Comment 29 for bug 230197
Revision history for this message
| Khairul Aizat Kamarudzzaman (fenris) wrote | #29 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
after applying the patch, my openvpn connection to my ipcop failed .. then i need to restore back the backup file of openssl-vulnkey
and the result are :
Jun 11 00:06:39 thinkbuntu openvpn[15761]: OpenVPN 2.1_rc7 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] built on May 14 2008
Jun 11 00:06:42 thinkbuntu openvpn[15761]: WARNING: file '/home/
Jun 11 00:06:42 thinkbuntu openvpn[15761]: LZO compression initialized
Jun 11 00:06:42 thinkbuntu openvpn[15761]: WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1400)
Jun 11 00:06:42 thinkbuntu openvpn[15761]: Control Channel MTU parms [ L:1444 D:140 EF:40 EB:0 ET:0 EL:0 ]
Jun 11 00:06:42 thinkbuntu openvpn[15761]: Data Channel MTU parms [ L:1444 D:1444 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Jun 11 00:06:42 thinkbuntu openvpn[15761]: Local Options hash (VER=V4): '7dfc3732'
Jun 11 00:06:42 thinkbuntu openvpn[15761]: Expected Remote Options hash (VER=V4): '347277f0'
Jun 11 00:06:42 thinkbuntu openvpn[15766]: Attempting to establish TCP connection with xxx.xx.xxx.xx:1194 [nonblock]
Jun 11 00:06:43 thinkbuntu openvpn[15766]: TCP connection established with xxx.xx.xxx.xx:1194
Jun 11 00:06:43 thinkbuntu openvpn[15766]: Socket Buffers: R=[87380->131072] S=[16384->131072]
Jun 11 00:06:43 thinkbuntu openvpn[15766]: TCPv4_CLIENT link local: [undef]
Jun 11 00:06:43 thinkbuntu openvpn[15766]: TCPv4_CLIENT link remote: xxx.xx.xxx.xx:1194
Jun 11 00:06:43 thinkbuntu openvpn[15766]: TLS: Initial packet from xxx.xx.xxx.xx:1194, sid=c24f7faa bb03e7ee
Jun 11 00:06:44 thinkbuntu openvpn[15766]: VERIFY OK: depth=1, /C=MY/ST=
Jun 11 00:06:44 thinkbuntu openvpn[15766]: VERIFY OK: nsCertType=SERVER
Jun 11 00:06:44 thinkbuntu openvpn[15766]: VERIFY OK: depth=0, /C=MY/ST=
Jun 11 00:06:46 thinkbuntu openvpn[15766]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Jun 11 00:06:46 thinkbuntu openvpn[15766]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun 11 00:06:46 thinkbuntu openvpn[15766]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Jun 11 00:06:46 thinkbuntu openvpn[15766]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jun 11 00:06:46 thinkbuntu openvpn[15766]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Jun 11 00:06:46 thinkbuntu openvpn[15766]: [xxx.xx.xxx.xx] Peer Connection Initiated with xxx.xx.xxx.xx:1194
Jun 11 00:06:47 thinkbuntu openvpn[15766]: SENT CONTROL [xxx.xx.xxx.xx]: 'PUSH_REQUEST' (status=1)
Jun 11 00:06:47 thinkbuntu openvpn[15766]: PUSH: Received control message: 'PUSH_REPLY,route 172.16.1.0 255.255.
Jun 11 00:06:47 thinkbuntu openvpn[15766]: OPTIONS IMPORT: timers and/or timeouts modified
Jun 11 00:06:47 thinkbuntu openvpn[15766]: OPTIONS IMPORT: --ifconfig/up options modified
Jun 11 00:06:47 thinkbuntu openvpn[15766]: OPTIONS IMPORT: route options modified
Jun 11 00:06:47 thinkbuntu openvpn[15766]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Jun 11 00:06:47 thinkbuntu kernel: [ 4152.626043] tun: Universal TUN/TAP device driver, 1.6
Jun 11 00:06:47 thinkbuntu kernel: [ 4152.626047] tun: (C) 1999-2004 Max Krasnyansky <email address hidden>
Jun 11 00:06:47 thinkbuntu openvpn[15766]: TUN/TAP device tun0 opened
Jun 11 00:06:47 thinkbuntu openvpn[15766]: TUN/TAP TX queue length set to 100
Jun 11 00:06:47 thinkbuntu openvpn[15766]: ifconfig tun0 10.193.196.6 pointopoint 10.193.196.5 mtu 1400
Jun 11 00:06:47 thinkbuntu openvpn[15766]: route add -net 172.16.1.0 netmask 255.255.255.0 gw 10.193.196.5
Jun 11 00:06:47 thinkbuntu openvpn[15766]: route add -net 10.193.196.1 netmask 255.255.255.255 gw 10.193.196.5
Jun 11 00:06:47 thinkbuntu openvpn[15766]: Initialization Sequence Completed
so now i can only ovpn to my ipcop but not to my pfsense .. any idea why?