« Serveur OpenVPN » : différence entre les versions

Aller à la navigation Aller à la recherche

Serveur OpenVPN (voir la source)

Version du 18 mai 2011 à 13:41

48 octets ajoutés ,  il y a 14 ans
m
→‎Tests
Ligne 313 : Ligne 313 :
  # openvpn client1.conf
  # openvpn client1.conf


Wed May 18 15:47:31 2011 OpenVPN 2.1.3 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Oct 21 2010 Wed May 18 15:47:31 2011 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info. Wed May 18 15:47:31 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Wed May 18 15:47:31 2011 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted> Wed May 18 15:47:31 2011 LZO compression initialized Wed May 18 15:47:31 2011 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] Wed May 18 15:47:31 2011 Socket Buffers: R=[112640->131072] S=[112640->131072] Wed May 18 15:47:31 2011 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Wed May 18 15:47:31 2011 Local Options hash (VER=V4): '41690919' Wed May 18 15:47:31 2011 Expected Remote Options hash (VER=V4): '530fdded' Wed May 18 15:47:31 2011 UDPv4 link local: [undef] Wed May 18 15:47:31 2011 UDPv4 link remote: [AF_INET]41.188.26.122:1194 Wed May 18 15:47:32 2011 TLS: Initial packet from [AF_INET]41.188.26.122:1194, sid=c1e74ce6 3d6cd1b4 Wed May 18 15:47:34 2011 VERIFY OK: depth=1, /C=MG/ST=IH/L=quelquepart/O=SHI/CN=SHI_CA/emailAddress=admin@domaine.org Wed May 18 15:47:34 2011 VERIFY OK: depth=0, /C=MG/ST=IH/L=quelquepart/O=SHI/CN=server/emailAddress=admin@domaine.org Wed May 18 15:47:39 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Wed May 18 15:47:39 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Wed May 18 15:47:39 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Wed May 18 15:47:39 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Wed May 18 15:47:39 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Wed May 18 15:47:39 2011 [server] Peer Connection Initiated with [AF_INET]41.188.26.122:1194 Wed May 18 15:47:41 2011 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) Wed May 18 15:47:42 2011 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,route 10.9.8.0 255.255.252.0,dhcp-option DNS 10.8.0.1,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' Wed May 18 15:47:42 2011 OPTIONS IMPORT: timers and/or timeouts modified Wed May 18 15:47:42 2011 OPTIONS IMPORT: --ifconfig/up options modified Wed May 18 15:47:42 2011 OPTIONS IMPORT: route options modified Wed May 18 15:47:42 2011 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Wed May 18 15:47:42 2011 ROUTE: default_gateway=UNDEF Wed May 18 15:47:42 2011 TUN/TAP device tun0 opened Wed May 18 15:47:42 2011 TUN/TAP TX queue length set to 100 Wed May 18 15:47:42 2011 /sbin/ifconfig tun0 10.8.0.6 pointopoint 10.8.0.5 mtu 1500 Wed May 18 15:47:42 2011 NOTE: unable to redirect default gateway -- Cannot read current default gateway from system Wed May 18 15:47:42 2011 /sbin/route add -net 10.9.8.0 netmask 255.255.252.0 gw 10.8.0.5 Wed May 18 15:47:42 2011 /sbin/route add -net 10.8.0.1 netmask 255.255.255.255 gw 10.8.0.5 Wed May 18 15:47:42 2011 Initialization Sequence Completed
<pre style="width:1000px;overflow:auto;">
Wed May 18 15:47:31 2011 OpenVPN 2.1.3 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Oct 21 2010
Wed May 18 15:47:31 2011 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Wed May 18 15:47:31 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Wed May 18 15:47:31 2011 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Wed May 18 15:47:31 2011 LZO compression initialized
Wed May 18 15:47:31 2011 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed May 18 15:47:31 2011 Socket Buffers: R=[112640->131072] S=[112640->131072]
Wed May 18 15:47:31 2011 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed May 18 15:47:31 2011 Local Options hash (VER=V4): '41690919'
Wed May 18 15:47:31 2011 Expected Remote Options hash (VER=V4): '530fdded'
Wed May 18 15:47:31 2011 UDPv4 link local: [undef]
Wed May 18 15:47:31 2011 UDPv4 link remote: [AF_INET]41.188.26.122:1194
Wed May 18 15:47:32 2011 TLS: Initial packet from [AF_INET]41.188.26.122:1194, sid=c1e74ce6 3d6cd1b4
Wed May 18 15:47:34 2011 VERIFY OK: depth=1, /C=MG/ST=IH/L=quelquepart/O=SHI/CN=SHI_CA/emailAddress=admin@domaine.org
Wed May 18 15:47:34 2011 VERIFY OK: depth=0, /C=MG/ST=IH/L=quelquepart/O=SHI/CN=server/emailAddress=admin@domaine.org
Wed May 18 15:47:39 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed May 18 15:47:39 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed May 18 15:47:39 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed May 18 15:47:39 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed May 18 15:47:39 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Wed May 18 15:47:39 2011 [server] Peer Connection Initiated with [AF_INET]41.188.26.122:1194
Wed May 18 15:47:41 2011 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Wed May 18 15:47:42 2011 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,route 10.9.8.0 255.255.252.0,dhcp-option DNS 10.8.0.1,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Wed May 18 15:47:42 2011 OPTIONS IMPORT: timers and/or timeouts modified
Wed May 18 15:47:42 2011 OPTIONS IMPORT: --ifconfig/up options modified
Wed May 18 15:47:42 2011 OPTIONS IMPORT: route options modified
Wed May 18 15:47:42 2011 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed May 18 15:47:42 2011 ROUTE: default_gateway=UNDEF
Wed May 18 15:47:42 2011 TUN/TAP device tun0 opened
Wed May 18 15:47:42 2011 TUN/TAP TX queue length set to 100
Wed May 18 15:47:42 2011 /sbin/ifconfig tun0 10.8.0.6 pointopoint 10.8.0.5 mtu 1500
Wed May 18 15:47:42 2011 NOTE: unable to redirect default gateway -- Cannot read current default gateway from system
Wed May 18 15:47:42 2011 /sbin/route add -net 10.9.8.0 netmask 255.255.252.0 gw 10.8.0.5
Wed May 18 15:47:42 2011 /sbin/route add -net 10.8.0.1 netmask 255.255.255.255 gw 10.8.0.5
Wed May 18 15:47:42 2011 Initialization Sequence Completed
</pre>


A ce moment là vous devez être capable, depuis le serveur de "pinguer" le client, et depuis le client de pinguer le serveur et les autres machines du sous-réseau.
A ce moment là vous devez être capable, depuis le serveur de "pinguer" le client, et depuis le client de pinguer le serveur et les autres machines du sous-réseau.
Lol
Administrators, autoreview, Vérificateurs d’utilisateurs, checkuser-log, editor, reviewer, usersnoop
3 321

modifications

Récupérée de « https://forum-debian.fr/wiki/Spécial:MobileDiff/2988 »

Menu de navigation