Re: connessione alla lan con in mezzo una vpn
Marco Gaiarin <gaio@lilliput.linux.it> writes:
La speigazione di Paolo è perfetta; ma
Questa è la configurazione di openvpn che mi ha dato il
provider:
[...]
pull
Io credo che il problema sia questo; con 'pull' tu ti prendi
tutto quello
che il server ti dice, compreso suppongo del routing farlocco.
Puoi mandare dei log di connessione?
Allego.
Puoi vedere se il fornitore ha una pagina/faq/... con delle info
più dettagliate?
Quello ho paura di no perché sto usando un provider che definirlo
"scarno" è un eufemismo!
:-)
====================vpn.log==========================================
OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO]
[LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 28 2021
library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10
TCP/UDP: Preserving recently used remote address:
[AF_INET]91.19.55.235:443
Socket Buffers: R=[131072->131072] S=[16384->16384]
Attempting to establish TCP connection with
[AF_INET]91.19.55.235:443 [nonblock]
TCP connection established with [AF_INET]91.19.55.235:443
TCP_CLIENT link local: (not bound)
TCP_CLIENT link remote: [AF_INET]91.19.55.235:443
TLS: Initial packet from [AF_INET]91.19.55.235:443, sid=e8271fcc
f5cbaea7
WARNING: this configuration may cache passwords in memory -- use
the auth-nocache option to prevent this
VERIFY OK: depth=1, C=CZ, ST=Ustecky Kraj, L=Usti nad Labem,
O=FineVPN.com, OU=IT, CN=FineVPN.com CA,
emailAddress=info@finevpn.com
VERIFY KU OK
Validating certificate extended key usage
++ Certificate has EKU (str) TLS Web Server Authentication,
expects TLS Web Server Authentication
VERIFY EKU OK
VERIFY X509NAME OK: C=CZ, ST=Ustecky Kraj, L=Usti nad Labem,
O=FineVPN.com, OU=IT, CN=eu3.finevpn.com,
emailAddress=info@finevpn.com
VERIFY OK: depth=0, C=CZ, ST=Ustecky Kraj, L=Usti nad Labem,
O=FineVPN.com, OU=IT, CN=eu3.finevpn.com,
emailAddress=info@finevpn.com
Control Channel: TLSv1.2, cipher TLSv1.2
DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
[eu3.finevpn.com] Peer Connection Initiated with
[AF_INET]91.19.55.235:443
SENT CONTROL [eu3.finevpn.com]: 'PUSH_REQUEST' (status=1)
SENT CONTROL [eu3.finevpn.com]: 'PUSH_REQUEST' (status=1)
SENT CONTROL [eu3.finevpn.com]: 'PUSH_REQUEST' (status=1)
PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS
8.8.8.8,dhcp-option DNS 8.8.4.4,topology subnet,route-gateway
91.19.51.1,ifconfig 91.19.51.42 255.255.255.0'
OPTIONS IMPORT: --ifconfig/up options modified
OPTIONS IMPORT: route-related options modified
OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256
bit key
Outgoing Data Channel: Using 160 bit message hash 'SHA1' for HMAC
authentication
Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256
bit key
Incoming Data Channel: Using 160 bit message hash 'SHA1' for HMAC
authentication
ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=eth0
HWADDR=dc:a6:32:cb:d2:d5
TUN/TAP device tun0 opened
TUN/TAP TX queue length set to 100
/sbin/ip link set dev tun0 up mtu 1500
/sbin/ip addr add dev tun0 91.19.51.42/24 broadcast 91.19.51.255
/sbin/ip route add 91.19.55.235/32 via 192.168.1.1
/sbin/ip route add 0.0.0.0/1 via 91.19.51.1
/sbin/ip route add 128.0.0.0/1 via 91.19.51.1
Initialization Sequence Completed
====================vpn.log==========================================
--
ciao
leandro
Reply to: