpn[88401]: Initialization Sequence Completed
Logs OPENVPN Server
Dec 9 12:43:30 openvpn[97235]: Authenticate/Decrypt packet error: packet HMAC authentication failed Dec 9 12:43:32 openvpn[97235]: event_wait : Interrupted system call (code=4) Dec 9 12:43:32 openvpn[97235]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1560 172.16.0.1 172.16.0.2 init Dec 9 12:43:32 openvpn[97235]: SIGTERM[hard,] received, process exiting Dec 9 12:43:32 openvpn[45397]: OpenVPN 2.3.2 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Jul 24 2013 Dec 9 12:43:32 openvpn[45397]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Dec 9 12:43:32 openvpn[45397]: TUN/TAP device ovpns1 exists previously, keep at program end Dec 9 12:43:32 openvpn[45397]: TUN/TAP device /dev/tun1 opened Dec 9 12:43:32 openvpn[45397]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0 Dec 9 12:43:32 openvpn[45397]: /sbin/ifconfig ovpns1 172.16.0.1 172.16.0.2 mtu 1500 netmask 255.255.255.255 up Dec 9 12:43:32 openvpn[45397]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1560 172.16.0.1 172.16.0.2 init Dec 9 12:43:32 openvpn[46888]: UDPv4 link local (bound): [AF_INET]192.168.0.2:1194 Dec 9 12:43:32 openvpn[46888]: UDPv4 link remote: [undef] Dec 9 12:43:38 openvpn[46888]: Authenticate/Decrypt packet error: packet HMAC authentication failed Dec 9 12:43:54 openvpn[46888]: Authenticate/Decrypt packet error: packet HMAC authentication failed Dec 9 12:44:25 openvpn[46888]: Authenticate/Decrypt packet error: packet HMAC authentication failed Dec 9 12:44:27 openvpn[46888]: Authenticate/Decrypt packet error: packet HMAC authentication failed Dec 9 12:44:31 openvpn[46888]: Authenticate/Decrypt packet error: packet HMAC authentication failed Dec 9 12:44:34 openvpn[46888]: Peer Connection Initiated with [AF_INET]179.223.160.169:37415 Dec 9 12:44:34 openvpn[46888]: Initialization Sequence Completed Dec 9 13:19:06 openvpn[46888]: event_wait : Interrupted system call (code=4) Dec 9 13:19:06 openvpn[46888]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1560 172.16.0.1 172.16.0.2 init Dec 9 13:19:06 openvpn[46888]: SIGTERM[hard,] received, process exiting Dec 9 13:19:07 openvpn[76184]: OpenVPN 2.3.2 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Jul 24 2013 Dec 9 13:19:07 openvpn[76184]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Dec 9 13:19:07 openvpn[76184]: TUN/TAP device ovpns1 exists previously, keep at program end Dec 9 13:19:07 openvpn[76184]: TUN/TAP device /dev/tun1 opened Dec 9 13:19:07 openvpn[76184]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0 Dec 9 13:19:07 openvpn[76184]: /sbin/ifconfig ovpns1 172.16.0.1 172.16.0.2 mtu 1500 netmask 255.255.255.255 up Dec 9 13:19:07 openvpn[76184]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1560 172.16.0.1 172.16.0.2 init Dec 9 13:19:07 openvpn[77740]: UDPv4 link local (bound): [AF_INET]192.168.0.2:1194 Dec 9 13:19:07 openvpn[77740]: UDPv4 link remote: [undef] Dec 9 13:19:16 openvpn[77740]: Peer Connection Initiated with [AF_INET]179.223.160.169:37415 Dec 9 13:19:18 openvpn[77740]: Initialization Sequence Completed Dec 9 13:19:35 openvpn[77740]: Peer Connection Initiated with [AF_INET]179.223.160.169:30021 Dec 9 18:58:55 openvpn[77740]: event_wait : Interrupted system call (code=4) Dec 9 18:58:55 openvpn[77740]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1560 172.16.0.1 172.16.0.2 init Dec 9 18:58:55 openvpn[77740]: SIGTERM[hard,] received, process exiting Dec 9 18:58:55 openvpn[57328]: OpenVPN 2.3.2 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Jul 24 2013 Dec 9 18:58:55 openvpn[57328]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Dec 9 18:58:55 openvpn[57328]: TUN/TAP device ovpns1 exists previously, keep at program end Dec 9 18:58:55 openvpn[57328]: TUN/TAP device /dev/tun1 opened Dec 9 18:58:55 openvpn[57328]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0 Dec 9 18:58:55 openvpn[57328]: /sbin/ifconfig ovpns1 172.16.0.1 172.16.0.2 mtu 1500 netmask 255.255.255.255 up Dec 9 18:58:55 openvpn[57328]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1560 172.16.0.1 172.16.0.2 init Dec 9 18:58:55 openvpn[58331]: UDPv4 link local (bound): [AF_INET]192.168.0.2:1194 Dec 9 18:58:55 openvpn[58331]: UDPv4 link remote: [undef] Dec 9 18:59:04 openvpn[58331]: Peer Connection Initiated with [AF_INET]179.223.160.169:30021 Dec 9 18:59:04 openvpn[58331]: Initialization Sequence Completed Dec 9 18:59:08 openvpn[58331]: Peer Connection Initiated with [AF_INET]179.223.160.169:46741
Acho que é isso, alguem me diz onde to errando que vou fazer aniversario de 3 semanas tentando configurar.
Eu disponibilizei acesso remoto em ambos caso alguém queira configurar para mim me manda PM com o preço, que eu pago porque se eu nao conseguir rodar até amanha vou jogar esses dois PC do 6 andar!
Att.
-
Sua configuração de rede remota no cliente está errada, coloque 192.168.2.0/24, marque Compress tunnel packets using the LZO algorithm dos dois lados e em Concurrent connections coloque 1(lado servidor).
aaaa e fui ver isso agora, apague o endereço do teu servidor no print do lado cliente pois da acesso ao teu pfSense…
-
Sua configuração de rede remota no cliente está errada, coloque 192.168.2.0/24, marque Compress tunnel packets using the LZO algorithm dos dois lados e em Concurrent connections coloque 1(lado servidor).
aaaa e fui ver isso agora, apague o endereço do teu servidor no print do lado cliente pois da acesso ao teu pfSense…
\o vou fazer isso agora, jaja coloco aqui se deu certo.
Att.
=== EDITADO ===
FabianVitai me passa ou teu endereço ou tua conta bancaria pra eu te mandar um presente que tu merece pqp, essa porra funcionou perfeitamente!
Fico aguardando sua PM com os dados.
Att Obrigadao!