openvpn client + windows7 verzweifelung

Diese Seite verwendet Cookies. Durch die Nutzung unserer Seite erklären Sie sich damit einverstanden, dass wir Cookies setzen. Weitere Informationen

  • openvpn client + windows7 verzweifelung

    also ich habe es hinbekommen den open vpn client im windows xp hinzubekommen mit diese konfig :

    client
    dev tap
    ;dev-node MyTap
    ;proto tcp
    proto udp
    remote xxx.xxx.xxx.xxx 1194
    resolv-retry infinite
    nobind
    persist-key
    persist-tun
    ;http-proxy-retry # retry on connection failures
    ;http-proxy [proxy server] [proxy port #]
    ;mute-replay-warnings
    ca cacert.pem
    auth-user-pass
    ;ns-cert-type server
    ;tls-auth ta.key 1
    ;cipher x
    comp-lzo
    verb 3
    ;mute 20

    aber unter windoof7 funzt das nicht kommt immer fehlermeldung

    Wed Oct 06 16:03:56 2010 OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Aug 20 2010
    Wed Oct 06 16:04:07 2010 WARNING: No server certificate verification method has been enabled. See openvpn.net/howto.html#mitm for more info.
    Wed Oct 06 16:04:07 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
    Wed Oct 06 16:04:09 2010 LZO compression initialized
    Wed Oct 06 16:04:09 2010 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
    Wed Oct 06 16:04:09 2010 Socket Buffers: R=[8192->8192] S=[8192->8192]
    Wed Oct 06 16:04:09 2010 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
    Wed Oct 06 16:04:09 2010 Local Options hash (VER=V4): 'd79ca330'
    Wed Oct 06 16:04:09 2010 Expected Remote Options hash (VER=V4): 'f7df56b8'
    Wed Oct 06 16:04:09 2010 UDPv4 link local: [undef]
    Wed Oct 06 16:04:09 2010 UDPv4 link remote: xxx.xxx.xxx.xxx:1194
    Wed Oct 06 16:04:09 2010 TLS: Initial packet from xxx.xxx.xxx.xxx:1194, sid=740db08f 85ab6269
    Wed Oct 06 16:04:09 2010 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    Wed Oct 06 16:04:10 2010 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: /C=IT/O=efw/CN=efw_CA
    Wed Oct 06 16:04:10 2010 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
    Wed Oct 06 16:04:10 2010 TLS Error: TLS object -> incoming plaintext read error
    Wed Oct 06 16:04:10 2010 TLS Error: TLS handshake failed
    Wed Oct 06 16:04:10 2010 TCP/UDP: Closing socket
    Wed Oct 06 16:04:10 2010 SIGUSR1[soft,tls-error] received, process restarting
    Wed Oct 06 16:04:10 2010 Restart pause, 2 second(s)
    Wed Oct 06 16:04:12 2010 WARNING: No server certificate verification method has been enabled. See openvpn.net/howto.html#mitm for more info.
    Wed Oct 06 16:04:12 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
    Wed Oct 06 16:04:12 2010 Re-using SSL/TLS context
    Wed Oct 06 16:04:12 2010 LZO compression initialized
    Wed Oct 06 16:04:12 2010 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
    Wed Oct 06 16:04:12 2010 Socket Buffers: R=[8192->8192] S=[8192->8192]
    Wed Oct 06 16:04:24 2010 WARNING: No server certificate verification method has been enabled. See openvpn.net/howto.html#mitm for more info.
    Wed Oct 06 16:04:24 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
    Wed Oct 06 16:04:24 2010 Re-using SSL/TLS context
    Wed Oct 06 16:04:28 2010 TCP/UDP: Closing socket
    Wed Oct 06 16:04:28 2010 SIGUSR1[soft,tls-error] received, process restarting
    Wed Oct 06 16:04:28 2010 Restart pause, 2 second(s)

    was mache ich falsch wie gesagt unter windows xp funzt es unter windwos7 kommt die fehlermeldung als client habe ich openvpn 2.1.3 genutzt und
    mit dem securepoint vpn client habe ich es auch probiert.
    securepoint client config :

    client
    comp-lzo
    float
    nobind
    persist-key
    persist-tun
    auth-user-pass
    dev tap
    remote xxx.xxx.xxx.xxx 1194
    proto udp
    ca "efw1.pem"
    cert "efw1.pem"
    key "efw1.pem"
    ns-cert-type server
    mssfix
    route-method exe
    verb 3
    route-delay 2
    remote-random
    resolv-retry infinite



    gruß Alex
  • Re: openvpn client + windows7 verzweifelung

    Hallo,

    meine Config unter Win7

    client
    dev tap

    remote 95.91.97.999

    port 443
    proto tcp-client

    ca gateway.cer
    nobind

    comp-lzo
    persist-key
    persist-tun
    verb 3
    auth-user-pass

    und das funktioniert perfekt.
    das exp. Zertifikat ist das richtige?

    Log File meiner Verb.

    Quellcode

    1. Thu Oct 07 07:05:30 2010 OpenVPN 2.1_rc21 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Nov 12 2009
    2. Thu Oct 07 07:05:36 2010 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    3. Thu Oct 07 07:05:36 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
    4. Thu Oct 07 07:05:37 2010 LZO compression initialized
    5. Thu Oct 07 07:05:37 2010 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
    6. Thu Oct 07 07:05:37 2010 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
    7. Thu Oct 07 07:05:37 2010 Local Options hash (VER=V4): '31fdf004'
    8. Thu Oct 07 07:05:37 2010 Expected Remote Options hash (VER=V4): '3e6d1056'
    9. Thu Oct 07 07:05:37 2010 Attempting to establish TCP connection with 91.55.55.55
    10. Thu Oct 07 07:05:37 2010 TCP connection established with 91.55.55.55
    11. Thu Oct 07 07:05:37 2010 Send to HTTP proxy: 'CONNECT 95.91.58.189:443 HTTP/1.0'
    12. Thu Oct 07 07:05:38 2010 HTTP proxy returned: 'HTTP/1.0 200 Connection established'
    13. Thu Oct 07 07:05:40 2010 Socket Buffers: R=[8192->8192] S=[64512->64512]
    14. Thu Oct 07 07:05:40 2010 TCPv4_CLIENT link local: [undef]
    15. Thu Oct 07 07:05:40 2010 TCPv4_CLIENT link remote: 91.55.55.55
    16. Thu Oct 07 07:05:40 2010 TLS: Initial packet from 91.55.55.55, sid=8ff1d741 807c982f
    17. Thu Oct 07 07:05:40 2010 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    18. Thu Oct 07 07:05:41 2010 VERIFY OK: depth=1, /C=IT/O=efw/CN=efw_CA
    19. Thu Oct 07 07:05:41 2010 VERIFY OK: depth=0, /C=IT/O=efw/CN=127.0.0.1
    20. Thu Oct 07 07:05:42 2010 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
    21. Thu Oct 07 07:05:42 2010 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    22. Thu Oct 07 07:05:42 2010 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
    23. Thu Oct 07 07:05:42 2010 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    24. Thu Oct 07 07:05:42 2010 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
    25. Thu Oct 07 07:05:42 2010 [127.0.0.1] Peer Connection Initiated with 91.55.55.55
    26. Thu Oct 07 07:05:44 2010 SENT CONTROL [127.0.0.1]: 'PUSH_REQUEST' (status=1)
    27. Thu Oct 07 07:05:44 2010 PUSH: Received control message: 'PUSH_REPLY,ifconfig 192.168.99.210 255.255.255.0,ping-restart 30,ping 8,route-gateway 192.168.99.1,route-gateway 192.168.99.1'
    28. Thu Oct 07 07:05:44 2010 OPTIONS IMPORT: timers and/or timeouts modified
    29. Thu Oct 07 07:05:44 2010 OPTIONS IMPORT: --ifconfig/up options modified
    30. Thu Oct 07 07:05:44 2010 OPTIONS IMPORT: route-related options modified
    31. Thu Oct 07 07:05:44 2010 TAP-WIN32 device [LAN-Verbindung 2] opened: \\.\Global\{38B88D31-EE6A-46A1-8E14-1CB59F6F54FC}.tap
    32. Thu Oct 07 07:05:44 2010 TAP-Win32 Driver Version 9.6
    33. Thu Oct 07 07:05:44 2010 TAP-Win32 MTU=1500
    34. Thu Oct 07 07:05:44 2010 Notified TAP-Win32 driver to set a DHCP IP/netmask of 192.168.299.210/255.255.255.0 on interface {38B88D31-EE6A-46A1-8E14-1CB59F6F54FC} [DHCP-serv: 192.168.200.0, lease-time: 31536000]
    35. Thu Oct 07 07:05:44 2010 NOTE: FlushIpNetTable failed on interface [14] {38B88D31-EE6A-46A1-8E14-1CB59F6F54FC} (status=5) : Zugriff verweigert
    36. Thu Oct 07 07:05:50 2010 TEST ROUTES: 0/0 succeeded len=-1 ret=1 a=0 u/d=up
    37. Thu Oct 07 07:05:50 2010 Initialization Sequence Completed
    Alles anzeigen

    freaky-media
    Kein Support per PN dafür ist das Forum da.
    Preisanfragen via PN möglich oder über freaky-media
  • Re: openvpn client + windows7 verzweifelung

    Hallo,

    ich habe es mal mit deiner config probiert aber wieder das selbe unter windows xp geht es under win7 gehts nicht.
    entweder bin ich oder windows7 zu doof :?:

    efw ist eine 2.2 community

    config:

    client
    dev tap
    remote xxxxxxxxx.dyndns.org
    port 1194
    proto udp
    ca cacert.pem
    nobind
    comp-lzo
    persist-key
    persist-tun
    verb 3
    auth-user-pass


    fehlermeldung:

    Wed Oct 13 13:36:39 2010 OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Aug 20 2010
    Wed Oct 13 13:36:51 2010 WARNING: No server certificate verification method has been enabled. See openvpn.net/howto.html#mitm for more info.
    Wed Oct 13 13:36:51 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
    Wed Oct 13 13:36:52 2010 LZO compression initialized
    Wed Oct 13 13:36:52 2010 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
    Wed Oct 13 13:36:52 2010 Socket Buffers: R=[8192->8192] S=[8192->8192]
    Wed Oct 13 13:36:53 2010 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
    Wed Oct 13 13:36:53 2010 Local Options hash (VER=V4): 'd79ca330'
    Wed Oct 13 13:36:53 2010 Expected Remote Options hash (VER=V4): 'f7df56b8'
    Wed Oct 13 13:36:53 2010 UDPv4 link local: [undef]
    Wed Oct 13 13:36:53 2010 UDPv4 link remote: xxx.xxx.xxx.xxx:1194
    Wed Oct 13 13:36:53 2010 TLS: Initial packet from xxx.xxx.xxx.xxx:1194, sid=bdb936dc d0b4db43
    Wed Oct 13 13:36:53 2010 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    Wed Oct 13 13:36:53 2010 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: /C=IT/O=efw/CN=efw_CA
    Wed Oct 13 13:36:53 2010 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
    Wed Oct 13 13:36:53 2010 TLS Error: TLS object -> incoming plaintext read error
    Wed Oct 13 13:36:53 2010 TLS Error: TLS handshake failed
    Wed Oct 13 13:36:53 2010 TCP/UDP: Closing socket
    Wed Oct 13 13:36:53 2010 SIGUSR1[soft,tls-error] received, process restarting
    Wed Oct 13 13:36:53 2010 Restart pause, 2 second(s)
    Wed Oct 13 13:36:55 2010 WARNING: No server certificate verification method has been enabled. See openvpn.net/howto.html#mitm for more info.
    Wed Oct 13 13:36:55 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
    Wed Oct 13 13:36:55 2010 Re-using SSL/TLS context
    Wed Oct 13 13:36:55 2010 LZO compression initialized
    Wed Oct 13 13:36:55 2010 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
    Wed Oct 13 13:36:55 2010 Socket Buffers: R=[8192->8192] S=[8192->8192]
    Wed Oct 13 13:36:56 2010 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
    Wed Oct 13 13:36:56 2010 Local Options hash (VER=V4): 'd79ca330'
    Wed Oct 13 13:36:56 2010 Expected Remote Options hash (VER=V4): 'f7df56b8'
    Wed Oct 13 13:36:56 2010 UDPv4 link local: [undef]
    Wed Oct 13 13:36:56 2010 UDPv4 link remote: xxx.xxx.xxx.xxx:1194
    Wed Oct 13 13:36:56 2010 TLS: Initial packet from xxx.xxx.xxx.xxx:1194, sid=049a1e0b 0557f7a2
    Wed Oct 13 13:36:56 2010 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    Wed Oct 13 13:36:56 2010 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: /C=IT/O=efw/CN=efw_CA
    Wed Oct 13 13:36:56 2010 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
    Wed Oct 13 13:36:56 2010 TLS Error: TLS object -> incoming plaintext read error
    Wed Oct 13 13:36:56 2010 TLS Error: TLS handshake failed
    Wed Oct 13 13:36:56 2010 TCP/UDP: Closing socket
    Wed Oct 13 13:36:56 2010 SIGUSR1[soft,tls-error] received, process restarting
    Wed Oct 13 13:36:56 2010 Restart pause, 2 second(s)