Boa tarde a todos... Tenho um problema com o openvpn que já está me deixando maluco !!!
A conexão é entre dois firewalls, ambos rodando Shorewall. O servidor tem 4 placas de redem uma para o ip válido, e três segmentos internos, 172.16.2.xxx, 172.16.3.xxx e 172.16.4.xxx . Estes é o arquivo de configuração do servidor : dev tun #proto tcp-server port 7794 local 186.xxx.43.18 remote 186.xxx.43.10 ifconfig 192.168.99.2 192.168.99.1 route 172.16.0.0 255.255.255.0 192.168.99.1 push "route 192.168.10.0 255.255.255.0 vpn_gateway" tls-server dh dh2048.pem ca /etc/openvpn/keys/ca.crt cert /etc/openvpn/keys/server_cities.crt key /etc/openvpn/keys/server_cities.key comp-lzo link-mtu 1542 auth none SHA1 cipher BF-CBC keysize 128 verb 5 No cliente existem apenas 2 placas de rede, e a rede local atualmente é 172.16.0.xxx,mas eu já tentei colocar o ip do cliente em 192.168.10.xxx e o problema persistiu ! este é o arquivo de configuração do cliente : dev tun #proto tcp-client port 7794 local 186.xxx.43.10 remote 186.xxx.43.18 ifconfig 192.168.99.1 192.168.99.2 route 172.16.2.0 255.255.255.0 192.168.99.2 route 172.16.3.0 255.255.255.0 192.168.99.2 route 172.16.4.0 255.255.255.0 192.168.99.2 push "route 172.16.2.0 255.255.255.0 vpn_gateway" push "route 172.16.3.0 255.255.255.0 vpn_gateway" push "route 172.16.4.0 255.255.255.0 vpn_gateway" tls-client dh dh2048.pem ca /etc/openvpn/keys/ca.crt cert /etc/openvpn/keys/cities.crt key /etc/openvpn/keys/cities.key comp-lzo link-mtu 1542 auth none SHA1 cipher BF-CBC keysize 128 verb 5 E esta é a saída do log segue anexo, pois é muito grande para que seja postado em texto . Os ips válidos foram editados, por razões óbvias ! E finalmente o problema : Os pacotes não circulam !!! O objetivo é que as máquinas na rede cliente possam ter acesso aos volumes de rede da rede do servidor, mas elas não se "enxergam" ... Não há nenhuma msg de erro, a conexão é estabelecida, como o log mostra, mas nada acontece .... Qualquer ajuda será muito útil .. Fábio Rabelo
Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: Current Parameter Settings: Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: config = '/etc/openvpn/172-16-2.conf' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: mode = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: persist_config = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: persist_mode = 1 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: show_ciphers = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: show_digests = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: show_engines = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: genkey = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: key_pass_file = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: show_tls_ciphers = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: Connection profiles [default]: Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: proto = udp Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: local = '186.201.43.10' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: local_port = 7794 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote = '186.201.43.18' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_port = 7794 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_float = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: bind_defined = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: bind_local = ENABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: connect_retry_seconds = 5 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: connect_timeout = 10 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: connect_retry_max = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: socks_proxy_server = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: socks_proxy_port = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: socks_proxy_retry = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: Connection profiles END Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_random = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ipchange = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: dev = 'tun' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: dev_type = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: dev_node = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: lladdr = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: topology = 1 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tun_ipv6 = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ifconfig_local = '192.168.99.1' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ifconfig_remote_netmask = '192.168.99.2' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ifconfig_noexec = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ifconfig_nowarn = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: shaper = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tun_mtu = 1500 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tun_mtu_defined = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: link_mtu = 1542 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: link_mtu_defined = ENABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tun_mtu_extra = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tun_mtu_extra_defined = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: fragment = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: mtu_discover_type = -1 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: mtu_test = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: mlock = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: keepalive_ping = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: keepalive_timeout = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: inactivity_timeout = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ping_send_timeout = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ping_rec_timeout = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ping_rec_timeout_action = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ping_timer_remote = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remap_sigusr1 = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: explicit_exit_notification = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: persist_tun = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: persist_local_ip = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: persist_remote_ip = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: persist_key = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: mssfix = 1450 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: passtos = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: resolve_retry_seconds = 1000000000 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: username = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: groupname = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: chroot_dir = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: cd_dir = '/etc/openvpn' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: writepid = '/var/run/openvpn.172-16-2.pid' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: up_script = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: down_script = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: down_pre = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: up_restart = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: up_delay = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: daemon = ENABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: inetd = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: log = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: suppress_timestamps = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: nice = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: verbosity = 5 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: mute = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: gremlin = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: status_file = '/var/run/openvpn.172-16-2.status' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: status_file_version = 1 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: status_file_update_freq = 10 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: occ = ENABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: rcvbuf = 65536 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: sndbuf = 65536 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: sockflags = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: fast_io = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: lzo = 7 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route_script = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route_default_gateway = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route_default_metric = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route_noexec = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route_delay = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route_delay_window = 30 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route_delay_defined = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route_nopull = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route_gateway_via_dhcp = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: allow_pull_fqdn = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route 172.16.2.0/255.255.255.0/192.168.99.2/nil Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route 172.16.3.0/255.255.255.0/192.168.99.2/nil Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: route 172.16.4.0/255.255.255.0/192.168.99.2/nil Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: management_addr = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: management_port = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: management_user_pass = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: management_log_history_cache = 250 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: management_echo_buffer_size = 100 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: management_write_peer_info_file = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: management_flags = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: shared_secret_file = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: key_direction = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ciphername_defined = ENABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ciphername = 'BF-CBC' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: authname_defined = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: authname = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: keysize = 16 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: engine = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: replay = ENABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: mute_replay_warnings = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: replay_window = 64 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: replay_time = 15 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: packet_id_file = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: use_iv = ENABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: test_crypto = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tls_server = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tls_client = ENABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: key_method = 2 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ca_file = '/etc/openvpn/keys/ca.crt' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ca_path = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: dh_file = 'dh2048.pem' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: cert_file = '/etc/openvpn/keys/cities.crt' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: priv_key_file = '/etc/openvpn/keys/cities.key' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs12_file = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: cipher_list = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tls_verify = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tls_remote = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: crl_file = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ns_cert_type = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_ku[i] = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: remote_cert_eku = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tls_timeout = 2 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: renegotiate_bytes = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: renegotiate_packets = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: renegotiate_seconds = 3600 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: handshake_window = 60 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: transition_window = 3600 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: single_session = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tls_exit = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tls_auth_file = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_protected_authentication = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_private_mode = 00000000 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_cert_private = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_pin_cache_period = -1 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_id = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pkcs11_id_management = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: server_network = 0.0.0.0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: server_netmask = 0.0.0.0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: server_bridge_ip = 0.0.0.0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: server_bridge_netmask = 0.0.0.0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: server_bridge_pool_start = 0.0.0.0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: server_bridge_pool_end = 0.0.0.0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: push_list = 'route 172.16.2.0 255.255.255.0 vpn_gateway,route 172.16.3.0 255.255.255.0 vpn_gateway,route 172.16.4.0 255.255.255.0 vpn_gateway' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ifconfig_pool_defined = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ifconfig_pool_start = 0.0.0.0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ifconfig_pool_end = 0.0.0.0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ifconfig_pool_netmask = 0.0.0.0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ifconfig_pool_persist_filename = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ifconfig_pool_persist_refresh_freq = 600 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: n_bcast_buf = 256 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tcp_queue_limit = 64 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: real_hash_size = 256 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: virtual_hash_size = 256 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: client_connect_script = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: learn_address_script = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: client_disconnect_script = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: client_config_dir = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ccd_exclusive = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: tmp_dir = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: push_ifconfig_defined = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: push_ifconfig_local = 0.0.0.0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: push_ifconfig_remote_netmask = 0.0.0.0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: enable_c2c = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: duplicate_cn = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: cf_max = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: cf_per = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: max_clients = 1024 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: max_routes_per_client = 256 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: client_cert_not_required = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: username_as_common_name = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: auth_user_pass_verify_script = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: auth_user_pass_verify_script_via_file = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: port_share_host = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: port_share_port = 0 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: client = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: pull = DISABLED Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: auth_user_pass_file = '[UNDEF]' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: OpenVPN 2.1_rc11 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Sep 18 2008 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ******* WARNING *******: null MAC specified, no authentication will be used Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: /usr/bin/openssl-vulnkey -q -b 2048 -m <modulus omitted> Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: LZO compression initialized Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1520) Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: ROUTE default_gateway=186.201.43.9 Feb 19 13:50:09 condominio kernel: [14986.762914] tun0: Disabled Privacy Extensions Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: TUN/TAP device tun0 opened Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: TUN/TAP TX queue length set to 100 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: /sbin/ifconfig tun0 192.168.99.1 pointopoint 192.168.99.2 mtu 1520 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: /sbin/route add -net 172.16.2.0 netmask 255.255.255.0 gw 192.168.99.2 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: /sbin/route add -net 172.16.3.0 netmask 255.255.255.0 gw 192.168.99.2 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: /sbin/route add -net 172.16.4.0 netmask 255.255.255.0 gw 192.168.99.2 Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: Data Channel MTU parms [ L:1542 D:1450 EF:22 EB:135 ET:0 EL:0 AF:3/1 ] Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1520,proto UDPv4,ifconfig 192.168.99.2 192.168.99.1,comp-lzo,cipher BF-CBC,auth [null-digest],keysize 128,key-method 2,tls-client' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1520,proto UDPv4,ifconfig 192.168.99.1 192.168.99.2,comp-lzo,cipher BF-CBC,auth [null-digest],keysize 128,key-method 2,tls-server' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: Local Options hash (VER=V4): '8a2f147d' Feb 19 13:50:09 condominio ovpn-172-16-2[12379]: Expected Remote Options hash (VER=V4): '0ac8a69c' Feb 19 13:50:09 condominio ovpn-172-16-2[12388]: Socket Buffers: R=[124928->131072] S=[124928->131072] Feb 19 13:50:09 condominio ovpn-172-16-2[12388]: UDPv4 link local (bound): 186.201.43.10:7794 Feb 19 13:50:09 condominio ovpn-172-16-2[12388]: UDPv4 link remote: 186.201.43.18:7794 Feb 19 13:50:09 condominio ovpn-172-16-2[12388]: TLS: Initial packet from 186.201.43.18:7794, sid=8d6250dd 65f09020 Feb 19 13:50:09 condominio ovpn-172-16-2[12388]: VERIFY OK: depth=1, /C=BR/ST=SP/L=Sao_Paulo/O=riuma/OU=cities/CN=riuma_CA/emailAddress=audiepe...@gmail.com Feb 19 13:50:09 condominio ovpn-172-16-2[12388]: VERIFY OK: depth=0, /C=BR/ST=SP/L=Sao_Paulo/O=riuma/CN=cities/emailAddress=audiepe...@gmail.com Feb 19 13:50:09 condominio ovpn-172-16-2[12388]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Feb 19 13:50:09 condominio ovpn-172-16-2[12388]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Feb 19 13:50:09 condominio ovpn-172-16-2[12388]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA Feb 19 13:50:09 condominio ovpn-172-16-2[12388]: [cities] Peer Connection Initiated with 186.201.43.18:7794 Feb 19 13:50:10 condominio ovpn-172-16-2[12388]: Initialization Sequence Completed