Problem mit ddwrt openvpn

Post new topic   Reply to topic    DD-WRT Forum Index -> X86 basierende Hardware
Author Message
Neonium
DD-WRT User


Joined: 23 Jul 2008
Posts: 64

PostPosted: Thu Jan 06, 2011 21:11    Post subject: Problem mit ddwrt openvpn Reply with quote
Hallo,

ich versuche wieder ein Openvpn von 2 DDWRT ROutern aufzubauen. Um es testen zu können habe ich mir so eine Konstelation wie in vpn-test. Desweiteren hab ich Screens vom Serverstatus, Server Einstellungen und Client einstellungen gemacht.
Sponsor
Neonium
DD-WRT User


Joined: 23 Jul 2008
Posts: 64

PostPosted: Thu Jan 06, 2011 21:13    Post subject: Reply with quote
hier nochmal der rest an screens. Laut Server status ist der Client conneted, aber ich kann vom Laptop nicht auf das 192.168.2.0 netz zugreifen.
Sash
DD-WRT Guru


Joined: 20 Sep 2006
Posts: 17619
Location: Hesse/Germany

PostPosted: Fri Jan 07, 2011 2:00    Post subject: Reply with quote
was soll denn der config unsinn beim server?
_________________
Forum Guidelines...How to get help
&
Forum Rules
&
RTFM/STFW
&
Throw some buzzwords into the WIKI search Exclamation
_________________
I'm NOT rude, just offer pure facts!
_________________
Atheros (TP-Link & Clones, etc ) debrick service in EU
_________________
Guide on HowTo be Safe, Secure and Protect Your Online Anonymity!
Neonium
DD-WRT User


Joined: 23 Jul 2008
Posts: 64

PostPosted: Fri Jan 07, 2011 15:16    Post subject: Reply with quote
brauch ich anscheind nicht mehr. Hab jetzt alles bei der OpenVPN Konfiguration. Leider geht es immer noch nicht.

Ich habe jetzt in der Server Firewall noch diese
iptables -I INPUT 1 -p udp --dport 1194 -j ACCEPT
iptables -I FORWARD 1 --source 10.60.60.0/24 -j ACCEPT
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT

Befehle eingefügt.

Bei der Client Firewall habe ich noch

iptables -I INPUT 3 -i tun0 -p icmp -j ACCEPT
iptables -I INPUT 1 -i tun0 -p tcp --dport 80 -j ACCEPT
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT

das eingefügt. Leider hat ich kein Erfolg.

Beim Server bekomme ich im Log

Code:
Serverlog 20110107 16:10:44 93.200.239.1:32768 Data Channel MTU parms [ L:1606 D:1450 EF:106 EB:135 ET:0 EL:0 AF:3/1 ]
20110107 16:10:44 93.200.239.1:32768 Fragmentation MTU parms [ L:1606 D:1450 EF:105 EB:135 ET:1 EL:0 AF:3/1 ]
20110107 16:10:44 93.200.239.1:32768 TLS: Initial packet from 93.200.239.1:32768 sid=ac082078 6125990a
20110107 16:11:45 N 93.200.239.1:32768 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
20110107 16:11:45 N 93.200.239.1:32768 TLS Error: TLS handshake failed
20110107 16:11:45 93.200.239.1:32768 SIGUSR1[soft tls-error] received client-instance restarting
20110107 16:11:46 MULTI: multi_create_instance called
20110107 16:11:46 I 93.200.239.1:32768 Re-using SSL/TLS context
20110107 16:11:46 I 93.200.239.1:32768 LZO compression initialized
20110107 16:11:46 93.200.239.1:32768 Control Channel MTU parms [ L:1606 D:138 EF:38 EB:0 ET:0 EL:0 ]
20110107 16:11:46 93.200.239.1:32768 Data Channel MTU parms [ L:1606 D:1450 EF:106 EB:135 ET:0 EL:0 AF:3/1 ]
20110107 16:11:46 93.200.239.1:32768 Fragmentation MTU parms [ L:1606 D:1450 EF:105 EB:135 ET:1 EL:0 AF:3/1 ]
20110107 16:11:46 93.200.239.1:32768 TLS: Initial packet from 93.200.239.1:32768 sid=744931b6 4c06425f
20110107 16:12:47 N 93.200.239.1:32768 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
20110107 16:12:47 N 93.200.239.1:32768 TLS Error: TLS handshake failed
20110107 16:12:47 93.200.239.1:32768 SIGUSR1[soft tls-error] received client-instance restarting
20110107 16:12:48 MULTI: multi_create_instance called
20110107 16:12:48 I 93.200.239.1:32768 Re-using SSL/TLS context
20110107 16:12:48 I 93.200.239.1:32768 LZO compression initialized
20110107 16:12:48 93.200.239.1:32768 Control Channel MTU parms [ L:1606 D:138 EF:38 EB:0 ET:0 EL:0 ]
20110107 16:12:48 93.200.239.1:32768 Data Channel MTU parms [ L:1606 D:1450 EF:106 EB:135 ET:0 EL:0 AF:3/1 ]
20110107 16:12:48 93.200.239.1:32768 Fragmentation MTU parms [ L:1606 D:1450 EF:105 EB:135 ET:1 EL:0 AF:3/1 ]
20110107 16:12:48 93.200.239.1:32768 TLS: Initial packet from 93.200.239.1:32768 sid=7e2ec235 81822cf5
20110107 16:13:48 N 93.200.239.1:32768 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
20110107 16:13:48 N 93.200.239.1:32768 TLS Error: TLS handshake failed
20110107 16:13:48 93.200.239.1:32768 SIGUSR1[soft tls-error] received client-instance restarting
20110107 16:13:51 MULTI: multi_create_instance called
20110107 16:13:51 I 93.200.239.1:32768 Re-using SSL/TLS context
20110107 16:13:51 I 93.200.239.1:32768 LZO compression initialized
20110107 16:13:51 93.200.239.1:32768 Control Channel MTU parms [ L:1606 D:138 EF:38 EB:0 ET:0 EL:0 ]
20110107 16:13:51 93.200.239.1:32768 Data Channel MTU parms [ L:1606 D:1450 EF:106 EB:135 ET:0 EL:0 AF:3/1 ]
20110107 16:13:51 93.200.239.1:32768 Fragmentation MTU parms [ L:1606 D:1450 EF:105 EB:135 ET:1 EL:0 AF:3/1 ]
20110107 16:13:51 93.200.239.1:32768 TLS: Initial packet from 93.200.239.1:32768 sid=98c6aa3c e753a99e
20110107 16:14:07 MANAGEMENT: Client connected from 127.0.0.1:5002
20110107 16:14:07 D MANAGEMENT: CMD 'state'
20110107 16:14:07 MANAGEMENT: Client disconnected
20110107 16:14:07 MANAGEMENT: Client connected from 127.0.0.1:5002
20110107 16:14:07 D MANAGEMENT: CMD 'status 2'
20110107 16:14:07 MANAGEMENT: Client disconnected
20110107 16:14:07 MANAGEMENT: Client connected from 127.0.0.1:5002
20110107 16:14:07 D MANAGEMENT: CMD 'log 500'
20110107 16:14:07 MANAGEMENT: Client disconnected
20110107 16:14:19 MANAGEMENT: Client connected from 127.0.0.1:5002
20110107 16:14:19 D MANAGEMENT: CMD 'state'
20110107 16:14:19 MANAGEMENT: Client disconnected
20110107 16:14:19 MANAGEMENT: Client connected from 127.0.0.1:5002
20110107 16:14:19 D MANAGEMENT: CMD 'status 2'
20110107 16:14:19 MANAGEMENT: Client disconnected
20110107 16:14:19 MANAGEMENT: Client connected from 127.0.0.1:5002
20110107 16:14:19 D MANAGEMENT: CMD 'log 500'


Die Fehler beim Client sehen ähnlich aus. Schade das ich es wahrscheinlich heute nicht mehr hin bekomme das VPN zum laufen zu kriegen Sad
Sash
DD-WRT Guru


Joined: 20 Sep 2006
Posts: 17619
Location: Hesse/Germany

PostPosted: Fri Jan 07, 2011 15:49    Post subject: Reply with quote
1. die tables rules sind wiederum unsin. 2. schua dir noch mal die konfig im gui an und was du da fuer nen muell eingestellt hast...damit kanns niemals gehn
_________________
Forum Guidelines...How to get help
&
Forum Rules
&
RTFM/STFW
&
Throw some buzzwords into the WIKI search Exclamation
_________________
I'm NOT rude, just offer pure facts!
_________________
Atheros (TP-Link & Clones, etc ) debrick service in EU
_________________
Guide on HowTo be Safe, Secure and Protect Your Online Anonymity!
Neonium
DD-WRT User


Joined: 23 Jul 2008
Posts: 64

PostPosted: Fri Jan 07, 2011 17:22    Post subject: Reply with quote
was ist den an den Rules unsinn brauch ich keine oder was? Das hab ich aus einem Wiki Artikel, was meinst du denn im gui. Ich habe es jetzt neu eingestellt
Sash
DD-WRT Guru


Joined: 20 Sep 2006
Posts: 17619
Location: Hesse/Germany

PostPosted: Sat Jan 15, 2011 19:08    Post subject: Reply with quote
sorry hab speziell den client gemeint. der server is fast ok. mtu kram auf defaults!
_________________
Forum Guidelines...How to get help
&
Forum Rules
&
RTFM/STFW
&
Throw some buzzwords into the WIKI search Exclamation
_________________
I'm NOT rude, just offer pure facts!
_________________
Atheros (TP-Link & Clones, etc ) debrick service in EU
_________________
Guide on HowTo be Safe, Secure and Protect Your Online Anonymity!
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> X86 basierende Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum