[FUG-BR] OpenVPN - Não pinga o servidor
mantunes
mantunes.listas em gmail.com
Segunda Agosto 24 10:34:26 BRT 2009
explicando melhor
a rota é essa.
172.24.25.0 255.255.255.0 192.168.25.5 192.168.25.6 1
2009/8/24 mantunes <mantunes.listas at gmail.com>:
> Creio que falta alguma coisa.. a conexão é estabelecida ?
> ele atribui o ip ao cliente ? ele tem que atribuir assim.
>
> Adaptador Ethernet TAP:
>
> Sufixo DNS específico de conexão . :
> Descrição . . . . . . . . . . . . . : TAP-Win32 Adapter V9 #2
> Endereço físico . . . . . . . . . . : 00-FF-E7-FF-EE-33
> DHCP ativado. . . . . . . . . . . . : Sim
> Configuração automática ativada . . : Sim
> Endereço IP . . . . . . . . . . . . : 192.168.25.6
> Máscara de sub-rede . . . . . . . . : 255.255.255.252
> Gateway padrão. . . . . . . . . . . :
> Servidor DHCP . . . . . . . . . . . : 192.168.25.5
> Concessão obtida. . . . . . . . . . : 24 de agosto de 2009 10:30:31
> Concessão expira. . . . . . . . . . : 24 de agosto de 2010 10:30:31
>
> aqui é rotas.
>
>
> Endere‡o de rede M scara Ender. gateway Interface Custo
> 0.0.0.0 0.0.0.0 10.30.180.1 10.30.180.53 20
> 10.30.180.0 255.255.255.0 10.30.180.53 10.30.180.53 20
> 10.30.180.53 255.255.255.255 127.0.0.1 127.0.0.1 20
> 10.255.255.255 255.255.255.255 10.30.180.53 10.30.180.53 20
> 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
> 172.24.25.0 255.255.255.0 192.168.25.5 192.168.25.6
> 1 <===== ROTA ATRIBUIDA PELO OPENVPN.
> 192.168.25.1 255.255.255.255 192.168.25.5 192.168.25.6 1
> 192.168.25.4 255.255.255.252 192.168.25.6 192.168.25.6 30
> 192.168.25.6 255.255.255.255 127.0.0.1 127.0.0.1 30
> 192.168.25.255 255.255.255.255 192.168.25.6 192.168.25.6 30
> 224.0.0.0 240.0.0.0 10.30.180.53 10.30.180.53 20
> 224.0.0.0 240.0.0.0 192.168.25.6 192.168.25.6 30
> 255.255.255.255 255.255.255.255 10.30.180.53 4 1
> 255.255.255.255 255.255.255.255 10.30.180.53 10.30.180.53 1
> 255.255.255.255 255.255.255.255 192.168.25.6 192.168.25.6 1
>
>
> 2009/8/24 Bruno Oliveira <brnolvr84 at gmail.com>:
>> Matheus Weber,
>>
>> O servidor é uma máquina FreeBSD 7.1 virtualizada com VMware
>> Workstation utilizando bridge, ou seja, o servidor (Windows 2003) tem
>> IP na rede 192.168.7.0 e o servidor virtual (FreeBSD) tem o IP na rede
>> 10.0.0.0. O gateway (CentOS) de rede responde na rede interna e na
>> rede desta máquina, por meio de um alias na placa de rede, essa
>> configuração está correta, internamente tudo funciona.
>>
>> O cliente de conexão é uma máquina virtual (Windows 2003) em minha
>> estação de trabalho, conectado com internet 3G Oi.
>>
>> Estou utilizando o cliente em uma máquina virtual para realizar o
>> teste no S.O. usado no cliente. No caso do servidor virtual (FreeBSD)
>> é porque quero levar os funcionários de TI da empresa a sairem do
>> Windows, utilizando pelo menos os servidores UNIX. Se o teste tiver
>> sucesso, terie o primeiro servidor da empresa a usar FreeBSD.
>>
>> Atenciosamente,
>> Bruno Henrique de Oliveira.
>>
>>
>> 2009/8/21 Matheus Weber da Conceição <matheuswcon at gmail.com>:
>>> Tenta usar uma rede diferente para os clientes VPN..
>>>
>>> por exemplo, o servidor está na 192.168.1.0 e rede da VPN usa 192.168.5.0..
>>>
>>> Outra coisa.. verifica em que rede está o cliente.. se tiver igual a
>>> rede da VPN vai dar conflito e não vai pingar mesmo...
>>>
>>> 2009/8/21 Bruno Oliveira <brnolvr84 at gmail.com>:
>>>> Coloque, porém não resolveu, continua sem pingar.
>>>>
>>>> 2009/8/21 mantunes <mantunes.listas at gmail.com>:
>>>>> coloque no server.conf
>>>>>
>>>>>
>>>>> dev tun
>>>>>> port 1194
>>>>>> proto udp
>>>>>> server 10.0.0.0 255.255.255.0
>>>>> push "route <sua rede>"
>>>>>> ifconfig-pool-persist ipp.txt
>>>>>> ca /usr/local/etc/openvpn/easy-rsa/keys/ca.crt
>>>>>> cert /usr/local/etc/openvpn/easy-rsa/keys/probhcdp01.crt
>>>>>> key /usr/local/etc/openvpn/easy-rsa/keys/probhcdp01.key
>>>>>> dh /usr/local/etc/openvpn/easy-rsa/keys/dh1024.pem
>>>>>> comp-lzo
>>>>>> ping-timer-rem
>>>>>> persist-tun
>>>>>> persist-key
>>>>>> group nobody
>>>>>> daemon
>>>>>> mute 5
>>>>>
>>>>>
>>>>> exemplo :
>>>>> push "route 172.31.1.48 255.255.255.248"
>>>>> é minha rede local.
>>>>>
>>>>> 2009/8/21 Bruno Oliveira <brnolvr84 at gmail.com>:
>>>>>> Informações sobre a configuração
>>>>>>
>>>>>> Saída do comando "route print" no cliente VPN:
>>>>>>
>>>>>> Tabela de rotas IPv4
>>>>>> ===========================================================================
>>>>>> Lista de interfaces
>>>>>> 0x1 ........................... MS TCP Loopback interface
>>>>>> 0x150005 ...00 0c 29 b4 81 70 ...... Intel(R) PRO/1000 MT Network Connection
>>>>>> 0x170003 ...00 ff 00 ab a7 21 ...... TAP-Win32 Adapter V9
>>>>>> 0x1e0004 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
>>>>>> ===========================================================================
>>>>>> ===========================================================================
>>>>>> Rotas ativas:
>>>>>> Endere‡o de rede M scara Ender. gateway Interface Custo
>>>>>> 0.0.0.0 0.0.0.0 187.42.24.46 187.42.24.46 1
>>>>>> 10.0.0.1 255.255.255.255 10.0.0.5 10.0.0.6 1
>>>>>> 10.0.0.4 255.255.255.252 10.0.0.6 10.0.0.6 30
>>>>>> 10.0.0.6 255.255.255.255 127.0.0.1 127.0.0.1 30
>>>>>> 10.255.255.255 255.255.255.255 10.0.0.6 10.0.0.6 30
>>>>>> 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
>>>>>> 187.42.24.46 255.255.255.255 127.0.0.1 127.0.0.1 50
>>>>>> 187.42.255.255 255.255.255.255 187.42.24.46 187.42.24.46 50
>>>>>> 192.168.7.0 255.255.255.0 192.168.7.100 192.168.7.100 10
>>>>>> 192.168.7.100 255.255.255.255 127.0.0.1 127.0.0.1 10
>>>>>> 192.168.7.255 255.255.255.255 192.168.7.100 192.168.7.100 10
>>>>>> 224.0.0.0 240.0.0.0 10.0.0.6 10.0.0.6 30
>>>>>> 224.0.0.0 240.0.0.0 192.168.7.100 192.168.7.100 10
>>>>>> 224.0.0.0 240.0.0.0 187.42.24.46 187.42.24.46 1
>>>>>> 255.255.255.255 255.255.255.255 10.0.0.6 10.0.0.6 1
>>>>>> 255.255.255.255 255.255.255.255 187.42.24.46 187.42.24.46 1
>>>>>> 255.255.255.255 255.255.255.255 192.168.7.100 192.168.7.100 1
>>>>>> Gateway padrÆo: 187.42.24.46
>>>>>> ===========================================================================
>>>>>> Rotas persistentes:
>>>>>> Nenhuma
>>>>>>
>>>>>> Configuração VPN do cliente:
>>>>>>
>>>>>> client
>>>>>> remote nomedoservidor 1194
>>>>>> dev tun
>>>>>> comp-lzo
>>>>>> ca ca.crt
>>>>>> cert probhcdp02.crt
>>>>>> key probhcdp02.key
>>>>>> group nobody
>>>>>> verb 3
>>>>>> mute-replay-warnings
>>>>>> mute 20
>>>>>>
>>>>>> Configuração do servidor:
>>>>>>
>>>>>> dev tun
>>>>>> port 1194
>>>>>> proto udp
>>>>>> server 10.0.0.0 255.255.255.0
>>>>>> ifconfig-pool-persist ipp.txt
>>>>>> ca /usr/local/etc/openvpn/easy-rsa/keys/ca.crt
>>>>>> cert /usr/local/etc/openvpn/easy-rsa/keys/probhcdp01.crt
>>>>>> key /usr/local/etc/openvpn/easy-rsa/keys/probhcdp01.key
>>>>>> dh /usr/local/etc/openvpn/easy-rsa/keys/dh1024.pem
>>>>>> comp-lzo
>>>>>> ping-timer-rem
>>>>>> persist-tun
>>>>>> persist-key
>>>>>> group nobody
>>>>>> daemon
>>>>>> mute 5
>>>>>>
>>>>>> Desde já agradeço.
>>>>>>
>>>>>> Atenciosamente,
>>>>>> Bruno Henrique de Oliveira
>>>>>>
>>>>>> 2009/8/21 mantunes <mantunes.listas at gmail.com>
>>>>>>
>>>>>>>
>>>>>>> Não..
>>>>>>> ele pega mesmo a mascara 255.255.255.252
>>>>>>> manda o seu .conf aqui para lista.. veja se no windows
>>>>>>> 2003 ele pegou as rotas (comando route print)
>>>>>>>
>>>>>>>
>>>>>>> 2009/8/21 Bruno Oliveira <brnolvr84 at gmail.com>:
>>>>>>>
>>>>>>> > Boa tarde,
>>>>>>> >
>>>>>>> > Seguindo o tutorial¹ coloquei um servidor OpenVPN no FreeBSD 7.1 e
>>>>>>> > configurei um cliente no Windows Server 2003, ambos com os firewalls
>>>>>>> > desativados. O gateway redireciona a porta do OpenVPN via nat.
>>>>>>> > A situação atual é:
>>>>>>> > - Cliente Windows Server 2003 conectando no servidor FreeBSD;
>>>>>>> > - O IP do servidor VPN é 10.0.0.1/255.255.255.0;
>>>>>>> > - O IP que o cliente VPN está adquirindo é 10.0.0.6/255.255.255.252.
>>>>>>> >
>>>>>>> > O cliente VPN não pinga o servidor VPN e se não estou errado o cliente
>>>>>>> > deveria pegar a máscara 255.255.255.255. O que poderia ser?
>>>>>>> >
>>>>>>> > Desde já agradeço.
>>>>>>> >
>>>>>>> > Atenciosamente,
>>>>>>> > Bruno Henrique de Oliveira.
>>>>>>> >
>>>>>>> > ¹http://www.fug.com.br/content/view/173/60/
>>>>>>>
>>>>>>> > -------------------------
>>>>>>> > Histórico: http://www.fug.com.br/historico/html/freebsd/
>>>>>>> > Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>>>>>> >
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Marcio Antunes
>>>>>>> Powered by FreeBSD
>>>>>>> ==================================
>>>>>>> * Windows: "Where do you want to go tomorrow?"
>>>>>>> * Linux: "Where do you want to go today?"
>>>>>>> * FreeBSD: "Are you, guys, comming or what?"
>>>>>>> -------------------------
>>>>>>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>>>>>>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>>>>>>
>>>>>> -------------------------
>>>>>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>>>>>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Marcio Antunes
>>>>> Powered by FreeBSD
>>>>> ==================================
>>>>> * Windows: "Where do you want to go tomorrow?"
>>>>> * Linux: "Where do you want to go today?"
>>>>> * FreeBSD: "Are you, guys, comming or what?"
>>>>> -------------------------
>>>>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>>>>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>>>>
>>>> -------------------------
>>>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>>>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>>>
>>>
>>>
>>>
>>> --
>>> ============================
>>> Matheus Weber da Conceição
>>> -------------------------
>>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>>
>> -------------------------
>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>
>
>
>
> --
> Marcio Antunes
> Powered by FreeBSD
> ==================================
> * Windows: "Where do you want to go tomorrow?"
> * Linux: "Where do you want to go today?"
> * FreeBSD: "Are you, guys, comming or what?"
>
--
Marcio Antunes
Powered by FreeBSD
==================================
* Windows: "Where do you want to go tomorrow?"
* Linux: "Where do you want to go today?"
* FreeBSD: "Are you, guys, comming or what?"
Mais detalhes sobre a lista de discussão freebsd