From: Alexander Volkov <alt@vladregion.ru>
To: sysadmins@lists.altlinux.org
Subject: Re: [Sysadmins] openvpn client network
Date: Tue, 4 Apr 2006 12:12:03 +0400
Message-ID: <20060404081202.GD28283@vladregion.ru> (raw)
In-Reply-To: <20060404113855.0b858867@naf177.naf.net.ru>
On 2006-04-04 11:38:55 +0400, Nikolay A. Fetisov wrote:
NAF> Надо бы проверить, использовал ли сервер файл с настройками клиента из
NAF> ccd. В логах должна быть строка вида:
NAF> OPTIONS IMPORT: reading client specific options from: ccd/XXX
а вот этого нет :( Есть вот что (после проверок ключей)
..
Sun Apr 2 19:01:09 2006 us=409683 81.18.136.53:1025 [luna] Peer
Connection Initiated with 81.18.136.53:1025
Sun Apr 2 19:01:09 2006 us=410020 luna/81.18.136.53:1025 MULTI: Learn:
10.8.0.14 -> luna/81.18.136.53:1025
Sun Apr 2 19:01:09 2006 us=410115 luna/81.18.136.53:1025 MULTI: primary
virtual IP for luna/81.18.136.53:1025: 10.8.0.14
Sun Apr 2 19:01:10 2006 us=452250 luna/81.18.136.53:1025 PUSH: Received
control message: 'PUSH_REQUEST'
Sun Apr 2 19:01:10 2006 us=452558 luna/81.18.136.53:1025 SENT CONTROL
[luna]: 'PUSH_REPLY,route 192.168.2.0 255.255.255.128,dhcp-option DNS 192.168.2.32,dhcp-option WINS
192.168.2.32,route 10.8.0.1,ping 30
,ping-restart 120,ifconfig 10.8.0.14 10.8.0.13' (status=1)
Sun Apr 2 19:01:10 2006 us=795691 luna/81.18.136.53:1025 MULTI: bad
source address from client [192.168.2.139], packet dropped
NAF> В ccd/XXX нужна строка
NAF> iroute 192.168.2.0 255.255.255.0
там iroute 192.168.2.136 255.255.255.248
NAF> В основном файле конфигурации сервера должно присутствовать
NAF> route 192.168.2.0 255.255.255.0
наличествует, только у меня маска укорочена в основной сети до 128.
В логе:
Sun Apr 2 18:32:02 2006 us=909916 ip route add 192.168.2.136/29 via 10.8.0.2
NAF> Более подробно есть в http://openvpn.net/howto.html#scope , часть
NAF> "Including multiple machines on the client side when using a routed VPN
NAF> (dev tun)".
да, эт всё изучено от корки до корки. Такое впечатление, что не берется
файл ccd/luna
--
Regards, Alexander
next prev parent reply other threads:[~2006-04-04 8:12 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-04-03 12:46 Alexander Volkov
2006-04-03 20:15 ` Nikolay A. Fetisov
2006-04-04 5:08 ` Alexander Volkov
2006-04-04 5:44 ` Nikolay A. Fetisov
2006-04-04 6:09 ` Alexander Volkov
2006-04-04 6:17 ` Alexander Volkov
2006-04-04 7:38 ` Nikolay A. Fetisov
2006-04-04 8:12 ` Alexander Volkov [this message]
2006-04-04 8:50 ` Nikolay A. Fetisov
2006-04-04 12:16 ` [Sysadmins] SUMMARY: Re: openvpn client network - Alexander Volkov
2006-04-04 12:59 ` Michael Shigorin
2006-04-04 13:33 ` Alexander Volkov
2006-04-04 8:31 ` [Sysadmins] openvpn client network Alexander Volkov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20060404081202.GD28283@vladregion.ru \
--to=alt@vladregion.ru \
--cc=sysadmins@lists.altlinux.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
ALT Linux sysadmins discussion
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/sysadmins/0 sysadmins/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 sysadmins sysadmins/ http://lore.altlinux.org/sysadmins \
sysadmins@lists.altlinux.org sysadmins@lists.altlinux.ru sysadmins@lists.altlinux.com
public-inbox-index sysadmins
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.sysadmins
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git