.titleBar { margin-bottom: 5px!important; }

OpenVPN client unter Windows XP geht mal geht nicht

Dieses Thema im Forum "Freetz" wurde erstellt von babylon05, 9 Okt. 2008.

  1. babylon05

    babylon05 Neuer User

    Registriert seit:
    2 März 2006
    Beiträge:
    182
    Zustimmungen:
    0
    Punkte für Erfolge:
    0
    Hallo

    Hätte da noch mal eine Frage inbezug auf OpenVPN Client.
    Habe auf meiner Fritzbox 7170 freetz 1.0 mit OpenVPN als Server 2.1rc9.
    Wenn ich mich gleich nach dem starten von Windows XP mit dem OpenVPN Clienten rc9 unter Windows XP einlogge bin ich sofort drin, bleib auch den ganzen Tag drin.
    Logge ich mich in OpenVPN aus und gehe später wieder rein habe ich oft
    Probleme das ich das interne Netz der Fritzbox nicht anpingen kann.Den Tunnel an solchen klappt immer z.B. 192.168.201.1 Server und 192.168.201.2 Client.

    Vielleicht hat das auch schon einer mal gehabt???
     
  2. matze1985

    matze1985 Aktives Mitglied

    Registriert seit:
    17 Feb. 2007
    Beiträge:
    1,537
    Zustimmungen:
    0
    Punkte für Erfolge:
    0
    poste doch mal deine client und server config.

    Vielleicht wäre es auch mal interessant deine Routing-Tabelle vom WinXP Rechner zu posten, einmal, wenn funktioniert und einmal, wenn es nicht funktioniert
    (im CMD):
    Code:
    route print
    Von wo verbindest du dich mit der Box?
     
  3. MaxMuster

    MaxMuster IPPF-Promi

    Registriert seit:
    1 Feb. 2005
    Beiträge:
    6,919
    Zustimmungen:
    0
    Punkte für Erfolge:
    36
    Bitte liefer doch noch ein paar mehr Informationen, vor allem: Wie wird das Routing gemacht? Ist das in der Client-Konfig oder wird per push/pull übertragen? Was steht im Log des Verbindungsaufbaus?
    Wie sieht ein "route print" nach dem Verbindungsufbau aus und gibt es da Unterschiede zwischen "geht" und "geht nicht"?

    Jörg
     
  4. babylon05

    babylon05 Neuer User

    Registriert seit:
    2 März 2006
    Beiträge:
    182
    Zustimmungen:
    0
    Punkte für Erfolge:
    0
    #4 babylon05, 9 Okt. 2008
    Zuletzt bearbeitet: 9 Okt. 2008
    re

    so hier mal die config`s + Route print wo es jetzt gerade geht und die andere Route print ist vom Kollegen, bei dem es gerade mal nicht geht jetzt im Moment.
    Das interne Netz hat die 192.168.110.0 beim Server
    Gruß

    P.S. Habe die Vermutung das es an Windows XP liegt und mit den Routen nicht zurecht kommt. mhhh?
     

    Anhänge:

  5. MaxMuster

    MaxMuster IPPF-Promi

    Registriert seit:
    1 Feb. 2005
    Beiträge:
    6,919
    Zustimmungen:
    0
    Punkte für Erfolge:
    36
    Hi,

    den "Serverscreenshot" kann ich so leider nicht entziffern, der ist etwas zu klein....

    Der "geht" Screenshot ist merkwürdig, da scheint der Client noch eine zweite Route zu dem Netz 192.168.110.0 (über 192.168.110.241) zu haben, und das ist eine "eigene IP" in dem Netz?!?
    Beim "geht nicht" ist eine Host-Route für 192.168.110.10 da, woher kommt die?

    Jörg
     
  6. babylon05

    babylon05 Neuer User

    Registriert seit:
    2 März 2006
    Beiträge:
    182
    Zustimmungen:
    0
    Punkte für Erfolge:
    0
    noch mal gepackt die Server config

    so kannst die ja mal öffnen

    Was die Routen da machen, da habe ich leider nicht so den Plan.
    mit der "es geht" bin ich seit heute früh drin und geht top, nur wenn ich jetzt raus gehe ist dann wieder dunkel :(

    die 110.241 habe ich mal gesucht mit ip scanner das ist mein PC hier in dem Server Netzwerk :)
     

    Anhänge:

  7. MaxMuster

    MaxMuster IPPF-Promi

    Registriert seit:
    1 Feb. 2005
    Beiträge:
    6,919
    Zustimmungen:
    0
    Punkte für Erfolge:
    36
    ... und auf dem hast du den VPN-Client laufen?? Von dem aus wäre es auch klar, wenn du ins Servernetz kommst ;-)

    Oder ist das ein anderer PC? Dann wäre die Route (und die IP) allerdings merkwürdig.

    Oder nutzt du genau diesen PC an mehreren Orten, und das "Servernetz" ist einer davon? Dann wäre das Verhalten erklärlich, wenn die "Server-IP" immer da ist und die Route über das VPN gleichzeitig dazu kommt hättest du (wie in dem Screenshot) zweimal eine Route in dieses Netz und ob es geht oder nicht wäre zufallsabhängig...


    Jörg
     
  8. babylon05

    babylon05 Neuer User

    Registriert seit:
    2 März 2006
    Beiträge:
    182
    Zustimmungen:
    0
    Punkte für Erfolge:
    0
    zu 1. ja darauf läuft der VPN client
    zu 2. ist mein PC hier in der Firma
    zu 3. der pc hat hier von unserem Router immer eine eindeutige IP
    ich weiß von unserem admin, das unsere Firma noch über ein Tunnel mit der Hauptniederlassung verbunden ist, aber ist glaub kein OPENVPN Tunnel was anderes.meinen Pc (Laptop) nehme ich auch mit wenn ich unterwegs bin um mich von unterwegs über umts in Anlagen per OpenVPN eintunneln zu können.
    das Route Print was nicht geht ist von meinem Kollegen hier, nur jetzt sagt er mir ist er auch eingetunelt und kann die anderen Geräte anpingen.
     
  9. MaxMuster

    MaxMuster IPPF-Promi

    Registriert seit:
    1 Feb. 2005
    Beiträge:
    6,919
    Zustimmungen:
    0
    Punkte für Erfolge:
    36
    O.k.,

    aber sinnvoll sagen, ob der Tunnel nun funktioniert, kann man natürlich nur, wenn man den Tunnel braucht, um in das Netz zu kommen und nicht, wenn man schon drin ist ;-)

    Zumindest der oben gezeigte "geht nicht" Screenshot (mit der .4) hat auch keine Route für das Netz bekommen (hat der auch "pull" in der Config?), hat aber eine Route für einen Host aus dem Servernetz (für 192.168.110.10 über 192.168.0.10). Diese Route muss schon irgendwo herkommen...

    Also, das besagte "Phänomen" ist
    - nur zu untersuchen, wenn das VPN von "außerhalb" aufgebaut wird,
    - dann wären "route print" Ausgaben von dem gleichen Rechner in beiden Zuständen wichtig,
    - und auch das Log, was der VPN-Client beim Verbinden schreibt.

    Jörg
     
  10. babylon05

    babylon05 Neuer User

    Registriert seit:
    2 März 2006
    Beiträge:
    182
    Zustimmungen:
    0
    Punkte für Erfolge:
    0
    re geb dir mal den Log von mir von heute :)

    also bei dem pc der nicht ging ist die config die gleiche wie bei mir,
    nur andere Zertifikate *.crt, *.key
    Code:
    Thu Oct 09 08:40:41 2008 OpenVPN 2.1_rc12 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Sep 23 2008
    Thu Oct 09 08:40:41 2008 LZO compression initialized
    Thu Oct 09 08:40:41 2008 Control Channel MTU parms [ L:1558 D:138 EF:38 EB:0 ET:0 EL:0 ]
    Thu Oct 09 08:40:41 2008 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
    Thu Oct 09 08:40:41 2008 Local Options hash (VER=V4): '22188c5b'
    Thu Oct 09 08:40:41 2008 Expected Remote Options hash (VER=V4): 'a8f55717'
    Thu Oct 09 08:40:41 2008 Socket Buffers: R=[8192->8192] S=[8192->8192]
    Thu Oct 09 08:40:41 2008 UDPv4 link local: [undef]
    Thu Oct 09 08:40:41 2008 UDPv4 link remote: xxx.xxx.xxx.xxx:1194
    Thu Oct 09 08:40:42 2008 TLS: Initial packet from xxx.xxx.xxx.xxx:1194, sid=b872f0a1 ffbd4184
    Thu Oct 09 08:40:45 2008 VERIFY OK: depth=1, /C=DE/ST=HH/L=HH/O=Privat/CN=ca/emailAddress=info@glx.de
    Thu Oct 09 08:40:45 2008 VERIFY OK: nsCertType=SERVER
    Thu Oct 09 08:40:45 2008 VERIFY OK: depth=0, /C=DE/ST=HH/O=Privat/CN=speedport/emailAddress=info@glx.de
    Thu Oct 09 08:40:46 2008 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Thu Oct 09 08:40:46 2008 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Thu Oct 09 08:40:46 2008 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Thu Oct 09 08:40:46 2008 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Thu Oct 09 08:40:46 2008 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
    Thu Oct 09 08:40:46 2008 [speedport] Peer Connection Initiated with 88.128.20.224:1194
    Thu Oct 09 08:40:47 2008 SENT CONTROL [speedport]: 'PUSH_REQUEST' (status=1)
    Thu Oct 09 08:40:48 2008 PUSH: Received control message: 'PUSH_REPLY,route 192.168.110.0 255.255.255.0 192.168.201.1,ping 10,ping-restart 120,topology subnet,ifconfig 192.168.201.2 255.255.255.0'
    Thu Oct 09 08:40:48 2008 OPTIONS IMPORT: timers and/or timeouts modified
    Thu Oct 09 08:40:48 2008 OPTIONS IMPORT: --ifconfig/up options modified
    Thu Oct 09 08:40:48 2008 OPTIONS IMPORT: route options modified
    Thu Oct 09 08:40:48 2008 ROUTE default_gateway=192.168.0.11
    Thu Oct 09 08:40:48 2008 TAP-WIN32 device [LAN-Verbindung 11] opened: \\.\Global\{AC3BFE67-6A2F-4AC5-A1A2-45ABB6019897}.tap
    Thu Oct 09 08:40:48 2008 TAP-Win32 Driver Version 9.4 
    Thu Oct 09 08:40:48 2008 TAP-Win32 MTU=1500
    Thu Oct 09 08:40:48 2008 Set TAP-Win32 TUN subnet mode network/local/netmask = 192.168.201.0/192.168.201.2/255.255.255.0 [SUCCEEDED]
    Thu Oct 09 08:40:48 2008 Notified TAP-Win32 driver to set a DHCP IP/netmask of 192.168.201.2/255.255.255.0 on interface {AC3BFE67-6A2F-4AC5-A1A2-45ABB6019897} [DHCP-serv: 192.168.201.254, lease-time: 31536000]
    Thu Oct 09 08:40:48 2008 Successful ARP Flush on interface [4] {AC3BFE67-6A2F-4AC5-A1A2-45ABB6019897}
    Thu Oct 09 08:40:53 2008 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
    Thu Oct 09 08:40:53 2008 Route: Waiting for TUN/TAP interface to come up...
    Thu Oct 09 08:40:58 2008 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
    Thu Oct 09 08:40:58 2008 Route: Waiting for TUN/TAP interface to come up...
    Thu Oct 09 08:40:59 2008 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
    Thu Oct 09 08:40:59 2008 Route: Waiting for TUN/TAP interface to come up...
    Thu Oct 09 08:41:00 2008 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
    Thu Oct 09 08:41:00 2008 Route: Waiting for TUN/TAP interface to come up...
    Thu Oct 09 08:41:01 2008 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
    Thu Oct 09 08:41:01 2008 Route: Waiting for TUN/TAP interface to come up...
    Thu Oct 09 08:41:02 2008 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
    Thu Oct 09 08:41:02 2008 Route: Waiting for TUN/TAP interface to come up...
    Thu Oct 09 08:41:03 2008 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
    Thu Oct 09 08:41:03 2008 C:\WINDOWS\system32\route.exe ADD 192.168.110.0 MASK 255.255.255.0 192.168.201.1
    Thu Oct 09 08:41:03 2008 Route addition via IPAPI succeeded [adaptive]
    Thu Oct 09 08:41:03 2008 Initialization Sequence Completed
    Thu Oct 09 09:00:03 2008 Replay-window backtrack occurred [4]
    Thu Oct 09 09:00:03 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #557 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 09:01:20 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1418 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 09:04:01 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #2824 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 09:08:52 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #5250 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 09:12:11 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #7152 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 09:20:51 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #11309 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 09:21:10 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #11430 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 09:40:31 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #19334 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 09:40:46 2008 TLS: soft reset sec=0 bytes=5730157/0 pkts=38283/0
    Thu Oct 09 09:40:47 2008 VERIFY OK: depth=1, /C=DE/ST=HH/L=HH/O=Privat/CN=ca/emailAddress=info@glx.de
    Thu Oct 09 09:40:47 2008 VERIFY OK: nsCertType=SERVER
    Thu Oct 09 09:40:47 2008 VERIFY OK: depth=0, /C=DE/ST=HH/O=Privat/CN=speedport/emailAddress=info@glx.de
    Thu Oct 09 09:40:48 2008 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Thu Oct 09 09:40:48 2008 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Thu Oct 09 09:40:48 2008 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Thu Oct 09 09:40:48 2008 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Thu Oct 09 09:40:48 2008 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
    Thu Oct 09 09:40:59 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #46 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 09:45:45 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1211 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 09:47:34 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1655 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 09:47:39 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1676 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 09:54:15 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #3296 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 09:59:53 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #4675 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 10:02:02 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #5201 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 10:03:03 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #5449 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 10:13:35 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8030 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 10:15:38 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8533 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 10:15:46 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8565 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 10:20:34 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #9738 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 10:21:15 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #9905 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 10:21:34 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #9979 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 10:23:27 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #10444 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 10:24:34 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #10717 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 10:37:40 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #10925 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 10:40:46 2008 TLS: tls_process: killed expiring key
    Thu Oct 09 10:40:48 2008 VERIFY OK: depth=1, /C=DE/ST=HH/L=HH/O=Privat/CN=ca/emailAddress=info@glx.de
    Thu Oct 09 10:40:48 2008 VERIFY OK: nsCertType=SERVER
    Thu Oct 09 10:40:48 2008 VERIFY OK: depth=0, /C=DE/ST=HH/O=Privat/CN=speedport/emailAddress=info@glx.de
    Thu Oct 09 10:40:50 2008 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Thu Oct 09 10:40:50 2008 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Thu Oct 09 10:40:50 2008 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Thu Oct 09 10:40:50 2008 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Thu Oct 09 10:40:50 2008 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
    Thu Oct 09 11:12:02 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1535 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 11:18:27 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #4210 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 11:21:19 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #5387 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 11:23:26 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #6251 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 11:24:36 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #6577 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 11:34:31 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #9004 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 11:38:58 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #10090 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 11:40:47 2008 TLS: tls_process: killed expiring key
    Thu Oct 09 11:40:50 2008 VERIFY OK: depth=1, /C=DE/ST=HH/L=HH/O=Privat/CN=ca/emailAddress=info@glx.de
    Thu Oct 09 11:40:50 2008 VERIFY OK: nsCertType=SERVER
    Thu Oct 09 11:40:50 2008 VERIFY OK: depth=0, /C=DE/ST=HH/O=Privat/CN=speedport/emailAddress=info@glx.de
    Thu Oct 09 11:40:51 2008 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Thu Oct 09 11:40:51 2008 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Thu Oct 09 11:40:51 2008 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Thu Oct 09 11:40:51 2008 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Thu Oct 09 11:40:51 2008 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
    Thu Oct 09 11:48:08 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1781 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 11:58:33 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #4331 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 12:00:43 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #4862 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 12:01:39 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #5090 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 12:04:37 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #5817 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 12:05:56 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #6140 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 12:08:57 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #6875 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 12:11:53 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #7744 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 12:13:23 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8373 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 12:23:15 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8535 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 12:40:49 2008 TLS: tls_process: killed expiring key
    Thu Oct 09 12:40:52 2008 VERIFY OK: depth=1, /C=DE/ST=HH/L=HH/O=Privat/CN=ca/emailAddress=info@glx.de
    Thu Oct 09 12:40:52 2008 VERIFY OK: nsCertType=SERVER
    Thu Oct 09 12:40:52 2008 VERIFY OK: depth=0, /C=DE/ST=HH/O=Privat/CN=speedport/emailAddress=info@glx.de
    Thu Oct 09 12:40:53 2008 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Thu Oct 09 12:40:53 2008 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Thu Oct 09 12:40:53 2008 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Thu Oct 09 12:40:53 2008 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Thu Oct 09 12:40:53 2008 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
    Thu Oct 09 13:01:42 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #456 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:12:12 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1585 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:12:56 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #2788 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:12:58 2008 Replay-window backtrack occurred [7]
    Thu Oct 09 13:12:58 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #2851 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:13:17 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #3432 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:13:53 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #4679 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:16:35 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #9312 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:18:04 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #11672 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:20:07 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #14981 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:20:08 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #15017 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:21:21 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #17836 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:23:21 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #18466 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:26:29 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #19497 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:28:30 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #22820 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:28:33 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #22966 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:31:11 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #29544 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:31:43 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #30943 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:31:46 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #31067 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:32:08 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #32115 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:32:27 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #32752 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:32:36 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #33116 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:32:45 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #33438 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:32:53 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #33818 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:33:34 2008 Replay-window backtrack occurred [10]
    Thu Oct 09 13:33:34 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #35770 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:33:36 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #35876 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:33:37 2008 Replay-window backtrack occurred [13]
    Thu Oct 09 13:33:37 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #35912 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:33:44 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #36194 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:33:44 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #36226 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:34:32 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #38395 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:34:33 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #38432 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:35:03 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #39208 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:35:40 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #40157 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:36:38 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #41619 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:36:56 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #42081 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:36:58 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #42136 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:37:34 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #43057 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:38:02 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #43771 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:38:08 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #43945 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:38:11 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #44023 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:38:12 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #44039 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:38:15 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #44110 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:38:37 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #44584 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:39:01 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #45037 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:39:09 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #45211 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:39:41 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #45937 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:40:06 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #46129 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:40:17 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #46272 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:40:20 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #46297 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:40:20 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #46308 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:40:34 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #46400 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:40:51 2008 TLS: tls_process: killed expiring key
    Thu Oct 09 13:40:53 2008 TLS: soft reset sec=0 bytes=13970227/0 pkts=77642/0
    Thu Oct 09 13:40:54 2008 VERIFY OK: depth=1, /C=DE/ST=HH/L=HH/O=Privat/CN=ca/emailAddress=info@glx.de
    Thu Oct 09 13:40:54 2008 VERIFY OK: nsCertType=SERVER
    Thu Oct 09 13:40:54 2008 VERIFY OK: depth=0, /C=DE/ST=HH/O=Privat/CN=speedport/emailAddress=info@glx.de
    Thu Oct 09 13:40:55 2008 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Thu Oct 09 13:40:55 2008 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Thu Oct 09 13:40:55 2008 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Thu Oct 09 13:40:55 2008 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Thu Oct 09 13:40:55 2008 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
    Thu Oct 09 13:41:50 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #701 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:42:03 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1155 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:42:27 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1923 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:43:01 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #2468 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:44:02 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #3839 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:49:39 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8595 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 13:50:14 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #9800 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 14:40:53 2008 TLS: tls_process: killed expiring key
    Thu Oct 09 14:40:55 2008 VERIFY OK: depth=1, /C=DE/ST=HH/L=HH/O=Privat/CN=ca/emailAddress=info@glx.de
    Thu Oct 09 14:40:55 2008 VERIFY OK: nsCertType=SERVER
    Thu Oct 09 14:40:55 2008 VERIFY OK: depth=0, /C=DE/ST=HH/O=Privat/CN=speedport/emailAddress=info@glx.de
    Thu Oct 09 14:40:56 2008 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Thu Oct 09 14:40:56 2008 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Thu Oct 09 14:40:56 2008 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Thu Oct 09 14:40:56 2008 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Thu Oct 09 14:40:56 2008 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
    Thu Oct 09 14:52:05 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #70 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 15:40:54 2008 TLS: tls_process: killed expiring key
    Thu Oct 09 15:40:56 2008 TLS: soft reset sec=0 bytes=61153/0 pkts=844/0
    Thu Oct 09 15:40:56 2008 VERIFY OK: depth=1, /C=DE/ST=HH/L=HH/O=Privat/CN=ca/emailAddress=info@glx.de
    Thu Oct 09 15:40:56 2008 VERIFY OK: nsCertType=SERVER
    Thu Oct 09 15:40:56 2008 VERIFY OK: depth=0, /C=DE/ST=HH/O=Privat/CN=speedport/emailAddress=info@glx.de
    Thu Oct 09 15:40:58 2008 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Thu Oct 09 15:40:58 2008 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Thu Oct 09 15:40:58 2008 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Thu Oct 09 15:40:58 2008 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Thu Oct 09 15:40:58 2008 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
    Thu Oct 09 16:16:16 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #380 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Thu Oct 09 16:40:56 2008 TLS: tls_process: killed expiring key
    Thu Oct 09 16:40:59 2008 VERIFY OK: depth=1, /C=DE/ST=HH/L=HH/O=Privat/CN=ca/emailAddress=info@glx.de
    Thu Oct 09 16:40:59 2008 VERIFY OK: nsCertType=SERVER
    Thu Oct 09 16:40:59 2008 VERIFY OK: depth=0, /C=DE/ST=HH/O=Privat/CN=speedport/emailAddress=info@glx.de
    Thu Oct 09 16:41:00 2008 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Thu Oct 09 16:41:00 2008 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Thu Oct 09 16:41:00 2008 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Thu Oct 09 16:41:00 2008 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Thu Oct 09 16:41:00 2008 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
    
     
  11. babylon05

    babylon05 Neuer User

    Registriert seit:
    2 März 2006
    Beiträge:
    182
    Zustimmungen:
    0
    Punkte für Erfolge:
    0
    so war mal disconnect jetzt gehts nicht mehr :(

    Code:
    Thu Oct 09 17:16:57 2008 OpenVPN 2.1_rc12 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Sep 23 2008
    Thu Oct 09 17:16:57 2008 LZO compression initialized
    Thu Oct 09 17:16:57 2008 Control Channel MTU parms [ L:1558 D:138 EF:38 EB:0 ET:0 EL:0 ]
    Thu Oct 09 17:16:57 2008 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
    Thu Oct 09 17:16:57 2008 Local Options hash (VER=V4): '22188c5b'
    Thu Oct 09 17:16:57 2008 Expected Remote Options hash (VER=V4): 'a8f55717'
    Thu Oct 09 17:16:57 2008 Socket Buffers: R=[8192->8192] S=[8192->8192]
    Thu Oct 09 17:16:57 2008 UDPv4 link local: [undef]
    Thu Oct 09 17:16:57 2008 UDPv4 link remote: xxx.xxx.xxx.xxx:1194
    Thu Oct 09 17:16:57 2008 TLS: Initial packet from xxx.xxx.xxx.xxx:1194, sid=c19d5dbc c8e85652
    Thu Oct 09 17:16:58 2008 VERIFY OK: depth=1, /C=DE/ST=HH/L=HH/O=Privat/CN=ca/emailAddress=info@glx.de
    Thu Oct 09 17:16:58 2008 VERIFY OK: nsCertType=SERVER
    Thu Oct 09 17:16:58 2008 VERIFY OK: depth=0, /C=DE/ST=HH/O=Privat/CN=speedport/emailAddress=info@glx.de
    Thu Oct 09 17:16:59 2008 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Thu Oct 09 17:16:59 2008 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Thu Oct 09 17:16:59 2008 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Thu Oct 09 17:16:59 2008 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Thu Oct 09 17:16:59 2008 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
    Thu Oct 09 17:16:59 2008 [speedport] Peer Connection Initiated with xxx.xxx.xxx.xxx:1194
    Thu Oct 09 17:17:01 2008 SENT CONTROL [speedport]: 'PUSH_REQUEST' (status=1)
    Thu Oct 09 17:17:01 2008 PUSH: Received control message: 'PUSH_REPLY,route 192.168.110.0 255.255.255.0 192.168.201.1,ping 10,ping-restart 120,topology subnet,ifconfig 192.168.201.2 255.255.255.0'
    Thu Oct 09 17:17:01 2008 OPTIONS IMPORT: timers and/or timeouts modified
    Thu Oct 09 17:17:01 2008 OPTIONS IMPORT: --ifconfig/up options modified
    Thu Oct 09 17:17:01 2008 OPTIONS IMPORT: route options modified
    Thu Oct 09 17:17:01 2008 ROUTE default_gateway=192.168.0.11
    Thu Oct 09 17:17:01 2008 TAP-WIN32 device [LAN-Verbindung 11] opened: \\.\Global\{AC3BFE67-6A2F-4AC5-A1A2-45ABB6019897}.tap
    Thu Oct 09 17:17:01 2008 TAP-Win32 Driver Version 9.4 
    Thu Oct 09 17:17:01 2008 TAP-Win32 MTU=1500
    Thu Oct 09 17:17:01 2008 Set TAP-Win32 TUN subnet mode network/local/netmask = 192.168.201.0/192.168.201.2/255.255.255.0 [SUCCEEDED]
    Thu Oct 09 17:17:01 2008 Notified TAP-Win32 driver to set a DHCP IP/netmask of 192.168.201.2/255.255.255.0 on interface {AC3BFE67-6A2F-4AC5-A1A2-45ABB6019897} [DHCP-serv: 192.168.201.254, lease-time: 31536000]
    Thu Oct 09 17:17:01 2008 Successful ARP Flush on interface [4] {AC3BFE67-6A2F-4AC5-A1A2-45ABB6019897}
    Thu Oct 09 17:17:06 2008 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
    Thu Oct 09 17:17:06 2008 C:\WINDOWS\system32\route.exe ADD 192.168.110.0 MASK 255.255.255.0 192.168.201.1
    Thu Oct 09 17:17:06 2008 Route addition via IPAPI succeeded [adaptive]
    Thu Oct 09 17:17:06 2008 Initialization Sequence Completed
    Thu Oct 09 17:26:35 2008 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #61 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    
    
    wenn ich jetzt ein Gerät anpingen will bekomme ich immer Zeitüberschreibung,
    die Tunnel IP vom Server kann ich aber anpingen, was ja die 192.168.201.1 ist
     

    Anhänge:

  12. MaxMuster

    MaxMuster IPPF-Promi

    Registriert seit:
    1 Feb. 2005
    Beiträge:
    6,919
    Zustimmungen:
    0
    Punkte für Erfolge:
    36
    Ja, das meinte ich oben: Du hast laut deiner Routingtabelle eine Netzwerkkarte im ServerLAN, mit der IP 192.168.110.241. Über die wird jetzt versucht, das Netz zu erreichen, was natürlich nicht geht, wenn du in dem Netz bist.

    Stimmen Log und Screenshot wirklich überein? Denn dort steht:
    Code:
    Thu Oct 09 17:17:06 2008 C:\WINDOWS\system32\route.exe ADD 192.168.110.0 MASK 255.255.255.0 192.168.201.1
    Thu Oct 09 17:17:06 2008 Route addition via IPAPI succeeded [adaptive]
    Thu Oct 09 17:17:06 2008 Initialization Sequence Completed
    
    Diese Route ist aber nicht da...

    Du kannst das nochmal von Hand machen mit einem
    Code:
    route add 192.168.110.0 mask 255.255.255.0 192.168.201.1
    

    Jörg
     
  13. babylon05

    babylon05 Neuer User

    Registriert seit:
    2 März 2006
    Beiträge:
    182
    Zustimmungen:
    0
    Punkte für Erfolge:
    0
    #13 babylon05, 9 Okt. 2008
    Zuletzt bearbeitet: 9 Okt. 2008
    re

    Hi,

    also screenshot und log sind genau da gemacht worden wo es nicht mehr geht.

    Jetzt bin ich bei mir privat zu Hause habe pc angemacht und konnte mich auch sofort eintunneln. Dann VPN Tunnel getrennt paar sec. gewartet und wieder Connect gemacht, siehe da wieder kein interne IP des Servers erreichbar.
    und es war auch keine Route zu sehen.
    Jetzt habe ich:
    Code:
    route add 192.168.110.0 mask 255.255.255.0 192.168.201.1
    
    danach gleich Ping und siehe da kann sofort anpingen. mhhh was ist das jetzt?

    Nachtrag:
    Code:
    Thu Oct 09 20:08:03 2008 OpenVPN 2.1_rc12 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Sep 23 2008
    Thu Oct 09 20:08:03 2008 LZO compression initialized
    Thu Oct 09 20:08:03 2008 Control Channel MTU parms [ L:1558 D:138 EF:38 EB:0 ET:0 EL:0 ]
    Thu Oct 09 20:08:03 2008 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
    Thu Oct 09 20:08:03 2008 Local Options hash (VER=V4): '22188c5b'
    Thu Oct 09 20:08:03 2008 Expected Remote Options hash (VER=V4): 'a8f55717'
    Thu Oct 09 20:08:03 2008 Socket Buffers: R=[8192->8192] S=[8192->8192]
    Thu Oct 09 20:08:03 2008 UDPv4 link local: [undef]
    Thu Oct 09 20:08:03 2008 UDPv4 link remote: xxx.xxx.xxx.xxx:1194
    Thu Oct 09 20:08:07 2008 TLS: Initial packet from xxx.xxx.xxx.xxx:1194, sid=fceccfdf 884119a2
    Thu Oct 09 20:08:08 2008 VERIFY OK: depth=1, /C=DE/ST=HH/L=HH/O=Privat/CN=ca/emailAddress=info@glx.de
    Thu Oct 09 20:08:08 2008 VERIFY OK: nsCertType=SERVER
    Thu Oct 09 20:08:08 2008 VERIFY OK: depth=0, /C=DE/ST=HH/O=Privat/CN=speedport/emailAddress=info@glx.de
    Thu Oct 09 20:08:11 2008 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Thu Oct 09 20:08:11 2008 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Thu Oct 09 20:08:11 2008 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Thu Oct 09 20:08:11 2008 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Thu Oct 09 20:08:11 2008 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
    Thu Oct 09 20:08:11 2008 [speedport] Peer Connection Initiated with xxx.xxx.xxx.xxx:1194
    Thu Oct 09 20:08:12 2008 SENT CONTROL [speedport]: 'PUSH_REQUEST' (status=1)
    Thu Oct 09 20:08:12 2008 PUSH: Received control message: 'PUSH_REPLY,route 192.168.110.0 255.255.255.0 192.168.201.1,ping 10,ping-restart 120,topology subnet,ifconfig 192.168.201.2 255.255.255.0'
    Thu Oct 09 20:08:12 2008 OPTIONS IMPORT: timers and/or timeouts modified
    Thu Oct 09 20:08:12 2008 OPTIONS IMPORT: --ifconfig/up options modified
    Thu Oct 09 20:08:12 2008 OPTIONS IMPORT: route options modified
    Thu Oct 09 20:08:12 2008 ROUTE default_gateway=192.168.178.1
    Thu Oct 09 20:08:12 2008 TAP-WIN32 device [LAN-Verbindung 11] opened: \\.\Global\{AC3BFE67-6A2F-4AC5-A1A2-45ABB6019897}.tap
    Thu Oct 09 20:08:12 2008 TAP-Win32 Driver Version 9.4 
    Thu Oct 09 20:08:12 2008 TAP-Win32 MTU=1500
    Thu Oct 09 20:08:12 2008 Set TAP-Win32 TUN subnet mode network/local/netmask = 192.168.201.0/192.168.201.2/255.255.255.0 [SUCCEEDED]
    Thu Oct 09 20:08:12 2008 Notified TAP-Win32 driver to set a DHCP IP/netmask of 192.168.201.2/255.255.255.0 on interface {AC3BFE67-6A2F-4AC5-A1A2-45ABB6019897} [DHCP-serv: 192.168.201.254, lease-time: 31536000]
    Thu Oct 09 20:08:12 2008 Successful ARP Flush on interface [3] {AC3BFE67-6A2F-4AC5-A1A2-45ABB6019897}
    Thu Oct 09 20:08:17 2008 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
    Thu Oct 09 20:08:17 2008 Route: Waiting for TUN/TAP interface to come up...
    Thu Oct 09 20:08:23 2008 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
    Thu Oct 09 20:08:23 2008 Route: Waiting for TUN/TAP interface to come up...
    Thu Oct 09 20:08:24 2008 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
    Thu Oct 09 20:08:24 2008 Route: Waiting for TUN/TAP interface to come up...
    Thu Oct 09 20:08:25 2008 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
    Thu Oct 09 20:08:25 2008 Route: Waiting for TUN/TAP interface to come up...
    Thu Oct 09 20:08:26 2008 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
    Thu Oct 09 20:08:26 2008 Route: Waiting for TUN/TAP interface to come up...
    Thu Oct 09 20:08:27 2008 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
    Thu Oct 09 20:08:27 2008 Route: Waiting for TUN/TAP interface to come up...
    Thu Oct 09 20:08:28 2008 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
    Thu Oct 09 20:08:28 2008 C:\WINDOWS\system32\route.exe ADD 192.168.110.0 MASK 255.255.255.0 192.168.201.1
    Thu Oct 09 20:08:28 2008 Route addition via IPAPI succeeded [adaptive]
    Thu Oct 09 20:08:28 2008 Initialization Sequence Completed
    
    Habe pc noch mal neu gestarten, da klappt es auf anhieb, habe auch festgestellt das der Tap-win32 Adapter für VPN jetzt schon da
    war und danach der VPN Monitor von gelb auf grün gegangen ist. bei den Versuchen wo es nicht geht, ist es anderes rum, da wird erst der vpn Monitor grün und dann kommt erst der Tapi Adapter.