Koozali.org: home of the SME Server

VPN SiteToSite

Offline groyk

  • *
  • 138
  • +0/-0
VPN SiteToSite
« on: July 31, 2013, 10:22:38 PM »
Dear All

I can't get VPN SiteToSite working.!!

I I open my logfile on the client it seems like this. Is that correct??

Code: [Select]
Wed Jul 31 22:02:16 2013 OpenVPN 2.3.1 i386-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on May 24 2013
Wed Jul 31 22:02:16 2013 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Wed Jul 31 22:02:16 2013 WARNING: file 'priv/server2_sharedkey.pem' is group or others accessible
Wed Jul 31 22:02:16 2013 Static Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Jul 31 22:02:16 2013 Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Jul 31 22:02:16 2013 Static Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Jul 31 22:02:16 2013 Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Jul 31 22:02:16 2013 Socket Buffers: R=[110592->131072] S=[110592->131072]
Wed Jul 31 22:02:16 2013 ROUTE_GATEWAY 32.168.71.52/255.255.255.192 IFACE=eth1 HWADDR=xx:xx:xx:xx:xx:xx
Wed Jul 31 22:02:16 2013 TUN/TAP device tunserver2 opened
Wed Jul 31 22:02:16 2013 TUN/TAP TX queue length set to 100
Wed Jul 31 22:02:16 2013 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Jul 31 22:02:16 2013 /sbin/ip link set dev tunserver2 up mtu 1500
Wed Jul 31 22:02:16 2013 /sbin/ip addr add dev tunserver2 local 10.3.0.1 peer 10.3.0.2
Wed Jul 31 22:02:16 2013 bin/up tunserver2 1500 1545 10.3.0.1 10.3.0.2 init
Wed Jul 31 22:02:16 2013 chroot to '/etc/openvpn/s2s' and cd to '/' succeeded
Wed Jul 31 22:02:16 2013 GID set to openvpn
Wed Jul 31 22:02:16 2013 UID set to openvpn
Wed Jul 31 22:02:16 2013 UDPv4 link local: [undef]
Wed Jul 31 22:02:16 2013 UDPv4 link remote: [AF_INET]72.164.213.19:1195
Wed Jul 31 22:02:19 2013 Peer Connection Initiated with [AF_INET]72.164.213.19:1195
Wed Jul 31 22:02:19 2013 Initialization Sequence Completed
Wed Jul 31 22:02:19 2013 NOTE: Beginning empirical MTU test -- results should be available in 3 to 4 minutes.
Wed Jul 31 22:05:30 2013 NOTE: Empirical MTU test completed [Tried,Actual] local->remote=[1540,1540] remote->local=[1540,1540]

What am I doing wrong??

Offline _alex

  • ***
  • 103
  • +0/-0
Re: VPN SiteToSite
« Reply #1 on: July 31, 2013, 10:36:02 PM »
It look's fine. Can You ping 10.3.0.2 from the machine where this log was taken?

Offline groyk

  • *
  • 138
  • +0/-0
Re: VPN SiteToSite
« Reply #2 on: August 01, 2013, 06:55:43 AM »
Nop.

But I deleted connections and recreated, now it works. I definitely made a mistake in some of the IP addresses.

By the way. Is the VPN reliable enough for making backup (SME standard DAR backup)?