In FW .57 keine OpenVPN-Verbindung

GrafHawk

Neuer User
Mitglied seit
7 Okt 2006
Beiträge
36
Punkte für Reaktionen
0
Punkte
6
Hallo,

in der Firmware .57 klappen bei mir keine OpenVPN-Verbindungen.
OpenVPN startet, ist auch wunderbar zu sehen im telnet (auf dem OpenVPN-Server) mit seinen 720k.
Nach Verbindungsaufbau wären es 780k, passiert aber nix.
Ist wohl überflüssig zu erwähnen, dass es bis FW .49 einwandfrei funktioniert hat.

Hat jemand eine Idee, was da anders geworden ist?

Achja, FTP geht natürlich...

Gruß Ulrich
 
Hi,

ein paar mehr Infos und Logs wären hilfreich. Am besten wäre, wenn du per Telnet den Server stoppst und dann im Vordergrund startest. Dazu müsstest du falls vorhanden ein "daemon" aus der Config rausnehmen:
Code:
killall openvpn
grep -v daemon /deine/alte/config > /var/tmp/ovpn.tmp
openvpn --config /var/tmp/ovpn.tmp
und dann mal sehen, was ein Verbindungsaufbau im log so "macht".

Vielleicht gibt es im Client-Log auch ein paar Hinweise?!?

Jörg
 
wär alles ganz einfach, wenn da ein Log wäre....

bei Verwendung mit der virtuellen Netzwerkkarte erhalte ich das hier:
Code:
May 12 10:04:08 dsld[884]: internet: 192.168.178.253 not an intern host, forward
rule "tcp 0.0.0.0:1194 192.168.178.253:1194 0 # OpenVPN" ignored

Ich hab auch die klassische Methode (Modifikation der ar7.cfg) versucht.
In beiden Fällen ist das hier die letzte Meldung:
Code:
Mon May 12 10:16:19 2008 us=109272 Listening for incoming TCP connection on [und
ef]:1194
Ans Client-Log komm ich zur Zeit nur dran, wenn OpenVPN läuft.

Es sieht irgendwie aus, als wenn das Forward nicht funktioniert.
Wenn das ein allgemeines Problem ist, müßten das doch auch andere haben, oder umgekehrt müßte es bei anderen funktionieren.

Wer weiß mehr?
 
Hallo Ulrich,

versuch es doch mal mit der "neuen" Notfall-IP 169.254.1.1 statt der 192.168.178.253. Vielleicht klappt es ja damit. :noidea:

Joe
 
Hallo,

Wenn das ein allgemeines Problem ist, müßten das doch auch andere haben, oder umgekehrt müßte es bei anderen funktionieren.
Dann werfe mal einen Blick ins freetz Forum rund um Virtual-IP. Das geht schon seit etlichen Versionen nicht mehr. Dropbear, Apache, OpenVPN ..., zu nahezu allen Einzelpaketen gibt es einen speziellen Thread zu Virtual-IP Problemen.

Außerdem arbeitet OpenVPN mir UDP, nicht mit TCP.
 
Was ich bisher rausgekriegt hab, ist, das wohl Virtual-IP im Augenblick gar nicht mehr geht.

Wenn ich jetzt die ar7.cfg modifiziere (IP der Box dort als Forward eintrage) nützt das auch nichts.

Bisher konnte ich keinen Connect-Versuch feststellen.

Das mit dem UDP verstehe ich nicht so ganz, mit der .49 funktionierte das mit TCP ganz ordentlich.
 
wär alles ganz einfach, wenn da ein Log wäre....
... dafür hatte ich ja oben eine "Anleitung" gepostet. Wenn du openvpn stoppst und neu (ohne daemon) startest, siehst du die Ausgaben des Programms, also quasi das Log.

In der Tat haben einige davon berichtet, dass das Portforwarding in den neueren Versionen nicht mehr so klappt (die Suche liefert da sicher einiges). Aber die Weiterleitung auf 0.0.0.0 müsste noch immer klappen, vielleicht versuchst du mal das hier (die einfache Variante sollte reichen), und trägst auch als Ziel die 0.0.0.0 ein.

Ob es das mit dem Portforwarding überhaupt ist kannst du recht einfach feststellen, indem du eine Verbindung "von innen", also aus dem LAN auf die Box aufbaust...


Jörg
 
Wie man ein Log kriegt, ist mir schon klar.
Ich meinte damit, dass nach der Meldung
Code:
Mon May 12 10:16:19 2008 us=109272 Listening for incoming TCP connection on [und
ef]:1194
keine weitere Meldung kam.

Aber ich hab das Problem gelöst.

Wie auch in http://www.ip-phone-forum.de/showpost.php?p=1094650&postcount=343 beschrieben, mußte ich nur das Subnetz von AVM-Standard (178 ) auf mein eigenes (56) ändern.
Also:
Code:
ifconfig eth0:1 192.168.56.253 netmask 255.255.255.0 broadcast 192.168.56.255 up
Eigentlich war das immer schon falsch, wird nur jetzt von der Fritz!-Box geprüft und nicht zugelassen.

Diese Änderung hab ich in der .49 gemacht und getestet und nach dem Upgade auf .57 funktionierte es einfach wieder.

Ich sag ja immer: Seltsam, kaum macht man es richtig, funktionierte es auch ...
 
Hallo,

meine Portfreigabe lief schon seit jeher via 0.0.0.0:443 -> 0.0.0.0:1194, dennoch kann ich seit dem Firmware Upgrade nicht mehr über VPN surfen.

Eine Verbindung herzustellen klappt jedoch nach wie vor hervorragend, damit sollte ich die Weiterleitung als Ursache eigentlich ausschließen können?
Die configs haben sich auch nicht geändert.
Kann es sein, dass die Fernwartung (deaktiviert!) aufgrund von https (443) irgendwie interne Probleme macht?
Ich kann nach der Verbindungsherstellung nicht ein mal 10.0.0.1 (VPN Netz: 10.0.0.0/24) pingen.

Grüße, Muldini
 
... ja, ich meine genau das gelesen zu haben, dass jetzt der Port 443 Probleme macht.
Schau doch mal in der ar7.cfg, ob da der Port noch irgendwo sonst drinsteht.

Jörg
 
Hallo,

in der ar7.cfg taucht der Port 443 nur zwei mal auf, beides sind meine Weiterleitungen (UDP & TCP)

forwardrules = "udp 0.0.0.0:5060 0.0.0.0:5060",
"tcp 0.0.0.0:443 0.0.0.0:1194 0 # OpenVPN",
"udp 0.0.0.0:443 0.0.0.0:1194 0 # OpenVPN";

Ein anderer Port (dank Proxy) kommt leider nicht in Frage, was kann ich nun tun?

Grüße
 
Tja, da der Verbindungsaufbau ja wohl auch klappt, bin ich etwas ratlos...
Kannst du evtl im Log was sehen?

Jörg
 
Nichts außergewöhnliches im Log, welches Level würdest du empfehlen? Dann poste ich hier mal einen Verbindungsaufbau.

Ich habe gerade mal die Fernwartung aktiviert, und die Option, diese über einen anderen Port aufzubauen, genutzt, aber auch dann funktioniert nicht mehr als der VPN-Verbindungsaufbau.

Grüße
 
Du könntest es mal mit verb 6 versuchen (in [noparse]
Code:
 ...
[/noparse]-Tags ist das ja nicht so wild, wenn es lang ist...)

Jörg
 
Na denn ... :)

Habe noch 2 kleine weitere Tests durchgeführt, UDP statt TCP sowie Portwechsel auf 444 (hätte nicht geholfen aber die Fernwartungstheorie unterstützt).


Hier also die Logs:

Code:
Tue May 27 21:10:08 2008 us=695440 Current Parameter Settings:
Tue May 27 21:10:09 2008 us=111664   config = 'path/conf.conf'
Tue May 27 21:10:09 2008 us=112734   mode = 1
Tue May 27 21:10:09 2008 us=122947   persist_config = DISABLED
Tue May 27 21:10:09 2008 us=125051   persist_mode = 1
Tue May 27 21:10:09 2008 us=126064   show_ciphers = DISABLED
Tue May 27 21:10:09 2008 us=127075   show_digests = DISABLED
Tue May 27 21:10:09 2008 us=128194   show_engines = DISABLED
Tue May 27 21:10:09 2008 us=129219   genkey = DISABLED
Tue May 27 21:10:09 2008 us=130771   key_pass_file = '[UNDEF]'
Tue May 27 21:10:09 2008 us=131845   show_tls_ciphers = DISABLED
Tue May 27 21:10:09 2008 us=132854   proto = 1
Tue May 27 21:10:09 2008 us=134658   local = '[UNDEF]'
Tue May 27 21:10:09 2008 us=135676   remote_list = NULL
Tue May 27 21:10:09 2008 us=136681   remote_random = DISABLED
Tue May 27 21:10:09 2008 us=137697   local_port = 1194
Tue May 27 21:10:09 2008 us=139311   remote_port = 1194
Tue May 27 21:10:09 2008 us=140313   remote_float = ENABLED
Tue May 27 21:10:09 2008 us=141321   ipchange = '[UNDEF]'
Tue May 27 21:10:09 2008 us=142325   bind_defined = DISABLED
Tue May 27 21:10:09 2008 us=143335   bind_local = ENABLED
Tue May 27 21:10:09 2008 us=145298   dev = 'tun'
Tue May 27 21:10:09 2008 us=146857   dev_type = '[UNDEF]'
Tue May 27 21:10:09 2008 us=147893   dev_node = '/var/tmp/tun0'
Tue May 27 21:10:09 2008 us=148897   lladdr = '[UNDEF]'
Tue May 27 21:10:09 2008 us=149904   topology = 3
Tue May 27 21:10:09 2008 us=151229   tun_ipv6 = DISABLED
Tue May 27 21:10:09 2008 us=152242   ifconfig_local = '10.0.0.1'
Tue May 27 21:10:09 2008 us=153255   ifconfig_remote_netmask = '255.255.255.0'
Tue May 27 21:10:09 2008 us=155683   ifconfig_noexec = DISABLED
Tue May 27 21:10:09 2008 us=156703   ifconfig_nowarn = DISABLED
Tue May 27 21:10:09 2008 us=157717   shaper = 0
Tue May 27 21:10:09 2008 us=158711   tun_mtu = 1500
Tue May 27 21:10:09 2008 us=159701   tun_mtu_defined = ENABLED
Tue May 27 21:10:09 2008 us=160713   link_mtu = 1500
Tue May 27 21:10:09 2008 us=161699   link_mtu_defined = DISABLED
Tue May 27 21:10:09 2008 us=163319   tun_mtu_extra = 0
Tue May 27 21:10:09 2008 us=165337   tun_mtu_extra_defined = DISABLED
Tue May 27 21:10:09 2008 us=166361   fragment = 0
Tue May 27 21:10:09 2008 us=167351   mtu_discover_type = -1
Tue May 27 21:10:09 2008 us=168350   mtu_test = 0
Tue May 27 21:10:09 2008 us=169327   mlock = DISABLED
Tue May 27 21:10:09 2008 us=170861   keepalive_ping = 0
Tue May 27 21:10:09 2008 us=171922   keepalive_timeout = 0
Tue May 27 21:10:09 2008 us=172923   inactivity_timeout = 0
Tue May 27 21:10:09 2008 us=174864   ping_send_timeout = 10
Tue May 27 21:10:09 2008 us=177534   ping_rec_timeout = 60
Tue May 27 21:10:09 2008 us=178574   ping_rec_timeout_action = 2
Tue May 27 21:10:09 2008 us=180102   ping_timer_remote = DISABLED
Tue May 27 21:10:09 2008 us=181126   remap_sigusr1 = 0
Tue May 27 21:10:09 2008 us=182111 NOTE: --mute triggered...
Tue May 27 21:10:09 2008 us=183298 191 variation(s) on previous 50 message(s) suppressed by --mute
Tue May 27 21:10:09 2008 us=185489 OpenVPN 2.1_rc1 mipsel-linux [SSL] [LZO2] [EPOLL] built on Jan  5 2007
Tue May 27 21:10:09 2008 us=189210 WARNING: --keepalive option is missing from server config
Tue May 27 21:10:11 2008 us=279598 Diffie-Hellman initialized with 65747567 bit key
Tue May 27 21:10:11 2008 us=292530 WARNING: file 'path/key.key' is group or others               accessible
Tue May 27 21:10:11 2008 us=311696 TLS-Auth MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue May 27 21:10:11 2008 us=326939 TUN/TAP device tun0 opened
Tue May 27 21:10:11 2008 us=328504 TUN/TAP TX queue length set to 100
Tue May 27 21:10:11 2008 us=330155 /sbin/ifconfig tun0 10.0.0.1 netmask 255.255.255.0 mtu 1500 broadcast 10.0.0.255
Tue May 27 21:10:11 2008 us=707523 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Tue May 27 21:10:11 2008 us=710932 nice 1 succeeded
Tue May 27 21:10:11 2008 us=712682 Listening for incoming TCP connection on [undef]:1194
Tue May 27 21:10:11 2008 us=714502 Socket Buffers: R=[43689->131072] S=[16384->131072]
Tue May 27 21:10:11 2008 us=717288 TCPv4_SERVER link local (bound): [undef]:1194
Tue May 27 21:10:11 2008 us=718681 TCPv4_SERVER link remote: [undef]
Tue May 27 21:10:11 2008 us=917557 MULTI: multi_init called, r=256 v=256
Tue May 27 21:10:11 2008 us=919385 IFCONFIG POOL: base=10.0.0.2 size=9
Tue May 27 21:10:11 2008 us=921626 MULTI: TCP INIT maxclients=1024 maxevents=1028
Tue May 27 21:10:11 2008 us=923306 Initialization Sequence Completed
Tue May 27 21:11:15 2008 us=684712 MULTI: multi_create_instance called
Tue May 27 21:11:15 2008 us=686591 Re-using SSL/TLS context
Tue May 27 21:11:15 2008 us=801100 LZO compression initialized
Tue May 27 21:11:16 2008 us=20644 Control Channel MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue May 27 21:11:16 2008 us=22614 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Tue May 27 21:11:16 2008 us=25067 Local Options String: 'V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo              ,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Tue May 27 21:11:16 2008 us=26100 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_CLIEN              T,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Tue May 27 21:11:16 2008 us=330177 Local Options hash (VER=V4): '79ef4284'
Tue May 27 21:11:16 2008 us=331882 Expected Remote Options hash (VER=V4): '958c5492'
Tue May 27 21:11:16 2008 us=333412 TCP connection established with ip_adresse:2572
Tue May 27 21:11:16 2008 us=334460 Socket Buffers: R=[131072->131072] S=[131072->131072]
Tue May 27 21:11:16 2008 us=335512 TCPv4_SERVER link local: [undef]
Tue May 27 21:11:16 2008 us=337102 TCPv4_SERVER link remote: ip_adresse:2572
Tue May 27 21:11:16 2008 us=578644 ip_adresse:2572 TCPv4_SERVER READ [14] from ip_adresse:2572: P_CONTROL_HARD_RESET_CLIE              NT_V2 kid=0 [ ] pid=0 DATA len=0
Tue May 27 21:11:16 2008 us=581451 ip_adresse:2572 TLS: Initial packet from ip_adresse:2572, sid=c912cac5 a155d65e
Tue May 27 21:11:16 2008 us=583166 ip_adresse:2572 TCPv4_SERVER WRITE [26] to ip_adresse:2572: P_CONTROL_HARD_RESET_SERVE              R_V2 kid=0 [ 0 ] pid=0 DATA len=0
Tue May 27 21:11:16 2008 us=588637 ip_adresse:2572 TCPv4_SERVER READ [22] from ip_adresse:2572: P_ACK_V1 kid=0 [ 0 ]
Tue May 27 21:11:16 2008 us=593064 ip_adresse:2572 TCPv4_SERVER READ [100] from ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] p              id=1 DATA len=86
Tue May 27 21:11:19 2008 us=159756 ip_adresse:2572 TCPv4_SERVER WRITE [126] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ 1 ]               pid=1 DATA len=100
Tue May 27 21:11:19 2008 us=163469 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=2 DATA len=100
Tue May 27 21:11:19 2008 us=165523 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=3 DATA len=100
Tue May 27 21:11:19 2008 us=167540 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=4 DATA len=100
Tue May 27 21:11:19 2008 us=171336 ip_adresse:2572 TCPv4_SERVER READ [100] from ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] p              id=1 DATA len=86
Tue May 27 21:11:19 2008 us=173165 ip_adresse:2572 TCPv4_SERVER WRITE [22] to ip_adresse:2572: P_ACK_V1 kid=0 [ 1 ]
Tue May 27 21:11:19 2008 us=203985 ip_adresse:2572 TCPv4_SERVER READ [22] from ip_adresse:2572: P_ACK_V1 kid=0 [ 1 ]
Tue May 27 21:11:19 2008 us=206854 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=5 DATA len=100
Tue May 27 21:11:19 2008 us=211774 ip_adresse:2572 TCPv4_SERVER READ [22] from ip_adresse:2572: P_ACK_V1 kid=0 [ 2 ]
Tue May 27 21:11:19 2008 us=213775 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=6 DATA len=100
Tue May 27 21:11:19 2008 us=216852 ip_adresse:2572 TCPv4_SERVER READ [26] from ip_adresse:2572: P_ACK_V1 kid=0 [ 3 4 ]
Tue May 27 21:11:19 2008 us=220493 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=7 DATA len=100
Tue May 27 21:11:19 2008 us=224184 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=8 DATA len=100
Tue May 27 21:11:19 2008 us=226646 ip_adresse:2572 TCPv4_SERVER READ [22] from ip_adresse:2572: P_ACK_V1 kid=0 [ 5 ]
Tue May 27 21:11:19 2008 us=232852 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=9 DATA len=100
Tue May 27 21:11:19 2008 us=235504 ip_adresse:2572 TCPv4_SERVER READ [22] from ip_adresse:2572: P_ACK_V1 kid=0 [ 6 ]
Tue May 27 21:11:19 2008 us=238361 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=10 DATA len=100
Tue May 27 21:11:19 2008 us=242120 ip_adresse:2572 TCPv4_SERVER READ [22] from ip_adresse:2572: P_ACK_V1 kid=0 [ 7 ]
Tue May 27 21:11:19 2008 us=244976 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=11 DATA len=100
Tue May 27 21:11:19 2008 us=247609 ip_adresse:2572 TCPv4_SERVER READ [22] from ip_adresse:2572: P_ACK_V1 kid=0 [ 8 ]
Tue May 27 21:11:19 2008 us=252495 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=12 DATA len=100
Tue May 27 21:11:19 2008 us=254985 ip_adresse:2572 TCPv4_SERVER READ [22] from ip_adresse:2572: P_ACK_V1 kid=0 [ 9 ]
Tue May 27 21:11:19 2008 us=258286 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=13 DATA len=100
Tue May 27 21:11:19 2008 us=262599 ip_adresse:2572 TCPv4_SERVER READ [22] from ip_adresse:2572: P_ACK_V1 kid=0 [ 10 ]
Tue May 27 21:11:19 2008 us=266087 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=14 DATA len=100
Tue May 27 21:11:19 2008 us=268563 ip_adresse:2572 TCPv4_SERVER READ [22] from ip_adresse:2572: P_ACK_V1 kid=0 [ 11 ]
Tue May 27 21:11:19 2008 us=273180 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=15 DATA len=100
Tue May 27 21:11:19 2008 us=275651 ip_adresse:2572 TCPv4_SERVER READ [22] from ip_adresse:2572: P_ACK_V1 kid=0 [ 12 ]
Tue May 27 21:11:19 2008 us=278521 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=16 DATA len=100
Tue May 27 21:11:19 2008 us=282529 ip_adresse:2572 TCPv4_SERVER READ [22] from ip_adresse:2572: P_ACK_V1 kid=0 [ 13 ]
Tue May 27 21:11:19 2008 us=285410 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=17 DATA len=100
Tue May 27 21:11:19 2008 us=287882 ip_adresse:2572 TCPv4_SERVER READ [22] from ip_adresse:2572: P_ACK_V1 kid=0 [ 14 ]
Tue May 27 21:11:19 2008 us=292164 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=18 DATA len=100
Tue May 27 21:11:19 2008 us=294656 ip_adresse:2572 TCPv4_SERVER READ [22] from ip_adresse:2572: P_ACK_V1 kid=0 [ 15 ]
Tue May 27 21:11:19 2008 us=298323 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=19 DATA len=100
Tue May 27 21:11:19 2008 us=302291 ip_adresse:2572 TCPv4_SERVER READ [22] from ip_adresse:2572: P_ACK_V1 kid=0 [ 16 ]
Tue May 27 21:11:19 2008 us=305680 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=20 DATA len=100
Tue May 27 21:11:19 2008 us=308156 ip_adresse:2572 TCPv4_SERVER READ [22] from ip_adresse:2572: P_ACK_V1 kid=0 [ 17 ]
Tue May 27 21:11:19 2008 us=312104 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=21 DATA len=100
Tue May 27 21:11:19 2008 us=315096 ip_adresse:2572 TCPv4_SERVER READ [22] from ip_adresse:2572: P_ACK_V1 kid=0 [ 18 ]
Tue May 27 21:11:19 2008 us=317924 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=22 DATA len=100
Tue May 27 21:11:19 2008 us=321888 ip_adresse:2572 TCPv4_SERVER READ [22] from ip_adresse:2572: P_ACK_V1 kid=0 [ 19 ]
Tue May 27 21:11:19 2008 us=324681 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=23 DATA len=100
Tue May 27 21:11:19 2008 us=327155 ip_adresse:2572 TCPv4_SERVER READ [22] from ip_adresse:2572: P_ACK_V1 kid=0 [ 20 ]
Tue May 27 21:11:19 2008 us=330594 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=24 DATA len=100
Tue May 27 21:11:19 2008 us=332682 ip_adresse:2572 TCPv4_SERVER READ [22] from ip_adresse:2572: P_ACK_V1 kid=0 [ 21 ]
Tue May 27 21:11:19 2008 us=335194 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=25 DATA len=100
Tue May 27 21:11:19 2008 us=337376 ip_adresse:2572 NOTE: --mute triggered...
Tue May 27 21:11:20 2008 us=235405 ip_adresse:2572 59 variation(s) on previous 50 message(s) suppressed by --mute
Tue May 27 21:11:20 2008 us=236760 ip_adresse:2572 VERIFY OK: depth=1, .....
Tue May 27 21:11:20 2008 us=255270 ip_adresse:2572 VERIFY OK: depth=0, .....
Tue May 27 21:11:20 2008 us=257696 ip_adresse:2572 TCPv4_SERVER WRITE [22] to ip_adresse:2572: P_ACK_V1 kid=0 [ 23 ]
Tue May 27 21:11:20 2008 us=261911 ip_adresse:2572 TCPv4_SERVER READ [114] from ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] p              id=24 DATA len=100
Tue May 27 21:11:20 2008 us=263988 ip_adresse:2572 TCPv4_SERVER WRITE [22] to ip_adresse:2572: P_ACK_V1 kid=0 [ 24 ]
Tue May 27 21:11:20 2008 us=267139 ip_adresse:2572 TCPv4_SERVER READ [114] from ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] p              id=25 DATA len=100
Tue May 27 21:11:20 2008 us=271247 ip_adresse:2572 TCPv4_SERVER WRITE [22] to ip_adresse:2572: P_ACK_V1 kid=0 [ 25 ]
Tue May 27 21:11:20 2008 us=274258 ip_adresse:2572 TCPv4_SERVER READ [114] from ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] p              id=26 DATA len=100
Tue May 27 21:11:22 2008 us=86571 ip_adresse:2572 TCPv4_SERVER WRITE [22] to ip_adresse:2572: P_ACK_V1 kid=0 [ 26 ]
Tue May 27 21:11:22 2008 us=91358 ip_adresse:2572 TCPv4_SERVER READ [114] from ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=27 DATA len=100
Tue May 27 21:11:22 2008 us=93418 ip_adresse:2572 TCPv4_SERVER WRITE [22] to ip_adresse:2572: P_ACK_V1 kid=0 [ 27 ]
Tue May 27 21:11:22 2008 us=95352 ip_adresse:2572 TCPv4_SERVER READ [114] from ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=28 DATA len=100
Tue May 27 21:11:22 2008 us=97947 ip_adresse:2572 TCPv4_SERVER WRITE [22] to ip_adresse:2572: P_ACK_V1 kid=0 [ 28 ]
Tue May 27 21:11:22 2008 us=101286 ip_adresse:2572 TCPv4_SERVER READ [89] from ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=29 DATA len=75
Tue May 27 21:11:22 2008 us=127355 ip_adresse:2572 TCPv4_SERVER WRITE [85] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ 29 ]               pid=33 DATA len=59
Tue May 27 21:11:22 2008 us=135370 ip_adresse:2572 TCPv4_SERVER READ [114] from ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] p              id=27 DATA len=100
Tue May 27 21:11:22 2008 us=138469 ip_adresse:2572 TCPv4_SERVER WRITE [22] to ip_adresse:2572: P_ACK_V1 kid=0 [ 27 ]
Tue May 27 21:11:22 2008 us=141750 ip_adresse:2572 TCPv4_SERVER READ [114] from ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] p              id=28 DATA len=100
Tue May 27 21:11:22 2008 us=144919 ip_adresse:2572 TCPv4_SERVER WRITE [22] to ip_adresse:2572: P_ACK_V1 kid=0 [ 28 ]
Tue May 27 21:11:22 2008 us=147218 ip_adresse:2572 TCPv4_SERVER READ [89] from ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=29 DATA len=75
Tue May 27 21:11:22 2008 us=150928 ip_adresse:2572 TCPv4_SERVER WRITE [22] to ip_adresse:2572: P_ACK_V1 kid=0 [ 29 ]
Tue May 27 21:11:22 2008 us=153286 ip_adresse:2572 TCPv4_SERVER READ [126] from ip_adresse:2572: P_CONTROL_V1 kid=0 [ 33               ] pid=30 DATA len=100
Tue May 27 21:11:22 2008 us=155506 ip_adresse:2572 TCPv4_SERVER WRITE [22] to ip_adresse:2572: P_ACK_V1 kid=0 [ 30 ]
Tue May 27 21:11:22 2008 us=157060 ip_adresse:2572 TCPv4_SERVER READ [114] from ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] p              id=31 DATA len=100
Tue May 27 21:11:22 2008 us=159702 ip_adresse:2572 TCPv4_SERVER WRITE [22] to ip_adresse:2572: P_ACK_V1 kid=0 [ 31 ]
Tue May 27 21:11:22 2008 us=161826 ip_adresse:2572 TCPv4_SERVER READ [114] from ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] p              id=32 DATA len=100
Tue May 27 21:11:22 2008 us=163556 ip_adresse:2572 TCPv4_SERVER WRITE [22] to ip_adresse:2572: P_ACK_V1 kid=0 [ 32 ]
Tue May 27 21:11:22 2008 us=165100 ip_adresse:2572 TCPv4_SERVER READ [44] from ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=33 DATA len=30
Tue May 27 21:11:22 2008 us=173947 ip_adresse:2572 Data Channel Encrypt: Cipher '...' initialized with... bit key
Tue May 27 21:11:22 2008 us=175125 ip_adresse:2572 Data Channel Encrypt: Using ....bit message hash '....' for HMAC authenti              cation
Tue May 27 21:11:22 2008 us=176869 ip_adresse:2572 Data Channel Decrypt: Cipher '....' initialized with ...bit key
Tue May 27 21:11:22 2008 us=178360 ip_adresse:2572 Data Channel Decrypt: Using ....bit message hash '....' for HMAC authenti              cation
Tue May 27 21:11:22 2008 us=182173 ip_adresse:2572 TCPv4_SERVER WRITE [126] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ 33 ]               pid=34 DATA len=100
Tue May 27 21:11:22 2008 us=183842 ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pi              d=35 DATA len=100
Tue May 27 21:11:22 2008 us=186057 ip_adresse:2572 TCPv4_SERVER WRITE [96] to ip_adresse:2572: P_CONTROL_V1 kid=0 [ ] pid              =36 DATA len=82
Tue May 27 21:11:22 2008 us=322341 ip_adresse:2572 TCPv4_SERVER READ [22] from ip_adresse:2572: P_ACK_V1 kid=0 [ 34 ]
Tue May 27 21:11:22 2008 us=362946 ip_adresse:2572 TCPv4_SERVER READ [26] from ip_adresse:2572: P_ACK_V1 kid=0 [ 35 36 ]
Tue May 27 21:11:22 2008 us=364244 ip_adresse:2572 Control Channel: TLSv1, cipher TLSv1/SSLv3 ......., 567457567bit R              SA
Tue May 27 21:11:22 2008 us=365622 ip_adresse:2572 [pc_name] Peer Connection Initiated with ip_adresse:2572
Tue May 27 21:11:22 2008 us=368061 pc_name/ip_adresse:2572 MULTI: Learn: 10.0.0.2 -> pc_name/ip_adresse:2572
Tue May 27 21:11:22 2008 us=370637 pc_name/ip_adresse:2572 MULTI: primary virtual IP for pc_name/ip_adresse:2572: 10.0.0.              2
Tue May 27 21:11:23 2008 us=466270 pc_name/ip_adresse:2572 TCPv4_SERVER READ [104] from ip_adresse:2572: P_CONTROL_V1 kid              =0 [ ] pid=34 DATA len=90
Tue May 27 21:11:23 2008 us=470150 pc_name/ip_adresse:2572 PUSH: Received control message: 'PUSH_REQUEST'
Tue May 27 21:11:23 2008 us=472879 pc_name/ip_adresse:2572 SENT CONTROL [pc_name]: 'PUSH_REPLY,ping 15,ping-restart 60,route               192.168.75.0 255.255.255.0,route-gateway 10.0.0.1,redirect-gateway,topology subnet,dhcp-option DNS 192.168.75.1,ifconfig 10.0.              0.2 255.255.255.0' (status=1)
Tue May 27 21:11:23 2008 us=474316 pc_name/ip_adresse:2572 TCPv4_SERVER WRITE [22] to ip_adresse:2572: P_ACK_V1 kid=0 [ 3              4 ]
Tue May 27 21:11:23 2008 us=476733 pc_name/ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=              0 [ ] pid=37 DATA len=100
Tue May 27 21:11:23 2008 us=478425 pc_name/ip_adresse:2572 TCPv4_SERVER WRITE [114] to ip_adresse:2572: P_CONTROL_V1 kid=              0 [ ] pid=38 DATA len=100
Tue May 27 21:11:23 2008 us=481407 pc_name/ip_adresse:2572 TCPv4_SERVER WRITE [64] to ip_adresse:2572: P_CONTROL_V1 kid=0               [ ] pid=39 DATA len=50
Tue May 27 21:11:23 2008 us=687952 pc_name/ip_adresse:2572 TCPv4_SERVER READ [22] from ip_adresse:2572: P_ACK_V1 kid=0 [               37 ]
Tue May 27 21:11:23 2008 us=722920 pc_name/ip_adresse:2572 TCPv4_SERVER READ [26] from ip_adresse:2572: P_ACK_V1 kid=0 [               38 39 ]
Tue May 27 21:11:30 2008 us=340147 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:30 2008 us=353475 pc_name/ip_adresse:2572 TUN WRITE [59]
Tue May 27 21:11:30 2008 us=479736 pc_name/ip_adresse:2572 TCPv4_SERVER READ [85] from ip_adresse:2572: P_DATA_V1 kid=0 D              ATA len=84
Tue May 27 21:11:30 2008 us=481682 pc_name/ip_adresse:2572 MULTI: bad source address from client [192.168.75.36], packet dro              pped
Tue May 27 21:11:30 2008 us=624087 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:30 2008 us=626312 pc_name/ip_adresse:2572 TUN WRITE [64]
Tue May 27 21:11:31 2008 us=41603 pc_name/ip_adresse:2572 TCPv4_SERVER READ [85] from ip_adresse:2572: P_DATA_V1 kid=0 DA              TA len=84
Tue May 27 21:11:31 2008 us=43044 pc_name/ip_adresse:2572 MULTI: bad source address from client [192.168.75.36], packet drop              ped
Tue May 27 21:11:31 2008 us=333505 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:31 2008 us=337009 pc_name/ip_adresse:2572 TUN WRITE [59]
Tue May 27 21:11:31 2008 us=340391 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:31 2008 us=341999 pc_name/ip_adresse:2572 TUN WRITE [59]
Tue May 27 21:11:31 2008 us=553036 pc_name/ip_adresse:2572 TCPv4_SERVER READ [85] from ip_adresse:2572: P_DATA_V1 kid=0 D              ATA len=84
Tue May 27 21:11:31 2008 us=554475 pc_name/ip_adresse:2572 MULTI: bad source address from client [192.168.75.36], packet dro              pped
Tue May 27 21:11:31 2008 us=631728 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:31 2008 us=633836 pc_name/ip_adresse:2572 TUN WRITE [64]
Tue May 27 21:11:31 2008 us=636402 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:31 2008 us=638001 pc_name/ip_adresse:2572 TUN WRITE [64]
Tue May 27 21:11:32 2008 us=346775 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:32 2008 us=350976 pc_name/ip_adresse:2572 TUN WRITE [59]
Tue May 27 21:11:32 2008 us=354056 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:32 2008 us=355661 pc_name/ip_adresse:2572 TUN WRITE [59]
Tue May 27 21:11:32 2008 us=636597 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:32 2008 us=640908 pc_name/ip_adresse:2572 TUN WRITE [64]
Tue May 27 21:11:32 2008 us=643478 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:32 2008 us=645075 pc_name/ip_adresse:2572 TUN WRITE [64]
Tue May 27 21:11:33 2008 us=191763 pc_name/ip_adresse:2572 TCPv4_SERVER READ [85] from ip_adresse:2572: P_DATA_V1 kid=0 D              ATA len=84
Tue May 27 21:11:33 2008 us=193766 pc_name/ip_adresse:2572 MULTI: bad source address from client [192.168.75.36], packet dro              pped
Tue May 27 21:11:33 2008 us=195428 pc_name/ip_adresse:2572 TCPv4_SERVER WRITE [69] to ip_adresse:2572: P_DATA_V1 kid=0 DA              TA len=68
Tue May 27 21:11:34 2008 us=355748 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:34 2008 us=357352 pc_name/ip_adresse:2572 TUN WRITE [59]
Tue May 27 21:11:34 2008 us=393288 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:34 2008 us=394894 pc_name/ip_adresse:2572 TUN WRITE [59]
Tue May 27 21:11:34 2008 us=642080 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:34 2008 us=645055 pc_name/ip_adresse:2572 TUN WRITE [64]
Tue May 27 21:11:34 2008 us=647608 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:34 2008 us=650938 pc_name/ip_adresse:2572 TUN WRITE [64]
Tue May 27 21:11:36 2008 us=380516 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:36 2008 us=383515 pc_name/ip_adresse:2572 TUN WRITE [60]
Tue May 27 21:11:36 2008 us=386004 pc_name/ip_adresse:2572 TCPv4_SERVER READ [85] from ip_adresse:2572: P_DATA_V1 kid=0 D              ATA len=84
Tue May 27 21:11:36 2008 us=387473 pc_name/ip_adresse:2572 MULTI: bad source address from client [192.168.75.36], packet dro              pped
Tue May 27 21:11:38 2008 us=372052 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:38 2008 us=375017 pc_name/ip_adresse:2572 TUN WRITE [59]
Tue May 27 21:11:38 2008 us=378109 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:38 2008 us=380788 pc_name/ip_adresse:2572 TUN WRITE [59]
Tue May 27 21:11:38 2008 us=704012 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:38 2008 us=707598 pc_name/ip_adresse:2572 TUN WRITE [64]
Tue May 27 21:11:38 2008 us=711279 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:38 2008 us=713479 pc_name/ip_adresse:2572 TUN WRITE [64]
Tue May 27 21:11:41 2008 us=871035 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:41 2008 us=873223 pc_name/ip_adresse:2572 TUN WRITE [60]
Tue May 27 21:11:43 2008 us=22509 pc_name/ip_adresse:2572 TCPv4_SERVER READ [85] from ip_adresse:2572: P_DATA_V1 kid=0 DA              TA len=84
Tue May 27 21:11:43 2008 us=24550 pc_name/ip_adresse:2572 MULTI: bad source address from client [192.168.75.36], packet drop              ped
Tue May 27 21:11:43 2008 us=26210 pc_name/ip_adresse:2572 TCPv4_SERVER WRITE [69] to ip_adresse:2572: P_DATA_V1 kid=0 DAT              A len=68
Tue May 27 21:11:45 2008 us=681870 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:45 2008 us=683475 pc_name/ip_adresse:2572 TUN WRITE [64]
Tue May 27 21:11:46 2008 us=683097 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:46 2008 us=686072 pc_name/ip_adresse:2572 TUN WRITE [64]
Tue May 27 21:11:46 2008 us=690924 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:46 2008 us=692526 pc_name/ip_adresse:2572 TUN WRITE [64]
Tue May 27 21:11:47 2008 us=377821 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:47 2008 us=380215 pc_name/ip_adresse:2572 TUN WRITE [60]
Tue May 27 21:11:47 2008 us=686978 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:47 2008 us=692419 pc_name/ip_adresse:2572 TUN WRITE [64]
Tue May 27 21:11:47 2008 us=695017 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:47 2008 us=697150 pc_name/ip_adresse:2572 TUN WRITE [64]
Tue May 27 21:11:49 2008 us=687394 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:49 2008 us=691957 pc_name/ip_adresse:2572 TUN WRITE [64]
Tue May 27 21:11:49 2008 us=693999 pc_name/ip_adresse:2572 TCPv4_SERVER READ [117] from ip_adresse:2572: P_DATA_V1 kid=0               DATA len=116
Tue May 27 21:11:49 2008 us=695072 pc_name/ip_adresse:2572 TUN WRITE [64]
Tue May 27 21:11:52 2008 us=101189 pc_name/ip_adresse:2572 Connection reset, restarting [-1]
Tue May 27 21:11:52 2008 us=102053 pc_name/ip_adresse:2572 SIGUSR1[soft,connection-reset] received, client-instance restarti              ng
Tue May 27 21:11:52 2008 us=106591 TCP/UDP: Closing socket

Hoffe alles "wichtige "unkenntlich gemacht zu haben, falls das hier nichts aussagt kann ich auch gerne nochmal die configs posten, wobei diese unverändert vor dem Firmwareupgrade liefen.

Grüße
 
O.k.,

das erste was auffällt: "MULTI: bad source address from client [192.168.75.36]". Du nutzt scheinbar eine Multi-Client(-fähige) TUN-Umgebung ohne "iroute" Parameter...

Und der Ping vom Client direkt auf die VPN-IP (10.0.0.1) tut es auch nicht?
Auffälligkeiten im Client-Log?

Jörg
 
Hmm, bin mir nicht sicher was das bedeutet, ich habe gerade gesehen dass in der server.conf der Eintrag "max-clients 4" auskommentiert war, das war er aber auch schon vor dem Firmwareupgrade, daran sollte es also nicht liegen.

Ping an 10.0.0.1 klappt nicht. (Das verwundert mich von Anfang an?!?)

/Edit
Kann der Fehler (multi source) davon kommen, dass ich von "intern" teste? Ich habs aber auch schon über das WLAN des Nachbarn probiert um auszuschließen dass es daran liegt, also das generelle Problem, nicht das multi source "Problem", sofern es eines ist.

Client-Log:
Code:
Tue May 27 21:44:10 2008 us=187000 Current Parameter Settings:
Tue May 27 21:44:10 2008 us=187000   config = 'conf.ovpn'
Tue May 27 21:44:10 2008 us=187000   mode = 0
Tue May 27 21:44:10 2008 us=187000   show_ciphers = DISABLED
Tue May 27 21:44:10 2008 us=187000   show_digests = DISABLED
Tue May 27 21:44:10 2008 us=187000   show_engines = DISABLED
Tue May 27 21:44:10 2008 us=187000   genkey = DISABLED
Tue May 27 21:44:10 2008 us=187000   key_pass_file = '[UNDEF]'
Tue May 27 21:44:10 2008 us=187000   show_tls_ciphers = DISABLED
Tue May 27 21:44:10 2008 us=187000   proto = 2
Tue May 27 21:44:10 2008 us=187000   local = '[UNDEF]'
Tue May 27 21:44:10 2008 us=187000   remote_list[0] = {'adresse', port}
Tue May 27 21:44:10 2008 us=187000   remote_random = DISABLED
Tue May 27 21:44:10 2008 us=187000   local_port = 0
Tue May 27 21:44:10 2008 us=187000   remote_port = 1194
Tue May 27 21:44:10 2008 us=187000   remote_float = DISABLED
Tue May 27 21:44:10 2008 us=187000   ipchange = '[UNDEF]'
Tue May 27 21:44:10 2008 us=187000   bind_defined = DISABLED
Tue May 27 21:44:10 2008 us=187000   bind_local = DISABLED
Tue May 27 21:44:10 2008 us=187000   dev = 'tun'
Tue May 27 21:44:10 2008 us=187000   dev_type = '[UNDEF]'
Tue May 27 21:44:10 2008 us=187000   dev_node = 'VPN_0'
Tue May 27 21:44:10 2008 us=187000   lladdr = '[UNDEF]'
Tue May 27 21:44:10 2008 us=187000   topology = 1
Tue May 27 21:44:10 2008 us=187000   tun_ipv6 = DISABLED
Tue May 27 21:44:10 2008 us=187000   ifconfig_local = '[UNDEF]'
Tue May 27 21:44:10 2008 us=187000   ifconfig_remote_netmask = '[UNDEF]'
Tue May 27 21:44:10 2008 us=187000   ifconfig_noexec = DISABLED
Tue May 27 21:44:10 2008 us=187000   ifconfig_nowarn = DISABLED
Tue May 27 21:44:10 2008 us=187000   shaper = 0
Tue May 27 21:44:10 2008 us=187000   tun_mtu = 1500
Tue May 27 21:44:10 2008 us=187000   tun_mtu_defined = ENABLED
Tue May 27 21:44:10 2008 us=187000   link_mtu = 1500
Tue May 27 21:44:10 2008 us=187000   link_mtu_defined = DISABLED
Tue May 27 21:44:10 2008 us=187000   tun_mtu_extra = 0
Tue May 27 21:44:10 2008 us=187000   tun_mtu_extra_defined = DISABLED
Tue May 27 21:44:10 2008 us=187000   fragment = 0
Tue May 27 21:44:10 2008 us=187000   mtu_discover_type = -1
Tue May 27 21:44:10 2008 us=187000   mtu_test = 0
Tue May 27 21:44:10 2008 us=187000   mlock = DISABLED
Tue May 27 21:44:10 2008 us=187000   keepalive_ping = 0
Tue May 27 21:44:10 2008 us=187000   keepalive_timeout = 0
Tue May 27 21:44:10 2008 us=187000   inactivity_timeout = 0
Tue May 27 21:44:10 2008 us=187000   ping_send_timeout = 10
Tue May 27 21:44:10 2008 us=187000   ping_rec_timeout = 60
Tue May 27 21:44:10 2008 us=187000   ping_rec_timeout_action = 2
Tue May 27 21:44:10 2008 us=187000   ping_timer_remote = DISABLED
Tue May 27 21:44:10 2008 us=187000   remap_sigusr1 = 0
Tue May 27 21:44:10 2008 us=187000   explicit_exit_notification = 0
Tue May 27 21:44:10 2008 us=187000   persist_tun = ENABLED
Tue May 27 21:44:10 2008 us=187000   persist_local_ip = DISABLED
Tue May 27 21:44:10 2008 us=187000   persist_remote_ip = DISABLED
Tue May 27 21:44:10 2008 us=187000   persist_key = ENABLED
Tue May 27 21:44:10 2008 us=187000   mssfix = 1450
Tue May 27 21:44:10 2008 us=187000   resolve_retry_seconds = 1000000000
Tue May 27 21:44:10 2008 us=187000   connect_retry_seconds = 5
Tue May 27 21:44:10 2008 us=187000   connect_timeout = 10
Tue May 27 21:44:10 2008 us=187000   connect_retry_max = 0
Tue May 27 21:44:10 2008 us=187000   username = '[UNDEF]'
Tue May 27 21:44:10 2008 us=187000   groupname = '[UNDEF]'
Tue May 27 21:44:10 2008 us=187000   chroot_dir = '[UNDEF]'
Tue May 27 21:44:10 2008 us=187000   cd_dir = 'certs ...'
Tue May 27 21:44:10 2008 us=187000   writepid = '[UNDEF]'
Tue May 27 21:44:10 2008 us=187000   up_script = '[UNDEF]'
Tue May 27 21:44:10 2008 us=187000   down_script = '[UNDEF]'
Tue May 27 21:44:10 2008 us=187000   down_pre = DISABLED
Tue May 27 21:44:10 2008 us=187000   up_restart = DISABLED
Tue May 27 21:44:10 2008 us=187000   up_delay = DISABLED
Tue May 27 21:44:10 2008 us=187000   daemon = DISABLED
Tue May 27 21:44:10 2008 us=187000   inetd = 0
Tue May 27 21:44:10 2008 us=187000   log = DISABLED
Tue May 27 21:44:10 2008 us=187000   suppress_timestamps = DISABLED
Tue May 27 21:44:10 2008 us=187000   nice = 1
Tue May 27 21:44:10 2008 us=187000   verbosity = 4
Tue May 27 21:44:10 2008 us=187000   mute = 0
Tue May 27 21:44:10 2008 us=187000   gremlin = 0
Tue May 27 21:44:10 2008 us=187000   status_file = '[UNDEF]'
Tue May 27 21:44:10 2008 us=187000   status_file_version = 1
Tue May 27 21:44:10 2008 us=187000   status_file_update_freq = 60
Tue May 27 21:44:10 2008 us=187000   occ = ENABLED
Tue May 27 21:44:10 2008 us=187000   rcvbuf = 0
Tue May 27 21:44:10 2008 us=187000   sndbuf = 0
Tue May 27 21:44:10 2008 us=187000   sockflags = 0
Tue May 27 21:44:10 2008 us=187000   socks_proxy_server = '[UNDEF]'
Tue May 27 21:44:10 2008 us=187000   socks_proxy_port = 0
Tue May 27 21:44:10 2008 us=187000   socks_proxy_retry = DISABLED
Tue May 27 21:44:10 2008 us=187000   fast_io = DISABLED
Tue May 27 21:44:10 2008 us=218000   lzo = 7
Tue May 27 21:44:10 2008 us=218000   route_script = '[UNDEF]'
Tue May 27 21:44:10 2008 us=218000   route_default_gateway = '[UNDEF]'
Tue May 27 21:44:10 2008 us=218000   route_default_metric = 0
Tue May 27 21:44:10 2008 us=218000   route_noexec = DISABLED
Tue May 27 21:44:10 2008 us=218000   route_delay = 5
Tue May 27 21:44:10 2008 us=218000   route_delay_window = 30
Tue May 27 21:44:10 2008 us=218000   route_delay_defined = ENABLED
Tue May 27 21:44:10 2008 us=218000   route_nopull = DISABLED
Tue May 27 21:44:10 2008 us=218000   management_addr = '[UNDEF]'
Tue May 27 21:44:10 2008 us=218000   management_port = 0
Tue May 27 21:44:10 2008 us=218000   management_user_pass = '[UNDEF]'
Tue May 27 21:44:10 2008 us=218000   management_log_history_cache = 250
Tue May 27 21:44:10 2008 us=218000   management_echo_buffer_size = 100
Tue May 27 21:44:10 2008 us=218000   management_query_passwords = DISABLED
Tue May 27 21:44:10 2008 us=250000   management_hold = DISABLED
Tue May 27 21:44:10 2008 us=250000   management_client = DISABLED
Tue May 27 21:44:10 2008 us=250000   management_signal = DISABLED
Tue May 27 21:44:10 2008 us=250000   management_forget_disconnect = DISABLED
Tue May 27 21:44:10 2008 us=250000   management_write_peer_info_file = '[UNDEF]'
Tue May 27 21:44:10 2008 us=250000   shared_secret_file = '[UNDEF]'
Tue May 27 21:44:10 2008 us=250000   key_direction = 0
Tue May 27 21:44:10 2008 us=250000   ciphername_defined = ENABLED
Tue May 27 21:44:10 2008 us=250000   ciphername = '...'
Tue May 27 21:44:10 2008 us=250000   authname_defined = ENABLED
Tue May 27 21:44:10 2008 us=250000   authname = 'SHA1'
Tue May 27 21:44:10 2008 us=250000   keysize = 0
Tue May 27 21:44:10 2008 us=250000   engine = DISABLED
Tue May 27 21:44:10 2008 us=250000   replay = ENABLED
Tue May 27 21:44:10 2008 us=250000   mute_replay_warnings = DISABLED
Tue May 27 21:44:10 2008 us=250000   replay_window = 0
Tue May 27 21:44:10 2008 us=296000   replay_time = 0
Tue May 27 21:44:10 2008 us=296000   packet_id_file = '[UNDEF]'
Tue May 27 21:44:10 2008 us=296000   use_iv = ENABLED
Tue May 27 21:44:10 2008 us=296000   test_crypto = DISABLED
Tue May 27 21:44:10 2008 us=296000   tls_server = DISABLED
Tue May 27 21:44:10 2008 us=296000   tls_client = ENABLED
Tue May 27 21:44:10 2008 us=296000   key_method = 2
Tue May 27 21:44:10 2008 us=296000   ca_file = 'ca.crt'
Tue May 27 21:44:10 2008 us=296000   ca_path = '[UNDEF]'
Tue May 27 21:44:10 2008 us=296000   dh_file = '[UNDEF]'
Tue May 27 21:44:10 2008 us=296000   cert_file = '....crt'
Tue May 27 21:44:10 2008 us=296000   priv_key_file = '....key'
Tue May 27 21:44:10 2008 us=296000   pkcs12_file = '[UNDEF]'
Tue May 27 21:44:10 2008 us=296000   cryptoapi_cert = '[UNDEF]'
Tue May 27 21:44:10 2008 us=296000   cipher_list = '[UNDEF]'
Tue May 27 21:44:10 2008 us=296000   tls_verify = '[UNDEF]'
Tue May 27 21:44:10 2008 us=328000   tls_remote = '[UNDEF]'
Tue May 27 21:44:10 2008 us=328000   crl_file = '[UNDEF]'
Tue May 27 21:44:10 2008 us=328000   ns_cert_type = 64
Tue May 27 21:44:10 2008 us=328000   remote_cert_ku[i] = 0
Tue May 27 21:44:10 2008 us=328000   remote_cert_ku[i] = 0
Tue May 27 21:44:10 2008 us=328000   remote_cert_ku[i] = 0
Tue May 27 21:44:10 2008 us=328000   remote_cert_ku[i] = 0
Tue May 27 21:44:10 2008 us=328000   remote_cert_ku[i] = 0
Tue May 27 21:44:10 2008 us=328000   remote_cert_ku[i] = 0
Tue May 27 21:44:10 2008 us=328000   remote_cert_ku[i] = 0
Tue May 27 21:44:10 2008 us=328000   remote_cert_ku[i] = 0
Tue May 27 21:44:10 2008 us=328000   remote_cert_ku[i] = 0
Tue May 27 21:44:10 2008 us=328000   remote_cert_ku[i] = 0
Tue May 27 21:44:10 2008 us=328000   remote_cert_ku[i] = 0
Tue May 27 21:44:10 2008 us=328000   remote_cert_ku[i] = 0
Tue May 27 21:44:10 2008 us=328000   remote_cert_ku[i] = 0
Tue May 27 21:44:10 2008 us=328000   remote_cert_ku[i] = 0
Tue May 27 21:44:10 2008 us=359000   remote_cert_ku[i] = 0
Tue May 27 21:44:10 2008 us=359000   remote_cert_ku[i] = 0
Tue May 27 21:44:10 2008 us=359000   remote_cert_eku = '[UNDEF]'
Tue May 27 21:44:10 2008 us=359000   tls_timeout = 2
Tue May 27 21:44:10 2008 us=359000   renegotiate_bytes = 0
Tue May 27 21:44:10 2008 us=359000   renegotiate_packets = 0
Tue May 27 21:44:10 2008 us=359000   renegotiate_seconds = 3600
Tue May 27 21:44:10 2008 us=359000   handshake_window = 60
Tue May 27 21:44:10 2008 us=359000   transition_window = 3600
Tue May 27 21:44:10 2008 us=359000   single_session = DISABLED
Tue May 27 21:44:10 2008 us=375000   tls_exit = DISABLED
Tue May 27 21:44:10 2008 us=375000   tls_auth_file = '[UNDEF]'
Tue May 27 21:44:10 2008 us=375000   pkcs11_protected_authentication = DISABLED
Tue May 27 21:44:10 2008 us=375000   pkcs11_protected_authentication = DISABLED
Tue May 27 21:44:10 2008 us=375000   pkcs11_protected_authentication = DISABLED
Tue May 27 21:44:10 2008 us=390000   pkcs11_protected_authentication = DISABLED
Tue May 27 21:44:10 2008 us=390000   pkcs11_protected_authentication = DISABLED
Tue May 27 21:44:10 2008 us=390000   pkcs11_protected_authentication = DISABLED
Tue May 27 21:44:10 2008 us=390000   pkcs11_protected_authentication = DISABLED
Tue May 27 21:44:10 2008 us=390000   pkcs11_protected_authentication = DISABLED
Tue May 27 21:44:10 2008 us=390000   pkcs11_protected_authentication = DISABLED
Tue May 27 21:44:10 2008 us=390000   pkcs11_protected_authentication = DISABLED
Tue May 27 21:44:10 2008 us=390000   pkcs11_protected_authentication = DISABLED
Tue May 27 21:44:10 2008 us=390000   pkcs11_protected_authentication = DISABLED
Tue May 27 21:44:10 2008 us=390000   pkcs11_protected_authentication = DISABLED
Tue May 27 21:44:10 2008 us=390000   pkcs11_protected_authentication = DISABLED
Tue May 27 21:44:10 2008 us=390000   pkcs11_protected_authentication = DISABLED
Tue May 27 21:44:10 2008 us=390000   pkcs11_protected_authentication = DISABLED
Tue May 27 21:44:10 2008 us=421000   pkcs11_private_mode = 00000000
Tue May 27 21:44:10 2008 us=421000   pkcs11_private_mode = 00000000
Tue May 27 21:44:10 2008 us=421000   pkcs11_private_mode = 00000000
Tue May 27 21:44:10 2008 us=421000   pkcs11_private_mode = 00000000
Tue May 27 21:44:10 2008 us=421000   pkcs11_private_mode = 00000000
Tue May 27 21:44:10 2008 us=421000   pkcs11_private_mode = 00000000
Tue May 27 21:44:10 2008 us=421000   pkcs11_private_mode = 00000000
Tue May 27 21:44:10 2008 us=421000   pkcs11_private_mode = 00000000
Tue May 27 21:44:10 2008 us=421000   pkcs11_private_mode = 00000000
Tue May 27 21:44:10 2008 us=421000   pkcs11_private_mode = 00000000
Tue May 27 21:44:10 2008 us=421000   pkcs11_private_mode = 00000000
Tue May 27 21:44:10 2008 us=421000   pkcs11_private_mode = 00000000
Tue May 27 21:44:10 2008 us=421000   pkcs11_private_mode = 00000000
Tue May 27 21:44:10 2008 us=421000   pkcs11_private_mode = 00000000
Tue May 27 21:44:10 2008 us=437000   pkcs11_private_mode = 00000000
Tue May 27 21:44:10 2008 us=437000   pkcs11_private_mode = 00000000
Tue May 27 21:44:10 2008 us=437000   pkcs11_cert_private = DISABLED
Tue May 27 21:44:10 2008 us=437000   pkcs11_cert_private = DISABLED
Tue May 27 21:44:10 2008 us=437000   pkcs11_cert_private = DISABLED
Tue May 27 21:44:10 2008 us=437000   pkcs11_cert_private = DISABLED
Tue May 27 21:44:10 2008 us=437000   pkcs11_cert_private = DISABLED
Tue May 27 21:44:10 2008 us=437000   pkcs11_cert_private = DISABLED
Tue May 27 21:44:10 2008 us=437000   pkcs11_cert_private = DISABLED
Tue May 27 21:44:10 2008 us=437000   pkcs11_cert_private = DISABLED
Tue May 27 21:44:10 2008 us=437000   pkcs11_cert_private = DISABLED
Tue May 27 21:44:10 2008 us=437000   pkcs11_cert_private = DISABLED
Tue May 27 21:44:10 2008 us=437000   pkcs11_cert_private = DISABLED
Tue May 27 21:44:10 2008 us=437000   pkcs11_cert_private = DISABLED
Tue May 27 21:44:10 2008 us=437000   pkcs11_cert_private = DISABLED
Tue May 27 21:44:10 2008 us=453000   pkcs11_cert_private = DISABLED
Tue May 27 21:44:10 2008 us=453000   pkcs11_cert_private = DISABLED
Tue May 27 21:44:10 2008 us=453000   pkcs11_cert_private = DISABLED
Tue May 27 21:44:10 2008 us=453000   pkcs11_pin_cache_period = -1
Tue May 27 21:44:10 2008 us=453000   pkcs11_id = '[UNDEF]'
Tue May 27 21:44:10 2008 us=453000   server_network = 0.0.0.0
Tue May 27 21:44:10 2008 us=453000   server_netmask = 0.0.0.0
Tue May 27 21:44:10 2008 us=453000   server_bridge_ip = 0.0.0.0
Tue May 27 21:44:10 2008 us=453000   server_bridge_netmask = 0.0.0.0
Tue May 27 21:44:10 2008 us=453000   server_bridge_pool_start = 0.0.0.0
Tue May 27 21:44:10 2008 us=453000   server_bridge_pool_end = 0.0.0.0
Tue May 27 21:44:10 2008 us=453000   ifconfig_pool_defined = DISABLED
Tue May 27 21:44:10 2008 us=453000   ifconfig_pool_start = 0.0.0.0
Tue May 27 21:44:10 2008 us=453000   ifconfig_pool_end = 0.0.0.0
Tue May 27 21:44:10 2008 us=453000   ifconfig_pool_netmask = 0.0.0.0
Tue May 27 21:44:10 2008 us=468000   ifconfig_pool_persist_filename = '[UNDEF]'
Tue May 27 21:44:10 2008 us=468000   ifconfig_pool_persist_refresh_freq = 600
Tue May 27 21:44:10 2008 us=468000   n_bcast_buf = 256
Tue May 27 21:44:10 2008 us=468000   tcp_queue_limit = 64
Tue May 27 21:44:10 2008 us=468000   real_hash_size = 256
Tue May 27 21:44:10 2008 us=468000   virtual_hash_size = 256
Tue May 27 21:44:10 2008 us=468000   client_connect_script = '[UNDEF]'
Tue May 27 21:44:10 2008 us=468000   learn_address_script = '[UNDEF]'
Tue May 27 21:44:10 2008 us=468000   client_disconnect_script = '[UNDEF]'
Tue May 27 21:44:10 2008 us=468000   client_config_dir = '[UNDEF]'
Tue May 27 21:44:10 2008 us=468000   ccd_exclusive = DISABLED
Tue May 27 21:44:10 2008 us=468000   tmp_dir = '[UNDEF]'
Tue May 27 21:44:10 2008 us=468000   push_ifconfig_defined = DISABLED
Tue May 27 21:44:10 2008 us=468000   push_ifconfig_local = 0.0.0.0
Tue May 27 21:44:10 2008 us=468000   push_ifconfig_remote_netmask = 0.0.0.0
Tue May 27 21:44:10 2008 us=484000   enable_c2c = DISABLED
Tue May 27 21:44:10 2008 us=484000   duplicate_cn = DISABLED
Tue May 27 21:44:10 2008 us=484000   cf_max = 0
Tue May 27 21:44:10 2008 us=484000   cf_per = 0
Tue May 27 21:44:10 2008 us=484000   max_clients = 1024
Tue May 27 21:44:10 2008 us=484000   max_routes_per_client = 256
Tue May 27 21:44:10 2008 us=484000   client_cert_not_required = DISABLED
Tue May 27 21:44:10 2008 us=484000   username_as_common_name = DISABLED
Tue May 27 21:44:10 2008 us=484000   auth_user_pass_verify_script = '[UNDEF]'
Tue May 27 21:44:10 2008 us=484000   auth_user_pass_verify_script_via_file = DISABLED
Tue May 27 21:44:10 2008 us=484000   client = DISABLED
Tue May 27 21:44:10 2008 us=484000   pull = ENABLED
Tue May 27 21:44:10 2008 us=484000   auth_user_pass_file = '[UNDEF]'
Tue May 27 21:44:10 2008 us=484000   show_net_up = DISABLED
Tue May 27 21:44:10 2008 us=484000   route_method = 0
Tue May 27 21:44:10 2008 us=484000   ip_win32_defined = DISABLED
Tue May 27 21:44:10 2008 us=484000   ip_win32_type = 3
Tue May 27 21:44:10 2008 us=484000   dhcp_masq_offset = 0
Tue May 27 21:44:10 2008 us=484000   dhcp_lease_time = 31536000
Tue May 27 21:44:10 2008 us=484000   tap_sleep = 0
Tue May 27 21:44:10 2008 us=484000   dhcp_options = DISABLED
Tue May 27 21:44:10 2008 us=484000   dhcp_renew = DISABLED
Tue May 27 21:44:10 2008 us=484000   dhcp_pre_release = DISABLED
Tue May 27 21:44:10 2008 us=484000   dhcp_release = DISABLED
Tue May 27 21:44:10 2008 us=484000   domain = '[UNDEF]'
Tue May 27 21:44:10 2008 us=484000   netbios_scope = '[UNDEF]'
Tue May 27 21:44:10 2008 us=484000   netbios_node_type = 0
Tue May 27 21:44:10 2008 us=484000   disable_nbt = DISABLED
Tue May 27 21:44:10 2008 us=484000 OpenVPN 2.1_rc7 Win32-MinGW [SSL] [LZO2] [PKCS11] built on Jan 29 2008
Tue May 27 21:44:10 2008 us=500000 LZO compression initialized
Tue May 27 21:44:10 2008 us=500000 Control Channel MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ]
Tue May 27 21:44:10 2008 us=734000 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Tue May 27 21:44:10 2008 us=734000 Local Options String: 'V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher ...,auth SHA1,keysize 256,key-method 2,tls-client'
Tue May 27 21:44:10 2008 us=734000 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,cipher ...,auth SHA1,keysize 256,key-method 2,tls-server'
Tue May 27 21:44:10 2008 us=734000 Local Options hash (VER=V4): '958c5492'
Tue May 27 21:44:10 2008 us=734000 Expected Remote Options hash (VER=V4): '79ef4284'
Tue May 27 21:44:10 2008 us=734000 WARNING: nice 1 failed (function not implemented)
Tue May 27 21:44:10 2008 us=734000 Attempting to establish TCP connection with ip_adresse:443
Tue May 27 21:44:10 2008 us=734000 TCP connection established with ip_adresse:443
Tue May 27 21:44:10 2008 us=734000 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue May 27 21:44:10 2008 us=734000 TCPv4_CLIENT link local: [undef]
Tue May 27 21:44:10 2008 us=734000 TCPv4_CLIENT link remote: ip_adresse:443
Tue May 27 21:44:10 2008 us=781000 TLS: Initial packet from ip_adresse:443, sid=42206336 58604dc2
Tue May 27 21:44:13 2008 us=625000 VERIFY OK: depth=1, /....
Tue May 27 21:44:13 2008 us=625000 VERIFY OK: nsCertType=SERVER
Tue May 27 21:44:13 2008 us=625000 VERIFY OK: depth=0, ....
Tue May 27 21:44:16 2008 us=718000 Data Channel Encrypt: Cipher '...' initialized with ... bit key
Tue May 27 21:44:16 2008 us=718000 Data Channel Encrypt: Using ... bit message hash 'SHA1' for HMAC authentication
Tue May 27 21:44:16 2008 us=718000 Data Channel Decrypt: Cipher '...' initialized with ... bit key
Tue May 27 21:44:16 2008 us=718000 Data Channel Decrypt: Using ... bit message hash 'SHA1' for HMAC authentication
Tue May 27 21:44:16 2008 us=718000 Control Channel: TLSv1, cipher TLSv1/SSLv3 ...., 57634646 bit RSA
Tue May 27 21:44:16 2008 us=718000 [server] Peer Connection Initiated with ip_adresse:443
Tue May 27 21:44:17 2008 us=796000 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Tue May 27 21:44:17 2008 us=937000 PUSH: Received control message: 'PUSH_REPLY,ping 15,ping-restart 60,route 192.168.75.0 255.255.255.0,route-gateway 10.0.0.1,redirect-gateway,topology subnet,dhcp-option DNS 192.168.75.1,ifconfig 10.0.0.2 255.255.255.0'
Tue May 27 21:44:17 2008 us=937000 OPTIONS IMPORT: timers and/or timeouts modified
Tue May 27 21:44:17 2008 us=937000 OPTIONS IMPORT: --ifconfig/up options modified
Tue May 27 21:44:17 2008 us=937000 OPTIONS IMPORT: route options modified
Tue May 27 21:44:17 2008 us=937000 OPTIONS IMPORT: route-related options modified
Tue May 27 21:44:17 2008 us=937000 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Tue May 27 21:44:17 2008 us=968000 TAP-WIN32 device [VPN_0] opened: \\.\Global\{1B3165E7-1F51-4E6A-AAB6-4EF487B11C53}.tap
Tue May 27 21:44:17 2008 us=968000 TAP-Win32 Driver Version 9.4 
Tue May 27 21:44:17 2008 us=968000 TAP-Win32 MTU=1500
Tue May 27 21:44:17 2008 us=984000 Set TAP-Win32 TUN subnet mode network/local/netmask = 10.0.0.0/10.0.0.2/255.255.255.0 [SUCCEEDED]
Tue May 27 21:44:17 2008 us=984000 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.0.0.2/255.255.255.0 on interface {1B3165E7-1F51-4E6A-AAB6-4EF487B11C53} [DHCP-serv: 10.0.0.254, lease-time: 31536000]
Tue May 27 21:44:17 2008 us=984000 DHCP option string: 0604c0a8 4b01
Tue May 27 21:44:17 2008 us=984000 Successful ARP Flush on interface [3] {1B3165E7-1F51-4E6A-AAB6-4EF487B11C53}
Tue May 27 21:44:23 2008 us=62000 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
Tue May 27 21:44:23 2008 us=62000 Route: Waiting for TUN/TAP interface to come up...
Tue May 27 21:44:28 2008 us=296000 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
Tue May 27 21:44:28 2008 us=296000 route ADD ip_adresse MASK 255.255.255.255 192.168.75.1
Tue May 27 21:44:28 2008 us=296000 Route addition via IPAPI succeeded [adaptive]
Tue May 27 21:44:28 2008 us=296000 route DELETE 0.0.0.0 MASK 0.0.0.0 192.168.75.1
Tue May 27 21:44:28 2008 us=312000 Route deletion via IPAPI succeeded [adaptive]
Tue May 27 21:44:28 2008 us=312000 route ADD 0.0.0.0 MASK 0.0.0.0 10.0.0.1
Tue May 27 21:44:28 2008 us=312000 Route addition via IPAPI succeeded [adaptive]
Tue May 27 21:44:28 2008 us=312000 route ADD 192.168.75.0 MASK 255.255.255.0 10.0.0.1
Tue May 27 21:44:28 2008 us=312000 Route addition via IPAPI succeeded [adaptive]
Tue May 27 21:44:28 2008 us=312000 Initialization Sequence Completed

server-conf
Code:
dev tun
dev-node /var/tmp/tun0

topology subnet
ifconfig 10.0.0.1 255.255.255.0
ifconfig-pool 10.0.0.2 10.0.0.10

crypt-stuff ...

mssfix
nice 1
ping 10
ping-restart 60
push "ping 15"
push "ping-restart 60"
comp-lzo

max-clients 4
verb 6
mute 50
#daemon
persist-key
persist-tun

push "route 192.168.75.0 255.255.255.0"
push "route-gateway 10.0.0.1"
push "redirect-gateway"
push "topology subnet"
push "dhcp-option DNS 192.168.75.1"

client-conf
Code:
crypt stuff ...

dev tun
proto tcp-client
dev-node VPN_0
nobind
tls-client
ns-cert-type server
pull
remote ip... 443
comp-lzo
verb 4
persist-tun 
persist-key
nice 1  
ping 10
ping-restart 60
 
Der Fehler kommt, wenn vom Client Pakete mit einer "unbekannten" IP kommen, also z.B. wenn ein Netz "hinter" dem Client ist (und nicht per "iroute" bekannt ist).

Die "interne" Verbindung kann durchaus problematisch sein, vor allem der "falsche", auf die Portweiterleitung angewiesene Port. Zum Testen solltest du dich erstmal auf die LAN-IP und den Port 1194 verbinden. Ping auf die 10.0.0.1 sollte eigentlich dann klappen.

Jörg
 
Hinter dem Client ist in diesem Fall aber nichts. Merkwürdig, ich werd mir den iroute-Befehl mal anschauen, ich halte das aber nicht für den Grund.

Verbinde ich mich mit der lokalen IP und direkt an den Port 1194 kann ich die 10.0.0.1 dennoch nicht anpingen, das geht nur ohne VPN Verbindung aus dem lokalen Netz.

Code:
Zeitüberschreitung der Anforderung. -> VPN aktiv
Zeitüberschreitung der Anforderung.
Zeitüberschreitung der Anforderung.
Zeitüberschreitung der Anforderung.
Zeitüberschreitung der Anforderung.
Hardwarefehler. -> VPN wird abgebaut
Hardwarefehler.
Antwort von 10.0.0.1: Bytes=32 Zeit=2ms TTL=64 -> VPN deaktiviert
Antwort von 10.0.0.1: Bytes=32 Zeit=2ms TTL=64
Antwort von 10.0.0.1: Bytes=32 Zeit=8ms TTL=64
Antwort von 10.0.0.1: Bytes=32 Zeit=8ms TTL=64

Ich bin langsam wirklich ratlos. Zweiter Gedanke: Bekomm ich die alte Firmware zurück auf die Box? (Ein Hinweis/Link falls das überhaupt geht reicht und ich lese mich da mal ein).

Danke dir,
Muldini
 
Downgrade ist immer "schwierig", du könntest als letzte Möglichkeit ein "Recover" ins Auge fassen, das liegt meistens Versionsmäßig zurück (und zerschreddelt dir alle Einstellungen :-().

Zum "intern Testen" müsstest du noch das push "route 192.168.75.0 255.255.255.0" aus der Konfig nehmen. Das ist bei "redirect-gateway" sowieso "doppelt gemoppelt", intern aber ein Problem, weil du die Pakete zum VPN-Endpunkt 192.168.75.1 "durch den Tunnel" routest).

Jörg
 

Statistik des Forums

Themen
245,882
Beiträge
2,241,852
Mitglieder
373,187
Neuestes Mitglied
orinoco
Holen Sie sich 3CX - völlig kostenlos!
Verbinden Sie Ihr Team und Ihre Kunden Telefonie Livechat Videokonferenzen

Gehostet oder selbst-verwaltet. Für bis zu 10 Nutzer dauerhaft kostenlos. Keine Kreditkartendetails erforderlich. Ohne Risiko testen.

3CX
Für diese E-Mail-Adresse besteht bereits ein 3CX-Konto. Sie werden zum Kundenportal weitergeleitet, wo Sie sich anmelden oder Ihr Passwort zurücksetzen können, falls Sie dieses vergessen haben.