Oom Vpn OpenWrt

 ( bacsa81 | 2017. december 22., péntek - 8:04 )

Sziasztok,

Kalandvagybol a frissen erkezett Xiaomi Routert OpenWrt-re flasheltem. Gyonyoruen mukodik, de tobb ora szenvedes utan se tudtam mukodesre birni a OpenVpnt oom szolgaltatoval.

Neten tobb, mas vpn szolgaltatohoz tartozo leirast vegigcsinaltam, semmi se mukodott.

Mivel nem ertek OpenWrthez ezert itt kerek segitseget.
Valaki hasznal OpenWrt-t mint OpenVpn kliens?

Udv
Csaba

Hozzászólás megjelenítési lehetőségek

A választott hozzászólás megjelenítési mód a „Beállítás” gombbal rögzíthető.

Helló,
Nem használok ugyan Oom-et, de azzal a config fájlal amit ők adnak mit csinál?

config openvpn 'Oom'
    option config '/etc/openvpn/oOM_Magyarorszag.ovpn'

Kiprobalom, en a webes feluleten allitottam be a dolgokat.

Nem sok sikerrel.
Kiprobalom amint tudom.

Koszi a segitseget!

Ez nem sikerult:

root@OpenWrt:~# config openvpn 'OOMVPN'
-ash: config: not found
root@OpenWrt:~# config openvpn 'OOMVPN' option config '/etc/op
openvpn/ openwrt_version opkg/
openwrt_release opkg.conf
root@OpenWrt:~# config openvpn 'OOMVPN' option config '/etc/openvpn/oOM_Magyaror
szag.ovpn'
-ash: config: not found

Hianyzik valami?

Ezt a /etc/config/openvpn -be kellene beletenni.

---
Apple iMac 27"
áéíóöőúüű

Sikerult,

Openvpn --config paranccsal es ugy nez ki mukodik:

Fri Dec 22 11:25:29 2017 Exiting due to fatal error
root@OpenWrt:~# cd /etc/openvpn
root@OpenWrt:/etc/openvpn# openvpn --config /etc/openvpn/oOM_Magyarorszag.ovpn
Fri Dec 22 11:25:56 2017 OpenVPN 2.3.6 mipsel-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jan 31 2016
Fri Dec 22 11:25:56 2017 library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08
Enter Auth Username:
Enter Auth Password:
Fri Dec 22 11:26:05 2017 Socket Buffers: R=[87380->131072] S=[16384->131072]
Fri Dec 22 11:26:05 2017 Attempting to establish TCP connection with [AF_INET]87.229.63.15:443 [nonblock]
Fri Dec 22 11:26:06 2017 TCP connection established with [AF_INET]87.229.63.15:443
Fri Dec 22 11:26:06 2017 TCPv4_CLIENT link local: [undef]
Fri Dec 22 11:26:06 2017 TCPv4_CLIENT link remote: [AF_INET]87.229.63.15:443
Fri Dec 22 11:26:06 2017 TLS: Initial packet from [AF_INET]87.229.63.15:443, sid=10d68019 da8a8918
Fri Dec 22 11:26:06 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Dec 22 11:26:06 2017 VERIFY OK: depth=1, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, CN=Fort-Funston CA, emailAddress=me@myhost.mydomain
Fri Dec 22 11:26:06 2017 VERIFY OK: nsCertType=SERVER
Fri Dec 22 11:26:06 2017 VERIFY OK: depth=0, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, CN=server, emailAddress=me@myhost.mydomain
Fri Dec 22 11:26:07 2017 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Dec 22 11:26:07 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Dec 22 11:26:07 2017 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Dec 22 11:26:07 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Dec 22 11:26:07 2017 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Fri Dec 22 11:26:07 2017 [server] Peer Connection Initiated with [AF_INET]87.229.63.15:443
Fri Dec 22 11:26:09 2017 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Fri Dec 22 11:26:09 2017 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 8.8.8.8,route 192.168.0.1,topology net30,ping 10,ping-restart 120,ifconfig 192.168.1.182 192.168.1.181'
Fri Dec 22 11:26:09 2017 OPTIONS IMPORT: timers and/or timeouts modified
Fri Dec 22 11:26:09 2017 OPTIONS IMPORT: --ifconfig/up options modified
Fri Dec 22 11:26:09 2017 OPTIONS IMPORT: route options modified
Fri Dec 22 11:26:09 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Dec 22 11:26:09 2017 TUN/TAP device tun1 opened
Fri Dec 22 11:26:09 2017 TUN/TAP TX queue length set to 100
Fri Dec 22 11:26:09 2017 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Fri Dec 22 11:26:09 2017 /sbin/ifconfig tun1 192.168.1.182 pointopoint 192.168.1.181 mtu 1500
Fri Dec 22 11:26:09 2017 /sbin/route add -net 87.229.63.15 netmask 255.255.255.255 gw 192.168.1.1
route: SIOCADDRT: File exists
Fri Dec 22 11:26:09 2017 ERROR: Linux route add command failed: external program exited with error status: 1
Fri Dec 22 11:26:09 2017 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 192.168.1.181
route: SIOCADDRT: File exists
Fri Dec 22 11:26:09 2017 ERROR: Linux route add command failed: external program exited with error status: 1
Fri Dec 22 11:26:09 2017 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 192.168.1.181
route: SIOCADDRT: File exists
Fri Dec 22 11:26:09 2017 ERROR: Linux route add command failed: external program exited with error status: 1
Fri Dec 22 11:26:09 2017 /sbin/route add -net 192.168.0.1 netmask 255.255.255.255 gw 192.168.1.181
route: SIOCADDRT: File exists
Fri Dec 22 11:26:09 2017 ERROR: Linux route add command failed: external program exited with error status: 1
Fri Dec 22 11:26:09 2017 Initialization Sequence Completed
Fri Dec 22 11:26:14 2017 Connection reset, restarting [0]
Fri Dec 22 11:26:14 2017 SIGUSR1[soft,connection-reset] received, process restarting
Fri Dec 22 11:26:14 2017 Restart pause, 5 second(s)
Fri Dec 22 11:26:19 2017 Socket Buffers: R=[87380->131072] S=[16384->131072]
Fri Dec 22 11:26:19 2017 Attempting to establish TCP connection with [AF_INET]87.229.63.15:443 [nonblock]
Fri Dec 22 11:26:20 2017 TCP connection established with [AF_INET]87.229.63.15:443
Fri Dec 22 11:26:20 2017 TCPv4_CLIENT link local: [undef]
Fri Dec 22 11:26:20 2017 TCPv4_CLIENT link remote: [AF_INET]87.229.63.15:443
Fri Dec 22 11:26:20 2017 TLS: Initial packet from [AF_INET]87.229.63.15:443, sid=e743671e 1c0d2380
Fri Dec 22 11:26:21 2017 VERIFY OK: depth=1, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, CN=Fort-Funston CA, emailAddress=me@myhost.mydomain
Fri Dec 22 11:26:21 2017 VERIFY OK: nsCertType=SERVER
Fri Dec 22 11:26:21 2017 VERIFY OK: depth=0, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, CN=server, emailAddress=me@myhost.mydomain
Fri Dec 22 11:26:22 2017 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Dec 22 11:26:22 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Dec 22 11:26:22 2017 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Dec 22 11:26:22 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Dec 22 11:26:22 2017 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Fri Dec 22 11:26:22 2017 [server] Peer Connection Initiated with [AF_INET]87.229.63.15:443
Fri Dec 22 11:26:24 2017 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Fri Dec 22 11:26:24 2017 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 8.8.8.8,route 192.168.0.1,topology net30,ping 10,ping-restart 120,ifconfig 192.168.1.182 192.168.1.181'
Fri Dec 22 11:26:24 2017 OPTIONS IMPORT: timers and/or timeouts modified
Fri Dec 22 11:26:24 2017 OPTIONS IMPORT: --ifconfig/up options modified
Fri Dec 22 11:26:24 2017 OPTIONS IMPORT: route options modified
Fri Dec 22 11:26:24 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Dec 22 11:26:24 2017 Preserving previous TUN/TAP instance: tun1Fri Dec 22 11:26:24 2017 Initialization Sequence Completed
Fri Dec 22 11:26:30 2017 Connection reset, restarting [0]
Fri Dec 22 11:26:30 2017 SIGUSR1[soft,connection-reset] received, process restarting
Fri Dec 22 11:26:30 2017 Restart pause, 5 second(s)
Fri Dec 22 11:26:35 2017 Socket Buffers: R=[87380->131072] S=[16384->131072]
Fri Dec 22 11:26:35 2017 Attempting to establish TCP connection with [AF_INET]87.229.63.15:443 [nonblock]
Fri Dec 22 11:26:36 2017 TCP connection established with [AF_INET]87.229.63.15:443
Fri Dec 22 11:26:36 2017 TCPv4_CLIENT link local: [undef]
Fri Dec 22 11:26:36 2017 TCPv4_CLIENT link remote: [AF_INET]87.229.63.15:443
Fri Dec 22 11:26:36 2017 TLS: Initial packet from [AF_INET]87.229.63.15:443, sid=607e433c 4c2b1676
Fri Dec 22 11:26:37 2017 VERIFY OK: depth=1, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, CN=Fort-Funston CA, emailAddress=me@myhost.mydomain
Fri Dec 22 11:26:37 2017 VERIFY OK: nsCertType=SERVER
Fri Dec 22 11:26:37 2017 VERIFY OK: depth=0, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, CN=server, emailAddress=me@myhost.mydomain
Fri Dec 22 11:26:37 2017 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Dec 22 11:26:37 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Dec 22 11:26:37 2017 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Dec 22 11:26:37 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Dec 22 11:26:37 2017 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Fri Dec 22 11:26:37 2017 [server] Peer Connection Initiated with [AF_INET]87.229.63.15:443
Fri Dec 22 11:26:40 2017 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Fri Dec 22 11:26:40 2017 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 8.8.8.8,route 192.168.0.1,topology net30,ping 10,ping-restart 120,ifconfig 192.168.1.182 192.168.1.181'
Fri Dec 22 11:26:40 2017 OPTIONS IMPORT: timers and/or timeouts modified
Fri Dec 22 11:26:40 2017 OPTIONS IMPORT: --ifconfig/up options modified
Fri Dec 22 11:26:40 2017 OPTIONS IMPORT: route options modified
Fri Dec 22 11:26:40 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Dec 22 11:26:40 2017 Preserving previous TUN/TAP instance: tun1Fri Dec 22 11:26:40 2017 Initialization Sequence Completed
Fri Dec 22 11:26:45 2017 Connection reset, restarting [0]
Fri Dec 22 11:26:45 2017 SIGUSR1[soft,connection-reset] received, process restarting
Fri Dec 22 11:26:45 2017 Restart pause, 5 second(s)

Mondjuk úgy, hogy komoly előrelépés történt - de odáig nem mennék, hogy sikerült címkével ellássam.
Az ovpn alig 5-6 másodperccel a kapcsolat felépítése után azt mondja, hogy "connection reset, restarting" - és a ciklus kezdődik előröl...

igy elsore ugy tunik mintha ip utkozes lenne? ha jol latom a vpnen o 192.168.1.182 ipt akar, es a te helyi halod is 192.168.1.x-es.

abbol ugy kavar van, persze hogy restartol.

nalam elso dolog egy routernel hogy az alap 192.168.0.x (vagy .1.x)-rol atrakom valami masra. (jo random pl 192.168.143.x)

--
A vegtelen ciklus is vegeter egyszer, csak kelloen eros hardver kell hozza!

Valamit kitalalok mert most ugy van, hogy van egy Linksys ADSL router arra van a Xiaomi (OpenWRT) rakotve.

A Lynksis 192.168.1.2-51 az OpenWRT 192.168.1.101-151 IP tartomanyt kapott.

Mint ma kiderult az OpenWrt wifijen keresztul nem lehet elerni a Lynksyst es vica versa.

Ez a default beallitas mert eleteben eloszor latok OpenWRT. Van mit tanulni.

Udv
Csaba

Hello,

Webes feluleten beallitottam mindent ami a config fajlban volt a log szerint mukodik:

Fri Dec 22 15:30:17 2017 daemon.notice openvpn(OOM_VPN)[2506]: OpenVPN 2.3.6 mipsel-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jan 31 2016
Fri Dec 22 15:30:17 2017 daemon.notice openvpn(OOM_VPN)[2506]: library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08
Fri Dec 22 15:30:17 2017 daemon.notice openvpn(OOM_VPN)[2506]: Socket Buffers: R=[163840->131072] S=[163840->131072]
Fri Dec 22 15:30:18 2017 daemon.notice openvpn(OOM_VPN)[2506]: UDPv4 link local (bound): [undef]
Fri Dec 22 15:30:18 2017 daemon.notice openvpn(OOM_VPN)[2506]: UDPv4 link remote: [AF_INET]87.229.63.15:443

Fri Dec 22 15:33:22 2017 daemon.err openvpn(OOM_VPN)[2506]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Dec 22 15:33:22 2017 daemon.err openvpn(OOM_VPN)[2506]: TLS Error: TLS handshake failed

Az gaz, ha folyamatosan Out of memory hibauzeneteket kerestem a szovegben?

Csak egy kerdes...
Lehet, hogy a Linksys ADSL router nem engedi at a kapcsolatot?
Megneztem ott a DHCP listat es nincs benne az OpenWRT router.
Csaba