This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
16
News and Announcements / Re: Zentyal 7.0 available!
« on: January 26, 2021, 07:30:14 pm »
Nyce. Is there an upgrade procedure from last 6.2.6?
17
Other modules / [SOLVED] Zentyal to Zentyal VPN constantly dropping
« on: January 26, 2021, 12:48:50 pm »
Hi, i have built 2 Zentyal 6.2 servers to connect to sites. I have configured one side as server and other side as client.
I have imported the config from server to client and the VPN is established, but is dropping in 2 minutes and reconecting after 2 more minutes time out.
The VPN is closed by the server side and client restart the connection after 2m time out and so on.
When the VPN is working, when it drops, the logs in server side /var/log/openvpn/zen2zen.log shows:
2 minutes afted the link goes down, the client side restart the connection:
Btw, normal VPN from windows workstation to Zentyal server is stable, so the problem is when "Allow Zentyal to Zentyal" is selected.
Any one has dealed with this issue?
I have imported the config from server to client and the VPN is established, but is dropping in 2 minutes and reconecting after 2 more minutes time out.
The VPN is closed by the server side and client restart the connection after 2m time out and so on.
When the VPN is working, when it drops, the logs in server side /var/log/openvpn/zen2zen.log shows:
Code: [Select]
Tue Jan 26 11:56:47 2021 10.0.0.1:43309 TLS: Initial packet from [AF_INET]10.0.0.1:43309, sid=b9f340d3 2dad0449
Tue Jan 26 11:56:47 2021 10.0.0.1:43309 VERIFY OK: depth=1, C=ES, ST=.....
Tue Jan 26 11:56:47 2021 10.0.0.1:43309 VERIFY OK: depth=0, C=ES, ST=.....
Tue Jan 26 11:56:47 2021 10.0.0.1:43309 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1590', remote='link-mtu 1574'
Tue Jan 26 11:56:47 2021 10.0.0.1:43309 WARNING: 'cipher' is used inconsistently, local='cipher AES-256-CBC', remote='cipher BF-CBC'
Tue Jan 26 11:56:47 2021 10.0.0.1:43309 WARNING: 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
Tue Jan 26 11:56:47 2021 10.0.0.1:43309 Control Channel: TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, 2048 bit RSA
Tue Jan 26 11:56:47 2021 10.0.0.1:43309 [Z2ZClient] Peer Connection Initiated with [AF_INET]10.0.0.1:43309
Tue Jan 26 11:56:47 2021 MULTI: new connection by client 'Z2ZClient' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Tue Jan 26 11:56:47 2021 MULTI_sva: pool returned IPv4=192.168.161.2, IPv6=(Not enabled)
Tue Jan 26 11:56:49 2021 Z2ZClient/10.0.0.1:43309 PUSH: Received control message: 'PUSH_REQUEST'
Tue Jan 26 11:56:49 2021 Z2ZClient/10.0.0.1:43309 SENT CONTROL [Z2ZClient]: 'PUSH_REPLY,route 10.0.0.0 255.255.255.0,route-gateway 192.168.161.1,ping 10,ping-restart 120,ifconfig 192.168.161.2 255.255.255.0' (status=1)
Tue Jan 26 11:56:49 2021 Z2ZClient/10.0.0.1:43309 Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Tue Jan 26 11:56:49 2021 Z2ZClient/10.0.0.1:43309 Outgoing Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Jan 26 11:56:49 2021 Z2ZClient/10.0.0.1:43309 Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Tue Jan 26 11:56:49 2021 Z2ZClient/10.0.0.1:43309 Incoming Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Jan 26 11:56:53 2021 Z2ZClient/10.0.0.1:43309 Authenticate/Decrypt packet error: cipher final failed
Tue Jan 26 11:57:03 2021 Z2ZClient/10.0.0.1:43309 Authenticate/Decrypt packet error: cipher final failed
Tue Jan 26 11:57:14 2021 Z2ZClient/10.0.0.1:43309 Authenticate/Decrypt packet error: cipher final failed
Tue Jan 26 11:57:19 2021 Z2ZClient/10.0.0.1:43309 Authenticate/Decrypt packet error: cipher final failed
Tue Jan 26 11:57:30 2021 Z2ZClient/10.0.0.1:43309 Authenticate/Decrypt packet error: cipher final failed
Tue Jan 26 11:57:40 2021 Z2ZClient/10.0.0.1:43309 Authenticate/Decrypt packet error: cipher final failed
Tue Jan 26 11:57:47 2021 Z2ZClient/10.0.0.1:43309 Authenticate/Decrypt packet error: cipher final failed
Tue Jan 26 11:57:57 2021 Z2ZClient/10.0.0.1:43309 Authenticate/Decrypt packet error: cipher final failed
Tue Jan 26 11:58:07 2021 Z2ZClient/10.0.0.1:43309 Authenticate/Decrypt packet error: cipher final failed
Tue Jan 26 11:58:15 2021 Z2ZClient/10.0.0.1:43309 Authenticate/Decrypt packet error: cipher final failed
Tue Jan 26 11:58:25 2021 Z2ZClient/10.0.0.1:43309 Authenticate/Decrypt packet error: cipher final failed
Tue Jan 26 11:58:35 2021 Z2ZClient/10.0.0.1:43309 Authenticate/Decrypt packet error: cipher final failed
Tue Jan 26 11:58:46 2021 Z2ZClient/10.0.0.1:43309 Authenticate/Decrypt packet error: cipher final failed
Tue Jan 26 11:58:46 2021 Z2ZClient/10.0.0.1:43309 Authenticate/Decrypt packet error: cipher final failed
2 minutes afted the link goes down, the client side restart the connection:
Code: [Select]
Tue Jan 26 12:02:54 2021 [vpn-ZenToZen] Inactivity timeout (--ping-restart), restarting
Tue Jan 26 12:02:54 2021 SIGUSR1[soft,ping-restart] received, process restarting
Tue Jan 26 12:02:54 2021 Restart pause, 5 second(s)
Tue Jan 26 12:02:59 2021 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue Jan 26 12:02:59 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:11194
Tue Jan 26 12:02:59 2021 Socket Buffers: R=[212992->212992] S=[212992->212992]
Tue Jan 26 12:02:59 2021 UDP link local: (not bound)
Tue Jan 26 12:02:59 2021 UDP link remote: [AF_INET]x.x.x.x:11194
Tue Jan 26 12:02:59 2021 TLS: Initial packet from [AF_INET]x.x.x.x:11194, sid=b3d4d95a b01dcf8d
Tue Jan 26 12:02:59 2021 VERIFY OK: depth=1, C=ES, ST=....
Tue Jan 26 12:02:59 2021 VERIFY OK: depth=0, C=ES, ST=....
Tue Jan 26 12:02:59 2021 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bit RSA
Tue Jan 26 12:02:59 2021 [vpn-ZenToZen] Peer Connection Initiated with [AF_INET]195.235.235.210:11194
Tue Jan 26 12:03:00 2021 SENT CONTROL [vpn-ZenToZen]: 'PUSH_REQUEST' (status=1)
Tue Jan 26 12:03:00 2021 PUSH: Received control message: 'PUSH_REPLY,route 10.0.0.0 255.255.255.0,route-gateway 192.168.161.1,ping 10,ping-restart 120,ifconfig 192.168.161.2 255.255.255.0,peer-id 0,cipher AES-256-GCM'
Tue Jan 26 12:03:00 2021 OPTIONS IMPORT: timers and/or timeouts modified
Tue Jan 26 12:03:00 2021 OPTIONS IMPORT: --ifconfig/up options modified
Tue Jan 26 12:03:00 2021 OPTIONS IMPORT: route options modified
Tue Jan 26 12:03:00 2021 OPTIONS IMPORT: route-related options modified
Tue Jan 26 12:03:00 2021 OPTIONS IMPORT: peer-id set
Tue Jan 26 12:03:00 2021 OPTIONS IMPORT: adjusting link_mtu to 1657
Tue Jan 26 12:03:00 2021 OPTIONS IMPORT: data channel crypto options modified
Tue Jan 26 12:03:00 2021 Data Channel: using negotiated cipher 'AES-256-GCM'
Tue Jan 26 12:03:00 2021 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Tue Jan 26 12:03:00 2021 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Tue Jan 26 12:03:00 2021 Preserving previous TUN/TAP instance: tap0
Tue Jan 26 12:03:00 2021 Initialization Sequence Completed
Btw, normal VPN from windows workstation to Zentyal server is stable, so the problem is when "Allow Zentyal to Zentyal" is selected.
Any one has dealed with this issue?
18
Other modules / Re: What is UCP module?
« on: January 26, 2021, 12:13:00 pm »
As half_life pointed in this thread: https://forum.zentyal.org/index.php/topic,35064.0.html
This is something related to comercial edition, so useless for comunity edition.
This is something related to comercial edition, so useless for comunity edition.
19
Other modules / What is UCP module?
« on: January 24, 2021, 06:10:05 pm »
Hi, just installed a new V6,2 comunity.
There is an instalable module called "UCP" but there is no info about it in the docs.
Anyone knows what UCP module is for?
I have installed it, just for curiosity, but i can't see any difference.
There is nothing related to UCP in the dahsboard.
There is an instalable module called "UCP" but there is no info about it in the docs.
Anyone knows what UCP module is for?
I have installed it, just for curiosity, but i can't see any difference.
There is nothing related to UCP in the dahsboard.
20
Installation and Upgrades / Re: We have a problem with Zentyal not being able to fully update at the moment.
« on: December 19, 2020, 10:37:53 pm »21
Installation and Upgrades / Re: Expired APT (GPG) Key?
« on: October 22, 2020, 04:24:48 pm »
yeah! same for me in a 6.2 new instalation....
22
Email and Groupware / Re: Outgoing mail isn't being sent with TLS, causing gmail to flag it...
« on: January 06, 2019, 12:58:09 pm »
Hi, halflife you can use Mailgun as smarthost for zentyal mail server?
23
Email and Groupware / Re: Zentyal 6: Does it have a "fetch external mail" option?
« on: January 06, 2019, 12:46:05 pm »
Yes, the fecthmail option is still there.
24
Spanish / Re: No puedo ingresar a IP Publica desde LAN
« on: May 12, 2015, 05:59:22 pm »
Por ip o por nombre?
por ip no deberia haber problema.
Por nombre, ten en cuenta que si tu dns resuelve la url a un direccion interna, no podras acceder porurl a la externa.
por ip no deberia haber problema.
Por nombre, ten en cuenta que si tu dns resuelve la url a un direccion interna, no podras acceder porurl a la externa.
25
Installation and Upgrades / PPPOE support dropped in 4.1
« on: April 05, 2015, 01:04:01 pm »
The PPPOE protocol is no longer supported in 4.1.
I have succesfuly configured vlan and pppoe in ubuntu server dealing with configuration files but i can not figure out how to use it in zentyal.
Resulting network interface is not shown in web admin, to use it as wan and zentyal need a manual gateway in gateways config page.
Is it o good idea to remove PPPOE support and L2TP from a gateway?
Any idea? thx
I have succesfuly configured vlan and pppoe in ubuntu server dealing with configuration files but i can not figure out how to use it in zentyal.
Resulting network interface is not shown in web admin, to use it as wan and zentyal need a manual gateway in gateways config page.
Is it o good idea to remove PPPOE support and L2TP from a gateway?
Any idea? thx
26
Spanish / Re: Zentyal 4.1 sin soporte para PPPoE?!
« on: April 02, 2015, 09:28:35 am »
Y no solo en latinoamerica. En España, la conexión de fibra de telefonica usa PPPoE.
Parece que Zentyal se está centrando en Active Directory y Exchange y abandonando las funcionalidades de gateway.
Parece que Zentyal se está centrando en Active Directory y Exchange y abandonando las funcionalidades de gateway.
27
Spanish / Re: pptp en Zentyal 4
« on: March 04, 2015, 04:45:38 pm »
He probado L2TP en Zen3.3 y sin problemas. Me puedo conectar con clientes Android sin problemas.
No creo que lo hayan roto en Zen4
No creo que lo hayan roto en Zen4
28
Spanish / Re: Usar zentyal como router para la fibra optica de movistar
« on: March 03, 2015, 07:27:35 pm »
Primer problema, la puerta de enlace.
Al obtener IP por PPPoE, no se puede configurar un GW que por otra parte no sabemos cual es.
Seguiremos mirando
Al obtener IP por PPPoE, no se puede configurar un GW que por otra parte no sabemos cual es.
Seguiremos mirando
29
Spanish / Re: Usar zentyal como router para la fibra optica de movistar
« on: February 28, 2015, 08:41:59 pm »
Ademas del PPPoE tienes que crear un trunk 802.1q (Vlan taging) con el tag 6.
Busca por la red que he visto varios hilos que tratan esto.
Creo que tambien hay que tocar la ONT y no todas se puede.
Yo estoy con eso tambien, pero ando mal de tiempo.
Si logro algo te digo. Cuando lo tengamos, podemos hacer un tuto que seguro que le vendrá bien a más gente.
Yo tengo la Huawei HG8240H y esta parece que se puede hacer pero la Alcatel Lucent i240g no he visto nada.
Busca por la red que he visto varios hilos que tratan esto.
Creo que tambien hay que tocar la ONT y no todas se puede.
Yo estoy con eso tambien, pero ando mal de tiempo.
Si logro algo te digo. Cuando lo tengamos, podemos hacer un tuto que seguro que le vendrá bien a más gente.
Yo tengo la Huawei HG8240H y esta parece que se puede hacer pero la Alcatel Lucent i240g no he visto nada.
30
Installation and Upgrades / Re: File sharing problem
« on: February 22, 2015, 01:59:35 pm »
This problem is related to samba user password expiration.
When i do manual config backup i get this error:
To resolve the issue:
When i do manual config backup i get this error:
Code: [Select]
Could not get ticket: could not acquire credentials using an initial credentials context: No ENC-TS found
This error points me in the right direction.To resolve the issue:
Code: [Select]
samba-tool user setexpiry administrator --noexpiry
Everything is now working again.