Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Подключение Windows client к pfsense по схеме Site-to-Site

    Scheduled Pinned Locked Moved Russian
    21 Posts 4 Posters 3.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D Offline
      dmitry86
      last edited by

      Отключил, асус роутер снова стал подключаться, правда я так и не разобрался почему я из сети 10.10.10.0/24 не могу ходить в сеть 192.168.1.0/24 и обратно.
      Выкладываю скриншоты настроек, думаю они прояснят ситтуацию, думаю что дело в правилах фаервола































      Лог с асус роутера:

      May 15 11:27:58 asus daemon.info dnsmasq[20310]: started, version 2.72+ cachesize 1500
May 15 11:27:58 asus daemon.info dnsmasq[20310]: compile time options: IPv6 GNU-getopt no-RTC no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset Tomato-helper auth DNSSEC loop-detect
May 15 11:27:58 asus daemon.info dnsmasq[20310]: asynchronous logging enabled, queue limit is 5 messages
May 15 11:27:58 asus daemon.info dnsmasq-dhcp[20310]: DHCP, IP range 192.168.1.10 -- 192.168.1.61, lease time 1d
May 15 11:27:58 asus daemon.info dnsmasq[20310]: reading /etc/resolv.dnsmasq
May 15 11:27:58 asus daemon.info dnsmasq[20310]: using nameserver 77.37.251.33#53
May 15 11:27:58 asus daemon.info dnsmasq[20310]: using nameserver 77.37.255.30#53
May 15 11:27:58 asus daemon.info dnsmasq[20310]: read /etc/hosts - 2 addresses
May 15 11:27:58 asus daemon.info dnsmasq[20310]: read /etc/dnsmasq/hosts/hosts - 3 addresses
May 15 11:27:58 asus daemon.info dnsmasq-dhcp[20310]: read /etc/dnsmasq/dhcp/dhcp-hosts
May 15 11:28:04 asus daemon.err apcupsd[20061]: apcupsd FATAL ERROR in linux-usb.c at line 609 Cannot find UPS device -- For a link to detailed USB trouble shooting information, please see <http: www.apcupsd.com="" support.html="">.
May 15 11:28:04 asus daemon.err apcupsd[20061]: apcupsd error shutdown completed
May 15 11:28:06 asus daemon.err nmbd[20246]: Samba server ASUS is now a domain master browser for workgroup WORKGROUP on subnet 192.168.1.1
May 15 11:28:20 asus daemon.err nmbd[20246]: Samba name server ASUS is now a local master browser for workgroup WORKGROUP on subnet 192.168.1.1
May 15 11:48:52 asus daemon.notice openvpn[19494]: SIGUSR1[soft,ping-restart] received, process restarting
May 15 11:48:52 asus daemon.notice openvpn[19494]: Restart pause, 2 second(s)
May 15 11:48:54 asus daemon.notice openvpn[19494]: Socket Buffers: R=[114688->131072] S=[114688->131072]
May 15 11:48:54 asus daemon.notice openvpn[19494]: UDPv4 link local: [undef]
May 15 11:48:54 asus daemon.notice openvpn[19494]: UDPv4 link remote: [AF_INET]185.46.154.10:1194
May 15 11:48:54 asus daemon.notice openvpn[19494]: TLS: Initial packet from [AF_INET]185.46.154.10:1194, sid=c0c92ef6 c98e54af
May 15 11:48:54 asus daemon.notice openvpn[19494]: VERIFY OK: depth=1, /C=RU/ST=Moscow/L=Moscow/O=Interkom/emailAddress=dimka.ermakov@gmail.com/CN=internal-ca
May 15 11:48:54 asus daemon.notice openvpn[19494]: VERIFY X509NAME OK: /C=RU/ST=Moscow/L=Moscow/O=Interkom/emailAddress=dimka.ermakov@gmail.com/CN=ovpns1
May 15 11:48:54 asus daemon.notice openvpn[19494]: VERIFY OK: depth=0, /C=RU/ST=Moscow/L=Moscow/O=Interkom/emailAddress=dimka.ermakov@gmail.com/CN=ovpns1
May 15 11:48:54 asus daemon.notice openvpn[19494]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
May 15 11:48:54 asus daemon.notice openvpn[19494]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
May 15 11:48:54 asus daemon.notice openvpn[19494]: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
May 15 11:48:54 asus daemon.notice openvpn[19494]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
May 15 11:48:54 asus daemon.notice openvpn[19494]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
May 15 11:48:54 asus daemon.notice openvpn[19494]: [ovpns1] Peer Connection Initiated with [AF_INET]185.46.154.10:1194
May 15 11:48:57 asus daemon.notice openvpn[19494]: SENT CONTROL [ovpns1]: 'PUSH_REQUEST' (status=1)
May 15 11:48:57 asus daemon.notice openvpn[19494]: PUSH: Received control message: 'PUSH_REPLY,route 10.10.12.0 255.255.255.0,route 10.10.10.0 255.255.255.0,route 10.0.8.0 255.255.255.0,topology net30,ping 10,ping-restart 60,ifconfig 10.0.8.6 10.0.8.5'
May 15 11:48:57 asus daemon.notice openvpn[19494]: OPTIONS IMPORT: timers and/or timeouts modified
May 15 11:48:57 asus daemon.notice openvpn[19494]: OPTIONS IMPORT: --ifconfig/up options modified
May 15 11:48:57 asus daemon.notice openvpn[19494]: OPTIONS IMPORT: route options modified
May 15 11:48:57 asus daemon.notice openvpn[19494]: Preserving previous TUN/TAP instance: tun11
May 15 11:48:57 asus daemon.notice openvpn[19494]: Initialization Sequence Completed
May 15 12:00:01 asus syslog.info root: -- MARK --
May 15 12:14:35 asus daemon.notice openvpn[19494]: [ovpns1] Inactivity timeout (--ping-restart), restarting
May 15 12:14:35 asus daemon.notice openvpn[19494]: SIGUSR1[soft,ping-restart] received, process restarting
May 15 12:14:35 asus daemon.notice openvpn[19494]: Restart pause, 2 second(s)
May 15 12:14:37 asus daemon.notice openvpn[19494]: Socket Buffers: R=[114688->131072] S=[114688->131072]
May 15 12:14:37 asus daemon.notice openvpn[19494]: UDPv4 link local: [undef]
May 15 12:14:37 asus daemon.notice openvpn[19494]: UDPv4 link remote: [AF_INET]185.46.154.10:1194
May 15 12:14:37 asus daemon.notice openvpn[19494]: TLS: Initial packet from [AF_INET]185.46.154.10:1194, sid=6a0f4c0b 105b006b
May 15 12:14:37 asus daemon.notice openvpn[19494]: VERIFY OK: depth=1, /C=RU/ST=Moscow/L=Moscow/O=Interkom/emailAddress=dimka.ermakov@gmail.com/CN=internal-ca
May 15 12:14:37 asus daemon.notice openvpn[19494]: VERIFY X509NAME OK: /C=RU/ST=Moscow/L=Moscow/O=Interkom/emailAddress=dimka.ermakov@gmail.com/CN=ovpns1
May 15 12:14:37 asus daemon.notice openvpn[19494]: VERIFY OK: depth=0, /C=RU/ST=Moscow/L=Moscow/O=Interkom/emailAddress=dimka.ermakov@gmail.com/CN=ovpns1
May 15 12:14:37 asus daemon.notice openvpn[19494]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
May 15 12:14:37 asus daemon.notice openvpn[19494]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
May 15 12:14:37 asus daemon.notice openvpn[19494]: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
May 15 12:14:37 asus daemon.notice openvpn[19494]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
May 15 12:14:37 asus daemon.notice openvpn[19494]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
May 15 12:14:37 asus daemon.notice openvpn[19494]: [ovpns1] Peer Connection Initiated with [AF_INET]185.46.154.10:1194
May 15 12:14:39 asus daemon.notice openvpn[19494]: SENT CONTROL [ovpns1]: 'PUSH_REQUEST' (status=1)
May 15 12:14:39 asus daemon.notice openvpn[19494]: PUSH: Received control message: 'PUSH_REPLY,route 10.10.12.0 255.255.255.0,route 10.10.10.0 255.255.255.0,route 10.0.8.0 255.255.255.0,topology net30,ping 10,ping-restart 60,ifconfig 10.0.8.6 10.0.8.5'
May 15 12:14:39 asus daemon.notice openvpn[19494]: OPTIONS IMPORT: timers and/or timeouts modified
May 15 12:14:39 asus daemon.notice openvpn[19494]: OPTIONS IMPORT: --ifconfig/up options modified
May 15 12:14:39 asus daemon.notice openvpn[19494]: OPTIONS IMPORT: route options modified
May 15 12:14:39 asus daemon.notice openvpn[19494]: Preserving previous TUN/TAP instance: tun11
May 15 12:14:39 asus daemon.notice openvpn[19494]: Initialization Sequence Completed
May 15 12:46:02 asus daemon.notice openvpn[19494]: OpenVPN STATISTICS
May 15 12:46:02 asus daemon.notice openvpn[19494]: Updated,Fri May 15 12:46:02 2015
May 15 12:46:02 asus daemon.notice openvpn[19494]: TUN/TAP read bytes,2250700
May 15 12:46:02 asus daemon.notice openvpn[19494]: TUN/TAP write bytes,116667
May 15 12:46:02 asus daemon.notice openvpn[19494]: TCP/UDP read bytes,189008
May 15 12:46:02 asus daemon.notice openvpn[19494]: TCP/UDP write bytes,2366467
May 15 12:46:02 asus daemon.notice openvpn[19494]: Auth read bytes,119499
May 15 12:46:02 asus daemon.notice openvpn[19494]: END
May 15 12:55:44 asus daemon.notice openvpn[19494]: OpenVPN STATISTICS
May 15 12:55:44 asus daemon.notice openvpn[19494]: Updated,Fri May 15 12:55:44 2015
May 15 12:55:44 asus daemon.notice openvpn[19494]: TUN/TAP read bytes,3281732
May 15 12:55:44 asus daemon.notice openvpn[19494]: TUN/TAP write bytes,187984
May 15 12:55:44 asus daemon.notice openvpn[19494]: TCP/UDP read bytes,291033
May 15 12:55:44 asus daemon.notice openvpn[19494]: TCP/UDP write bytes,3447298
May 15 12:55:44 asus daemon.notice openvpn[19494]: Auth read bytes,191648
May 15 12:55:44 asus daemon.notice openvpn[19494]: END
May 15 13:00:01 asus syslog.info root: -- MARK --
May 15 13:05:42 asus daemon.notice openvpn[19494]: [ovpns1] Inactivity timeout (--ping-restart), restarting
May 15 13:05:42 asus daemon.notice openvpn[19494]: SIGUSR1[soft,ping-restart] received, process restarting
May 15 13:05:42 asus daemon.notice openvpn[19494]: Restart pause, 2 second(s)
May 15 13:05:44 asus daemon.notice openvpn[19494]: Socket Buffers: R=[114688->131072] S=[114688->131072]
May 15 13:05:44 asus daemon.notice openvpn[19494]: UDPv4 link local: [undef]
May 15 13:05:44 asus daemon.notice openvpn[19494]: UDPv4 link remote: [AF_INET]185.46.154.10:1194
May 15 13:05:44 asus daemon.notice openvpn[19494]: TLS: Initial packet from [AF_INET]185.46.154.10:1194, sid=5fe42e41 12463aca
May 15 13:05:44 asus daemon.notice openvpn[19494]: VERIFY OK: depth=1, /C=RU/ST=Moscow/L=Moscow/O=Interkom/emailAddress=dimka.ermakov@gmail.com/CN=internal-ca
May 15 13:05:44 asus daemon.notice openvpn[19494]: VERIFY X509NAME OK: /C=RU/ST=Moscow/L=Moscow/O=Interkom/emailAddress=dimka.ermakov@gmail.com/CN=ovpns1
May 15 13:05:44 asus daemon.notice openvpn[19494]: VERIFY OK: depth=0, /C=RU/ST=Moscow/L=Moscow/O=Interkom/emailAddress=dimka.ermakov@gmail.com/CN=ovpns1
May 15 13:05:45 asus daemon.notice openvpn[19494]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
May 15 13:05:45 asus daemon.notice openvpn[19494]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
May 15 13:05:45 asus daemon.notice openvpn[19494]: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
May 15 13:05:45 asus daemon.notice openvpn[19494]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
May 15 13:05:45 asus daemon.notice openvpn[19494]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
May 15 13:05:45 asus daemon.notice openvpn[19494]: [ovpns1] Peer Connection Initiated with [AF_INET]185.46.154.10:1194
May 15 13:05:47 asus daemon.notice openvpn[19494]: SENT CONTROL [ovpns1]: 'PUSH_REQUEST' (status=1)
May 15 13:05:47 asus daemon.notice openvpn[19494]: PUSH: Received control message: 'PUSH_REPLY,route 10.10.12.0 255.255.255.0,route 10.10.10.0 255.255.255.0,route 10.0.8.0 255.255.255.0,topology net30,ping 10,ping-restart 60,ifconfig 10.0.8.6 10.0.8.5'
May 15 13:05:47 asus daemon.notice openvpn[19494]: OPTIONS IMPORT: timers and/or timeouts modified
May 15 13:05:47 asus daemon.notice openvpn[19494]: OPTIONS IMPORT: --ifconfig/up options modified
May 15 13:05:47 asus daemon.notice openvpn[19494]: OPTIONS IMPORT: route options modified
May 15 13:05:47 asus daemon.notice openvpn[19494]: Preserving previous TUN/TAP instance: tun11
May 15 13:05:47 asus daemon.notice openvpn[19494]: Initialization Sequence Completed</http:>
      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.