Messages

1

Installation and Upgrades / Re: eBox-XEN-OpenVPN problem

« on: February 13, 2008, 01:17:00 pm »

Hhhmh.. from google I was found it's OpenVPN problem, not a DHCP server. I don't know about the Ebox firewall, because I didn't change any firewall configuration. Until now, I still can't solve problem.

Updated :
After trial and error, I was successfully ping to VPN ip gateway. The problem is eth1:0  = 172.168.2.1/24 virtual interfaces. I deleted this configuration and then I can ping it.

2

Installation and Upgrades / Re: eBox-XEN-OpenVPN problem

« on: February 11, 2008, 03:59:28 pm »

Thanks for your quick reply Javier, I almost forgot something. Ebox using OpenVPN not a simple PPTP (PopTop) for VPN server, so I need a OpenVPN client for Windows XP which is I can found at http://www.openvpn.se/.

Another question, can I have access the share folder after VPN login first, if doesnt, I can't access the folder?

Updated :
Still no luck from Windows XP with OpenVPN client software 

Tue Feb 12 01:42:37 2008 Cannot load private key file myfileserver.pem: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
Tue Feb 12 01:42:37 2008 Error: private key password verification failed
Tue Feb 12 01:42:37 2008 Exiting

Updated :
I was able to connecting to the OpenVPN, finnally I found the problem where my Windows XP date its NOT SAME with the server.

Wed Feb 13 09:28:08 2008 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct  1 2006
Wed Feb 13 09:28:08 2008 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Wed Feb 13 09:28:08 2008 LZO compression initialized
Wed Feb 13 09:28:08 2008 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Wed Feb 13 09:28:08 2008 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Wed Feb 13 09:28:08 2008 Local Options hash (VER=V4): '31fdf004'
Wed Feb 13 09:28:08 2008 Expected Remote Options hash (VER=V4): '3e6d1056'
Wed Feb 13 09:28:08 2008 Attempting to establish TCP connection with 100.100.1.15:1194
Wed Feb 13 09:28:08 2008 TCP connection established with 100.100.1.1:1194
Wed Feb 13 09:28:08 2008 TCPv4_CLIENT link local: [undef]
Wed Feb 13 09:28:08 2008 TCPv4_CLIENT link remote: 100.100.1.1:1194
Wed Feb 13 09:28:08 2008 TLS: Initial packet from 100.100.1.1:1194, sid=c3e0b34a 32b69f98
Wed Feb 13 09:28:08 2008 VERIFY OK: depth=1, /C=ES/ST=Nation/L=Nowhere/O=Server/CN=Certification_Authority_Certificate
Wed Feb 13 09:28:08 2008 VERIFY X509NAME OK: /C=ES/ST=Nation/L=Nowhere/O=Server/CN=Client
Wed Feb 13 09:28:08 2008 VERIFY OK: depth=0, /C=ES/ST=Nation/L=Nowhere/O=Server/CN=Client
Wed Feb 13 09:28:09 2008 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Feb 13 09:28:09 2008 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Feb 13 09:28:09 2008 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Feb 13 09:28:09 2008 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Feb 13 09:28:09 2008 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Wed Feb 13 09:28:09 2008 [Client] Peer Connection Initiated with 100.100.1.1:1194
Wed Feb 13 09:28:10 2008 SENT CONTROL [Client]: 'PUSH_REQUEST' (status=1)
Wed Feb 13 09:28:10 2008 PUSH: Received control message: 'PUSH_REPLY,route-gateway 172.168.0.1,ping 10,ping-restart 120,ifconfig 172.168.0.2 255.255.255.0'
Wed Feb 13 09:28:10 2008 OPTIONS IMPORT: timers and/or timeouts modified
Wed Feb 13 09:28:10 2008 OPTIONS IMPORT: --ifconfig/up options modified
Wed Feb 13 09:28:10 2008 OPTIONS IMPORT: route options modified
Wed Feb 13 09:28:10 2008 TAP-WIN32 device [Local Area Connection 4] opened: \\.\Global\{6091B0CB-A2B0-40C2-A3EA-489F0D002888}.tap
Wed Feb 13 09:28:10 2008 TAP-Win32 Driver Version 8.4
Wed Feb 13 09:28:10 2008 TAP-Win32 MTU=1500
Wed Feb 13 09:28:10 2008 Notified TAP-Win32 driver to set a DHCP IP/netmask of 172.168.0.2/255.255.255.0 on interface {6091B0CB-A2B0-40C2-A3EA-489F0D002888} [DHCP-serv: 172.168.0.0, lease-time: 31536000]
Wed Feb 13 09:28:10 2008 Successful ARP Flush on interface [3] {6091B0CB-A2B0-40C2-A3EA-489F0D002888}
Wed Feb 13 09:28:10 2008 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Feb 13 09:28:10 2008 Route: Waiting for TUN/TAP interface to come up...
Wed Feb 13 09:28:11 2008 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Wed Feb 13 09:28:11 2008 Route: Waiting for TUN/TAP interface to come up...
Wed Feb 13 09:28:12 2008 TEST ROUTES: 0/0 succeeded len=-1 ret=1 a=0 u/d=up
Wed Feb 13 09:28:12 2008 Initialization Sequence Completed
Wed Feb 13 09:28:25 2008 TCP/UDP: Closing socket
Wed Feb 13 09:28:25 2008 Closing TUN/TAP interface
Wed Feb 13 09:28:25 2008 SIGTERM[hard,] received, process exiting

The scenario is :

Ebox server ip at eth0    = 100.100.1.1/30
                         eth0:0 = 192.168.1.1/30
                         eth0:1 = 192.168.2.1/30
                         eth1  = 192.168.0.1/30
                         eth1:0  = 172.168.2.1/24

Client 1 = 192.168.1.2/30
Client 2 = 192.168.2.2/30

Client 1 and client 2 success ping the Ebox server trought eth0 Ebox server (LAN/WAN) and success connected to the Ebox VPN with OpenVPN client and got DHCP ip 172.168.2.2 and 172.168.2.10.

Another problem is, my Windows DHCP client not get a gateway ip 172.168.2.1 and DNS ip. So, after connected, I CAN'T ping the Ebox server and CAN'T resolve local domain.

What should I do? Thanks for help. 

3

Installation and Upgrades / Re: eBox-XEN-OpenVPN problem

« on: February 10, 2008, 08:34:37 pm »

Yes Kumar, I need help here. I was successfully install the ebox platform and I have 1 ebox server and 2 windows XP with different network. Problem is, I was create 2 user with ebox, but XP client still can't login to it over VPN. Any suggestion, tips, or how to step by step will be apreciate. Thanks for your help.