OpenVpn não pinga
-
Galera eu a vpn ta up porem não pinga de jeito nenhum.
O que pode ser?
-
Olá throel,
Olha cara eu acho que nem se tivéssemos a Mãe Dináh ente nós poderíamos te ajudar… kkkkkkkkk
Tirando a brincadeira, seja mais esclarecedor a respeito das tuas configurações de OpenVPN para que possamos te ajudar.
-
KKKKKKKKK e que ja to tao puto da vida com essa vpn que e fods vamos la, depois de uma novela para fazer a openvpn ficar UP nao pinga a matriz e a matriz nao pinga a rede interna da filial ta assim a config.
Matriz 192.168.2.0/24
Tunel 10.0.8.0/24
Filial 192.168.1.0/24Log Matriz
openvpn[78780]: 179.223.160.169:62424 TLS Error: TLS handshake failed Dec 8 01:00:00 openvpn[78780]: 179.223.160.169:30686 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Dec 8 01:00:00 openvpn[78780]: 179.223.160.169:30686 TLS Error: TLS handshake failed Dec 8 01:00:43 openvpn[78780]: 179.223.160.169:53119 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Dec 8 01:00:43 openvpn[78780]: 179.223.160.169:53119 TLS Error: TLS handshake failed Dec 8 01:01:05 openvpn[78780]: event_wait : Interrupted system call (code=4) Dec 8 01:01:05 openvpn[78780]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1542 10.0.8.1 10.0.8.2 init Dec 8 01:01:05 openvpn[78780]: SIGTERM[hard,] received, process exiting Dec 8 01:01:06 openvpn[1367]: OpenVPN 2.3.2 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Jul 24 2013 Dec 8 01:01:06 openvpn[1367]: WARNING: using --duplicate-cn and --client-config-dir together is probably not what you want Dec 8 01:01:06 openvpn[1367]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Dec 8 01:01:06 openvpn[1367]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file Dec 8 01:01:06 openvpn[1367]: TUN/TAP device ovpns1 exists previously, keep at program end Dec 8 01:01:06 openvpn[1367]: TUN/TAP device /dev/tun1 opened Dec 8 01:01:06 openvpn[1367]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0 Dec 8 01:01:06 openvpn[1367]: /sbin/ifconfig ovpns1 10.0.8.1 10.0.8.2 mtu 1500 netmask 255.255.255.255 up Dec 8 01:01:06 openvpn[1367]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1541 10.0.8.1 10.0.8.2 init Dec 8 01:01:06 openvpn[3373]: UDPv4 link local (bound): [AF_INET]192.168.0.2:1194 Dec 8 01:01:06 openvpn[3373]: UDPv4 link remote: [undef] Dec 8 01:01:06 openvpn[3373]: Initialization Sequence Completed Dec 8 01:03:32 openvpn[17527]: OpenVPN 2.3.2 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Jul 24 2013 Dec 8 01:03:32 openvpn[17527]: WARNING: using --duplicate-cn and --client-config-dir together is probably not what you want Dec 8 01:03:32 openvpn[17527]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Dec 8 01:03:33 openvpn[17527]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file Dec 8 01:03:33 openvpn[17527]: TUN/TAP device ovpns1 exists previously, keep at program end Dec 8 01:03:33 openvpn[17527]: TUN/TAP device /dev/tun1 opened Dec 8 01:03:33 openvpn[17527]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0 Dec 8 01:03:33 openvpn[17527]: /sbin/ifconfig ovpns1 10.0.8.1 10.0.8.2 mtu 1500 netmask 255.255.255.255 up Dec 8 01:03:33 openvpn[17527]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1541 10.0.8.1 10.0.8.2 init Dec 8 01:03:33 openvpn[21921]: UDPv4 link local (bound): [AF_INET]192.168.0.2:1194 Dec 8 01:03:33 openvpn[21921]: UDPv4 link remote: [undef] Dec 8 01:03:33 openvpn[21921]: Initialization Sequence Completed Dec 8 01:03:52 openvpn[21921]: event_wait : Interrupted system call (code=4) Dec 8 01:03:52 openvpn[21921]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1541 10.0.8.1 10.0.8.2 init Dec 8 01:03:52 openvpn[21921]: SIGTERM[hard,] received, process exiting Dec 8 01:03:52 openvpn[85723]: OpenVPN 2.3.2 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Jul 24 2013 Dec 8 01:03:52 openvpn[85723]: WARNING: using --duplicate-cn and --client-config-dir together is probably not what you want Dec 8 01:03:52 openvpn[85723]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Dec 8 01:03:52 openvpn[85723]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file Dec 8 01:03:52 openvpn[85723]: TUN/TAP device ovpns1 exists previously, keep at program end Dec 8 01:03:52 openvpn[85723]: TUN/TAP device /dev/tun1 opened Dec 8 01:03:52 openvpn[85723]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0 Dec 8 01:03:52 openvpn[85723]: /sbin/ifconfig ovpns1 10.0.8.1 10.0.8.2 mtu 1500 netmask 255.255.255.255 up Dec 8 01:03:52 openvpn[85723]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1541 10.0.8.1 10.0.8.2 init Dec 8 01:03:52 openvpn[89814]: UDPv4 link local (bound): [AF_INET]192.168.0.2:1194 Dec 8 01:03:52 openvpn[89814]: UDPv4 link remote: [undef] Dec 8 01:03:52 openvpn[89814]: Initialization Sequence Completed Dec 8 01:17:21 openvpn[89814]: 179.223.160.169:35866 [S2S-CA] Peer Connection Initiated with [AF_INET]179.223.160.169:35866 Dec 8 01:17:21 openvpn[89814]: S2S-CA/179.223.160.169:35866 MULTI_sva: pool returned IPv4=10.0.8.6, IPv6=(Not enabled) Dec 8 01:17:23 openvpn[89814]: S2S-CA/179.223.160.169:35866 send_push_reply(): safe_cap=940
Log Filial
Dec 8 01:17:19 check_reload_status: Updating all dyndns Dec 8 01:17:22 php: rc.newwanip: Resyncing OpenVPN instances for interface WAN. Dec 8 01:17:22 php: rc.newwanip: Creating rrd update script Dec 8 01:17:23 kernel: ovpnc1: link state changed to UP Dec 8 01:17:23 check_reload_status: rc.newwanip starting ovpnc1 Dec 8 01:17:24 php: rc.bootup: Creating rrd update script Dec 8 01:17:24 syslogd: exiting on signal 15 Dec 8 01:17:24 syslogd: kernel boot file is /boot/kernel/kernel Dec 8 01:17:24 php: rc.start_packages: Restarting/Starting all packages. Dec 8 01:17:24 php: rc.newwanip: pfSense package system has detected an ip change 192.168.0.11 -> 192.168.0.11 ... Restarting packages. Dec 8 01:17:24 check_reload_status: Starting packages Dec 8 01:17:24 check_reload_status: Reloading filter Dec 8 01:17:25 php: rc.newwanip: rc.newwanip: Informational is starting ovpnc1. Dec 8 01:17:25 php: rc.newwanip: rc.newwanip: on (IP address: 10.0.8.6) (interface: ) (real interface: ovpnc1). Dec 8 01:17:25 php: rc.newwanip: pfSense package system has detected an ip change -> 10.0.8.6 ... Restarting packages. Dec 8 01:17:26 login: login on ttyv0 as root Dec 8 01:17:26 sshlockout[82607]: sshlockout/webConfigurator v3.0 starting up Dec 8 01:17:27 php: rc.start_packages: Restarting/Starting all packages. Dec 8 01:17:38 check_reload_status: updating dyndns GW_LAN Dec 8 01:17:38 check_reload_status: Restarting ipsec tunnels Dec 8 01:17:38 check_reload_status: Restarting OpenVPN tunnels/interfaces Dec 8 01:17:38 check_reload_status: Reloading filter Dec 8 01:17:38 check_reload_status: updating dyndns GW_LAN_2 Dec 8 01:17:38 check_reload_status: Restarting OpenVPN tunnels/interfaces Dec 8 01:17:38 check_reload_status: updating dyndns GW_LAN_3 Dec 8 01:17:38 check_reload_status: Restarting OpenVPN tunnels/interfaces Dec 8 01:17:38 check_reload_status: updating dyndns GW_WAN Dec 8 01:17:38 check_reload_status: Restarting OpenVPN tunnels/interfaces Dec 8 01:17:38 check_reload_status: updating dyndns LANGW Dec 8 01:17:38 check_reload_status: Restarting OpenVPN tunnels/interfaces Dec 8 01:17:40 php: rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use GW_LAN_3. Dec 8 01:17:41 php: rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use GW_LAN. Dec 8 01:17:41 php: rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use LANGW. Dec 8 01:17:41 php: rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use GW_LAN_2. Dec 8 01:17:41 php: rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use GW_WAN. Dec 8 01:18:29 php: /status_openvpn.php: Successful login for user 'admin' from: 192.168.1.250 Dec 8 01:18:29 php: /status_openvpn.php: Successful login for user 'admin' from: 192.168.1.250 Dec 8 01:18:57 check_reload_status: updating dyndns GW_LAN_7 Dec 8 01:18:57 check_reload_status: Restarting ipsec tunnels Dec 8 01:18:57 check_reload_status: Restarting OpenVPN tunnels/interfaces Dec 8 01:18:57 check_reload_status: Reloading filter Dec 8 01:18:59 php: rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use GW_LAN_7. Dec 8 01:19:33 lighttpd[26739]: (connections.c.137) (warning) close: 11 Connection reset by peer Dec 8 01:34:52 check_reload_status: Syncing firewall Dec 8 01:34:55 check_reload_status: Reloading filter Dec 8 01:37:28 check_reload_status: updating dyndns GW_LAN_7 Dec 8 01:37:28 check_reload_status: Restarting ipsec tunnels Dec 8 01:37:28 check_reload_status: Restarting OpenVPN tunnels/interfaces Dec 8 01:37:28 check_reload_status: Reloading filter Dec 8 01:37:30 php: rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use GW_LAN_7.
-
Verifica sua regras de firewall
fala como esta a regra de firewall da aba OPENVPN.
firewall >> rules>> aba OPENVPN