Salut,
En tentant de créer un simple tunnel, je suis tomvé sur un message d’erreur étrange :
“Sun Feb 18 00:13:17 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34162[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)”
Je ne comprends pas d’où vient ce message, surtout que la connection se réalise correctement. C’est comme si il y avait 2 tentatives de connection (via le port 1194 et un autre port)
Voici les logs :
# openvpn --remote anetwork.com --dev tun0 --ifconfig 10.8.0.2 10.8.0.1 --verb 1
Sun Feb 18 00:08:47 2007 OpenVPN 2.0.9 i486-pc-linux-gnu [SSL] [LZO] [EPOLL] built on Dec 22 2006
Sun Feb 18 00:08:47 2007 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Sun Feb 18 00:08:47 2007 ******* WARNING *******: all encryption and authentication features disabled -- all data will be tunnelled as cleartext
Sun Feb 18 00:08:48 2007 TUN/TAP device tun0 opened
Sun Feb 18 00:08:48 2007 /sbin/ifconfig tun0 10.8.0.2 pointopoint 10.8.0.1 mtu 1500
Sun Feb 18 00:08:48 2007 UDPv4 link local (bound): [undef]:1194
Sun Feb 18 00:08:48 2007 UDPv4 link remote: yy.yy.yy.yy:1194
Sun Feb 18 00:08:58 2007 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Sun Feb 18 00:09:08 2007 Peer Connection Initiated with yy.yy.yy.yy:1194
Sun Feb 18 00:09:10 2007 Initialization Sequence Completed
Sun Feb 18 00:09:50 2007 event_wait : Interrupted system call (code=4)
Sun Feb 18 00:09:50 2007 SIGINT[hard,] received, process exiting
# openvpn --remote xx.xx.xx.xx --dev tun0 --ifconfig 10.8.0.1 10.8.0.2 --verb 1/etc/init.d/openvpn stop
Options error: I'm trying to parse "stop" as an --option parameter but I don't see a leading '--'
Use --help for more information.
root@dieux:/home/fritz# openvpn --remote xx.xx.xx.xx --dev tun0 --ifconfig 10.8.0.1 10.8.0.2 --verb 1
Sun Feb 18 00:12:30 2007 OpenVPN 2.0.7 x86_64-pc-linux-gnu [SSL] [LZO] [EPOLL] built on Sep 13 2006
Sun Feb 18 00:12:30 2007 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Sun Feb 18 00:12:30 2007 ******* WARNING *******: all encryption and authentication features disabled -- all data will be tunnelled as cleartext
Sun Feb 18 00:12:30 2007 TUN/TAP device tun0 opened
Sun Feb 18 00:12:30 2007 ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
Sun Feb 18 00:12:30 2007 UDPv4 link local (bound): [undef]:1194
Sun Feb 18 00:12:30 2007 UDPv4 link remote: xx.xx.xx.xx:1194
Sun Feb 18 00:12:31 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34157[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:12:33 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34157[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:12:36 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34157[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:12:37 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34157[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:12:40 2007 Peer Connection Initiated with xx.xx.xx.xx:1194
Sun Feb 18 00:12:40 2007 Initialization Sequence Completed
Sun Feb 18 00:12:41 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34162[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:12:43 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34162[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:12:46 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34162[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:12:48 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34162[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:12:50 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34162[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:12:51 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34162[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:12:53 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34162[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:12:55 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34162[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:12:57 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34162[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:12:59 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34162[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:13:01 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34162[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:13:03 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34162[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:13:05 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34162[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:13:08 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34162[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:13:10 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34162[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:13:11 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34162[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:13:13 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34162[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:13:15 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34162[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:13:17 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34162[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:13:19 2007 TCP/UDP: Incoming packet rejected from xx.xx.xx.xx:34162[2], expected peer address: xx.xx.xx.xx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Feb 18 00:13:20 2007 event_wait : Interrupted system call (code=4)
Sun Feb 18 00:13:20 2007 SIGINT[hard,] received, process exiting
Une idée ?