Openvpn ich bekomme das routinmh nicht hin

25 Jun 2010

      Ok,

ich bin da im Moment offensichtlich komplett "überfordert".

Der Status:
Ich bekomme via UMTS eine Openvpn Verbindung aufgebaut.

Der DSL Router hat die IP 192.168.7.168 der VPN Server die IP 192.168.7.190

Wie bekomme ich es hin das jetzt das System 192.168.7.190 per ping und 
ssh erreichbar ist?

Danke

die Ausgabe auf dem Bildschrirm des Servers beim Verbindungsaufbau.

  openvpn /etc/openvpn/server.conf
Fri Jun 25 10:16:50 2010 OpenVPN 2.1_rc20 i586-suse-linux [SSL] [LZO2] 
[EPOLL] [PKCS11] built on Dec 17 2009
Fri Jun 25 10:16:50 2010 NOTE: OpenVPN 2.1 requires '--script-security 
2' or higher to call user-defined scripts or executables
Fri Jun 25 10:16:50 2010 Diffie-Hellman initialized with 1024 bit key
Fri Jun 25 10:16:50 2010 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 
ET:0 EL:0 ]
Fri Jun 25 10:16:50 2010 WARNING: potential TUN/TAP adapter subnet 
conflict between local LAN [192.168.7.0/255.255.255.0] and remote VPN 
[192.168.7.1/255.255.255.255]
Fri Jun 25 10:16:50 2010 ROUTE default_gateway=192.168.7.168
Fri Jun 25 10:16:50 2010 TUN/TAP device tun0 opened
Fri Jun 25 10:16:50 2010 TUN/TAP TX queue length set to 100
Fri Jun 25 10:16:50 2010 /bin/ip link set dev tun0 up mtu 1500
Fri Jun 25 10:16:50 2010 /bin/ip addr add dev tun0 local 192.168.7.1 
peer 192.168.7.2
Fri Jun 25 10:16:50 2010 WARNING: potential route subnet conflict 
between local LAN [192.168.7.0/255.255.255.0] and remote VPN 
[192.168.7.0/255.255.255.0]
Fri Jun 25 10:16:50 2010 /bin/ip route add 192.168.7.0/24 via 192.168.7.2
RTNETLINK answers: File exists
Fri Jun 25 10:16:50 2010 ERROR: Linux route add command failed: external 
program exited with error status: 2
Fri Jun 25 10:16:50 2010 Data Channel MTU parms [ L:1542 D:1450 EF:42 
EB:135 ET:0 EL:0 AF:3/1 ]
Fri Jun 25 10:16:50 2010 Socket Buffers: R=[114688->131072] 
S=[114688->131072]
Fri Jun 25 10:16:50 2010 UDPv4 link local (bound): [undef]:1194
Fri Jun 25 10:16:50 2010 UDPv4 link remote: [undef]
Fri Jun 25 10:16:50 2010 MULTI: multi_init called, r=256 v=256
Fri Jun 25 10:16:50 2010 IFCONFIG POOL: base=192.168.7.4 size=62
Fri Jun 25 10:16:50 2010 IFCONFIG POOL LIST
Fri Jun 25 10:16:50 2010 vpnhost1,192.168.7.60
Fri Jun 25 10:16:50 2010 Initialization Sequence Completed
Fri Jun 25 10:17:04 2010 MULTI: multi_create_instance called
Fri Jun 25 10:17:04 2010 77.25.254.100:48782 Re-using SSL/TLS context
Fri Jun 25 10:17:04 2010 77.25.254.100:48782 LZO compression initialized
Fri Jun 25 10:17:04 2010 77.25.254.100:48782 Control Channel MTU parms [ 
L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Fri Jun 25 10:17:04 2010 77.25.254.100:48782 Data Channel MTU parms [ 
L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Fri Jun 25 10:17:04 2010 77.25.254.100:48782 Local Options hash 
(VER=V4): '530fdded'
Fri Jun 25 10:17:04 2010 77.25.254.100:48782 Expected Remote Options 
hash (VER=V4): '41690919'
Fri Jun 25 10:17:04 2010 77.25.254.100:48782 TLS: Initial packet from 
77.25.254.100:48782, sid=aefe61c8 c4380e9d
Fri Jun 25 10:17:06 2010 77.25.254.100:48782 VERIFY OK: depth=1, 
/C=de/ST=nrw/L=dortmund/O=top-lamp/OU=lager02/CN=isdnip/emailAddress=mleimann@top-lamp.com
Fri Jun 25 10:17:06 2010 77.25.254.100:48782 VERIFY OK: depth=0, 
/C=de/ST=nrw/L=dortmund/O=top-lamp/OU=lager02/CN=vpnhost1/emailAddress=me@myhost.mydomain
Fri Jun 25 10:17:06 2010 77.25.254.100:48782 Data Channel Encrypt: 
Cipher 'BF-CBC' initialized with 128 bit key
Fri Jun 25 10:17:06 2010 77.25.254.100:48782 Data Channel Encrypt: Using 
160 bit message hash 'SHA1' for HMAC authentication
Fri Jun 25 10:17:06 2010 77.25.254.100:48782 Data Channel Decrypt: 
Cipher 'BF-CBC' initialized with 128 bit key
Fri Jun 25 10:17:06 2010 77.25.254.100:48782 Data Channel Decrypt: Using 
160 bit message hash 'SHA1' for HMAC authentication
Fri Jun 25 10:17:06 2010 77.25.254.100:48782 Control Channel: TLSv1, 
cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Fri Jun 25 10:17:06 2010 77.25.254.100:48782 [vpnhost1] Peer Connection 
Initiated with 77.25.254.100:48782
Fri Jun 25 10:17:06 2010 vpnhost1/77.25.254.100:48782 MULTI: Learn: 
192.168.7.62 -> vpnhost1/77.25.254.100:48782
Fri Jun 25 10:17:06 2010 vpnhost1/77.25.254.100:48782 MULTI: primary 
virtual IP for vpnhost1/77.25.254.100:48782: 192.168.7.62
Fri Jun 25 10:17:09 2010 vpnhost1/77.25.254.100:48782 PUSH: Received 
control message: 'PUSH_REQUEST'
Fri Jun 25 10:17:09 2010 vpnhost1/77.25.254.100:48782 SENT CONTROL 
[vpnhost1]: 'PUSH_REPLY,route 192.168.7.0 255.255.255.0,redirect-gateway 
def1,route 192.168.7.1,topology net30,ping 10,ping-restart 120,ifconfig 
192.168.7.62 192.168.7.61' (status=1)
Fri Jun 25 10:17:09 2010 vpnhost1/77.25.254.100:48782 SENT CONTROL 
[vpnhost1]: 'PUSH_REPLY,route 192.168.7.0 255.255.255.0,redirect-gateway 
def1,route 192.168.7.1,topology net30,ping 10,ping-restart 120,ifconfig 
192.168.7.62 192.168.7.61' (status=1)
^CFri Jun 25 10:19:06 2010 event_wait : Interrupted system call (code=4)
Fri Jun 25 10:19:06 2010 TCP/UDP: Closing socket
Fri Jun 25 10:19:06 2010 Closing TUN/TAP interface
Fri Jun 25 10:19:06 2010 /bin/ip addr del dev tun0 local 192.168.7.1 
peer 192.168.7.2
Fri Jun 25 10:19:06 2010 SIGINT[hard,] received, process exiting

meine server.conf
;local a.b.c.d

port 1194

;proto tcp
proto udp

;dev tap
dev tun

;dev-node MyTap

ca ca.crt
cert server.crt
key server.key  # This file should be kept secret

dh dh1024.pem

server 192.168.7.0 255.255.255.0

ifconfig-pool-persist ipp.txt

;server-bridge 192.168.7.50 255.255.255.0 192.168.7.60 192.168.7.70
;server-bridge

push "route 192.168.7.0 255.255.255.0"
;push "route 192.168.20.0 255.255.255.0"

push "redirect-gateway def1"

;client-config-dir ccd
;route 192.168.40.128 255.255.255.248
;client-config-dir ccd
;route 10.9.0.0 255.255.255.252
;learn-address ./script

;push "redirect-gateway def1 bypass-dhcp"

;push "dhcp-option DNS 208.67.222.222"
;push "dhcp-option DNS 208.67.220.220"

;client-to-client

;duplicate-cn

keepalive 10 120

;tls-auth ta.key 0 # This file is secret

# Select a cryptographic cipher.
# This config item must be copied to
# the client config file as well.
;cipher BF-CBC        # Blowfish (default)
;cipher AES-128-CBC   # AES
;cipher DES-EDE3-CBC  # Triple-DES

comp-lzo

;max-clients 100

;user nobody
;group nobody

persist-key
persist-tun

status openvpn-status.log

;log         openvpn.log
;log-append  openvpn.log

verb 3

;mute 20

-- 
Um die Liste abzubestellen, schicken Sie eine Mail an:
    opensuse-de+unsubscribe@opensuse.org
Um eine Liste aller verfuegbaren Kommandos zu bekommen, schicken
Sie eine Mail an: opensuse-de+help@opensuse.org

Openvpn ich bekomme das routinmh nicht hin

Ralf Prengel