OpenVpn não pinga

throel

Galera eu a vpn ta up porem não pinga de jeito nenhum.

O que pode ser?

FabianVitali

Olá throel,

Olha cara eu acho que nem se tivéssemos a Mãe Dináh ente nós poderíamos te ajudar… kkkkkkkkk

Tirando a brincadeira, seja mais esclarecedor a respeito das tuas configurações de OpenVPN para que possamos te ajudar.

throel

KKKKKKKKK  e que ja to tao puto da vida com essa vpn que e fods vamos la, depois de uma novela para fazer a openvpn ficar UP nao pinga a matriz e a matriz nao pinga a rede interna da filial ta assim a config.

Matriz 192.168.2.0/24
Tunel 10.0.8.0/24
Filial 192.168.1.0/24

Log Matriz

openvpn[78780]: 179.223.160.169:62424 TLS Error: TLS handshake failed
Dec 8 01:00:00 	openvpn[78780]: 179.223.160.169:30686 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Dec 8 01:00:00 	openvpn[78780]: 179.223.160.169:30686 TLS Error: TLS handshake failed
Dec 8 01:00:43 	openvpn[78780]: 179.223.160.169:53119 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Dec 8 01:00:43 	openvpn[78780]: 179.223.160.169:53119 TLS Error: TLS handshake failed
Dec 8 01:01:05 	openvpn[78780]: event_wait : Interrupted system call (code=4)
Dec 8 01:01:05 	openvpn[78780]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1542 10.0.8.1 10.0.8.2 init
Dec 8 01:01:05 	openvpn[78780]: SIGTERM[hard,] received, process exiting
Dec 8 01:01:06 	openvpn[1367]: OpenVPN 2.3.2 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Jul 24 2013
Dec 8 01:01:06 	openvpn[1367]: WARNING: using --duplicate-cn and --client-config-dir together is probably not what you want
Dec 8 01:01:06 	openvpn[1367]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 8 01:01:06 	openvpn[1367]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file
Dec 8 01:01:06 	openvpn[1367]: TUN/TAP device ovpns1 exists previously, keep at program end
Dec 8 01:01:06 	openvpn[1367]: TUN/TAP device /dev/tun1 opened
Dec 8 01:01:06 	openvpn[1367]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
Dec 8 01:01:06 	openvpn[1367]: /sbin/ifconfig ovpns1 10.0.8.1 10.0.8.2 mtu 1500 netmask 255.255.255.255 up
Dec 8 01:01:06 	openvpn[1367]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1541 10.0.8.1 10.0.8.2 init
Dec 8 01:01:06 	openvpn[3373]: UDPv4 link local (bound): [AF_INET]192.168.0.2:1194
Dec 8 01:01:06 	openvpn[3373]: UDPv4 link remote: [undef]
Dec 8 01:01:06 	openvpn[3373]: Initialization Sequence Completed
Dec 8 01:03:32 	openvpn[17527]: OpenVPN 2.3.2 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Jul 24 2013
Dec 8 01:03:32 	openvpn[17527]: WARNING: using --duplicate-cn and --client-config-dir together is probably not what you want
Dec 8 01:03:32 	openvpn[17527]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 8 01:03:33 	openvpn[17527]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file
Dec 8 01:03:33 	openvpn[17527]: TUN/TAP device ovpns1 exists previously, keep at program end
Dec 8 01:03:33 	openvpn[17527]: TUN/TAP device /dev/tun1 opened
Dec 8 01:03:33 	openvpn[17527]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
Dec 8 01:03:33 	openvpn[17527]: /sbin/ifconfig ovpns1 10.0.8.1 10.0.8.2 mtu 1500 netmask 255.255.255.255 up
Dec 8 01:03:33 	openvpn[17527]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1541 10.0.8.1 10.0.8.2 init
Dec 8 01:03:33 	openvpn[21921]: UDPv4 link local (bound): [AF_INET]192.168.0.2:1194
Dec 8 01:03:33 	openvpn[21921]: UDPv4 link remote: [undef]
Dec 8 01:03:33 	openvpn[21921]: Initialization Sequence Completed
Dec 8 01:03:52 	openvpn[21921]: event_wait : Interrupted system call (code=4)
Dec 8 01:03:52 	openvpn[21921]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1541 10.0.8.1 10.0.8.2 init
Dec 8 01:03:52 	openvpn[21921]: SIGTERM[hard,] received, process exiting
Dec 8 01:03:52 	openvpn[85723]: OpenVPN 2.3.2 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Jul 24 2013
Dec 8 01:03:52 	openvpn[85723]: WARNING: using --duplicate-cn and --client-config-dir together is probably not what you want
Dec 8 01:03:52 	openvpn[85723]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 8 01:03:52 	openvpn[85723]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file
Dec 8 01:03:52 	openvpn[85723]: TUN/TAP device ovpns1 exists previously, keep at program end
Dec 8 01:03:52 	openvpn[85723]: TUN/TAP device /dev/tun1 opened
Dec 8 01:03:52 	openvpn[85723]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
Dec 8 01:03:52 	openvpn[85723]: /sbin/ifconfig ovpns1 10.0.8.1 10.0.8.2 mtu 1500 netmask 255.255.255.255 up
Dec 8 01:03:52 	openvpn[85723]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1541 10.0.8.1 10.0.8.2 init
Dec 8 01:03:52 	openvpn[89814]: UDPv4 link local (bound): [AF_INET]192.168.0.2:1194
Dec 8 01:03:52 	openvpn[89814]: UDPv4 link remote: [undef]
Dec 8 01:03:52 	openvpn[89814]: Initialization Sequence Completed
Dec 8 01:17:21 	openvpn[89814]: 179.223.160.169:35866 [S2S-CA] Peer Connection Initiated with [AF_INET]179.223.160.169:35866
Dec 8 01:17:21 	openvpn[89814]: S2S-CA/179.223.160.169:35866 MULTI_sva: pool returned IPv4=10.0.8.6, IPv6=(Not enabled)
Dec 8 01:17:23 	openvpn[89814]: S2S-CA/179.223.160.169:35866 send_push_reply(): safe_cap=940

Log Filial

Dec 8 01:17:19 	check_reload_status: Updating all dyndns
Dec 8 01:17:22 	php: rc.newwanip: Resyncing OpenVPN instances for interface WAN.
Dec 8 01:17:22 	php: rc.newwanip: Creating rrd update script
Dec 8 01:17:23 	kernel: ovpnc1: link state changed to UP
Dec 8 01:17:23 	check_reload_status: rc.newwanip starting ovpnc1
Dec 8 01:17:24 	php: rc.bootup: Creating rrd update script
Dec 8 01:17:24 	syslogd: exiting on signal 15
Dec 8 01:17:24 	syslogd: kernel boot file is /boot/kernel/kernel
Dec 8 01:17:24 	php: rc.start_packages: Restarting/Starting all packages.
Dec 8 01:17:24 	php: rc.newwanip: pfSense package system has detected an ip change 192.168.0.11 -> 192.168.0.11 ... Restarting packages.
Dec 8 01:17:24 	check_reload_status: Starting packages
Dec 8 01:17:24 	check_reload_status: Reloading filter
Dec 8 01:17:25 	php: rc.newwanip: rc.newwanip: Informational is starting ovpnc1.
Dec 8 01:17:25 	php: rc.newwanip: rc.newwanip: on (IP address: 10.0.8.6) (interface: ) (real interface: ovpnc1).
Dec 8 01:17:25 	php: rc.newwanip: pfSense package system has detected an ip change -> 10.0.8.6 ... Restarting packages.
Dec 8 01:17:26 	login: login on ttyv0 as root
Dec 8 01:17:26 	sshlockout[82607]: sshlockout/webConfigurator v3.0 starting up
Dec 8 01:17:27 	php: rc.start_packages: Restarting/Starting all packages.
Dec 8 01:17:38 	check_reload_status: updating dyndns GW_LAN
Dec 8 01:17:38 	check_reload_status: Restarting ipsec tunnels
Dec 8 01:17:38 	check_reload_status: Restarting OpenVPN tunnels/interfaces
Dec 8 01:17:38 	check_reload_status: Reloading filter
Dec 8 01:17:38 	check_reload_status: updating dyndns GW_LAN_2
Dec 8 01:17:38 	check_reload_status: Restarting OpenVPN tunnels/interfaces
Dec 8 01:17:38 	check_reload_status: updating dyndns GW_LAN_3
Dec 8 01:17:38 	check_reload_status: Restarting OpenVPN tunnels/interfaces
Dec 8 01:17:38 	check_reload_status: updating dyndns GW_WAN
Dec 8 01:17:38 	check_reload_status: Restarting OpenVPN tunnels/interfaces
Dec 8 01:17:38 	check_reload_status: updating dyndns LANGW
Dec 8 01:17:38 	check_reload_status: Restarting OpenVPN tunnels/interfaces
Dec 8 01:17:40 	php: rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use GW_LAN_3.
Dec 8 01:17:41 	php: rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use GW_LAN.
Dec 8 01:17:41 	php: rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use LANGW.
Dec 8 01:17:41 	php: rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use GW_LAN_2.
Dec 8 01:17:41 	php: rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use GW_WAN.
Dec 8 01:18:29 	php: /status_openvpn.php: Successful login for user 'admin' from: 192.168.1.250
Dec 8 01:18:29 	php: /status_openvpn.php: Successful login for user 'admin' from: 192.168.1.250
Dec 8 01:18:57 	check_reload_status: updating dyndns GW_LAN_7
Dec 8 01:18:57 	check_reload_status: Restarting ipsec tunnels
Dec 8 01:18:57 	check_reload_status: Restarting OpenVPN tunnels/interfaces
Dec 8 01:18:57 	check_reload_status: Reloading filter
Dec 8 01:18:59 	php: rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use GW_LAN_7.
Dec 8 01:19:33 	lighttpd[26739]: (connections.c.137) (warning) close: 11 Connection reset by peer
Dec 8 01:34:52 	check_reload_status: Syncing firewall
Dec 8 01:34:55 	check_reload_status: Reloading filter
Dec 8 01:37:28 	check_reload_status: updating dyndns GW_LAN_7
Dec 8 01:37:28 	check_reload_status: Restarting ipsec tunnels
Dec 8 01:37:28 	check_reload_status: Restarting OpenVPN tunnels/interfaces
Dec 8 01:37:28 	check_reload_status: Reloading filter
Dec 8 01:37:30 	php: rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use GW_LAN_7.

scrancho

Verifica sua regras de firewall
fala como esta a regra de firewall da aba OPENVPN.
firewall >> rules>> aba OPENVPN