heru nugroho
Beginner 2.0
Dear Penghuni DWH tolong bantu saya.
Saya habis install server openvpn setelah itu saya coba buat koneksi dari client tapi masalahnya malah stuck di
"MANAGEMENT: >STATE:1392997601,WAIT,,," .setelah itu langsung "Connection reset, restarting [0]".
ini saya lampirin config server, client dan iptablesnya... mohon dibantu
Server Config
Client Config
Tambahan
Log Client
Saya habis install server openvpn setelah itu saya coba buat koneksi dari client tapi masalahnya malah stuck di
"MANAGEMENT: >STATE:1392997601,WAIT,,," .setelah itu langsung "Connection reset, restarting [0]".
ini saya lampirin config server, client dan iptablesnya... mohon dibantu
Server Config
Code:port 1194 proto tcp dev tun ca /etc/openvpn/keys/ca.crt cert /etc/openvpn/keys/server.crt key /etc/openvpn/keys/server.key dh /etc/openvpn/keys/dh1024.pem plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login client-cert-not-required username-as-common-name server 10.9.8.0 255.255.255.0 ifconfig-pool-persist ipp.txt push "redirect-gateway def1" push "dhcp-option DNS 8.8.8.8" push "dhcp-option DNS 8.8.4.4" client-to-client keepalive 5 30 comp-lzo persist-key persist-tun status server-tcp.log verb 3
Client Config
Code:client dev tun proto tcp remote IP 1194 route 0.0.0.0 0.0.0.0 resolv-retry infinite route-method adaptive resolv-retry infinite nobind persist-key persist-tun auth-user-pass pass.txt comp-lzo verb 3 <ca> -----BEGIN CERTIFICATE----- MIID2jCCA0OgAwIBAgIJAJTN2Rr4uuXuMA0GCSqGSIb3DQEBBQUAMIGlMQswCQYD VQQGEwJJRDEMMAoGA1UECBMDSktUMRAwDgYDVQQHEwdKYWthcnRhMRUwEwYDVQQK EwxHdWRhbmctU3BlZWQxETAPBgNVBAsTCGNoYW5nZW1lMRQwEgYDVQQDEwtnc2dh bWluZy51czEVMBMGA1UEKRMMR3VkYW5nIFNwZWVkMR8wHQYJKoZIhvcNAQkBFhBt YWlsQGhvc3QuZG9tYWluMB4XDTE0MDIyMDE0MzQ0OVoXDTI0MDIxODE0MzQ0OVow gaUxCzAJBgNVBAYTAklEMQwwCgYDVQQIEwNKS1QxEDAOBgNVBAcTB0pha2FydGEx FTATBgNVBAoTDEd1ZGFuZy1TcGVlZDERMA8GA1UECxMIY2hhbmdlbWUxFDASBgNV BAMTC2dzZ2FtaW5nLnVzMRUwEwYDVQQpEwxHdWRhbmcgU3BlZWQxHzAdBgkqhkiG 9w0BCQEWEG1haWxAaG9zdC5kb21haW4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ AoGBANHHIbXUxdLVxzCYuFZPZyJmjCO9zJu998rUOselfokiedoWUJH11vXELbvw jUUBQDFS0swh1aEZb2/Q1Ggyb+9AYZBFfAlxHXLfvgiIqiFHkBEMevMxlUdFsgLC aVq6Ui9E8Dv5Q0qiy/uHwvDnDRmziIyBH2DoWxC8TZZlYmpNAgMBAAGjggEOMIIB CjAdBgNVHQ4EFgQUe56ooJMF2cxQt6ugeLV0O1mwCCEwgdoGA1UdIwSB0jCBz4AU e56ooJMF2cxQt6ugeLV0O1mwCCGhgaukgagwgaUxCzAJBgNVBAYTAklEMQwwCgYD VQQIEwNKS1QxEDAOBgNVBAcTB0pha2FydGExFTATBgNVBAoTDEd1ZGFuZy1TcGVl ZDERMA8GA1UECxMIY2hhbmdlbWUxFDASBgNVBAMTC2dzZ2FtaW5nLnVzMRUwEwYD VQQpEwxHdWRhbmcgU3BlZWQxHzAdBgkqhkiG9w0BCQEWEG1haWxAaG9zdC5kb21h aW6CCQCUzdka+Lrl7jAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAAOv WfUDd6EqFIUPCRXSwNEmHcJbRhaUE7XfPFndHT3c1yrPtGYfPx4I6qfFvKul3fYr scIj0QLeuB+Lj3qEQqC2Srp8dmScBQ6aZ0mWKCcYy3B+3oT/Px6TPl1yU/TjzM6A 3YRJJ5KuGmb1pY28KMFm1rWW5RJkXXnKqjJdEdq7 -----END CERTIFICATE----- </ca>
Code:# Generated by iptables-save v1.4.7 on Thu Feb 20 10:36:50 2014 *filter :INPUT ACCEPT [10:704] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [6:1120] -A INPUT -p tcp -m tcp --dport 1194 -j ACCEPT COMMIT # Completed on Thu Feb 20 10:36:50 2014 # Generated by iptables-save v1.4.7 on Thu Feb 20 10:36:50 2014 *nat :PREROUTING ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A POSTROUTING -s 10.9.8.0/24 -o eth0 -j MASQUERADE COMMIT # Completed on Thu Feb 20 10:36:50 2014
Tambahan
Log Client
Code:Fri Feb 21 23:01:40 2014 OpenVPN 2.3.2 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Aug 22 2013 Fri Feb 21 23:01:40 2014 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340 Fri Feb 21 23:01:40 2014 Need hold release from management interface, waiting... Fri Feb 21 23:01:40 2014 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340 Fri Feb 21 23:01:40 2014 MANAGEMENT: CMD 'state on' Fri Feb 21 23:01:40 2014 MANAGEMENT: CMD 'log all on' Fri Feb 21 23:01:40 2014 MANAGEMENT: CMD 'hold off' Fri Feb 21 23:01:40 2014 MANAGEMENT: CMD 'hold release' Fri Feb 21 23:01:40 2014 MANAGEMENT: CMD 'proxy HTTP 127.0.0.1 8089' Fri Feb 21 23:01:41 2014 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Fri Feb 21 23:01:42 2014 Socket Buffers: R=[8192->8192] S=[8192->8192] Fri Feb 21 23:01:42 2014 Attempting to establish TCP connection with [AF_INET]127.0.0.1:8089 Fri Feb 21 23:01:42 2014 MANAGEMENT: >STATE:1392998502,TCP_CONNECT,,, Fri Feb 21 23:01:42 2014 TCP connection established with [AF_INET]127.0.0.1:8089 Fri Feb 21 23:01:42 2014 Send to HTTP proxy: 'CONNECT 218.199.233.231:1194 HTTP/1.0' Fri Feb 21 23:01:43 2014 HTTP proxy returned: 'HTTP/1.1 200 OK' Fri Feb 21 23:01:45 2014 TCPv4_CLIENT link local: [undef] Fri Feb 21 23:01:45 2014 TCPv4_CLIENT link remote: [AF_INET]127.0.0.1:8089 Fri Feb 21 23:01:45 2014 MANAGEMENT: >STATE:1392998505,WAIT,,, Fri Feb 21 23:01:55 2014 Connection reset, restarting [0] Fri Feb 21 23:01:55 2014 SIGUSR1[soft,connection-reset] received, process restarting Fri Feb 21 23:01:55 2014 MANAGEMENT: >STATE:1392998515,RECONNECTING,connection-reset,, Fri Feb 21 23:01:55 2014 Restart pause, 5 second(s)
Last edited: