Perfect Privacy OpenVPN Log auf OpenWRT

Discussion in 'Plauderecke' started by szkuta, Mar 1, 2019.

  1. s

    szkuta New Member

    Ich habe mein eigenes OpenVPN Setup erstellt und bekomme eine Verbindung und das passende Routing zu einem VPN Server von PP. Allerdings würde ich gerne mal einen der Experten einen Blick auf meine Log werfen lassen, um sicher zu stellen, dass auch wirklich alles korrekt läuft.

    Eins vorab: Ich habe das WAN6 Interface momentan mit Absicht noch komplett entfernt. Deshalb auch die IPv6 Errors.

    Sieht das soweit gesund aus?

    Code:
    Fri Mar  1 17:33:56 2019 us=860417 OpenVPN 2.4.5 mipsel-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
    Fri Mar  1 17:33:56 2019 us=860750 library versions: OpenSSL 1.0.2q  20 Nov 2018, LZO 2.10
    Fri Mar  1 17:33:56 2019 us=869967 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
    Fri Mar  1 17:33:56 2019 us=870524 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
    Fri Mar  1 17:33:56 2019 us=871744 Control Channel MTU parms [ L:1626 D:1140 EF:110 EB:0 ET:0 EL:3 ]
    Fri Mar  1 17:33:56 2019 us=902293 Data Channel MTU parms [ L:1626 D:1300 EF:126 EB:407 ET:0 EL:3 ]
    Fri Mar  1 17:33:56 2019 us=902643 Fragmentation MTU parms [ L:1626 D:1300 EF:125 EB:407 ET:1 EL:3 ]
    Fri Mar  1 17:33:56 2019 us=903116 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1606,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,keydir 1,cipher AES-128-CBC,auth SHA512,keysize 128,tls-auth,key-method 2,tls-client'
    Fri Mar  1 17:33:56 2019 us=903355 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1606,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,keydir 0,cipher AES-128-CBC,auth SHA512,keysize 128,tls-auth,key-method 2,tls-server'
    Fri Mar  1 17:33:56 2019 us=903625 TCP/UDP: Preserving recently used remote address: [AF_INET]95.211.95.244:149
    Fri Mar  1 17:33:56 2019 us=903940 Socket Buffers: R=[163840->163840] S=[163840->163840]
    Fri Mar  1 17:33:56 2019 us=904428 UDP link local: (not bound)
    Fri Mar  1 17:33:56 2019 us=904794 UDP link remote: [AF_INET]95.211.95.244:149
    Fri Mar  1 17:33:56 2019 us=934746 TLS: Initial packet from [AF_INET]95.211.95.244:149, sid=f479b44e 85b191e1
    Fri Mar  1 17:33:56 2019 us=935937 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    Fri Mar  1 17:33:57 2019 us=63905 VERIFY OK: depth=1, C=CH, ST=Zug, L=Zug, O=Perfect Privacy, CN=Perfect Privacy, emailAddress=admin@perfect-privacy.com
    Fri Mar  1 17:33:57 2019 us=84499 VERIFY KU OK
    Fri Mar  1 17:33:57 2019 us=84908 Validating certificate extended key usage
    Fri Mar  1 17:33:57 2019 us=85146 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
    Fri Mar  1 17:33:57 2019 us=85364 VERIFY EKU OK
    Fri Mar  1 17:33:57 2019 us=85574 VERIFY OK: depth=0, C=CH, ST=Zug, O=Perfect Privacy, CN=Server_amsterdam.perfect-privacy.com, emailAddress=admin@perfect-privacy.com
    Fri Mar  1 17:34:03 2019 us=572176 WARNING: 'cipher' is used inconsistently, local='cipher AES-128-CBC', remote='cipher AES-256-CBC'
    Fri Mar  1 17:34:03 2019 us=572808 WARNING: 'keysize' is used inconsistently, local='keysize 128', remote='keysize 256'
    Fri Mar  1 17:34:03 2019 us=574906 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
    Fri Mar  1 17:34:03 2019 us=575296 [Server_amsterdam.perfect-privacy.com] Peer Connection Initiated with [AF_INET]95.211.95.244:149
    Fri Mar  1 17:34:04 2019 us=684339 SENT CONTROL [Server_amsterdam.perfect-privacy.com]: 'PUSH_REQUEST' (status=1)
    Fri Mar  1 17:34:04 2019 us=712542 PUSH: Received control message: 'PUSH_REPLY,topology subnet,redirect-gateway def1,sndbuf 131072,rcvbuf 131072,comp-lzo adaptive,route-gateway 10.0.70.1,redirect-gateway ipv6,route-ipv6 2000::/3,ping 10,ping-restart 60,dhcp-option DNS 185.17.184.3,dhcp-option DNS 5.79.98.56,ifconfig-ipv6 fdbf:1d37:bbe0:0:4:6:0:f3/112 fdbf:1d37:bbe0:0:4:6:0:1,ifconfig 10.0.70.243 255.255.255.0,peer-id 3'
    Fri Mar  1 17:34:04 2019 us=713558 OPTIONS IMPORT: timers and/or timeouts modified
    Fri Mar  1 17:34:04 2019 us=713748 OPTIONS IMPORT: compression parms modified
    Fri Mar  1 17:34:04 2019 us=713910 LZO compression initializing
    Fri Mar  1 17:34:04 2019 us=714122 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
    Fri Mar  1 17:34:04 2019 us=714447 Socket Buffers: R=[163840->262144] S=[163840->262144]
    Fri Mar  1 17:34:04 2019 us=714614 OPTIONS IMPORT: --ifconfig/up options modified
    Fri Mar  1 17:34:04 2019 us=714774 OPTIONS IMPORT: route options modified
    Fri Mar  1 17:34:04 2019 us=714933 OPTIONS IMPORT: route-related options modified
    Fri Mar  1 17:34:04 2019 us=715121 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
    Fri Mar  1 17:34:04 2019 us=715291 OPTIONS IMPORT: peer-id set
    Fri Mar  1 17:34:04 2019 us=715457 OPTIONS IMPORT: adjusting link_mtu to 1629
    Fri Mar  1 17:34:04 2019 us=715683 Data Channel MTU parms [ L:1609 D:1300 EF:109 EB:407 ET:0 EL:3 ]
    Fri Mar  1 17:34:04 2019 us=716532 Outgoing Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key
    Fri Mar  1 17:34:04 2019 us=716776 Outgoing Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
    Fri Mar  1 17:34:04 2019 us=716963 Incoming Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key
    Fri Mar  1 17:34:04 2019 us=717194 Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
    Fri Mar  1 17:34:04 2019 us=718191 GDG6: remote_host_ipv6=n/a
    Fri Mar  1 17:34:04 2019 us=718517 GDG6: NLMSG_ERROR: error Permission denied
    
    Fri Mar  1 17:34:04 2019 us=722842 TUN/TAP device tun0 opened
    Fri Mar  1 17:34:04 2019 us=724623 TUN/TAP TX queue length set to 100
    Fri Mar  1 17:34:04 2019 us=725136 do_ifconfig, tt->did_ifconfig_ipv6_setup=1
    Fri Mar  1 17:34:04 2019 us=725582 /sbin/ifconfig tun0 10.0.70.243 netmask 255.255.255.0 mtu 1500 broadcast 10.0.70.255
    Fri Mar  1 17:34:04 2019 us=748319 /sbin/ifconfig tun0 add fdbf:1d37:bbe0::4:6:0:f3/112
    Fri Mar  1 17:34:06 2019 us=724351 /sbin/route add -net 95.211.95.244 netmask 255.255.255.255 gw 192.168.178.1
    Fri Mar  1 17:34:06 2019 us=728772 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.0.70.1
    Fri Mar  1 17:34:06 2019 us=733110 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.0.70.1
    Fri Mar  1 17:34:06 2019 us=737677 add_route_ipv6(2000::/3 -> fdbf:1d37:bbe0::4:6:0:1 metric -1) dev tun0
    Fri Mar  1 17:34:06 2019 us=738075 /sbin/route -A inet6 add 2000::/3 dev tun0
    Fri Mar  1 17:34:06 2019 us=742309 add_route_ipv6(::/3 -> fdbf:1d37:bbe0::4:6:0:1 metric -1) dev tun0
    Fri Mar  1 17:34:06 2019 us=742702 /sbin/route -A inet6 add ::/3 dev tun0
    Fri Mar  1 17:34:06 2019 us=747147 add_route_ipv6(2000::/4 -> fdbf:1d37:bbe0::4:6:0:1 metric -1) dev tun0
    Fri Mar  1 17:34:06 2019 us=747546 /sbin/route -A inet6 add 2000::/4 dev tun0
    Fri Mar  1 17:34:06 2019 us=751841 add_route_ipv6(3000::/4 -> fdbf:1d37:bbe0::4:6:0:1 metric -1) dev tun0
    Fri Mar  1 17:34:06 2019 us=752236 /sbin/route -A inet6 add 3000::/4 dev tun0
    Fri Mar  1 17:34:06 2019 us=757945 add_route_ipv6(fc00::/7 -> fdbf:1d37:bbe0::4:6:0:1 metric -1) dev tun0
    Fri Mar  1 17:34:06 2019 us=758481 /sbin/route -A inet6 add fc00::/7 dev tun0
    Fri Mar  1 17:34:06 2019 us=767857 Initialization Sequence Completed
    
     
  2. O

    Opsecbase Member

    "Initialization Sequence Completed"
    Verbindung wurde erfolgreich hergestellt, wo ist dein Problem?
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice