Contenu | Rechercher | Menus

Annonce

Si vous avez des soucis pour rester connecté, déconnectez-vous puis reconnectez-vous depuis ce lien en cochant la case
Me connecter automatiquement lors de mes prochaines visites.

À propos de l'équipe du forum.

#1 Le 04/03/2018, à 19:01

akhlan

OpenVpn entre l’Allemagne et une Freebox en France

Bonjour,

je suis actuellement en Allemagne et je tente de monter un VPN avec ma Freebox en France. Je suis sous Ubuntu 16.04 et e précise que je n'ai pas accès à la box Allemande...

Sur ma Freebox en France, j'ai activé le service VPN comme ceci (J'ai changé le port pour mettre 8080 car suite au premiers essais, je me suis dit que le port choisit par défaut était bloqué...) et créé un Utilisateur (Akhlan) avec une IP dynamique...

Paramètre VPN Freebox

J'ai ensuite créé les différents fichiers via le script

#/bin/bash
# make output file
basedir=~/.openvpn
vpnconfigdir=$basedir/$2

mkdir -p $basedir
mkdir -p $vpnconfigdir

# print Gateway
sed -n 's/remote \([^ ]\+\) [0-9]\+/passerelle: \1/p' $1

# create client config file
awk '/<ca>/{exit} {print}' $1 > $vpnconfigdir/client.ovpn

# output certificate of CA
awk '/<ca>/ {flag=1;next} /<\/ca>/{flag=0} flag {print}' $1 > $vpnconfigdir/ca.crt

# output certificate of client key
awk '/<cert>/ {flag=1;next} /<\/cert>/{flag=0} flag {print}' $1 > $vpnconfigdir/client.crt

# output client key
awk '/<key>/ {flag=1;next} /<\/key>/{flag=0} flag {print}' $1 > $vpnconfigdir/client.key

# remove rights for other
chmod -R o-rwx $vpnconfigdir/*

afin de les placer dans Ubuntu de cette façon
VPN Ubuntu

Mais ça ne fonctionne pas, voici le log...

akhlan@Ubuntu-Akhlan:~$ cat /var/log/syslog | grep VPN
Mar  4 18:55:10 Ubuntu-Akhlan gnome-session[1960]: ** Message: Cannot save connection due to error: Paramètre invalide VPN : remote
Mar  4 18:57:42 Ubuntu-Akhlan NetworkManager[954]: <info>  [1520186262.9994] audit: op="connection-activate" uuid="d40acbbb-35ce-407a-a642-a4fdb915762d" name="VPN_KidiBox" pid=2209 uid=1000 result="success"
Mar  4 18:57:43 Ubuntu-Akhlan NetworkManager[954]: <info>  [1520186263.1431] vpn-connection[0xa031c0,d40acbbb-35ce-407a-a642-a4fdb915762d,"VPN_KidiBox",0]: Started the VPN service, PID 22641
Mar  4 18:57:43 Ubuntu-Akhlan NetworkManager[954]: <info>  [1520186263.1668] vpn-connection[0xa031c0,d40acbbb-35ce-407a-a642-a4fdb915762d,"VPN_KidiBox",0]: Saw the service appear; activating connection
Mar  4 18:57:43 Ubuntu-Akhlan NetworkManager[954]: <info>  [1520186263.5337] vpn-connection[0xa031c0,d40acbbb-35ce-407a-a642-a4fdb915762d,"VPN_KidiBox",0]: VPN plugin: state changed: starting (3)
Mar  4 18:57:43 Ubuntu-Akhlan NetworkManager[954]: <info>  [1520186263.5339] vpn-connection[0xa031c0,d40acbbb-35ce-407a-a642-a4fdb915762d,"VPN_KidiBox",0]: VPN connection: (ConnectInteractive) reply received
Mar  4 18:57:43 Ubuntu-Akhlan nm-openvpn[22650]: OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017
Mar  4 18:57:43 Ubuntu-Akhlan nm-openvpn[22650]: WARNING: file '/home/akhlan/.openvpn/VPN_KidiBox/client.key' is group or others accessible
Mar  4 18:58:43 Ubuntu-Akhlan NetworkManager[954]: <warn>  [1520186323.9737] vpn-connection[0xa031c0,d40acbbb-35ce-407a-a642-a4fdb915762d,"VPN_KidiBox",0]: VPN connection: connect timeout exceeded.
Mar  4 18:58:44 Ubuntu-Akhlan NetworkManager[954]: <warn>  [1520186323.9973] vpn-connection[0xa031c0,d40acbbb-35ce-407a-a642-a4fdb915762d,"VPN_KidiBox",0]: VPN plugin: failed: connect-failed (1)
Mar  4 18:58:44 Ubuntu-Akhlan NetworkManager[954]: <info>  [1520186323.9974] vpn-connection[0xa031c0,d40acbbb-35ce-407a-a642-a4fdb915762d,"VPN_KidiBox",0]: VPN plugin: state changed: stopping (5)
Mar  4 18:58:44 Ubuntu-Akhlan NetworkManager[954]: <info>  [1520186323.9975] vpn-connection[0xa031c0,d40acbbb-35ce-407a-a642-a4fdb915762d,"VPN_KidiBox",0]: VPN plugin: state changed: stopped (6)

Qui peut m'aider ?

Question subsidiaire... Pourquoi je ne peux accéder à ma Freebox que via Firefox et pas via Chrome ?

Merci

Hors ligne

#2 Le 05/03/2018, à 18:58

droopy191

Re : OpenVpn entre l’Allemagne et une Freebox en France

Salut,

Avez vous configuré le port correctement sur le client ?
En principe dans avancé, vous pouvez indiquer le 8080 retenu.

Hors ligne

#3 Le 06/03/2018, à 20:00

akhlan

Re : OpenVpn entre l’Allemagne et une Freebox en France

Même résultat...

akhlan@Ubuntu-Akhlan:~$ cat /var/log/syslog | grep VPN
Mar  6 19:58:11 Ubuntu-Akhlan NetworkManager[926]: <info>  [1520362691.6809] audit: op="connection-activate" uuid="d40acbbb-35ce-407a-a642-a4fdb915762d" name="VPN_KidiBox" pid=2202 uid=1000 result="success"
Mar  6 19:58:12 Ubuntu-Akhlan NetworkManager[926]: <info>  [1520362692.6617] vpn-connection[0x2231200,d40acbbb-35ce-407a-a642-a4fdb915762d,"VPN_KidiBox",0]: Started the VPN service, PID 4955
Mar  6 19:58:13 Ubuntu-Akhlan NetworkManager[926]: <info>  [1520362693.1762] vpn-connection[0x2231200,d40acbbb-35ce-407a-a642-a4fdb915762d,"VPN_KidiBox",0]: Saw the service appear; activating connection
Mar  6 19:58:16 Ubuntu-Akhlan NetworkManager[926]: <info>  [1520362696.8073] vpn-connection[0x2231200,d40acbbb-35ce-407a-a642-a4fdb915762d,"VPN_KidiBox",0]: VPN plugin: state changed: starting (3)
Mar  6 19:58:16 Ubuntu-Akhlan NetworkManager[926]: <info>  [1520362696.8075] vpn-connection[0x2231200,d40acbbb-35ce-407a-a642-a4fdb915762d,"VPN_KidiBox",0]: VPN connection: (ConnectInteractive) reply received
Mar  6 19:58:17 Ubuntu-Akhlan nm-openvpn[4964]: OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017
Mar  6 19:58:17 Ubuntu-Akhlan nm-openvpn[4964]: WARNING: file '/home/akhlan/.openvpn/VPN_KidiBox/client.key' is group or others accessible
Mar  6 19:59:16 Ubuntu-Akhlan NetworkManager[926]: <warn>  [1520362756.9776] vpn-connection[0x2231200,d40acbbb-35ce-407a-a642-a4fdb915762d,"VPN_KidiBox",0]: VPN connection: connect timeout exceeded.
Mar  6 19:59:16 Ubuntu-Akhlan NetworkManager[926]: <warn>  [1520362756.9962] vpn-connection[0x2231200,d40acbbb-35ce-407a-a642-a4fdb915762d,"VPN_KidiBox",0]: VPN plugin: failed: connect-failed (1)
Mar  6 19:59:16 Ubuntu-Akhlan NetworkManager[926]: <info>  [1520362756.9981] vpn-connection[0x2231200,d40acbbb-35ce-407a-a642-a4fdb915762d,"VPN_KidiBox",0]: VPN plugin: state changed: stopping (5)
Mar  6 19:59:16 Ubuntu-Akhlan NetworkManager[926]: <info>  [1520362756.9991] vpn-connection[0x2231200,d40acbbb-35ce-407a-a642-a4fdb915762d,"VPN_KidiBox",0]: VPN plugin: state changed: stopped (6)

Hors ligne

#4 Le 07/03/2018, à 15:56

droopy191

Re : OpenVpn entre l’Allemagne et une Freebox en France

Salut,

Je ne vois rien d'évident, il faudrait démarrer le client en ligne de commande pour avoir plus de log.

Hors ligne

#5 Le 07/03/2018, à 17:41

akhlan

Re : OpenVpn entre l’Allemagne et une Freebox en France

comment faire stp ?

Hors ligne

#6 Le 07/03/2018, à 19:46

droopy191

Re : OpenVpn entre l’Allemagne et une Freebox en France

En principe,

sudo openvpn --config vpn-config.ovpn 

a modifier avec le nom et chemin de votre fichier de config.

Hors ligne

#7 Le 09/03/2018, à 15:18

akhlan

Re : OpenVpn entre l’Allemagne et une Freebox en France

sudo openvpn --config config_openvpn_routed_Akhlan.ovpn
[sudo] Mot de passe de akhlan : 
Fri Mar  9 15:11:25 2018 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017
Fri Mar  9 15:11:25 2018 library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08
Enter Auth Username: ******
Enter Auth Password: ************
Fri Mar  9 15:11:37 2018 UDPv4 link local: [undef]
Fri Mar  9 15:11:37 2018 UDPv4 link remote: [AF_INET]xx.xx.xx.xx:8080
Fri Mar  9 15:12:37 2018 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Mar  9 15:12:37 2018 TLS Error: TLS handshake failed
Fri Mar  9 15:12:37 2018 SIGUSR1[soft,tls-error] received, process restarting
Fri Mar  9 15:12:39 2018 UDPv4 link local: [undef]
Fri Mar  9 15:12:39 2018 UDPv4 link remote: [AF_INET]xx.xx.xx.xx:8080
Fri Mar  9 15:13:39 2018 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Mar  9 15:13:39 2018 TLS Error: TLS handshake failed
Fri Mar  9 15:13:39 2018 SIGUSR1[soft,tls-error] received, process restarting
Fri Mar  9 15:13:41 2018 UDPv4 link local: [undef]
Fri Mar  9 15:13:41 2018 UDPv4 link remote: [AF_INET]xx.xx.xx.xx:8080
Fri Mar  9 15:14:41 2018 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Mar  9 15:14:41 2018 TLS Error: TLS handshake failed
Fri Mar  9 15:14:41 2018 SIGUSR1[soft,tls-error] received, process restarting
Fri Mar  9 15:14:43 2018 UDPv4 link local: [undef]
Fri Mar  9 15:14:43 2018 UDPv4 link remote: [AF_INET]xx.xx.xx.xx:8080
Fri Mar  9 15:15:43 2018 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Mar  9 15:15:43 2018 TLS Error: TLS handshake failed
Fri Mar  9 15:15:43 2018 SIGUSR1[soft,tls-error] received, process restarting
Fri Mar  9 15:15:45 2018 UDPv4 link local: [undef]
Fri Mar  9 15:15:45 2018 UDPv4 link remote: [AF_INET]xx.xx.xx.xx:8080

Problème TLS....

Hors ligne

#8 Le 09/03/2018, à 16:11

droopy191

Re : OpenVpn entre l’Allemagne et une Freebox en France

Salut,

Avec plus de log, on aura peut etre plus de détails.

sudo openvpn --verb 5 --config config_openvpn_routed_Akhlan.ovpn

Dans vos logs initiaux, il y avait un warnings sur les droits de lecture de la clé

ls -l/home/akhlan/.openvpn/VPN_KidiBox/client.key

Dernière modification par droopy191 (Le 09/03/2018, à 16:12)

Hors ligne

#9 Le 10/03/2018, à 15:38

akhlan

Re : OpenVpn entre l’Allemagne et une Freebox en France

Voilà, si ça peut vous aider à me dépanner wink

Je ping bien la Freebox...

akhlan@Ubuntu-Akhlan:~/Téléchargements$ ls -l /home/akhlan/.openvpn/VPN_KidiBox/client.key
-rw-rw---- 1 akhlan akhlan 1704 févr. 27 14:11 /home/akhlan/.openvpn/VPN_KidiBox/client.key
sudo openvpn --verb 5 --config config_openvpn_routed_Akhlan.ovpn
[sudo] Mot de passe de akhlan : 
Sat Mar 10 15:30:08 2018 us=662725 Current Parameter Settings:
Sat Mar 10 15:30:08 2018 us=662842   config = 'config_openvpn_routed_Akhlan.ovpn'
Sat Mar 10 15:30:08 2018 us=662877   mode = 0
Sat Mar 10 15:30:08 2018 us=662910   persist_config = DISABLED
Sat Mar 10 15:30:08 2018 us=662941   persist_mode = 1
Sat Mar 10 15:30:08 2018 us=662971   show_ciphers = DISABLED
Sat Mar 10 15:30:08 2018 us=663000   show_digests = DISABLED
Sat Mar 10 15:30:08 2018 us=663029   show_engines = DISABLED
Sat Mar 10 15:30:08 2018 us=663058   genkey = DISABLED
Sat Mar 10 15:30:08 2018 us=663087   key_pass_file = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=663116   show_tls_ciphers = DISABLED
Sat Mar 10 15:30:08 2018 us=663151 Connection profiles [default]:
Sat Mar 10 15:30:08 2018 us=663181   proto = udp
Sat Mar 10 15:30:08 2018 us=663210   local = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=663239   local_port = 0
Sat Mar 10 15:30:08 2018 us=663267   remote = 'xxx.xxx.xxx.xxx'
Sat Mar 10 15:30:08 2018 us=663296   remote_port = 8080
Sat Mar 10 15:30:08 2018 us=663325   remote_float = DISABLED
Sat Mar 10 15:30:08 2018 us=663353   bind_defined = DISABLED
Sat Mar 10 15:30:08 2018 us=663381   bind_local = DISABLED
Sat Mar 10 15:30:08 2018 us=663410   connect_retry_seconds = 5
Sat Mar 10 15:30:08 2018 us=663439   connect_timeout = 10
Sat Mar 10 15:30:08 2018 us=663468   connect_retry_max = 0
Sat Mar 10 15:30:08 2018 us=663496   socks_proxy_server = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=663526   socks_proxy_port = 0
Sat Mar 10 15:30:08 2018 us=663554   socks_proxy_retry = DISABLED
Sat Mar 10 15:30:08 2018 us=663585   tun_mtu = 1500
Sat Mar 10 15:30:08 2018 us=663615   tun_mtu_defined = ENABLED
Sat Mar 10 15:30:08 2018 us=663645   link_mtu = 1500
Sat Mar 10 15:30:08 2018 us=663673   link_mtu_defined = DISABLED
Sat Mar 10 15:30:08 2018 us=663703   tun_mtu_extra = 0
Sat Mar 10 15:30:08 2018 us=663732   tun_mtu_extra_defined = DISABLED
Sat Mar 10 15:30:08 2018 us=663763   mtu_discover_type = -1
Sat Mar 10 15:30:08 2018 us=663794   fragment = 1452
Sat Mar 10 15:30:08 2018 us=663823   mssfix = 1452
Sat Mar 10 15:30:08 2018 us=663856   explicit_exit_notification = 3
Sat Mar 10 15:30:08 2018 us=663885 Connection profiles END
Sat Mar 10 15:30:08 2018 us=663914   remote_random = DISABLED
Sat Mar 10 15:30:08 2018 us=663943   ipchange = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=663971   dev = 'tun0'
Sat Mar 10 15:30:08 2018 us=664001   dev_type = 'tun'
Sat Mar 10 15:30:08 2018 us=664030   dev_node = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=664060   lladdr = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=664091   topology = 1
Sat Mar 10 15:30:08 2018 us=664120   tun_ipv6 = ENABLED
Sat Mar 10 15:30:08 2018 us=664149   ifconfig_local = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=664178   ifconfig_remote_netmask = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=664206   ifconfig_noexec = DISABLED
Sat Mar 10 15:30:08 2018 us=664235   ifconfig_nowarn = DISABLED
Sat Mar 10 15:30:08 2018 us=664263   ifconfig_ipv6_local = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=664292   ifconfig_ipv6_netbits = 0
Sat Mar 10 15:30:08 2018 us=664320   ifconfig_ipv6_remote = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=664349   shaper = 0
Sat Mar 10 15:30:08 2018 us=664377   mtu_test = 0
Sat Mar 10 15:30:08 2018 us=664405   mlock = DISABLED
Sat Mar 10 15:30:08 2018 us=664433   keepalive_ping = 0
Sat Mar 10 15:30:08 2018 us=664461   keepalive_timeout = 0
Sat Mar 10 15:30:08 2018 us=664490   inactivity_timeout = 0
Sat Mar 10 15:30:08 2018 us=664519   ping_send_timeout = 0
Sat Mar 10 15:30:08 2018 us=664547   ping_rec_timeout = 0
Sat Mar 10 15:30:08 2018 us=664576   ping_rec_timeout_action = 0
Sat Mar 10 15:30:08 2018 us=664604   ping_timer_remote = DISABLED
Sat Mar 10 15:30:08 2018 us=664633   remap_sigusr1 = 0
Sat Mar 10 15:30:08 2018 us=664661   persist_tun = DISABLED
Sat Mar 10 15:30:08 2018 us=664689   persist_local_ip = DISABLED
Sat Mar 10 15:30:08 2018 us=664717   persist_remote_ip = DISABLED
Sat Mar 10 15:30:08 2018 us=664745   persist_key = DISABLED
Sat Mar 10 15:30:08 2018 us=664773   passtos = DISABLED
Sat Mar 10 15:30:08 2018 us=664802   resolve_retry_seconds = 1000000000
Sat Mar 10 15:30:08 2018 us=664830   username = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=664858   groupname = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=664886   chroot_dir = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=664914   cd_dir = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=664941   writepid = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=664969   up_script = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=664997   down_script = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=665025   down_pre = DISABLED
Sat Mar 10 15:30:08 2018 us=665055   up_restart = DISABLED
Sat Mar 10 15:30:08 2018 us=665079   up_delay = DISABLED
Sat Mar 10 15:30:08 2018 us=665107   daemon = DISABLED
Sat Mar 10 15:30:08 2018 us=665136   inetd = 0
Sat Mar 10 15:30:08 2018 us=665165   log = DISABLED
Sat Mar 10 15:30:08 2018 us=665195   suppress_timestamps = DISABLED
Sat Mar 10 15:30:08 2018 us=665224   nice = 0
Sat Mar 10 15:30:08 2018 us=665253   verbosity = 5
Sat Mar 10 15:30:08 2018 us=665282   mute = 0
Sat Mar 10 15:30:08 2018 us=665310   gremlin = 0
Sat Mar 10 15:30:08 2018 us=665338   status_file = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=665367   status_file_version = 1
Sat Mar 10 15:30:08 2018 us=665395   status_file_update_freq = 60
Sat Mar 10 15:30:08 2018 us=665423   occ = ENABLED
Sat Mar 10 15:30:08 2018 us=665452   rcvbuf = 0
Sat Mar 10 15:30:08 2018 us=665480   sndbuf = 0
Sat Mar 10 15:30:08 2018 us=665560   mark = 0
Sat Mar 10 15:30:08 2018 us=665592   sockflags = 0
Sat Mar 10 15:30:08 2018 us=665620   fast_io = DISABLED
Sat Mar 10 15:30:08 2018 us=665648   lzo = 0
Sat Mar 10 15:30:08 2018 us=665676   route_script = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=665704   route_default_gateway = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=665733   route_default_metric = 0
Sat Mar 10 15:30:08 2018 us=665762   route_noexec = DISABLED
Sat Mar 10 15:30:08 2018 us=665792   route_delay = 0
Sat Mar 10 15:30:08 2018 us=665821   route_delay_window = 30
Sat Mar 10 15:30:08 2018 us=665849   route_delay_defined = DISABLED
Sat Mar 10 15:30:08 2018 us=665878   route_nopull = DISABLED
Sat Mar 10 15:30:08 2018 us=665906   route_gateway_via_dhcp = DISABLED
Sat Mar 10 15:30:08 2018 us=665935   max_routes = 100
Sat Mar 10 15:30:08 2018 us=665963   allow_pull_fqdn = DISABLED
Sat Mar 10 15:30:08 2018 us=666004   [redirect_default_gateway local=0]
Sat Mar 10 15:30:08 2018 us=666034   management_addr = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=666062   management_port = 0
Sat Mar 10 15:30:08 2018 us=666091   management_user_pass = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=666119   management_log_history_cache = 250
Sat Mar 10 15:30:08 2018 us=666149   management_echo_buffer_size = 100
Sat Mar 10 15:30:08 2018 us=666177   management_write_peer_info_file = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=666206   management_client_user = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=666235   management_client_group = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=666263   management_flags = 0
Sat Mar 10 15:30:08 2018 us=666291   shared_secret_file = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=666320   key_direction = 0
Sat Mar 10 15:30:08 2018 us=666348   ciphername_defined = ENABLED
Sat Mar 10 15:30:08 2018 us=666377   ciphername = 'AES-256-CBC'
Sat Mar 10 15:30:08 2018 us=666405   authname_defined = ENABLED
Sat Mar 10 15:30:08 2018 us=666434   authname = 'SHA1'
Sat Mar 10 15:30:08 2018 us=666463   prng_hash = 'SHA1'
Sat Mar 10 15:30:08 2018 us=666491   prng_nonce_secret_len = 16
Sat Mar 10 15:30:08 2018 us=666520   keysize = 0
Sat Mar 10 15:30:08 2018 us=666548   engine = DISABLED
Sat Mar 10 15:30:08 2018 us=666576   replay = ENABLED
Sat Mar 10 15:30:08 2018 us=666604   mute_replay_warnings = DISABLED
Sat Mar 10 15:30:08 2018 us=666633   replay_window = 64
Sat Mar 10 15:30:08 2018 us=666662   replay_time = 15
Sat Mar 10 15:30:08 2018 us=666690   packet_id_file = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=666718   use_iv = ENABLED
Sat Mar 10 15:30:08 2018 us=666747   test_crypto = DISABLED
Sat Mar 10 15:30:08 2018 us=666774   tls_server = DISABLED
Sat Mar 10 15:30:08 2018 us=666804   tls_client = ENABLED
Sat Mar 10 15:30:08 2018 us=666834   key_method = 2
Sat Mar 10 15:30:08 2018 us=666862   ca_file = '[[INLINE]]'
Sat Mar 10 15:30:08 2018 us=666891   ca_path = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=666919   dh_file = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=666948   cert_file = '[[INLINE]]'
Sat Mar 10 15:30:08 2018 us=666977   extra_certs_file = '[[INLINE]]'
Sat Mar 10 15:30:08 2018 us=667007   priv_key_file = '[[INLINE]]'
Sat Mar 10 15:30:08 2018 us=667036   pkcs12_file = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=667064   cipher_list = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=667093   tls_verify = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=667123   tls_export_cert = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=667152   verify_x509_type = 1
Sat Mar 10 15:30:08 2018 us=667181   verify_x509_name = 'C=FR, O=Freebox SA, CN=Freebox OpenVPN server d1691af3960e6a4301b7cf6d41371985'
Sat Mar 10 15:30:08 2018 us=667211   crl_file = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=667240   ns_cert_type = 0
Sat Mar 10 15:30:08 2018 us=667269   remote_cert_ku[i] = 160
Sat Mar 10 15:30:08 2018 us=667299   remote_cert_ku[i] = 136
Sat Mar 10 15:30:08 2018 us=667329   remote_cert_ku[i] = 0
Sat Mar 10 15:30:08 2018 us=667358   remote_cert_ku[i] = 0
Sat Mar 10 15:30:08 2018 us=667386   remote_cert_ku[i] = 0
Sat Mar 10 15:30:08 2018 us=667415   remote_cert_ku[i] = 0
Sat Mar 10 15:30:08 2018 us=667444   remote_cert_ku[i] = 0
Sat Mar 10 15:30:08 2018 us=667472   remote_cert_ku[i] = 0
Sat Mar 10 15:30:08 2018 us=667501   remote_cert_ku[i] = 0
Sat Mar 10 15:30:08 2018 us=667530   remote_cert_ku[i] = 0
Sat Mar 10 15:30:08 2018 us=667561   remote_cert_ku[i] = 0
Sat Mar 10 15:30:08 2018 us=667590   remote_cert_ku[i] = 0
Sat Mar 10 15:30:08 2018 us=667619   remote_cert_ku[i] = 0
Sat Mar 10 15:30:08 2018 us=667647   remote_cert_ku[i] = 0
Sat Mar 10 15:30:08 2018 us=667676   remote_cert_ku[i] = 0
Sat Mar 10 15:30:08 2018 us=667705   remote_cert_ku[i] = 0
Sat Mar 10 15:30:08 2018 us=667734   remote_cert_eku = 'TLS Web Server Authentication'
Sat Mar 10 15:30:08 2018 us=667763   ssl_flags = 0
Sat Mar 10 15:30:08 2018 us=667793   tls_timeout = 2
Sat Mar 10 15:30:08 2018 us=667822   renegotiate_bytes = 0
Sat Mar 10 15:30:08 2018 us=667851   renegotiate_packets = 0
Sat Mar 10 15:30:08 2018 us=667880   renegotiate_seconds = 3600
Sat Mar 10 15:30:08 2018 us=667909   handshake_window = 60
Sat Mar 10 15:30:08 2018 us=667938   transition_window = 3600
Sat Mar 10 15:30:08 2018 us=667966   single_session = DISABLED
Sat Mar 10 15:30:08 2018 us=667995   push_peer_info = DISABLED
Sat Mar 10 15:30:08 2018 us=668025   tls_exit = DISABLED
Sat Mar 10 15:30:08 2018 us=668054   tls_auth_file = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=668083   pkcs11_protected_authentication = DISABLED
Sat Mar 10 15:30:08 2018 us=668112   pkcs11_protected_authentication = DISABLED
Sat Mar 10 15:30:08 2018 us=668141   pkcs11_protected_authentication = DISABLED
Sat Mar 10 15:30:08 2018 us=668172   pkcs11_protected_authentication = DISABLED
Sat Mar 10 15:30:08 2018 us=668204   pkcs11_protected_authentication = DISABLED
Sat Mar 10 15:30:08 2018 us=668233   pkcs11_protected_authentication = DISABLED
Sat Mar 10 15:30:08 2018 us=668262   pkcs11_protected_authentication = DISABLED
Sat Mar 10 15:30:08 2018 us=668290   pkcs11_protected_authentication = DISABLED
Sat Mar 10 15:30:08 2018 us=668319   pkcs11_protected_authentication = DISABLED
Sat Mar 10 15:30:08 2018 us=668348   pkcs11_protected_authentication = DISABLED
Sat Mar 10 15:30:08 2018 us=668377   pkcs11_protected_authentication = DISABLED
Sat Mar 10 15:30:08 2018 us=668406   pkcs11_protected_authentication = DISABLED
Sat Mar 10 15:30:08 2018 us=668435   pkcs11_protected_authentication = DISABLED
Sat Mar 10 15:30:08 2018 us=668464   pkcs11_protected_authentication = DISABLED
Sat Mar 10 15:30:08 2018 us=668493   pkcs11_protected_authentication = DISABLED
Sat Mar 10 15:30:08 2018 us=668521   pkcs11_protected_authentication = DISABLED
Sat Mar 10 15:30:08 2018 us=668552   pkcs11_private_mode = 00000000
Sat Mar 10 15:30:08 2018 us=668582   pkcs11_private_mode = 00000000
Sat Mar 10 15:30:08 2018 us=668612   pkcs11_private_mode = 00000000
Sat Mar 10 15:30:08 2018 us=668641   pkcs11_private_mode = 00000000
Sat Mar 10 15:30:08 2018 us=668671   pkcs11_private_mode = 00000000
Sat Mar 10 15:30:08 2018 us=668701   pkcs11_private_mode = 00000000
Sat Mar 10 15:30:08 2018 us=668730   pkcs11_private_mode = 00000000
Sat Mar 10 15:30:08 2018 us=668759   pkcs11_private_mode = 00000000
Sat Mar 10 15:30:08 2018 us=668791   pkcs11_private_mode = 00000000
Sat Mar 10 15:30:08 2018 us=668821   pkcs11_private_mode = 00000000
Sat Mar 10 15:30:08 2018 us=668850   pkcs11_private_mode = 00000000
Sat Mar 10 15:30:08 2018 us=668879   pkcs11_private_mode = 00000000
Sat Mar 10 15:30:08 2018 us=668907   pkcs11_private_mode = 00000000
Sat Mar 10 15:30:08 2018 us=668936   pkcs11_private_mode = 00000000
Sat Mar 10 15:30:08 2018 us=668965   pkcs11_private_mode = 00000000
Sat Mar 10 15:30:08 2018 us=668995   pkcs11_private_mode = 00000000
Sat Mar 10 15:30:08 2018 us=669023   pkcs11_cert_private = DISABLED
Sat Mar 10 15:30:08 2018 us=669051   pkcs11_cert_private = DISABLED
Sat Mar 10 15:30:08 2018 us=669079   pkcs11_cert_private = DISABLED
Sat Mar 10 15:30:08 2018 us=669107   pkcs11_cert_private = DISABLED
Sat Mar 10 15:30:08 2018 us=669136   pkcs11_cert_private = DISABLED
Sat Mar 10 15:30:08 2018 us=669164   pkcs11_cert_private = DISABLED
Sat Mar 10 15:30:08 2018 us=669192   pkcs11_cert_private = DISABLED
Sat Mar 10 15:30:08 2018 us=669220   pkcs11_cert_private = DISABLED
Sat Mar 10 15:30:08 2018 us=669248   pkcs11_cert_private = DISABLED
Sat Mar 10 15:30:08 2018 us=669276   pkcs11_cert_private = DISABLED
Sat Mar 10 15:30:08 2018 us=669304   pkcs11_cert_private = DISABLED
Sat Mar 10 15:30:08 2018 us=669332   pkcs11_cert_private = DISABLED
Sat Mar 10 15:30:08 2018 us=669360   pkcs11_cert_private = DISABLED
Sat Mar 10 15:30:08 2018 us=669389   pkcs11_cert_private = DISABLED
Sat Mar 10 15:30:08 2018 us=669417   pkcs11_cert_private = DISABLED
Sat Mar 10 15:30:08 2018 us=669446   pkcs11_cert_private = DISABLED
Sat Mar 10 15:30:08 2018 us=669475   pkcs11_pin_cache_period = -1
Sat Mar 10 15:30:08 2018 us=669570   pkcs11_id = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=669593   pkcs11_id_management = DISABLED
Sat Mar 10 15:30:08 2018 us=669627   server_network = 0.0.0.0
Sat Mar 10 15:30:08 2018 us=669651   server_netmask = 0.0.0.0
Sat Mar 10 15:30:08 2018 us=669677   server_network_ipv6 = ::
Sat Mar 10 15:30:08 2018 us=669698   server_netbits_ipv6 = 0
Sat Mar 10 15:30:08 2018 us=669721   server_bridge_ip = 0.0.0.0
Sat Mar 10 15:30:08 2018 us=669744   server_bridge_netmask = 0.0.0.0
Sat Mar 10 15:30:08 2018 us=669767   server_bridge_pool_start = 0.0.0.0
Sat Mar 10 15:30:08 2018 us=669790   server_bridge_pool_end = 0.0.0.0
Sat Mar 10 15:30:08 2018 us=669813   ifconfig_pool_defined = DISABLED
Sat Mar 10 15:30:08 2018 us=669835   ifconfig_pool_start = 0.0.0.0
Sat Mar 10 15:30:08 2018 us=669858   ifconfig_pool_end = 0.0.0.0
Sat Mar 10 15:30:08 2018 us=669881   ifconfig_pool_netmask = 0.0.0.0
Sat Mar 10 15:30:08 2018 us=669902   ifconfig_pool_persist_filename = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=669924   ifconfig_pool_persist_refresh_freq = 600
Sat Mar 10 15:30:08 2018 us=669945   ifconfig_ipv6_pool_defined = DISABLED
Sat Mar 10 15:30:08 2018 us=669968   ifconfig_ipv6_pool_base = ::
Sat Mar 10 15:30:08 2018 us=669990   ifconfig_ipv6_pool_netbits = 0
Sat Mar 10 15:30:08 2018 us=670012   n_bcast_buf = 256
Sat Mar 10 15:30:08 2018 us=670033   tcp_queue_limit = 64
Sat Mar 10 15:30:08 2018 us=670055   real_hash_size = 256
Sat Mar 10 15:30:08 2018 us=670076   virtual_hash_size = 256
Sat Mar 10 15:30:08 2018 us=670097   client_connect_script = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=670119   learn_address_script = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=670141   client_disconnect_script = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=670163   client_config_dir = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=670184   ccd_exclusive = DISABLED
Sat Mar 10 15:30:08 2018 us=670205   tmp_dir = '/tmp'
Sat Mar 10 15:30:08 2018 us=670226   push_ifconfig_defined = DISABLED
Sat Mar 10 15:30:08 2018 us=670249   push_ifconfig_local = 0.0.0.0
Sat Mar 10 15:30:08 2018 us=670273   push_ifconfig_remote_netmask = 0.0.0.0
Sat Mar 10 15:30:08 2018 us=670294   push_ifconfig_ipv6_defined = DISABLED
Sat Mar 10 15:30:08 2018 us=670317   push_ifconfig_ipv6_local = ::/0
Sat Mar 10 15:30:08 2018 us=670340   push_ifconfig_ipv6_remote = ::
Sat Mar 10 15:30:08 2018 us=670361   enable_c2c = DISABLED
Sat Mar 10 15:30:08 2018 us=670382   duplicate_cn = DISABLED
Sat Mar 10 15:30:08 2018 us=670403   cf_max = 0
Sat Mar 10 15:30:08 2018 us=670425   cf_per = 0
Sat Mar 10 15:30:08 2018 us=670447   max_clients = 1024
Sat Mar 10 15:30:08 2018 us=670468   max_routes_per_client = 256
Sat Mar 10 15:30:08 2018 us=670489   auth_user_pass_verify_script = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=670511   auth_user_pass_verify_script_via_file = DISABLED
Sat Mar 10 15:30:08 2018 us=670532   port_share_host = '[UNDEF]'
Sat Mar 10 15:30:08 2018 us=670553   port_share_port = 0
Sat Mar 10 15:30:08 2018 us=670609   client = ENABLED
Sat Mar 10 15:30:08 2018 us=670631   pull = ENABLED
Sat Mar 10 15:30:08 2018 us=670652   auth_user_pass_file = 'stdin'
Sat Mar 10 15:30:08 2018 us=670676 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017
Sat Mar 10 15:30:08 2018 us=670709 library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08
Enter Auth Username: ******
Enter Auth Password: ************
Sat Mar 10 15:30:27 2018 us=371693 Control Channel MTU parms [ L:1561 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat Mar 10 15:30:27 2018 us=371857 Socket Buffers: R=[212992->212992] S=[212992->212992]
Sat Mar 10 15:30:27 2018 us=371908 Data Channel MTU parms [ L:1561 D:1452 EF:61 EB:12 ET:0 EL:3 ]
Sat Mar 10 15:30:27 2018 us=371943 Fragmentation MTU parms [ L:1561 D:1452 EF:61 EB:12 ET:0 EL:3 ]
Sat Mar 10 15:30:27 2018 us=372010 Local Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,mtu-dynamic,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Sat Mar 10 15:30:27 2018 us=372043 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,mtu-dynamic,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Sat Mar 10 15:30:27 2018 us=372096 Local Options hash (VER=V4): '6a09f2dd'
Sat Mar 10 15:30:27 2018 us=372145 Expected Remote Options hash (VER=V4): '7aa7c71a'
Sat Mar 10 15:30:27 2018 us=372183 UDPv4 link local: [undef]
Sat Mar 10 15:30:27 2018 us=372219 UDPv4 link remote: [AF_INET]xxx.xxx.xxx.xxx:8080
WWWWWSat Mar 10 15:31:27 2018 us=358903 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Mar 10 15:31:27 2018 us=358993 TLS Error: TLS handshake failed
Sat Mar 10 15:31:27 2018 us=359355 TCP/UDP: Closing socket
Sat Mar 10 15:31:27 2018 us=359435 SIGUSR1[soft,tls-error] received, process restarting
Sat Mar 10 15:31:27 2018 us=359481 Restart pause, 2 second(s)
Sat Mar 10 15:31:29 2018 us=360660 Control Channel MTU parms [ L:1561 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat Mar 10 15:31:29 2018 us=360817 Socket Buffers: R=[212992->212992] S=[212992->212992]
Sat Mar 10 15:31:29 2018 us=360870 Data Channel MTU parms [ L:1561 D:1452 EF:61 EB:12 ET:0 EL:3 ]
Sat Mar 10 15:31:29 2018 us=360907 Fragmentation MTU parms [ L:1561 D:1452 EF:61 EB:12 ET:0 EL:3 ]
Sat Mar 10 15:31:29 2018 us=360966 Local Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,mtu-dynamic,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Sat Mar 10 15:31:29 2018 us=361001 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,mtu-dynamic,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Sat Mar 10 15:31:29 2018 us=361060 Local Options hash (VER=V4): '6a09f2dd'
Sat Mar 10 15:31:29 2018 us=361112 Expected Remote Options hash (VER=V4): '7aa7c71a'
Sat Mar 10 15:31:29 2018 us=361150 UDPv4 link local: [undef]
Sat Mar 10 15:31:29 2018 us=361189 UDPv4 link remote: [AF_INET]xxx.xxx.xxx.xxx:8080
WWWWWSat Mar 10 15:32:29 2018 us=271085 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Mar 10 15:32:29 2018 us=271242 TLS Error: TLS handshake failed
Sat Mar 10 15:32:29 2018 us=271638 TCP/UDP: Closing socket
Sat Mar 10 15:32:29 2018 us=271747 SIGUSR1[soft,tls-error] received, process restarting
Sat Mar 10 15:32:29 2018 us=271827 Restart pause, 2 second(s)
Sat Mar 10 15:32:31 2018 us=272880 Control Channel MTU parms [ L:1561 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat Mar 10 15:32:31 2018 us=273037 Socket Buffers: R=[212992->212992] S=[212992->212992]
Sat Mar 10 15:32:31 2018 us=273086 Data Channel MTU parms [ L:1561 D:1452 EF:61 EB:12 ET:0 EL:3 ]
Sat Mar 10 15:32:31 2018 us=273118 Fragmentation MTU parms [ L:1561 D:1452 EF:61 EB:12 ET:0 EL:3 ]
Sat Mar 10 15:32:31 2018 us=273247 Local Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,mtu-dynamic,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Sat Mar 10 15:32:31 2018 us=273279 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,mtu-dynamic,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Sat Mar 10 15:32:31 2018 us=273328 Local Options hash (VER=V4): '6a09f2dd'
Sat Mar 10 15:32:31 2018 us=273407 Expected Remote Options hash (VER=V4): '7aa7c71a'
Sat Mar 10 15:32:31 2018 us=273437 UDPv4 link local: [undef]
Sat Mar 10 15:32:31 2018 us=273464 UDPv4 link remote: [AF_INET]xxx.xxx.xxx.xxx:8080
WWWWWSat Mar 10 15:33:31 2018 us=830570 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Mar 10 15:33:31 2018 us=830664 TLS Error: TLS handshake failed
Sat Mar 10 15:33:31 2018 us=830939 TCP/UDP: Closing socket
Sat Mar 10 15:33:31 2018 us=831018 SIGUSR1[soft,tls-error] received, process restarting
Sat Mar 10 15:33:31 2018 us=831063 Restart pause, 2 second(s)
Sat Mar 10 15:33:33 2018 us=832222 Control Channel MTU parms [ L:1561 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat Mar 10 15:33:33 2018 us=832394 Socket Buffers: R=[212992->212992] S=[212992->212992]
Sat Mar 10 15:33:33 2018 us=832443 Data Channel MTU parms [ L:1561 D:1452 EF:61 EB:12 ET:0 EL:3 ]
Sat Mar 10 15:33:33 2018 us=832476 Fragmentation MTU parms [ L:1561 D:1452 EF:61 EB:12 ET:0 EL:3 ]
Sat Mar 10 15:33:33 2018 us=832525 Local Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,mtu-dynamic,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Sat Mar 10 15:33:33 2018 us=832555 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1561,tun-mtu 1500,proto UDPv4,mtu-dynamic,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Sat Mar 10 15:33:33 2018 us=832608 Local Options hash (VER=V4): '6a09f2dd'
Sat Mar 10 15:33:33 2018 us=832653 Expected Remote Options hash (VER=V4): '7aa7c71a'
Sat Mar 10 15:33:33 2018 us=832687 UDPv4 link local: [undef]
Sat Mar 10 15:33:33 2018 us=832721 UDPv4 link remote: [AF_INET]xxx.xxx.xxx.xxx:8080

Hors ligne

#10 Le 10/03/2018, à 18:48

droopy191

Re : OpenVpn entre l’Allemagne et une Freebox en France

Salut,

Que donne la commande netcat suivante depuis le client ?

  nc -zuv  ip_serveur 8080

Hors ligne

#11 Le 10/03/2018, à 23:43

akhlan

Re : OpenVpn entre l’Allemagne et une Freebox en France

La commande ne retourne rien...

akhlan@Ubuntu-Akhlan:~$ sudo nc -zu xx.XX.XX.XX 8080
akhlan@Ubuntu-Akhlan:~$ 

Hors ligne

#12 Le 11/03/2018, à 08:44

droopy191

Re : OpenVpn entre l’Allemagne et une Freebox en France

avec v

nc -zuv  ip_serveur 8080

Hors ligne

#13 Le 11/03/2018, à 09:50

Zakhar

Re : OpenVpn entre l’Allemagne et une Freebox en France

C'est bien plus simple que cela !

Dans ton Freebox OS, lorsque tu crées un "client" dans les options Freebox Serveur, il te permet de télécharger le fichier de configuration openvpn.

Ce fichier de configuration openvpn marche "out of the box" sur une ubuntu, simplement avec la commande :

sudo openvpn fichier_config_freebox.freebox

C'est fait pour que TOUT ton trafic passe alors par la Freebox, c'est à dire avec une directive "redirect-gateway". Si ce n'est pas ce que tu veux, mais juste un VPN pour accéder à ta box (mon cas, pour pouvoir accéder à la box de ma mère, mais sans que TOUT le trafic passe par là), il faut alors un peu s'intéresser au contenu du fichier proposé par la freebox, et comprendre un peu les options openvpn !

Dernière modification par Zakhar (Le 11/03/2018, à 09:51)


"A computer is like air conditioning: it becomes useless when you open windows." (Linus Torvald)

Hors ligne