Jump to content
Как правильно добавить self-test и прочую отладку в тему
Где взять тестовые сборки
  • 0

OpenVPN UPD/TCP

Lahabrea

Asked by Lahabrea,

 Share

Question

Lahabrea Newbie

Lahabrea

Posted
Posted (edited)

При использовании OpenVPN через ТСР подключение проходит нормально.
При использовании подключения через UDP уходит в кончликт адресов.

Apr 19 12:58:22ndm
Network::Interface::Supplicant: "OpenVPN0": authnentication is unchanged.
Apr 19 12:58:22ndm
Network::Interface::Base: "OpenVPN0": description saved.
Apr 19 12:58:22ndm
Network::Interface::IP: "OpenVPN0": IP address cleared.
Apr 19 12:58:22ndm
Network::Interface::IP: "OpenVPN0": order is 0.
Apr 19 12:58:22ndm
Network::Interface::IP: global priority recalculated.
Apr 19 12:58:22ndm
Network::Interface::IP: "OpenVPN0": TCP-MSS adjustment enabled.
Apr 19 12:58:23ndm
Network::Interface::OpenVpn: "OpenVPN0": configuration successfully saved.
Apr 19 12:58:23ndm
Network::Interface::OpenVpn: "OpenVPN0": enable automatic routes accept via tunnel.
Apr 19 12:58:23ndm
Network::Interface::IP: "OpenVPN0": order is 0.
Apr 19 12:58:23ndm
Network::Interface::IP: global priority recalculated.
Apr 19 12:58:23ndm
Network::Interface::OpenVpn: "OpenVPN0": set connection via UsbLte0.
Apr 19 12:58:23ndm
Network::Interface::Base: "OpenVPN0": interface is up.
Apr 19 12:58:23ndm
Network::InterfaceFlusher: flushed OpenVPN0 conntrack and route cache.
Apr 19 12:58:23ndm
Network::Interface::Base: "OpenVPN0": schedule cleared.
Apr 19 12:58:23upnp
shutting down MiniUPnPd
Apr 19 12:58:23ndm
Core::Server: client disconnected.
Apr 19 12:58:23ndm
Core::ConfigurationSaver: saving configuration...
Apr 19 12:58:24ndm
Network::Interface::IP: "OpenVPN0": IP address cleared.
Apr 19 12:58:24ndm
Network::Interface::OpenVpn: "OpenVPN0": remove installed accepted routes.
Apr 19 12:58:24OpenVPN0
3168 variation(s) on previous 20 message(s) suppressed by --mute
Apr 19 12:58:24OpenVPN0
SIGTERM received, sending exit notification to peer
Apr 19 12:58:25OpenVPN0
TCP/UDP: Closing socket
Apr 19 12:58:25OpenVPN0
Closing TUN/TAP interface
Apr 19 12:58:25OpenVPN0
SIGTERM[soft,exit-with-notification] received, process exiting
Apr 19 12:58:25ndm
Core::Server: started Session /var/run/ndm.core.socket.
Apr 19 12:58:26upnp
HTTP listening on port 59066
Apr 19 12:58:26upnp
Listening for NAT-PMP/PCP traffic on port 5351
Apr 19 12:58:27ndm
Core::ConfigurationSaver: configuration saved.
Apr 19 12:58:28OpenVPN0
OpenVPN 2.4.4 [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [AEAD]
Apr 19 12:58:28OpenVPN0
library versions: OpenSSL 1.1.0h 27 Mar 2018, LZO 2.10
Apr 19 12:58:28OpenVPN0
WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
Apr 19 12:58:28OpenVPN0
LZO compression initializing
Apr 19 12:58:28OpenVPN0
Control Channel MTU parms [ L:1654 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Apr 19 12:58:28OpenVPN0
Data Channel MTU parms [ L:1654 D:1450 EF:122 EB:411 ET:32 EL:3 ]
Apr 19 12:58:28OpenVPN0
Local Options String (VER=V4): 'V4,dev-type tap,link-mtu 1590,tun-mtu 1532,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Apr 19 12:58:28OpenVPN0
Expected Remote Options String (VER=V4): 'V4,dev-type tap,link-mtu 1590,tun-mtu 1532,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Apr 19 12:58:28OpenVPN0
Socket Buffers: R=[155648->524288] S=[155648->524288]
Apr 19 12:58:28OpenVPN0
UDP link local: (not bound)
Apr 19 12:58:28OpenVPN0
UDP link remote: [AF_INET]91.105.239.11:1194
Apr 19 12:58:28OpenVPN0
NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Apr 19 12:58:28OpenVPN0
TLS: Initial packet from [AF_INET]91.105.239.11:1194, sid=f9bab5ec bbbd9830
Apr 19 12:58:28OpenVPN0
VERIFY SCRIPT OK: depth=1, C=DE, ST=Bayern, L=Gunzenhausen, O=HideME, CN=HideME CA, emailAddress=feedback@hideme.ru
Apr 19 12:58:28OpenVPN0
VERIFY OK: depth=1, C=DE, ST=Bayern, L=Gunzenhausen, O=HideME, CN=HideME CA, emailAddress=feedback@hideme.ru
Apr 19 12:58:28OpenVPN0
VERIFY OK: nsCertType=SERVER
Apr 19 12:58:28OpenVPN0
VERIFY SCRIPT OK: depth=0, C=DE, ST=Bayern, L=Gunzenhausen, O=HideME, CN=server, emailAddress=feedback@hideme.ru
Apr 19 12:58:28OpenVPN0
VERIFY OK: depth=0, C=DE, ST=Bayern, L=Gunzenhausen, O=HideME, CN=server, emailAddress=feedback@hideme.ru
Apr 19 12:58:28OpenVPN0
WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1590', remote='link-mtu 1574'
Apr 19 12:58:28OpenVPN0
WARNING: 'cipher' is used inconsistently, local='cipher AES-256-CBC', remote='cipher BF-CBC'
Apr 19 12:58:28OpenVPN0
WARNING: 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
Apr 19 12:58:28OpenVPN0
Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Apr 19 12:58:28OpenVPN0
[server] Peer Connection Initiated with [AF_INET]91.105.239.11:1194
Apr 19 12:58:28ndm
Network::Interface::OpenVpn: "OpenVPN0": added host route to remote endpoint 91.105.239.11 via 10.126.215.161.
Apr 19 12:58:30OpenVPN0
SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Apr 19 12:58:30OpenVPN0
PUSH: Received control message: 'PUSH_REPLY,route-gateway 10.121.128.1,ping 8,ping-restart 30,ifconfig 10.121.130.26 255.224.0.0,peer-id 27,cipher AES-256-GCM'
Apr 19 12:58:30OpenVPN0
OPTIONS IMPORT: timers and/or timeouts modified
Apr 19 12:58:30OpenVPN0
OPTIONS IMPORT: --ifconfig/up options modified
Apr 19 12:58:30OpenVPN0
OPTIONS IMPORT: route-related options modified
Apr 19 12:58:30OpenVPN0
OPTIONS IMPORT: peer-id set
Apr 19 12:58:30OpenVPN0
OPTIONS IMPORT: adjusting link_mtu to 1657
Apr 19 12:58:30OpenVPN0
OPTIONS IMPORT: data channel crypto options modified
Apr 19 12:58:30OpenVPN0
Data Channel: using negotiated cipher 'AES-256-GCM'
Apr 19 12:58:30OpenVPN0
Data Channel MTU parms [ L:1585 D:1450 EF:53 EB:411 ET:32 EL:3 ]
Apr 19 12:58:30OpenVPN0
Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Apr 19 12:58:30OpenVPN0
Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Apr 19 12:58:30OpenVPN0
TUN/TAP device tap0 opened
Apr 19 12:58:30OpenVPN0
TUN/TAP TX queue length set to 100
Apr 19 12:58:30OpenVPN0
do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Apr 19 12:58:30ndm
Network::Interface::IP: "OpenVPN0": network 10.96.0.0/11 conflicts with interface "UsbLte0".
Apr 19 12:58:30ndm
Network::Interface::OpenVpn: "OpenVPN0": system failed [0xcffd04fd].
Apr 19 12:58:31ndm
Network::Util::Route4: system failed [0xcffd0483], unable to modify a table: no such process.
Apr 19 12:58:31ndm
Network::RoutingTable: gateway is unreachable.
Apr 19 12:58:31ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted default route via 10.121.128.1.
Apr 19 12:58:31ndm
Network::Interface::OpenVpn: "OpenVPN0": adding nameserver 8.8.8.8.
Apr 19 12:58:31ndm
Dns::Manager: name server 8.8.8.8 added, domain (default).
Apr 19 12:58:31ndm
Network::Interface::OpenVpn: "OpenVPN0": add route to nameserver 8.8.8.8 via 0.0.0.0 (OpenVPN0).
Apr 19 12:58:31OpenVPN0
GID set to nobody
Apr 19 12:58:31OpenVPN0
UID set to nobody
Apr 19 12:58:31OpenVPN0
Initialization Sequence Completed
Apr 19 12:58:31upnp
shutting down MiniUPnPd
Apr 19 12:58:31ndm
Core::Server: client disconnected.
Apr 19 12:58:33ndm
Core::Server: started Session /var/run/ndm.core.socket.
Apr 19 12:58:33upnp
HTTP listening on port 47276
Apr 19 12:58:33upnp
Listening for NAT-PMP/PCP traffic on port 5351
Apr 19 12:58:33upnp
Failed to get ip address for interface OpenVPN0


Могу скинуть конфиг самих VPN по ТСР и UDP если нужна более полная информация.
Edited by Lahabrea
Link to comment
Share on other sites

2 answers to this question

Recommended Posts

  • 0
Le ecureuil Honored Flooder

Le ecureuil

Posted
Posted
В 4/19/2018 в 12:57, Lahabrea сказал:

При использовании OpenVPN через ТСР подключение проходит нормально.
При использовании подключения через UDP уходит в кончликт адресов.

Apr 19 12:58:22ndm
Network::Interface::Supplicant: "OpenVPN0": authnentication is unchanged.
Apr 19 12:58:22ndm
Network::Interface::Base: "OpenVPN0": description saved.
Apr 19 12:58:22ndm
Network::Interface::IP: "OpenVPN0": IP address cleared.
Apr 19 12:58:22ndm
Network::Interface::IP: "OpenVPN0": order is 0.
Apr 19 12:58:22ndm
Network::Interface::IP: global priority recalculated.
Apr 19 12:58:22ndm
Network::Interface::IP: "OpenVPN0": TCP-MSS adjustment enabled.
Apr 19 12:58:23ndm
Network::Interface::OpenVpn: "OpenVPN0": configuration successfully saved.
Apr 19 12:58:23ndm
Network::Interface::OpenVpn: "OpenVPN0": enable automatic routes accept via tunnel.
Apr 19 12:58:23ndm
Network::Interface::IP: "OpenVPN0": order is 0.
Apr 19 12:58:23ndm
Network::Interface::IP: global priority recalculated.
Apr 19 12:58:23ndm
Network::Interface::OpenVpn: "OpenVPN0": set connection via UsbLte0.
Apr 19 12:58:23ndm
Network::Interface::Base: "OpenVPN0": interface is up.
Apr 19 12:58:23ndm
Network::InterfaceFlusher: flushed OpenVPN0 conntrack and route cache.
Apr 19 12:58:23ndm
Network::Interface::Base: "OpenVPN0": schedule cleared.
Apr 19 12:58:23upnp
shutting down MiniUPnPd
Apr 19 12:58:23ndm
Core::Server: client disconnected.
Apr 19 12:58:23ndm
Core::ConfigurationSaver: saving configuration...
Apr 19 12:58:24ndm
Network::Interface::IP: "OpenVPN0": IP address cleared.
Apr 19 12:58:24ndm
Network::Interface::OpenVpn: "OpenVPN0": remove installed accepted routes.
Apr 19 12:58:24OpenVPN0
3168 variation(s) on previous 20 message(s) suppressed by --mute
Apr 19 12:58:24OpenVPN0
SIGTERM received, sending exit notification to peer
Apr 19 12:58:25OpenVPN0
TCP/UDP: Closing socket
Apr 19 12:58:25OpenVPN0
Closing TUN/TAP interface
Apr 19 12:58:25OpenVPN0
SIGTERM[soft,exit-with-notification] received, process exiting
Apr 19 12:58:25ndm
Core::Server: started Session /var/run/ndm.core.socket.
Apr 19 12:58:26upnp
HTTP listening on port 59066
Apr 19 12:58:26upnp
Listening for NAT-PMP/PCP traffic on port 5351
Apr 19 12:58:27ndm
Core::ConfigurationSaver: configuration saved.
Apr 19 12:58:28OpenVPN0
OpenVPN 2.4.4 [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [AEAD]
Apr 19 12:58:28OpenVPN0
library versions: OpenSSL 1.1.0h 27 Mar 2018, LZO 2.10
Apr 19 12:58:28OpenVPN0
WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
Apr 19 12:58:28OpenVPN0
LZO compression initializing
Apr 19 12:58:28OpenVPN0
Control Channel MTU parms [ L:1654 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Apr 19 12:58:28OpenVPN0
Data Channel MTU parms [ L:1654 D:1450 EF:122 EB:411 ET:32 EL:3 ]
Apr 19 12:58:28OpenVPN0
Local Options String (VER=V4): 'V4,dev-type tap,link-mtu 1590,tun-mtu 1532,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Apr 19 12:58:28OpenVPN0
Expected Remote Options String (VER=V4): 'V4,dev-type tap,link-mtu 1590,tun-mtu 1532,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Apr 19 12:58:28OpenVPN0
Socket Buffers: R=[155648->524288] S=[155648->524288]
Apr 19 12:58:28OpenVPN0
UDP link local: (not bound)
Apr 19 12:58:28OpenVPN0
UDP link remote: [AF_INET]91.105.239.11:1194
Apr 19 12:58:28OpenVPN0
NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Apr 19 12:58:28OpenVPN0
TLS: Initial packet from [AF_INET]91.105.239.11:1194, sid=f9bab5ec bbbd9830
Apr 19 12:58:28OpenVPN0
VERIFY SCRIPT OK: depth=1, C=DE, ST=Bayern, L=Gunzenhausen, O=HideME, CN=HideME CA, emailAddress=feedback@hideme.ru
Apr 19 12:58:28OpenVPN0
VERIFY OK: depth=1, C=DE, ST=Bayern, L=Gunzenhausen, O=HideME, CN=HideME CA, emailAddress=feedback@hideme.ru
Apr 19 12:58:28OpenVPN0
VERIFY OK: nsCertType=SERVER
Apr 19 12:58:28OpenVPN0
VERIFY SCRIPT OK: depth=0, C=DE, ST=Bayern, L=Gunzenhausen, O=HideME, CN=server, emailAddress=feedback@hideme.ru
Apr 19 12:58:28OpenVPN0
VERIFY OK: depth=0, C=DE, ST=Bayern, L=Gunzenhausen, O=HideME, CN=server, emailAddress=feedback@hideme.ru
Apr 19 12:58:28OpenVPN0
WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1590', remote='link-mtu 1574'
Apr 19 12:58:28OpenVPN0
WARNING: 'cipher' is used inconsistently, local='cipher AES-256-CBC', remote='cipher BF-CBC'
Apr 19 12:58:28OpenVPN0
WARNING: 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
Apr 19 12:58:28OpenVPN0
Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Apr 19 12:58:28OpenVPN0
[server] Peer Connection Initiated with [AF_INET]91.105.239.11:1194
Apr 19 12:58:28ndm
Network::Interface::OpenVpn: "OpenVPN0": added host route to remote endpoint 91.105.239.11 via 10.126.215.161.
Apr 19 12:58:30OpenVPN0
SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Apr 19 12:58:30OpenVPN0
PUSH: Received control message: 'PUSH_REPLY,route-gateway 10.121.128.1,ping 8,ping-restart 30,ifconfig 10.121.130.26 255.224.0.0,peer-id 27,cipher AES-256-GCM'
Apr 19 12:58:30OpenVPN0
OPTIONS IMPORT: timers and/or timeouts modified
Apr 19 12:58:30OpenVPN0
OPTIONS IMPORT: --ifconfig/up options modified
Apr 19 12:58:30OpenVPN0
OPTIONS IMPORT: route-related options modified
Apr 19 12:58:30OpenVPN0
OPTIONS IMPORT: peer-id set
Apr 19 12:58:30OpenVPN0
OPTIONS IMPORT: adjusting link_mtu to 1657
Apr 19 12:58:30OpenVPN0
OPTIONS IMPORT: data channel crypto options modified
Apr 19 12:58:30OpenVPN0
Data Channel: using negotiated cipher 'AES-256-GCM'
Apr 19 12:58:30OpenVPN0
Data Channel MTU parms [ L:1585 D:1450 EF:53 EB:411 ET:32 EL:3 ]
Apr 19 12:58:30OpenVPN0
Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Apr 19 12:58:30OpenVPN0
Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Apr 19 12:58:30OpenVPN0
TUN/TAP device tap0 opened
Apr 19 12:58:30OpenVPN0
TUN/TAP TX queue length set to 100
Apr 19 12:58:30OpenVPN0
do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Apr 19 12:58:30ndm
Network::Interface::IP: "OpenVPN0": network 10.96.0.0/11 conflicts with interface "UsbLte0".
Apr 19 12:58:30ndm
Network::Interface::OpenVpn: "OpenVPN0": system failed [0xcffd04fd].
Apr 19 12:58:31ndm
Network::Util::Route4: system failed [0xcffd0483], unable to modify a table: no such process.
Apr 19 12:58:31ndm
Network::RoutingTable: gateway is unreachable.
Apr 19 12:58:31ndm
Network::Interface::OpenVpn: "OpenVPN0": install accepted default route via 10.121.128.1.
Apr 19 12:58:31ndm
Network::Interface::OpenVpn: "OpenVPN0": adding nameserver 8.8.8.8.
Apr 19 12:58:31ndm
Dns::Manager: name server 8.8.8.8 added, domain (default).
Apr 19 12:58:31ndm
Network::Interface::OpenVpn: "OpenVPN0": add route to nameserver 8.8.8.8 via 0.0.0.0 (OpenVPN0).
Apr 19 12:58:31OpenVPN0
GID set to nobody
Apr 19 12:58:31OpenVPN0
UID set to nobody
Apr 19 12:58:31OpenVPN0
Initialization Sequence Completed
Apr 19 12:58:31upnp
shutting down MiniUPnPd
Apr 19 12:58:31ndm
Core::Server: client disconnected.
Apr 19 12:58:33ndm
Core::Server: started Session /var/run/ndm.core.socket.
Apr 19 12:58:33upnp
HTTP listening on port 47276
Apr 19 12:58:33upnp
Listening for NAT-PMP/PCP traffic on port 5351
Apr 19 12:58:33upnp
Failed to get ip address for interface OpenVPN0


Могу скинуть конфиг самих VPN по ТСР и UDP если нужна более полная информация.

Это проблема вашего модема и вашего провайдера, мы тут ничем помочь не можем.

Попробуйте разве что в настройках модема изменить выдаваемую им подсеть - йотовские свистки вроде умеют это делать.

Link to comment
Share on other sites
  • 0
Lahabrea Newbie

Lahabrea

Posted
  • Author
Posted

Да, я разобрался уже. Банально нужно было заставить свисток раздавать IP через другую подсеть.
И тем не менее спасибо за ответ.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to question listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...