Problem s OpenVPN po upgrade

Karel Cirman karel.cirman at aveco.com
Wed Jun 27 11:50:21 CEST 2007
Previous message: Problem s OpenVPN po upgrade
Next message: Problem s OpenVPN po upgrade
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Ahoj, já používám následující konfiguraci se dvěma OpenVPN instancemi na
FreeBSD 6.2-RELEASE (GENERIC) a vše funguje tak jak má.


> ifconfig
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=b<RXCSUM,TXCSUM,VLAN_MTU>
        inet 194.149.xxx.xxx netmask 0xfffffffc broadcast 194.149.xxx.xxx
        ether 00:11:25:ac:1d:42
        media: Ethernet autoselect (10baseT/UTP <half-duplex>)
        status: active
em1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
        options=8<VLAN_MTU>
        inet 172.16.1.101 netmask 0xffffff00 broadcast 172.16.1.255
        ether 00:0e:0c:85:62:88
        media: Ethernet autoselect (1000baseTX <full-duplex>)
        status: active
em2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=b<RXCSUM,TXCSUM,VLAN_MTU>
        inet 10.123.122.2 netmask 0xfffffffc broadcast 10.123.122.3
        inet 10.123.123.6 netmask 0xfffffff8 broadcast 10.123.123.7
        inet 10.123.123.14 netmask 0xfffffff8 broadcast 10.123.123.15
        inet 10.123.123.22 netmask 0xfffffff8 broadcast 10.123.123.23
        inet 10.123.123.30 netmask 0xfffffff8 broadcast 10.123.123.31
        ether 00:11:25:ac:1d:43
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
        inet6 ::1 prefixlen 128
        inet 127.0.0.1 netmask 0xff000000
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        ether 02:c3:57:d5:3b:5e
        priority 32768 hellotime 2 fwddelay 15 maxage 20
        member: tap1 flags=3<LEARNING,DISCOVER>
        member: tap0 flags=3<LEARNING,DISCOVER>
        member: em1 flags=3<LEARNING,DISCOVER>
tap0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
        ether 00:bd:70:7f:03:00
        Opened by PID 1360
tap1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
        ether 00:bd:5a:94:03:01
        Opened by PID 1437


Když koukám na výstup tvého ifconfig-u, tak nerozumím tomu jak máš
nakonfigurovaný ten bridge?

Karel

-----Original Message-----
From: users-l-bounces at freebsd.cz [mailto:users-l-bounces at freebsd.cz] On
Behalf Of Ciernik Tomas
Sent: Wednesday, June 27, 2007 12:16 AM
To: users-l at FreeBSD.cz
Subject: Problem s OpenVPN po upgrade

Zdravim,


po upgrade freebsd z 6.1-RELEASE na 6.2-STABLE prostrednictvom CVSup sa mi
vyskytol neprijemny problem s openvpn - klienti nie su schopni komunikovat
so serverom.


Na upresnenie - nadviazanie VPN spojenia prebehne bez problemov a klient je
schopny komunikovat so vsetkymi ostatnymi PC v lokalnej sieti. Komunikacia
nie je mozna len so serverom samotnym.


Nastavenim firewallu to nebude - nema pre vpn klientov ziadne obmedzenia.


Ak by ma niekto vedel "nakopnut" spravnym smerom, velmi by mi to pomohlo -
svoje napady (nastavenie firewallu, nastavenie routrovacej tabulky,
prekompilovanie openvpn) som uz vycerpal a na nete som nic rozumne nenasiel.


Len pre uplnost dodavam, ze som z jadra odstranil volbu (zrejme
nesuvisiacu s popisovanym problemom)

options IPFIREWALL_FORWARD_EXTENDED


plus este nejake vystupy

> netstat -r -n
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            192.168.15.120     UGS         0    28530    rl0
127.0.0.1          127.0.0.1          UH          0    16579    lo0
192.168.10         link#1             UC          0        0    re0
192.168.10.10      00:15:e9:f2:2a:ed  UHLW        1   107878    re0    860
192.168.10.255     ff:ff:ff:ff:ff:ff  UHLWb       1      271    re0
192.168.15         link#2             UC          0        0    rl0
192.168.15.120     00:4f:61:00:d4:d4  UHLW        2        0    rl0   1184


> sysctl -a | grep net.link.ether.bridge
net.link.ether.bridge.version: 031224
net.link.ether.bridge.debug: 0
net.link.ether.bridge.ipf: 0
net.link.ether.bridge.ipfw: 0
net.link.ether.bridge.copy: 0
net.link.ether.bridge.ipfw_drop: 0
net.link.ether.bridge.ipfw_collisions: 0
net.link.ether.bridge.packets: 279982
net.link.ether.bridge.dropped: 0
net.link.ether.bridge.predict: 0
net.link.ether.bridge.enable: 1
net.link.ether.bridge.config: re0,tap0
net.link.ether.bridge_ipf: 0
net.link.ether.bridge_ipfw: 0
net.link.ether.bridge_cfg: re0,tap0


> ifconfig
re0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
        options=1b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING>
        inet 192.168.10.40 netmask 0xffffff00 broadcast 192.168.10.255
        ether 00:15:e9:f2:2a:45
        media: Ethernet autoselect (1000baseTX <full-duplex>)
        status: active
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=8<VLAN_MTU>
        inet 192.168.15.40 netmask 0xffffff00 broadcast 192.168.15.255
        ether 00:50:8d:49:42:e4
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        inet 127.0.0.1 netmask 0xff000000
tap0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
        ether 00:bd:ff:1e:00:00


Dakujem za pomoc,

Tomas Ciernik

-- 
FreeBSD mailing list (users-l at freebsd.cz)
http://www.freebsd.cz/listserv/listinfo/users-l
Previous message: Problem s OpenVPN po upgrade
Next message: Problem s OpenVPN po upgrade
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Users-l mailing list