Configurar VPN Endian para Endian.

Home Comunidade Brasileira Endian Firewall Endian Firewall Endian Firewall – Suporte Configurar VPN Endian para Endian.

Marcado: 

Visualizando 5 respostas da discussão
  • Autor
    Posts
    • fevereiro 21, 2011 às 1:16 pm #871
      saleao
      Participante

      Pessoal gostaria da ajuda de vocês, pois segui um tutorial e não consegui configurar a VPN.

      – Segue o log que esta aparecendo no Endian da Filial.

      OpenVPN2011-02-21 14:09:55

      vpn[31864]: Mon Feb 21 14:09:54 2011 SIGUSR1[soft,tls-error] received, process restartingOpenVPN2011-02-21 14:09:56

      vpn[31864]: Mon Feb 21 14:09:56 2011 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.OpenVPN2011-02-21 14:09:56

      vpn[31864]: Mon Feb 21 14:09:56 2011 NOTE: the current –script-security setting may allow this configuration to call user-defined scriptsOpenVPN2011-02-21 14:09:56

      vpn[31864]: Mon Feb 21 14:09:56 2011 NOTE: –script-security method=”system” is deprecated due to the fact that passed parameters will be subject to shell expansionOpenVPN2011-02-21 14:09:57

      vpn[31864]: Mon Feb 21 14:09:57 2011 LZO compression initializedOpenVPN2011-02-21 14:09:57

      vpn[31864]: Mon Feb 21 14:09:57 2011 UDPv4 link local: [undef]OpenVPN2011-02-21 14:09:57

      vpn[31864]: Mon Feb 21 14:09:57 2011 UDPv4 link remote: 200.0.0.0:1194OpenVPN2011-02-21 14:10:57

      vpn[31864]: Mon Feb 21 14:10:57 2011 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)OpenVPN2011-02-21 14:11:02

      vpn[31864]: Mon Feb 21 14:10:57 2011 TLS Error: TLS handshake failedOpenVPN2011-02-21 14:11:03

      vpn[31864]: Mon Feb 21 14:10:57 2011 SIGUSR1[soft,tls-error] received, process restartingOpenVPN2011-02-21 14:11:03

      vpn[31864]: Mon Feb 21 14:10:59 2011 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.OpenVPN2011-02-21 14:11:03

      vpn[31864]: Mon Feb 21 14:10:59 2011 NOTE: the current –script-security setting may allow this configuration to call user-defined scriptsOpenVPN2011-02-21 14:11:03

      vpn[31864]: Mon Feb 21 14:10:59 2011 NOTE: –script-security method=”system” is deprecated due to the fact that passed parameters will be subject to shell expansionOpenVPN2011-02-21 14:11:03

      vpn[31864]: Mon Feb 21 14:10:59 2011 LZO compression initializedOpenVPN2011-02-21 14:11:03

      vpn[31864]: Mon Feb 21 14:10:59 2011 UDPv4 link local: [undef]OpenVPN2011-02-21 14:11:03

      vpn[31864]: Mon Feb 21 14:10:59 2011 UDPv4 link remote: 200.142.127.122:1194OpenVPN2011-02-21 14:12:00

      vpn[31864]: Mon Feb 21 14:11:59 2011 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)OpenVPN2011-02-21 14:12:50

      vpn[31864]: Mon Feb 21 14:11:59 2011 TLS Error: TLS handshake failedOpenVPN2011-02-21 14:12:50

      vpn[31864]: Mon Feb 21 14:11:59 2011 SIGUSR1[soft,tls-error] received, process restartingOpenVPN2011-02-21 14:12:50

      vpn[31864]: Mon Feb 21 14:12:01 2011 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.OpenVPN2011-02-21 14:12:50

      vpn[31864]: Mon Feb 21 14:12:01 2011 NOTE: the current –script-security setting may allow this configuration to call user-defined scriptsOpenVPN2011-02-21 14:12:50

      vpn[31864]: Mon Feb 21 14:12:01 2011 NOTE: –script-security method=”system” is deprecated due to the fact that passed parameters will be subject to shell expansionOpenVPN2011-02-21 14:12:51

      vpn[31864]: Mon Feb 21 14:12:01 2011 LZO compression initializedOpenVPN2011-02-21 14:12:51

      vpn[31864]: Mon Feb 21 14:12:01 2011 UDPv4 link local: [undef]OpenVPN2011-02-21 14:12:51

      vpn[31864]: Mon Feb 21 14:12:01 2011 UDPv4 link remote: 200.142.127.122:1194OpenVPN2011-02-21 14:13:01

      vpn[31864]: Mon Feb 21 14:13:01 2011 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)OpenVPN2011-02-21 14:13:28

      vpn[31864]: Mon Feb 21 14:13:01 2011 TLS Error: TLS handshake failedOpenVPN2011-02-21 14:13:28

      vpn[31864]: Mon Feb 21 14:13:01 2011 SIGUSR1[soft,tls-error] received, process restartingOpenVPN2011-02-21 14:13:28

      vpn[31864]: Mon Feb 21 14:13:03 2011 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.OpenVPN2011-02-21 14:13:28

      vpn[31864]: Mon Feb 21 14:13:03 2011 NOTE: the current –script-security setting may allow this configuration to call user-defined scriptsOpenVPN2011-02-21 14:13:28

      vpn[31864]: Mon Feb 21 14:13:03 2011 NOTE: –script-security method=”system” is deprecated due to the fact that passed parameters will be subject to shell expansionOpenVPN2011-02-21 14:13:28

      vpn[31864]: Mon Feb 21 14:13:03 2011 LZO compression initializedOpenVPN2011-02-21 14:13:28

      vpn[31864]: Mon Feb 21 14:13:03 2011 UDPv4 link local: [undef]OpenVPN2011-02-21 14:13:28

      vpn[31864]: Mon Feb 21 14:13:03 2011 UDPv4 link remote: 200.0.0.0:1194

      🚀 Apresentando o Hotspot Beacon! 🚀

      Desbloqueie o potencial do seu Wi-Fi com o Hotspot Beacon. Personalize sua página de acesso para mostrar anúncios, promoções ou informações e engajar seus clientes, impulsionando o seu negócio.

      💡 Principais Funcionalidades:

      - Interface amigável e intuitiva
      - Opções de personalização completas para sua marca
      - Gerenciamento de propagandas e promoções
      - Integração fácil com sistemas existentes via API
      - Limitação de velocidade ou largura de banda por usuário
      - Controle de acesso por horário

      🔗 Confira o site para saber mais: https://hotspotbeacon.com

    • fevereiro 22, 2011 às 12:42 am #7244
      jabinha
      Participante

      Saleao,

      Baixa o VPN cliente 2.1

      http://man.chinaunix.net/linux/efw-admin-guide-html-chunk/efw.vpn.openvpn.html

    • fevereiro 22, 2011 às 2:46 pm #7245
      saleao
      Participante

      Obrigado

      jabinha, mas a ideia e colocar o Servidor endian para Servidor endian.

    • fevereiro 22, 2011 às 3:20 pm #7246
      saleao
      Participante

      “Matriz”

      LAN

      Endian A —- LoadBalance+

      (192.168.10.0/24) OPENVPN SERVER |

      |

      |

      |

      |

      “Filial” |

      LAN

      Endian B

      +

      (192.168.0.0/24) OPENVPN GW2GW

    • fevereiro 22, 2011 às 4:59 pm #7247
      hernaneac
      Participante

      Olá

      O log indica um problema no certificado, vc deve pegar o certificado do Server e fazer o upload no cliente conforme o tuturial

    • fevereiro 23, 2011 às 7:06 pm #7248
      jabinha
      Participante

      Ok-

      A topologia esta Certa – >

      na configuração da filial ao criar um tunel- add o certificado, da Matriz, na matriz em openvpn_server – > Accounts

      Client routing -> segue as configurações abaixo ->

      Client routing

      Direcionar todo o tráfego para o servidor VPN: MARCA

      Don’t push any routes to client: MARCA

      Push route to blue zone: MARCA

      Push these nameservers: PERMITIR IP DO DNS

      Push domain: SEU DOMINIO LOCAL

      VAI EM firewall – > Tráfego da vpnVpn

      Adicionar nova regra de VPN firewall->

      Editor de regra firewall VPN

      Origem

      Tipo OpenVPN User -> SELECIONA O USUÁRIO CRIADO PARA A VPN FILIAL – >

      Destino

      Tipo <QUALQUER>

      Serviço/Porta Serviço *

      <QUALQUER>

      Protocolo *

      <QUALQUER>

      Política Ação * ALLOW with IPS PERMITIR NEGAR REJEITAR

      Aplica Pelo Putty

      iptables -I FORWARD -s ip da sua rede -d ip da sua rede -p icmp -j ACCEPT

      (liberando ping e traceroute)

  • Autor
    Posts
Visualizando 5 respostas da discussão
  • O tópico ‘Configurar VPN Endian para Endian.’ está fechado para novas respostas.