Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    (RESOLVIDO) Ultima Tentativa VPN

    Scheduled Pinned Locked Moved Portuguese
    3 Posts 2 Posters 3.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T Offline
      throel
      last edited by

      Galera bom eu deletei tudo e configurei novamente a OPEN VPN, consegui fazer o tunel porem a disgraça do negocio não funciona segue abaixo:

      Nao consigo acertar na rota minha estrutura ta assim:

      Matriz - LAN 192.168.2.0/24

      Filial - LAN 192.168.1.0/24

      Tunel 172.16.0.0/24

      Quando eu pingo o servidor que esta na matriz (192.168.2.100) da este relatorio:

      PING 192.168.2.100 (192.168.2.100) from 192.168.1.1: 56 data bytes
92 bytes from 192.168.2.100: Dest Unreachable, Bad Code: 6
Vr HL TOS  Len   ID Flg  off TTL Pro  cks      Src      Dst
 4  5  00 5400 26c9   0 0000  40  01 cf2a 192.168.1.1  192.168.2.100 

92 bytes from 192.168.2.100: Dest Unreachable, Bad Code: 6
Vr HL TOS  Len   ID Flg  off TTL Pro  cks      Src      Dst
 4  5  00 5400 3a49   0 0000  40  01 bbaa 192.168.1.1  192.168.2.100 

92 bytes from 192.168.2.100: Dest Unreachable, Bad Code: 6
Vr HL TOS  Len   ID Flg  off TTL Pro  cks      Src      Dst
 4  5  00 5400 9ffc   0 0000  40  01 55f7 192.168.1.1  192.168.2.100 

–- 192.168.2.100 ping statistics ---
3 packets transmitted, 0 packets received, 100.0% packet loss

      Vou postar as SS das config da OPENVPN logs da OPEN VPN ABAIXO

      Servidor -

      Client -

      Logs Do OPENVPN Client

      Dec 9 12:44:23	openvpn[28019]: [UNDEF] Inactivity timeout (--ping-restart), restarting
Dec 9 12:44:23	openvpn[28019]: SIGUSR1[soft,ping-restart] received, process restarting
Dec 9 12:44:25	openvpn[28019]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Dec 9 12:44:25	openvpn[28019]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 9 12:44:25	openvpn[28019]: UDPv4 link local (bound): [AF_INET]192.168.0.11
Dec 9 12:44:25	openvpn[28019]: UDPv4 link remote: [AF_INET]179.223.136.239:1194
Dec 9 12:44:33	openvpn[28019]: event_wait : Interrupted system call (code=4)
Dec 9 12:44:33	openvpn[28019]: SIGTERM[hard,] received, process exiting
Dec 9 12:44:34	openvpn[74440]: OpenVPN 2.3.2 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Jul 24 2013
Dec 9 12:44:34	openvpn[74440]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 9 12:44:34	openvpn[74440]: TUN/TAP device ovpnc1 exists previously, keep at program end
Dec 9 12:44:34	openvpn[74440]: TUN/TAP device /dev/tun1 opened
Dec 9 12:44:34	openvpn[74440]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
Dec 9 12:44:34	openvpn[74440]: /sbin/ifconfig ovpnc1 172.16.0.2 172.16.0.1 mtu 1500 netmask 255.255.255.255 up
Dec 9 12:44:34	openvpn[74440]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1560 172.16.0.2 172.16.0.1 init
Dec 9 12:44:34	openvpn[74440]: ERROR: FreeBSD route add command failed: external program exited with error status: 1
Dec 9 12:44:34	openvpn[75254]: UDPv4 link local (bound): [AF_INET]192.168.0.11
Dec 9 12:44:34	openvpn[75254]: UDPv4 link remote: [AF_INET]179.223.136.239:1194
Dec 9 12:44:42	openvpn[75254]: Peer Connection Initiated with [AF_INET]179.223.136.239:1194
Dec 9 12:44:44	openvpn[75254]: Initialization Sequence Completed
Dec 9 13:19:34	openvpn[75254]: event_wait : Interrupted system call (code=4)
Dec 9 13:19:34	openvpn[75254]: /usr/local/sbin/ovpn-linkdown ovpnc1 1500 1560 172.16.0.2 172.16.0.1 init
Dec 9 13:19:34	openvpn[75254]: SIGTERM[hard,] received, process exiting
Dec 9 13:19:35	openvpn[68899]: OpenVPN 2.3.2 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Jul 24 2013
Dec 9 13:19:35	openvpn[68899]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 9 13:19:35	openvpn[68899]: TUN/TAP device ovpnc1 exists previously, keep at program end
Dec 9 13:19:35	openvpn[68899]: TUN/TAP device /dev/tun1 opened
Dec 9 13:19:35	openvpn[68899]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
Dec 9 13:19:35	openvpn[68899]: /sbin/ifconfig ovpnc1 172.16.0.2 172.16.0.1 mtu 1500 netmask 255.255.255.255 up
Dec 9 13:19:35	openvpn[68899]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1560 172.16.0.2 172.16.0.1 init
Dec 9 13:19:35	openvpn[68899]: ERROR: FreeBSD route add command failed: external program exited with error status: 1
Dec 9 13:19:35	openvpn[69927]: UDPv4 link local (bound): [AF_INET]192.168.0.11
Dec 9 13:19:35	openvpn[69927]: UDPv4 link remote: [AF_INET]179.223.136.239:1194
Dec 9 13:19:39	openvpn[69927]: Peer Connection Initiated with [AF_INET]179.223.136.239:1194
Dec 9 13:19:39	openvpn[69927]: Initialization Sequence Completed
Dec 9 18:59:07	openvpn[69927]: event_wait : Interrupted system call (code=4)
Dec 9 18:59:07	openvpn[69927]: /usr/local/sbin/ovpn-linkdown ovpnc1 1500 1560 172.16.0.2 172.16.0.1 init
Dec 9 18:59:08	openvpn[69927]: SIGTERM[hard,] received, process exiting
Dec 9 18:59:08	openvpn[87360]: OpenVPN 2.3.2 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Jul 24 2013
Dec 9 18:59:08	openvpn[87360]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 9 18:59:08	openvpn[87360]: TUN/TAP device ovpnc1 exists previously, keep at program end
Dec 9 18:59:08	openvpn[87360]: TUN/TAP device /dev/tun1 opened
Dec 9 18:59:08	openvpn[87360]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
Dec 9 18:59:08	openvpn[87360]: /sbin/ifconfig ovpnc1 172.16.0.2 172.16.0.1 mtu 1500 netmask 255.255.255.255 up
Dec 9 18:59:08	openvpn[87360]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1560 172.16.0.2 172.16.0.1 init
Dec 9 18:59:08	openvpn[87360]: ERROR: FreeBSD route add command failed: external program exited with error status: 1
Dec 9 18:59:08	openvpn[88401]: UDPv4 link local (bound): [AF_INET]192.168.0.11
Dec 9 18:59:08	openvpn[88401]: UDPv4 link remote: [AF_INET]179.223.136.239:1194
Dec 9 18:59:10	openvpn[88401]: Peer Connection Initiated with [AF_INET]179.223.136.239:1194
Dec 9 18:59:10	openvpn[88401]: Initialization Sequence Completed

      Logs OPENVPN Server

      Dec 9 12:43:30	openvpn[97235]: Authenticate/Decrypt packet error: packet HMAC authentication failed
Dec 9 12:43:32	openvpn[97235]: event_wait : Interrupted system call (code=4)
Dec 9 12:43:32	openvpn[97235]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1560 172.16.0.1 172.16.0.2 init
Dec 9 12:43:32	openvpn[97235]: SIGTERM[hard,] received, process exiting
Dec 9 12:43:32	openvpn[45397]: OpenVPN 2.3.2 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Jul 24 2013
Dec 9 12:43:32	openvpn[45397]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 9 12:43:32	openvpn[45397]: TUN/TAP device ovpns1 exists previously, keep at program end
Dec 9 12:43:32	openvpn[45397]: TUN/TAP device /dev/tun1 opened
Dec 9 12:43:32	openvpn[45397]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
Dec 9 12:43:32	openvpn[45397]: /sbin/ifconfig ovpns1 172.16.0.1 172.16.0.2 mtu 1500 netmask 255.255.255.255 up
Dec 9 12:43:32	openvpn[45397]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1560 172.16.0.1 172.16.0.2 init
Dec 9 12:43:32	openvpn[46888]: UDPv4 link local (bound): [AF_INET]192.168.0.2:1194
Dec 9 12:43:32	openvpn[46888]: UDPv4 link remote: [undef]
Dec 9 12:43:38	openvpn[46888]: Authenticate/Decrypt packet error: packet HMAC authentication failed
Dec 9 12:43:54	openvpn[46888]: Authenticate/Decrypt packet error: packet HMAC authentication failed
Dec 9 12:44:25	openvpn[46888]: Authenticate/Decrypt packet error: packet HMAC authentication failed
Dec 9 12:44:27	openvpn[46888]: Authenticate/Decrypt packet error: packet HMAC authentication failed
Dec 9 12:44:31	openvpn[46888]: Authenticate/Decrypt packet error: packet HMAC authentication failed
Dec 9 12:44:34	openvpn[46888]: Peer Connection Initiated with [AF_INET]179.223.160.169:37415
Dec 9 12:44:34	openvpn[46888]: Initialization Sequence Completed
Dec 9 13:19:06	openvpn[46888]: event_wait : Interrupted system call (code=4)
Dec 9 13:19:06	openvpn[46888]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1560 172.16.0.1 172.16.0.2 init
Dec 9 13:19:06	openvpn[46888]: SIGTERM[hard,] received, process exiting
Dec 9 13:19:07	openvpn[76184]: OpenVPN 2.3.2 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Jul 24 2013
Dec 9 13:19:07	openvpn[76184]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 9 13:19:07	openvpn[76184]: TUN/TAP device ovpns1 exists previously, keep at program end
Dec 9 13:19:07	openvpn[76184]: TUN/TAP device /dev/tun1 opened
Dec 9 13:19:07	openvpn[76184]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
Dec 9 13:19:07	openvpn[76184]: /sbin/ifconfig ovpns1 172.16.0.1 172.16.0.2 mtu 1500 netmask 255.255.255.255 up
Dec 9 13:19:07	openvpn[76184]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1560 172.16.0.1 172.16.0.2 init
Dec 9 13:19:07	openvpn[77740]: UDPv4 link local (bound): [AF_INET]192.168.0.2:1194
Dec 9 13:19:07	openvpn[77740]: UDPv4 link remote: [undef]
Dec 9 13:19:16	openvpn[77740]: Peer Connection Initiated with [AF_INET]179.223.160.169:37415
Dec 9 13:19:18	openvpn[77740]: Initialization Sequence Completed
Dec 9 13:19:35	openvpn[77740]: Peer Connection Initiated with [AF_INET]179.223.160.169:30021
Dec 9 18:58:55	openvpn[77740]: event_wait : Interrupted system call (code=4)
Dec 9 18:58:55	openvpn[77740]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1560 172.16.0.1 172.16.0.2 init
Dec 9 18:58:55	openvpn[77740]: SIGTERM[hard,] received, process exiting
Dec 9 18:58:55	openvpn[57328]: OpenVPN 2.3.2 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Jul 24 2013
Dec 9 18:58:55	openvpn[57328]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 9 18:58:55	openvpn[57328]: TUN/TAP device ovpns1 exists previously, keep at program end
Dec 9 18:58:55	openvpn[57328]: TUN/TAP device /dev/tun1 opened
Dec 9 18:58:55	openvpn[57328]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
Dec 9 18:58:55	openvpn[57328]: /sbin/ifconfig ovpns1 172.16.0.1 172.16.0.2 mtu 1500 netmask 255.255.255.255 up
Dec 9 18:58:55	openvpn[57328]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1560 172.16.0.1 172.16.0.2 init
Dec 9 18:58:55	openvpn[58331]: UDPv4 link local (bound): [AF_INET]192.168.0.2:1194
Dec 9 18:58:55	openvpn[58331]: UDPv4 link remote: [undef]
Dec 9 18:59:04	openvpn[58331]: Peer Connection Initiated with [AF_INET]179.223.160.169:30021
Dec 9 18:59:04	openvpn[58331]: Initialization Sequence Completed
Dec 9 18:59:08	openvpn[58331]: Peer Connection Initiated with [AF_INET]179.223.160.169:46741

      Acho que é isso, alguem me diz onde to errando que vou fazer aniversario de 3 semanas tentando configurar.

      Eu disponibilizei acesso remoto em ambos caso alguém queira configurar para mim me manda PM com o preço, que eu pago porque se eu nao conseguir rodar até amanha vou jogar esses dois PC do 6 andar!

      Att.

      1 Reply Last reply Reply Quote 0
      • F Offline
        FabianVitali
        last edited by

        Sua configuração de rede remota no cliente está errada, coloque 192.168.2.0/24, marque Compress tunnel packets using the LZO algorithm dos dois lados e em Concurrent connections coloque 1(lado servidor).

        aaaa e fui ver isso agora, apague o endereço do teu servidor no print do lado cliente pois da acesso ao teu pfSense…

        "Do que vale um mar de conhecimento com um palmo de profundidade…"

        1 Reply Last reply Reply Quote 0
        • T Offline
          throel
          last edited by

          @FabianVitali:

          Sua configuração de rede remota no cliente está errada, coloque 192.168.2.0/24, marque Compress tunnel packets using the LZO algorithm dos dois lados e em Concurrent connections coloque 1(lado servidor).

          aaaa e fui ver isso agora, apague o endereço do teu servidor no print do lado cliente pois da acesso ao teu pfSense…

          \o vou  fazer isso agora, jaja coloco aqui se deu certo.

          Att.

          === EDITADO ===

          FabianVitai me passa ou teu endereço ou tua conta bancaria pra eu te mandar um presente que tu merece pqp, essa porra funcionou perfeitamente!

          Fico aguardando sua PM com os dados.

          Att Obrigadao!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.