Bonjour à tous,
Voila des semaines que je tente de faire fonctionner mon vpn (HideMyAss) sur mon raspberry avec Raspbian. J’ai tenté des tas de truc et rien ne fonctionne. Comme vous allez voir je lance mon vpn, ensuite je peut voir dans ifconfig que l’interface tun0 à été crée mais je n’ai pas de connexion à internet. Je pense qu’il s’agit d’un problème de routage mais je n’y connaît rien (pour le moment car me passionne). Si ca peut aider je vous montre le résultat de ifconfig et de route.
pi@raspberrypi /etc/openvpn/hma/TCP $ sudo openvpn USA.Wisconsin.Madison_LOC1S2.TCP.ovpn
Wed Jan 15 21:14:31 2014 OpenVPN 2.2.1 arm-linux-gnueabihf [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Oct 12 2013
Enter Auth Username:feliciano1983
Enter Auth Password:
Wed Jan 15 21:14:40 2014 NOTE: OpenVPN 2.1 requires ‘–script-security 2’ or higher to call user-defined scripts or executables
Wed Jan 15 21:14:40 2014 Control Channel MTU parms [ L:1543 D:140 EF:40 EB:0 ET:0 EL:0 ]
Wed Jan 15 21:14:40 2014 Socket Buffers: R=[87380->131072] S=[16384->131072]
Wed Jan 15 21:14:40 2014 Data Channel MTU parms [ L:1543 D:1450 EF:43 EB:4 ET:0 EL:0 ]
Wed Jan 15 21:14:40 2014 Local Options hash (VER=V4): 'db02a8f8’
Wed Jan 15 21:14:40 2014 Expected Remote Options hash (VER=V4): '7e068940’
Wed Jan 15 21:14:40 2014 Attempting to establish TCP connection with [AF_INET]204.15.111.130:443 [nonblock]
Wed Jan 15 21:14:41 2014 TCP connection established with [AF_INET]204.15.111.130:443
Wed Jan 15 21:14:41 2014 TCPv4_CLIENT link local: [undef]
Wed Jan 15 21:14:41 2014 TCPv4_CLIENT link remote: [AF_INET]204.15.111.130:443
Wed Jan 15 21:14:56 2014 TLS: Initial packet from [AF_INET]204.15.111.130:443, sid=3bf21168 5b3b9c92
Wed Jan 15 21:14:56 2014 WARNING: this configuration may cache passwords in memory – use the auth-nocache option to prevent this
Wed Jan 15 21:14:58 2014 VERIFY OK: depth=1, /C=UK/ST=NR/L=Attleborough/O=Hide_My_As … emyass.com
Wed Jan 15 21:14:58 2014 VERIFY OK: nsCertType=SERVER
Wed Jan 15 21:14:58 2014 VERIFY OK: depth=0, /C=UK/ST=NR/L=Attleborough/O=Hide_My_As … emyass.com
Wed Jan 15 21:15:12 2014 Data Channel Encrypt: Cipher ‘BF-CBC’ initialized with 128 bit key
Wed Jan 15 21:15:12 2014 Data Channel Encrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
Wed Jan 15 21:15:12 2014 Data Channel Decrypt: Cipher ‘BF-CBC’ initialized with 128 bit key
Wed Jan 15 21:15:12 2014 Data Channel Decrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
Wed Jan 15 21:15:12 2014 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Wed Jan 15 21:15:12 2014 [server] Peer Connection Initiated with [AF_INET]204.15.111.130:443
Wed Jan 15 21:15:15 2014 SENT CONTROL [server]: ‘PUSH_REQUEST’ (status=1)
Wed Jan 15 21:15:16 2014 PUSH: Received control message: 'PUSH_REPLY,topology subnet,route-gateway 10.200.0.1,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,redirect-gateway def1,ifconfig 10.200.2.204 255.255.252.0’
Wed Jan 15 21:15:16 2014 OPTIONS IMPORT: --ifconfig/up options modified
Wed Jan 15 21:15:16 2014 OPTIONS IMPORT: route options modified
Wed Jan 15 21:15:16 2014 OPTIONS IMPORT: route-related options modified
Wed Jan 15 21:15:16 2014 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed Jan 15 21:15:16 2014 ROUTE default_gateway=192.168.0.254
Wed Jan 15 21:15:16 2014 TUN/TAP device tun0 opened
Wed Jan 15 21:15:16 2014 TUN/TAP TX queue length set to 100
Wed Jan 15 21:15:16 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Jan 15 21:15:16 2014 /sbin/ifconfig tun0 10.200.2.204 netmask 255.255.252.0 mtu 1500 broadcast 10.200.3.255
Wed Jan 15 21:15:16 2014 /sbin/route add -net 204.15.111.130 netmask 255.255.255.255 gw 192.168.0.254
Wed Jan 15 21:15:16 2014 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.200.0.1
Wed Jan 15 21:15:16 2014 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.200.0.1
Wed Jan 15 21:15:16 2014 Initialization Sequence Completed
La commande route ça donne :
pi@raspberrypi ~ $ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 10.200.0.1 128.0.0.0 UG 0 0 0 tun0
default 192.168.0.254 0.0.0.0 UG 0 0 0 eth0
10.200.0.0 * 255.255.252.0 U 0 0 0 tun0
128.0.0.0 10.200.0.1 128.0.0.0 UG 0 0 0 tun0
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
204.15.111.130 192.168.0.254 255.255.255.255 UGH 0 0 0 eth0
Et enfin pour ifconfig on a :
pi@raspberrypi ~ $ sudo ifconfig
eth0 Link encap:Ethernet HWaddr b8:27:eb:d9:46:7c
inet addr:192.168.0.10 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9610 errors:0 dropped:0 overruns:0 frame:0
TX packets:4923 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:8098237 (7.7 MiB) TX bytes:720037 (703.1 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.200.2.204 P-t-P:10.200.2.204 Mask:255.255.252.0
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:23 errors:0 dropped:0 overruns:0 frame:0
TX packets:41 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:1767 (1.7 KiB) TX bytes:3077 (3.0 KiB)
Je commence un peu à désespérer et ce serait de nouveau noël si j’arrivais à bout de ce casse tête.
Félicien