[7.470][BUG][FIXED] Site2Site Openvpn not working

Hi

I've just setup 2 asg 7.470 for using site2site OpenVPN feature...

I configured one as a server, downloaded the apc file and imported in the other one for a client openvpn... and when I activate both side I get the following screenshots:

first is on the server side, and second on the client side...

is this normal ?

also as a bonus on the client with have some unknown text ? what does this correspond to ?

thx

edit1: forgot to mention but no logs in live log for client side [:(]

Parents

0 andyk007 over 16 years ago

Hi

could you please tell me which reports the /var/log/openvpn.log of both firewalls?

greetings
Andreas
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

0 BuBU over 16 years ago in reply to andyk007

Hi

could you please tell me which reports the /var/log/openvpn.log of both firewalls?

greetings
Andreas

sure

on the server:


2009:07:16-17:17:23 asg openvpn[13687]: OpenVPN 2.1_rc13 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] built on Jul  9 2009

2009:07:16-17:17:23 asg openvpn[13687]: WARNING: using --duplicate-cn and --client-config-dir together is probably not what you want

2009:07:16-17:17:23 asg openvpn[13687]: WARNING: --ifconfig-pool-persist will not work with --duplicate-cn

2009:07:16-17:17:23 asg openvpn[13687]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2009:07:16-17:17:23 asg openvpn[13687]: TLS-Auth MTU parms [ L:1556 D:140 EF:40 EB:0 ET:0 EL:0 ]

2009:07:16-17:17:23 asg openvpn[13687]: TUN/TAP device tun0 opened

2009:07:16-17:17:23 asg openvpn[13687]: /sbin/ifconfig tun0 192.168.29.1 pointopoint 192.168.29.2 mtu 1500

2009:07:16-17:17:23 asg openvpn[13687]: /usr/bin/openvpn_updown.plx up tun0 1500 1556 192.168.29.1 192.168.29.2 init

2009:07:16-17:17:23 asg openvpn[13687]: Data Channel MTU parms [ L:1556 D:1450 EF:56 EB:135 ET:0 EL:0 AF:3/1 ]

2009:07:16-17:17:23 asg openvpn[13702]: Listening for incoming TCP connection on [undef]:443

2009:07:16-17:17:23 asg openvpn[13702]: TCPv4_SERVER link local (bound): [undef]:443

2009:07:16-17:17:23 asg openvpn[13702]: TCPv4_SERVER link remote: [undef]

2009:07:16-17:17:23 asg openvpn[13702]: Initialization Sequence Completed

on the client openvpn.log is empty [:(] (probably another bug ? [:)] )

thx

Reply

0 BuBU over 16 years ago in reply to andyk007

Hi

could you please tell me which reports the /var/log/openvpn.log of both firewalls?

greetings
Andreas

sure

on the server:


2009:07:16-17:17:23 asg openvpn[13687]: OpenVPN 2.1_rc13 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] built on Jul  9 2009

2009:07:16-17:17:23 asg openvpn[13687]: WARNING: using --duplicate-cn and --client-config-dir together is probably not what you want

2009:07:16-17:17:23 asg openvpn[13687]: WARNING: --ifconfig-pool-persist will not work with --duplicate-cn

2009:07:16-17:17:23 asg openvpn[13687]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2009:07:16-17:17:23 asg openvpn[13687]: TLS-Auth MTU parms [ L:1556 D:140 EF:40 EB:0 ET:0 EL:0 ]

2009:07:16-17:17:23 asg openvpn[13687]: TUN/TAP device tun0 opened

2009:07:16-17:17:23 asg openvpn[13687]: /sbin/ifconfig tun0 192.168.29.1 pointopoint 192.168.29.2 mtu 1500

2009:07:16-17:17:23 asg openvpn[13687]: /usr/bin/openvpn_updown.plx up tun0 1500 1556 192.168.29.1 192.168.29.2 init

2009:07:16-17:17:23 asg openvpn[13687]: Data Channel MTU parms [ L:1556 D:1450 EF:56 EB:135 ET:0 EL:0 AF:3/1 ]

2009:07:16-17:17:23 asg openvpn[13702]: Listening for incoming TCP connection on [undef]:443

2009:07:16-17:17:23 asg openvpn[13702]: TCPv4_SERVER link local (bound): [undef]:443

2009:07:16-17:17:23 asg openvpn[13702]: TCPv4_SERVER link remote: [undef]

2009:07:16-17:17:23 asg openvpn[13702]: Initialization Sequence Completed

on the client openvpn.log is empty [:(] (probably another bug ? [:)] )

thx

Children

0 BuBU over 16 years ago in reply to BuBU

seems the client file for my vpn is not generated ?


asg470:/var/sec/chroot-openvpn/etc/openvpn/client # dir

total 4

-rwxr-xr-x 1 root root 705 Jun 24 14:04 config-default

asg470:/var/sec/chroot-openvpn/etc/openvpn/client #

thx

0 BuBU over 16 years ago in reply to BuBU
On my asg 7.403 I can import the same apc file and the client config get created and is working:

asg:/var/sec/chroot-openvpn/etc/openvpn/client # ls -l
total 8
drwxr-xr-x 2 root root 4096 Jul 16 17:44 REF_HCNceOkjNa
-rwxr-xr-x 1 root root 708 Dec 9 2008 config-default

so seems to be a problem with 7.470 which does not create the required client configs...

thx
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel