Tidak dapat melakukan ping gateway pada pengaturan server Tomato OpenVPN

0

Saya punya masalah mengkonfigurasi server Open VPN dari firmware tomat (v1.28.9054 MIPSR2-beta K26 USB vpn3.6) pada router WNR3500L.

Saya sudah menyiapkan server seperti itu:

enter image description here

enter image description here

Dan, saat terhubung dari klien (ubuntu 14.04). Saya mendapatkan ini di / var / log / syslog saya

Jul 30 14:08:51 thinkpad nm-openvpn[17467]: OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Feb  4 2014
Jul 30 14:08:51 thinkpad nm-openvpn[17467]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Jul 30 14:08:51 thinkpad nm-openvpn[17467]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 30 14:08:51 thinkpad nm-openvpn[17467]: ******* WARNING *******: null MAC specified, no authentication will be used
Jul 30 14:08:51 thinkpad nm-openvpn[17467]: UDPv4 link local: [undef]
Jul 30 14:08:51 thinkpad nm-openvpn[17467]: UDPv4 link remote: [AF_INET]82.239.XX.XXX:1194
Jul 30 14:08:53 thinkpad nm-openvpn[17467]: [Bob] Peer Connection Initiated with [AF_INET]82.239.XX.XXX:1194
Jul 30 14:08:55 thinkpad nm-openvpn[17467]: TUN/TAP device tun0 opened
Jul 30 14:08:55 thinkpad nm-openvpn[17467]: /usr/lib/NetworkManager/nm-openvpn-service-openvpn-helper tun0 1500 1538 10.8.0.6 10.8.0.5 init
Jul 30 14:08:55 thinkpad NetworkManager[1147]:    SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/tun0, iface: tun0)
Jul 30 14:08:55 thinkpad NetworkManager[1147]:    SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/tun0, iface: tun0): no ifupdown configuration found.
Jul 30 14:08:55 thinkpad NetworkManager[1147]: <warn> /sys/devices/virtual/net/tun0: couldn't determine device driver; ignoring...
Jul 30 14:08:55 thinkpad NetworkManager[1147]: <info> VPN connection 'home' (IP Config Get) reply received.
Jul 30 14:08:55 thinkpad NetworkManager[1147]: <info> VPN connection 'home' (IP4 Config Get) reply received.
Jul 30 14:08:55 thinkpad NetworkManager[1147]: <info> VPN Gateway: 82.239.XX.XXX
Jul 30 14:08:55 thinkpad NetworkManager[1147]: <info> Tunnel Device: tun0
Jul 30 14:08:55 thinkpad NetworkManager[1147]: <info> IPv4 configuration:
Jul 30 14:08:55 thinkpad NetworkManager[1147]: <info>   Internal Gateway: 10.8.0.5
Jul 30 14:08:55 thinkpad NetworkManager[1147]: <info>   Internal Address: 10.8.0.6
Jul 30 14:08:55 thinkpad NetworkManager[1147]: <info>   Internal Prefix: 32
Jul 30 14:08:55 thinkpad NetworkManager[1147]: <info>   Internal Point-to-Point Address: 10.8.0.5
Jul 30 14:08:55 thinkpad NetworkManager[1147]: <info>   Maximum Segment Size (MSS): 0
Jul 30 14:08:55 thinkpad NetworkManager[1147]: <info>   Static Route: 192.168.0.0/24   Next Hop: 192.168.0.0
Jul 30 14:08:55 thinkpad NetworkManager[1147]: <info>   Static Route: 10.8.0.1/32   Next Hop: 10.8.0.1
Jul 30 14:08:55 thinkpad NetworkManager[1147]: <info>   Forbid Default Route: no
Jul 30 14:08:55 thinkpad NetworkManager[1147]: <info>   Internal DNS: 192.168.0.1
Jul 30 14:08:55 thinkpad NetworkManager[1147]: <info>   DNS Domain: '(none)'
Jul 30 14:08:55 thinkpad NetworkManager[1147]: <info> No IPv6 configuration
Jul 30 14:08:55 thinkpad nm-openvpn[17467]: Initialization Sequence Completed
Jul 30 14:08:56 thinkpad NetworkManager[1147]: <info> VPN connection 'home' (IP Config Get) complete.
Jul 30 14:08:56 thinkpad NetworkManager[1147]: <info> Policy set 'home' (tun0) as default for IPv4 routing and DNS.
Jul 30 14:08:56 thinkpad NetworkManager[1147]: <info> Writing DNS information to /sbin/resolvconf
Jul 30 14:08:56 thinkpad dnsmasq[2571]: setting upstream servers from DBus
Jul 30 14:08:56 thinkpad dnsmasq[2571]: using nameserver 192.168.0.1#53

yang tampak hebat tetapi gateway yang telah saya berikan tidak merespons:

~ ping 10.8.0.5
PING 10.8.0.5 (10.8.0.5) 56(84) bytes of data.
^C
--- 10.8.0.5 ping statistics ---
32 packets transmitted, 0 received, 100% packet loss, time 31248ms

Ping 10.8.0.1 juga tidak merespons. Hanya IP saya (10.8.0.6) di jaringan yang merespons.

Jadi saya tidak punya konektivitas setelah terhubung ke VPN itu (tidak bisa melakukan ping jaringan lokal dan tidak ada akses internet)

Juga, inilah rute saya:

~  route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         10.8.0.5        0.0.0.0         UG    0      0        0 tun0
10.8.0.1        10.8.0.5        255.255.255.255 UGH   0      0        0 tun0
10.8.0.5        *               255.255.255.255 UH    0      0        0 tun0
82.239.XX.XXX   192.168.1.1     255.255.255.255 UGH   0      0        0 eth0
192.168.0.0     10.8.0.5        255.255.255.0   UG    0      0        0 tun0
192.168.1.0     *               255.255.255.0   U     1      0        0 eth0

LAN saya di rumah adalah 192.168.0.0 dan saya terhubung dari jaringan 192.168.1.0 sehingga seharusnya tidak ada konflik di sana.

Apakah ada yang salah ?

paulgreg
sumber

Jawaban:

0

Saat mencari di log router, saya telah menemukan baris ini:

Aug  1 14:14:57 tomato-router daemon.err openvpn[3785]: thinkpad/88.169.xx.xxx:53216
Authenticate/Decrypt packet error: packet HMAC authentication failed

Jadi saya mengubah konfigurasi klien HMAC dari "tidak ada" menjadi "default" yang memperbaiki masalah!

paulgreg
sumber