Freebox Server (Delta V7 / Revolution V6 / Server Mini 4K)

  • État Nouveau
  • Type de tâche Anomalie
  • Catégorie Services locaux → Client VPN
  • Assignée à Personne
  • Système d'exploitation Freebox Server Mini 4K
  • Sévérité Critique
  • Priorité Normale
  • Basée sur la version 4.0.6
  • Due pour la version Non décidé
  • Date d'échéance Non décidé

FS#29637 - Le Client openVPN ne fonctionne pas

Bonjour à tous,
le client openVPN de ma 4K (version 4.0.6) ne se connect pas (testé en UDP)
INFO: je suis en fibre avec partage des ports en 4 !

Dans le log on voit: Inactivity timeout (–ping-exit) peut-être une piste !
y-a-t’il d’autre personne dans mon cas ?

ci-dessous les logs:


2020-01-08 09:54:36 l2 state change ‘l2_down’ ⇒ ‘l2_down’ 2020-01-08 09:54:36 l3 state change ‘l3_down’ ⇒ ‘l3_down’ 2020-01-08 09:54:36 state change ‘down’ ⇒ ‘down’ 2020-01-08 09:54:36 enabling connection
2020-01-08 09:54:36 state change ‘down’ ⇒ ‘wait_l2_up’ 2020-01-08 09:54:36 l2 state change ‘l2_down’ ⇒ ‘l2_up’ 2020-01-08 09:54:36 state change ‘wait_l2_up’ ⇒ ‘l2_up’ 2020-01-08 09:54:36 state change ‘l2_up’ ⇒ ‘wait_l3_up’ 2020-01-08 09:54:36 l3 state change ‘l3_down’ ⇒ ‘l3_start’ 2020-01-08 09:54:36 starting
2020-01-08 09:54:36 calling helper script at ‘/etc/fbxconnman/conn.pre-up’ 2020-01-08 09:54:36 l3 state change ‘l3_start’ ⇒ ‘l3_wait_preup_helper’ 2020-01-08 09:54:36 l3 state change ‘l3_wait_preup_helper’ ⇒ ‘l3_wait_stable’ 2020-01-08 09:54:36 openvpn: output: Wed Jan 8 09:54:36 2020 OpenVPN 2.3.17 arm-unknown-linux-muslgnueabi [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on May 30 2019
2020-01-08 09:54:36 openvpn: output: Wed Jan 8 09:54:36 2020 library versions: OpenSSL 1.0.2q 20 Nov 2018, LZO 2.09
2020-01-08 09:54:36 openvpn: connected to management interface
2020-01-08 09:54:36 openvpn: output: Wed Jan 8 09:54:36 2020 MANAGEMENT: Connected to management server at unix_mgt.sock
2020-01-08 09:54:36 openvpn: rx: >INFO:OpenVPN Management Interface Version 1 – type ‘help’ for more info
2020-01-08 09:54:36 openvpn: rx: >HOLD:Waiting for hold release
2020-01-08 09:54:36 openvpn: tx: hold release
2020-01-08 09:54:36 openvpn: output: Wed Jan 8 09:54:36 2020 MANAGEMENT: CMD ‘hold release’ 2020-01-08 09:54:36 openvpn: rx: SUCCESS: hold release succeeded
2020-01-08 09:54:36 openvpn: output: Wed Jan 8 09:54:36 2020 MANAGEMENT: CMD ‘state on’ 2020-01-08 09:54:36 openvpn: rx: SUCCESS: real-time state notification set to ON
2020-01-08 09:54:36 openvpn: rx: >PASSWORD:Need ‘Auth’ username/password
2020-01-08 09:54:36 openvpn: tx: username “Auth” “XxxxxxxxxX” 2020-01-08 09:54:36 openvpn: output: Wed Jan 8 09:54:36 2020 MANAGEMENT: CMD ‘username “Auth” “XxxxxxxxxX”’ 2020-01-08 09:54:36 openvpn: rx: SUCCESS: ‘Auth’ username entered, but not yet verified
2020-01-08 09:54:36 openvpn: output: Wed Jan 8 09:54:36 2020 MANAGEMENT: CMD ‘password [...]’ 2020-01-08 09:54:36 openvpn: rx: SUCCESS: ‘Auth’ password entered, but not yet verified
2020-01-08 09:54:36 openvpn: output: Wed Jan 8 09:54:36 2020 MANAGEMENT: >STATE:1578473676,WILL_CONNECT,4-1-xx.toto.com,,,,,0
2020-01-08 09:54:36 openvpn: output: Wed Jan 8 09:54:36 2020 Socket Buffers: R=[163840→163840] S=[163840→163840]
2020-01-08 09:54:36 openvpn: output: Wed Jan 8 09:54:36 2020 MANAGEMENT: >STATE:1578473676,RESOLVE,,,,,,0
2020-01-08 09:54:36 openvpn: output: Wed Jan 8 09:54:36 2020 UDPv4 link local: [undef]
2020-01-08 09:54:36 openvpn: output: Wed Jan 8 09:54:36 2020 UDPv4 link remote: [AF_INET]84.xx.xx.xx:443
2020-01-08 09:54:36 openvpn: output: Wed Jan 8 09:54:36 2020 MANAGEMENT: >STATE:1578473676,WAIT,,,,,,0
2020-01-08 09:54:36 openvpn: rx: >STATE:1578473676,WILL_CONNECT,4-1-xx.toto.com,,,,,0
2020-01-08 09:54:36 openvpn: rx: >STATE:1578473676,RESOLVE,,,,,,0
2020-01-08 09:54:36 openvpn: rx: >STATE:1578473676,WAIT,,,,,,0
2020-01-08 09:54:36 openvpn: output: Wed Jan 8 09:54:36 2020 MANAGEMENT: >STATE:1578473676,AUTH,,,,,,0
2020-01-08 09:54:36 openvpn: output: Wed Jan 8 09:54:36 2020 TLS: Initial packet from [AF_INET]84.xx.xx.xx:443, sid=08411d05 96fac4f6
2020-01-08 09:54:36 openvpn: rx: >STATE:1578473676,AUTH,,,,,,0
2020-01-08 09:54:36 openvpn: output: Wed Jan 8 09:54:36 2020 VERIFY OK: depth=1, C=RO, L=city, O=ProviderXX S.A., CN=ProviderXX Root CA, emailAddress=info@ProviderXX.xxx
2020-01-08 09:54:36 openvpn: output: Wed Jan 8 09:54:36 2020 Validating certificate key usage
2020-01-08 09:54:36 openvpn: output: Wed Jan 8 09:54:36 2020 ++ Certificate has key usage 00a0, expects 00a0
2020-01-08 09:54:36 openvpn: output: Wed Jan 8 09:54:36 2020 VERIFY KU OK
2020-01-08 09:54:36 openvpn: output: Wed Jan 8 09:54:36 2020 Validating certificate extended key usage
2020-01-08 09:54:36 openvpn: output: Wed Jan 8 09:54:36 2020 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2020-01-08 09:54:36 openvpn: output: Wed Jan 8 09:54:36 2020 VERIFY EKU OK
2020-01-08 09:54:36 openvpn: output: Wed Jan 8 09:54:36 2020 VERIFY OK: depth=0, C=RO, L=city, O=ProviderXX S.A., CN=ProviderXX VPN Server Node xxxxxxxx-s03, mailAddress=info@ProviderXX.xxx
2020-01-08 09:55:36 openvpn: rx: >STATE:1578473736,EXITING,ping-exit,,,,,0
2020-01-08 09:55:36 openvpn: output: Wed Jan 8 09:55:36 2020 [ProviderXX VPN Server Node xxxxxxxx-s03] Inactivity timeout (–ping-exit), exiting
2020-01-08 09:55:36 openvpn: output: Wed Jan 8 09:55:36 2020 SIGTERM[soft,ping-exit] received, process exiting
2020-01-08 09:55:36 openvpn: output: Wed Jan 8 09:55:36 2020 MANAGEMENT: >STATE:1578473736,EXITING,ping-exit,,,,,0
2020-01-08 09:55:36 l3 is now stable
2020-01-08 09:55:36 l3 does not fulfil config requirement
2020-01-08 09:55:36 l3 state change ‘l3_wait_stable’ ⇒ ‘l3_bring_down’ 2020-01-08 09:55:36 waiting for l3 providers to go down
2020-01-08 09:55:36 l3 state change ‘l3_bring_down’ ⇒ ‘l3_wait_down’ 2020-01-08 09:55:36 l3 state change ‘l3_wait_down’ ⇒ ‘l3_cleanup_start’ 2020-01-08 09:55:36 calling helper script at ‘/etc/fbxconnman/conn.post-down’ 2020-01-08 09:55:36 l3 state change ‘l3_cleanup_start’ ⇒ ‘l3_wait_postdown_helper’ 2020-01-08 09:55:36 openvpn: openvpn process died (0)
2020-01-08 09:55:36 l3 state change ‘l3_wait_postdown_helper’ ⇒ ‘l3_cleanup_finish’ 2020-01-08 09:55:36 l3 state change ‘l3_cleanup_finish’ ⇒ ‘l3_finished’ 2020-01-08 09:55:36 state change ‘wait_l3_up’ ⇒ ‘wait_l3_down’ 2020-01-08 09:55:36 l3 state change ‘l3_finished’ ⇒ ‘l3_down’ 2020-01-08 09:55:36 state is now DOWN
2020-01-08 09:55:36 state change ‘wait_l3_down’ ⇒ ‘l3_finished’ 2020-01-08 09:55:36 state change ‘l3_finished’ ⇒ ‘wait_l2_down’ 2020-01-08 09:55:36 l2 state change ‘l2_up’ ⇒ ‘l2_cleanup’ 2020-01-08 09:55:36 l2 state change ‘l2_cleanup’ ⇒ ‘l2_down’ 2020-01-08 09:55:36 state change ‘wait_l2_down’ ⇒ ‘down’ 2020-01-08 09:55:42 state change ‘down’ ⇒ ‘wait_l2_up’ 2020-01-08 09:55:42 l2 state change ‘l2_down’ ⇒ ‘l2_up’ 2020-01-08 09:55:42 state change ‘wait_l2_up’ ⇒ ‘l2_up’ 2020-01-08 09:55:42 state change ‘l2_up’ ⇒ ‘wait_l3_up’ 2020-01-08 09:55:42 l3 state change ‘l3_down’ ⇒ ‘l3_start’ 2020-01-08 09:55:42 starting
2020-01-08 09:55:42 calling helper script at ‘/etc/fbxconnman/conn.pre-up’ 2020-01-08 09:55:42 l3 state change ‘l3_start’ ⇒ ‘l3_wait_preup_helper’ 2020-01-08 09:55:42 l3 state change ‘l3_wait_preup_helper’ ⇒ ‘l3_wait_stable’ 2020-01-08 09:55:42 openvpn: output: Wed Jan 8 09:55:42 2020 OpenVPN 2.3.17 arm-unknown-linux-muslgnueabi [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on May 30 2019
2020-01-08 09:55:42 openvpn: output: Wed Jan 8 09:55:42 2020 library versions: OpenSSL 1.0.2q 20 Nov 2018, LZO 2.09
2020-01-08 09:55:42 openvpn: connected to management interface
2020-01-08 09:55:42 openvpn: output: Wed Jan 8 09:55:42 2020 MANAGEMENT: Connected to management server at unix_mgt.sock
2020-01-08 09:55:42 openvpn: rx: >INFO:OpenVPN Management Interface Version 1 – type ‘help’ for more info
2020-01-08 09:55:42 openvpn: rx: >HOLD:Waiting for hold release
2020-01-08 09:55:42 openvpn: tx: hold release
2020-01-08 09:55:42 openvpn: output: Wed Jan 8 09:55:42 2020 MANAGEMENT: CMD ‘hold release’ 2020-01-08 09:55:42 openvpn: rx: SUCCESS: hold release succeeded
2020-01-08 09:55:42 openvpn: output: Wed Jan 8 09:55:42 2020 MANAGEMENT: CMD ‘state on’ 2020-01-08 09:55:42 openvpn: rx: SUCCESS: real-time state notification set to ON
2020-01-08 09:55:42 openvpn: rx: >PASSWORD:Need ‘Auth’ username/password
2020-01-08 09:55:42 openvpn: tx: username “Auth” “XxxxxxxxxX” 2020-01-08 09:55:42 openvpn: output: Wed Jan 8 09:55:42 2020 MANAGEMENT: CMD ‘username “Auth” “XxxxxxxxxX”’ 2020-01-08 09:55:42 openvpn: rx: SUCCESS: ‘Auth’ username entered, but not yet verified
2020-01-08 09:55:42 openvpn: output: Wed Jan 8 09:55:42 2020 MANAGEMENT: CMD ‘password [...]’ 2020-01-08 09:55:42 openvpn: rx: SUCCESS: ‘Auth’ password entered, but not yet verified
2020-01-08 09:55:42 openvpn: output: Wed Jan 8 09:55:42 2020 MANAGEMENT: >STATE:1578473742,WILL_CONNECT,4-1-XX.toto.com,,,,,0
2020-01-08 09:55:42 openvpn: output: Wed Jan 8 09:55:42 2020 Socket Buffers: R=[163840→163840] S=[163840→163840]
2020-01-08 09:55:42 openvpn: output: Wed Jan 8 09:55:42 2020 MANAGEMENT: >STATE:1578473742,RESOLVE,,,,,,0
2020-01-08 09:55:42 openvpn: output: Wed Jan 8 09:55:42 2020 UDPv4 link local: [undef]
2020-01-08 09:55:42 openvpn: output: Wed Jan 8 09:55:42 2020 UDPv4 link remote: [AF_INET]84.xx.xx.xx:443
2020-01-08 09:55:42 openvpn: output: Wed Jan 8 09:55:42 2020 MANAGEMENT: >STATE:1578473742,WAIT,,,,,,0
2020-01-08 09:55:42 openvpn: rx: >STATE:1578473742,WILL_CONNECT,4-1-xx.toto.com,,,,,0
2020-01-08 09:55:42 openvpn: rx: >STATE:1578473742,RESOLVE,,,,,,0
2020-01-08 09:55:42 openvpn: rx: >STATE:1578473742,WAIT,,,,,,0
2020-01-08 09:55:42 openvpn: output: Wed Jan 8 09:55:42 2020 MANAGEMENT: >STATE:1578473742,AUTH,,,,,,0
2020-01-08 09:55:42 openvpn: output: Wed Jan 8 09:55:42 2020 TLS: Initial packet from [AF_INET]84.xx.xx.xx:443, sid=418a0dc8 c872d42c
2020-01-08 09:55:42 openvpn: rx: >STATE:1578473742,AUTH,,,,,,0
2020-01-08 09:55:42 openvpn: output: Wed Jan 8 09:55:42 2020 VERIFY OK: depth=1, C=RO, L=city, O=ProviderXX S.A., CN=ProviderXX Root CA, emailAddress=info@ProviderXX.xxx
2020-01-08 09:55:42 openvpn: output: Wed Jan 8 09:55:42 2020 Validating certificate key usage
2020-01-08 09:55:42 openvpn: output: Wed Jan 8 09:55:42 2020 ++ Certificate has key usage 00a0, expects 00a0
2020-01-08 09:55:42 openvpn: output: Wed Jan 8 09:55:42 2020 VERIFY KU OK
2020-01-08 09:55:42 openvpn: output: Wed Jan 8 09:55:42 2020 Validating certificate extended key usage
2020-01-08 09:55:42 openvpn: output: Wed Jan 8 09:55:42 2020 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2020-01-08 09:55:42 openvpn: output: Wed Jan 8 09:55:42 2020 VERIFY EKU OK
2020-01-08 09:55:42 openvpn: output: Wed Jan 8 09:55:42 2020 VERIFY OK: depth=0, C=RO, L=city, O=ProviderXX S.A., CN=ProviderXX VPN Server Node xxxxxxxx-s03, emailAddress=info@ProviderXX.xxx


Cette tache ne dépend pas d'autre tache

Grunner (Grunner)
Wednesday 8 January, 2020 15:39:29

Bonjour,

Je ne sais pas s'il s'agit d'un problème similaire mais depuis plusieurs semaines je subis des pertes totales de services dans les heures qui suivent la connexion à mon VPN, c'est systématique.
Je suis en ADSL

Mais j'arrive à m'y connecter, généralement pour 2 ou 3 heures, après c rideau !

Sébastien (Seb_38)
Saturday 11 January, 2020 11:37:51

PB résolut, cela venait de la configuration de mon fichier openVPN !
bien mettre les certificats et ne pas les mélanger ;-)

<ca>
—–BEGIN CERTIFICATE—– blablabla
—–END CERTIFICATE—– </ca>
<cert>
—–BEGIN CERTIFICATE—– blablabla
—–END CERTIFICATE—– </cert>
<key>
—–BEGIN PRIVATE KEY—– blablabla
—–END PRIVATE KEY—– </key>

Sébastien (Seb_38)
Saturday 11 January, 2020 11:39:17

RESOLUT

Neustradamus (Neustradamus_)
Saturday 11 January, 2020 12:39:11

C'est une solution temporaire, il y a bien un problème à l'origine, OpenVPN doit fonctionner avec les différents fichiers.

Par ailleurs, on peut voir OpenSSL 1.0.2q qui a des failles de sécurité !

Chargement...