[Linux-Biella] openvpn e... windows 7

leonardo buffa leonardo.buffa a bilug.linux.it
Ven 25 Giu 2010 17:36:49 CEST 

ciao
scusate la bestemmia ma un cliente purtroppo utilizza questa merdaviglia
di sistema operativo

nonostante sia sempre windows, con XP non ci sono problemi, ma con 7 ho
seguito tutte le istruzioni possibili e immaginabili che alla fine sono
tutte uguali a questa:

http://www.surfbouncer.com/Windows_7.htm

ma proprio non funziona, sembra andare, per un attimo e poi esce un
bell'errore: "connecting to BLABLABLA has failed"

infatti la VPN non funziona... 

i log del client dicono:

 Fri Jun 25 16:54:45 2010 CreateFile failed on TAP device:
\\.\Global\{532BEFD0-F055-4D65-B49B-F2F3B
Fri Jun 25 17:24:44 2010 OpenVPN 2.0.9
Win32-MinGW [SSL] [LZO] built on Oct  1 2006
Fri Jun 25 17:24:44 2010 IMPORTANT: OpenVPN's default port number is
now 1194, based on an official port number assignment by IANA.  OpenVPN
2.0-beta16 and earlier used 5000 as the default port.
Fri Jun 25 17:24:44 2010 LZO compression initialized
Fri Jun 25 17:24:44 2010 Control Channel MTU parms [ L:1542 D:138 EF:38
EB:0 ET:0 EL:0 ]
Fri Jun 25 17:24:44 2010 Data Channel MTU parms [ L:1542 D:1450 EF:42
EB:135 ET:0 EL:0 AF:3/1 ]
Fri Jun 25 17:24:44 2010 Local Options hash (VER=V4): '41690919'
Fri Jun 25 17:24:44 2010 Expected Remote Options hash (VER=V4):
'530fdded'
Fri Jun 25 17:24:44 2010 UDPv4 link local (bound): [undef]:1194
Fri Jun 25 17:24:44 2010 UDPv4 link remote: 87.25.42.133:11194
Fri Jun 25 17:24:44 2010 TLS Error: Unroutable control packet received
from 87.25.42.133:11194 (si=3 op=P_CONTROL_V1)
Fri Jun 25 17:24:44 2010 TLS: Initial packet from IPSERVER:PORTA,
sid=f09e2332 c60d442c
Fri Jun 25 17:24:45 2010 VERIFY OK:
depth=1, /BLABLABLA
Fri Jun 25 17:24:45 2010 VERIFY OK: nsCertType=SERVER
Fri Jun 25 17:24:45 2010 VERIFY OK:
depth=0, /BLABLABLA
Fri Jun 25 17:24:46 2010 TLS Error: Unroutable control packet received
from 87.25.42.133:11194 (si=3 op=P_CONTROL_V1)
Fri Jun 25 17:24:47 2010 Data Channel Encrypt: Cipher 'BF-CBC'
initialized with 128 bit key
Fri Jun 25 17:24:47 2010 Data Channel Encrypt: Using 160 bit message
hash 'SHA1' for HMAC authentication
Fri Jun 25 17:24:47 2010 Data Channel Decrypt: Cipher 'BF-CBC'
initialized with 128 bit key
Fri Jun 25 17:24:47 2010 Data Channel Decrypt: Using 160 bit message
hash 'SHA1' for HMAC authentication
Fri Jun 25 17:24:47 2010 Control Channel: TLSv1, cipher TLSv1/SSLv3
DHE-RSA-AES256-SHA, 1024 bit RSA
Fri Jun 25 17:24:47 2010 [vpn.intra] Peer Connection
Initiated with SERVER:PORTA
Fri Jun 25 17:24:48 2010 SENT CONTROL [vpn.tecnoscavi.intra]:
'PUSH_REQUEST' (status=1)
Fri Jun 25 17:24:48 2010 PUSH: Received control message:
'PUSH_REPLY,route 192.168.10.0 255.255.255.0,route 172.16.10.1,topology
net30,ping 10,ping-restart 120,ifconfig 172.16.10.6 172.16.10.5'
Fri Jun 25 17:24:48 2010 Options error: Unrecognized option or missing
parameter(s) in [PUSH-OPTIONS]:3: topology (2.0.9)
Fri Jun 25 17:24:48 2010 OPTIONS IMPORT: timers and/or timeouts modified
Fri Jun 25 17:24:48 2010 OPTIONS IMPORT: --ifconfig/up options modified
Fri Jun 25 17:24:48 2010 OPTIONS IMPORT: route options modified
Fri Jun 25 17:24:48 2010 CreateFile failed on TAP device:
\\.\Global\{532BEFD0-F055-4D65-B49B-F2F3BD19C0EB}.tap
Fri Jun 25 17:24:48 2010 All TAP-Win32 adapters on this system are
currently in use.
Fri Jun 25 17:24:48 2010 Exiting


a lato server invece non vedo nulla che mi faccia pensare un errore se
non un disconnect:

Fri Jun 25 17:24:47 2010 client2/IP:60700
SENT CONTROL [client2.tecnoscavi.intra]: 'PUSH_REPLY,route 192.168.10.0
255.255.255.0,route 172.16.10.1,topology net30,ping 10,ping-restart
120,ifconfig 172.16.10.6 172.16.10.5' (status=1)


-- 
leonardo 'LeOS' buffa - IT security specialist
human knowledge belongs to the world
------------------------------
Linux Registered User: #135079
------------------------------

Maggiori informazioni sulla lista Linux