Tous les projets

ID Projet Ouverte Type Catégorie État Résumé
18505Freebox Server (Ultra V9/ Pop V8/ Delta V7 / Revolution V6 / Mini 4K)13/08/2015AnomalieServeur VPNNouveau"Bad local IP" en tentant de connecter deux Freebox Ser... Description de la tâche

Bonjour,

Je tente de raccorder deux freebox server (une Révolution et un Mini, j’utiliserai ces noms pour distinguer le server et le client OpenVPN) dans l’optique de fusionner les deux LAN sur le même subnet (192.168.0.*) en utilisant OpenVPN en mode Bridge.

Je configure donc le Mini en tant que server, créé un utilisateur spécifique pour cette connexion et charge le fichier de configuration généré par le Mini dans le client VPN de la Révolution. Première erreur : il faut commenter la ligne dev-type tap qui empêche au client de la Révolution de charger le fichier le configuration (et aussi tls-remote qui n’est plus nécessaire et génère un warning dans les logs).

Une fois le fichier de configuration corrigé et chargé, toute tentative de connection retourne une erreur Bad local IP dont ne je n’ai pu trouver aucune référence sur le net (autre qu’une erreur de pppd). Le log indique aussi que le client tente la requête avec dev-type tun (puisque je l’ai commenté dans le fichier de config).

Log complet :

2015-08-13 14:26:18 l2 state change ‘l2_down’ ⇒ ‘l2_down’
2015-08-13 14:26:18 l3 state change ‘l3_down’ ⇒ ‘l3_down’
2015-08-13 14:26:18 state change ‘down’ ⇒ ‘down’
2015-08-13 14:26:18 enabling connection
2015-08-13 14:26:18 state change ‘down’ ⇒ ‘wait_l2_up’
2015-08-13 14:26:18 l2 state change ‘l2_down’ ⇒ ‘l2_up’
2015-08-13 14:26:18 state change ‘wait_l2_up’ ⇒ ‘l2_up’
2015-08-13 14:26:18 state change ‘l2_up’ ⇒ ‘wait_l3_up’
2015-08-13 14:26:18 l3 state change ‘l3_down’ ⇒ ‘l3_start’
2015-08-13 14:26:18 starting
2015-08-13 14:26:18 calling helper script at ‘/etc/fbxconnman/conn.pre-up’
2015-08-13 14:26:18 l3 state change ‘l3_start’ ⇒ ‘l3_wait_preup_helper’
2015-08-13 14:26:18 l3 state change ‘l3_wait_preup_helper’ ⇒ ‘l3_wait_stable’
2015-08-13 14:26:18 openvpn: output: Thu Aug 13 14:26:18 2015 OpenVPN 2.3.2 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jul 24 2015
2015-08-13 14:26:18 openvpn: connected to management interface
2015-08-13 14:26:18 openvpn: output: Thu Aug 13 14:26:18 2015 MANAGEMENT: Connected to management server at unix_mgt.sock
2015-08-13 14:26:18 openvpn: rx: >INFO:OpenVPN Management Interface Version 1 – type ‘help’ for more info
2015-08-13 14:26:18 openvpn: rx: >HOLD:Waiting for hold release
2015-08-13 14:26:18 openvpn: tx: hold release
2015-08-13 14:26:18 openvpn: output: Thu Aug 13 14:26:18 2015 MANAGEMENT: CMD ‘hold release’
2015-08-13 14:26:18 openvpn: rx: SUCCESS: hold release succeeded
2015-08-13 14:26:18 openvpn: output: Thu Aug 13 14:26:18 2015 MANAGEMENT: CMD ‘state on’
2015-08-13 14:26:18 openvpn: rx: SUCCESS: real-time state notification set to ON
2015-08-13 14:26:18 openvpn: rx: >PASSWORD:Need ‘Auth’ username/password
2015-08-13 14:26:18 openvpn: tx: username “Auth” “[user]”
2015-08-13 14:26:18 openvpn: output: Thu Aug 13 14:26:18 2015 MANAGEMENT: CMD ‘username “Auth” “[user]”’
2015-08-13 14:26:18 openvpn: rx: SUCCESS: ‘Auth’ username entered, but not yet verified
2015-08-13 14:26:18 openvpn: output: Thu Aug 13 14:26:18 2015 MANAGEMENT: CMD ‘password [...]’
2015-08-13 14:26:18 openvpn: rx: SUCCESS: ‘Auth’ password entered, but not yet verified
2015-08-13 14:26:18 openvpn: output: Thu Aug 13 14:26:18 2015 MANAGEMENT: >STATE:1439468778,WILL_CONNECT,[IP],,,,,0
2015-08-13 14:26:18 openvpn: output: Thu Aug 13 14:26:18 2015 Socket Buffers: R=[172032→131072] S=[172032→131072]
2015-08-13 14:26:18 openvpn: output: Thu Aug 13 14:26:18 2015 UDPv4 link local: [undef]
2015-08-13 14:26:18 openvpn: output: Thu Aug 13 14:26:18 2015 UDPv4 link remote: [AF_INET][IP]:[PORT]
2015-08-13 14:26:18 openvpn: output: Thu Aug 13 14:26:18 2015 MANAGEMENT: >STATE:1439468778,WAIT,,,,,,0
2015-08-13 14:26:18 openvpn: rx: >STATE:1439468778,WILL_CONNECT,[IP],,,,,0
2015-08-13 14:26:18 openvpn: rx: >STATE:1439468778,WAIT,,,,,,0
2015-08-13 14:26:18 openvpn: output: Thu Aug 13 14:26:18 2015 MANAGEMENT: >STATE:1439468778,AUTH,,,,,,0
2015-08-13 14:26:18 openvpn: output: Thu Aug 13 14:26:18 2015 TLS: Initial packet from [AF_INET][IP]:[PORT], sid=7f32f5b5 869df738
2015-08-13 14:26:18 openvpn: rx: >STATE:1439468778,AUTH,,,,,,0
2015-08-13 14:26:18 openvpn: output: Thu Aug 13 14:26:18 2015 VERIFY OK: depth=1, C=FR, O=Freebox SA, CN=Freebox OpenVPN server CA for […]
2015-08-13 14:26:18 openvpn: output: Thu Aug 13 14:26:18 2015 Validating certificate key usage
2015-08-13 14:26:18 openvpn: output: Thu Aug 13 14:26:18 2015 ++ Certificate has key usage 00a0, expects 00a0
2015-08-13 14:26:18 openvpn: output: Thu Aug 13 14:26:18 2015 VERIFY KU OK
2015-08-13 14:26:18 openvpn: output: Thu Aug 13 14:26:18 2015 Validating certificate extended key usage
2015-08-13 14:26:18 openvpn: output: Thu Aug 13 14:26:18 2015 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2015-08-13 14:26:18 openvpn: output: Thu Aug 13 14:26:18 2015 VERIFY EKU OK
2015-08-13 14:26:18 openvpn: output: Thu Aug 13 14:26:18 2015 VERIFY OK: depth=0, C=FR, O=Freebox SA, CN=Freebox OpenVPN server […]
2015-08-13 14:26:19 openvpn: output: Thu Aug 13 14:26:19 2015 WARNING: ‘dev-type’ is used inconsistently, local=’dev-type tun’, remote=’dev-type tap’
2015-08-13 14:26:19 openvpn: output: Thu Aug 13 14:26:19 2015 WARNING: ‘link-mtu’ is used inconsistently, local=’link-mtu 1557’, remote=’link-mtu 1589’
2015-08-13 14:26:19 openvpn: output: Thu Aug 13 14:26:19 2015 WARNING: ‘tun-mtu’ is used inconsistently, local=’tun-mtu 1500’, remote=’tun-mtu 1532’
2015-08-13 14:26:19 openvpn: output: Thu Aug 13 14:26:19 2015 Data Channel Encrypt: Cipher ‘AES-256-CBC’ initialized with 256 bit key
2015-08-13 14:26:19 openvpn: output: Thu Aug 13 14:26:19 2015 Data Channel Encrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
2015-08-13 14:26:19 openvpn: output: Thu Aug 13 14:26:19 2015 Data Channel Decrypt: Cipher ‘AES-256-CBC’ initialized with 256 bit key
2015-08-13 14:26:19 openvpn: output: Thu Aug 13 14:26:19 2015 Data Channel Decrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
2015-08-13 14:26:19 openvpn: output: Thu Aug 13 14:26:19 2015 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
2015-08-13 14:26:19 openvpn: output: Thu Aug 13 14:26:19 2015 [Freebox OpenVPN server […]] Peer Connection Initiated with [AF_INET][IP]:[PORT]
2015-08-13 14:26:20 openvpn: rx: >STATE:1439468780,GET_CONFIG,,,,,,0
2015-08-13 14:26:20 openvpn: output: Thu Aug 13 14:26:20 2015 MANAGEMENT: >STATE:1439468780,GET_CONFIG,,,,,,0
2015-08-13 14:26:21 openvpn: output: Thu Aug 13 14:26:21 2015 SENT CONTROL [Freebox OpenVPN server […]]: ‘PUSH_REQUEST’ (status=1)
2015-08-13 14:26:21 openvpn: rx: >STATE:1439468781,CONNECTED,SUCCESS,,[IP],,,1500
2015-08-13 14:26:21 openvpn: bad local ip
2015-08-13 14:26:21 l3 is now stable
2015-08-13 14:26:21 l3 does not fulfil config requirement
2015-08-13 14:26:21 l3 state change ‘l3_wait_stable’ ⇒ ‘l3_bring_down’
2015-08-13 14:26:21 waiting for l3 providers to go down
2015-08-13 14:26:21 l3 state change ‘l3_bring_down’ ⇒ ‘l3_wait_down’
2015-08-13 14:26:21 l3 state change ‘l3_wait_down’ ⇒ ‘l3_cleanup_start’
2015-08-13 14:26:21 calling helper script at ‘/etc/fbxconnman/conn.post-down’
2015-08-13 14:26:21 l3 state change ‘l3_cleanup_start’ ⇒ ‘l3_wait_postdown_helper’
2015-08-13 14:26:21 openvpn: output: Thu Aug 13 14:26:21 2015 PUSH: Received control message: ‘PUSH_REPLY,ping 30,ping-restart 120’
2015-08-13 14:26:21 openvpn: output: Thu Aug 13 14:26:21 2015 OPTIONS IMPORT: timers and/or timeouts modified
2015-08-13 14:26:21 openvpn: output: Thu Aug 13 14:26:21 2015 Initialization Sequence Completed
2015-08-13 14:26:21 openvpn: output: Thu Aug 13 14:26:21 2015 MANAGEMENT: >STATE:1439468781,CONNECTED,SUCCESS,,[IP],,,1500
2015-08-13 14:26:21 l3 state change ‘l3_wait_postdown_helper’ ⇒ ‘l3_cleanup_finish’
2015-08-13 14:26:21 l3 state change ‘l3_cleanup_finish’ ⇒ ‘l3_finished’
2015-08-13 14:26:21 state change ‘wait_l3_up’ ⇒ ‘wait_l3_down’
2015-08-13 14:26:21 l3 state change ‘l3_finished’ ⇒ ‘l3_down’
2015-08-13 14:26:21 state is now DOWN
2015-08-13 14:26:21 state change ‘wait_l3_down’ ⇒ ‘l3_finished’
2015-08-13 14:26:21 state change ‘l3_finished’ ⇒ ‘wait_l2_down’
2015-08-13 14:26:21 l2 state change ‘l2_up’ ⇒ ‘l2_cleanup’
2015-08-13 14:26:21 l2 state change ‘l2_cleanup’ ⇒ ‘l2_down’
2015-08-13 14:26:21 state change ‘wait_l2_down’ ⇒ ‘down’

Tâches 1 - 1 sur 1 Page 1 sur 1

Activer les raccourcis clavier

Liste des tâches

Détails de la tâche

Édition de la tâche