Indice del forum www.zeroshell.net
Distribuzione Linux ZeroShell
 
 FAQFAQ   CercaCerca  GruppiGruppi   RegistratiRegistrati 
 ProfiloProfilo  Log inLog in   Messaggi privatiMessaggi privati 

configurazione client per vpn

 
Nuovo argomento   Rispondi    Indice del forum -> VPN
Precedente :: Successivo  
Autore Messaggio
charneval



Registrato: 03/04/10 16:30
Messaggi: 125
Residenza: perugia

MessaggioInviato: Gio Apr 08, 2010 3:45 pm    Oggetto: configurazione client per vpn Rispondi citando

Salve,
vorrei implementare 4 vpn host to lan con openvpn ed usare la semplice autenticazione con utente password.
Non riesco a capire perchè l'utente remoto continua ad avere problemi e nel server ho il seguente Log:

16:11:16 82.189.X.X:28871 [massi.adalab@ADALAB.COM] Trying Kerberos 5 (External KDC) authentication
16:11:16 82.189.X.X:28871 [massi.adalab@ADALAB.COM] Kerberos 5 authentication failed for massi.adalab@ADALAB.COM: kinit(v5): Cannot find KDC for requested realm while getting initial credentials
16:11:16 82.189.X.X:28871 TLS Auth Error: Auth Username/Password verification failed for peer
16:11:18 82.189.X.X:28871 [] Peer Connection Initiated with 82.189.X.X:28871
16:11:18 82.189.X.X:28871 Connection reset, restarting [0]
16:11:46 Re-using SSL/TLS context
16:11:46 LZO compression initialized
16:11:46 TCP connection established with 82.189.X.X:17847
16:11:46 TCPv4_SERVER link local: [undef]
16:11:46 TCPv4_SERVER link remote: 82.189.X.X:17847
16:11:49 82.189.X.X:17847 [massi@ADALAB.COM] Trying Kerberos 5 (External KDC) authentication
16:11:49 82.189.X.X:17847 [massi@ADALAB.COM] Kerberos 5 authentication failed for massi@ADALAB.COM: kinit(v5): Cannot find KDC for requested realm while getting initial credentials
16:11:49 82.189.X.X:17847 TLS Auth Error: Auth Username/Password verification failed for peer
16:11:49 82.189.X.X:17847 [] Peer Connection Initiated with 82.189.X.X:17847
16:11:51 82.189.X.X:17847 Connection reset, restarting [0]
16:27:10 Re-using SSL/TLS context
16:27:10 LZO compression initialized
16:27:10 TCP connection established with 82.189.X.X:35229
16:27:10 TCPv4_SERVER link local: [undef]
16:27:10 TCPv4_SERVER link remote: 82.189.X.X:35229
16:27:23 82.189.X.X:35229 [massi@ADALAB.COM] Trying Kerberos 5 (External KDC) authentication
16:27:23 82.189.X.X:35229 [massi@ADALAB.COM] Kerberos 5 authentication failed for massi@ADALAB.COM: kinit(v5): Cannot find KDC for requested realm while getting initial credentials
16:27:23 82.189.X.X:35229 TLS Auth Error: Auth Username/Password verification failed for peer
16:27:25 82.189.X.X:35229 [] Peer Connection Initiated with 82.189.X.X:35229
16:27:26 82.189.X.X:35229 Connection reset, restarting [0]



Ho configurato l'utente sia tra gli users che tra gli host compilando tutti i campi e nella vpn ho configurato la voce Only Password.
Nella documentazione ho visto anche la guida di configurazione per openvpn e ho impostato nel file config di ovpn il giusto ip pubblico del server, il certificato ca.pem ed in più ho messo anche il certificato dell'utente. Anche se penso sia inutile visto che ho impostato l'autenticazione solo con password.
Spero che con il log riusciate a darmi qualche consiglio.

Grazie
Andrea
_________________
ADALAB Officina Informatica Perugia
Top
Profilo Invia messaggio privato
Francesco Steno



Registrato: 26/03/10 14:59
Messaggi: 181

MessaggioInviato: Gio Apr 08, 2010 4:43 pm    Oggetto: Re: configurazione client per vpn Rispondi citando

charneval ha scritto:
Salve,
vorrei implementare 4 vpn host to lan con openvpn ed usare la semplice autenticazione con utente password.
Non riesco a capire perchè l'utente remoto continua ad avere problemi e nel server ho il seguente Log:

[b]16:11:16 82.189.X.X:28871 [massi.adalab@ADALAB.COM] Trying Kerberos 5 (External KDC) authentication
16:11:16 82.189.X.X:28871 [massi.adalab@ADALAB.COM] Kerberos 5 authentication failed for massi.adalab@ADALAB.COM: kinit(v5): Cannot find KDC for requested realm while getting initial credentials
16:11:16 82.189.X.X:28871 TLS Auth Error: Auth Username/Password verification failed for peer
16:11:18 82.189.X.X:28871 [] Peer Connection Initiated with 82.189.X.X:28871
16:11:18 82.189.X.X:28871 Connection reset, restarting [0]
16:11:46 Re-using SSL/TLS context
16:11:46 LZO compression initialized
16:11:46 TCP connection established with 82.189.X.X:17847
16:11:46 TCPv4_SERVER link local: [undef]
16:11:46 TCPv4_SERVER link remote: 82.189.X.X:17847
16:11:49 82.189.X.X:17847 [massi@ADALAB.COM] Trying Kerberos 5 (External KDC) authentication
16:11:49 82.189.X.X:17847 [massi@ADALAB.COM] Kerberos 5 authentication failed for massi@ADALAB.COM: kinit(v5): Cannot find KDC for requested realm while getting initial credentials
16:11:49 82.189.X.X:17847 TLS Auth Error: Auth Username/Password verification failed for peer
16:11:49 82.189.X.X:17847 [] Peer Connection Initiated with 82.189.X.X:17847
...

sembrerebbe che l'utente che tu hai creato non venga autenticato.
nel tuo file di configurazione aumenta il livello di verbose, passandolo a 7,

verb 7

riprova ad autenticarti nuovamente, ed incollaci nuovamente i log

charneval ha scritto:
Ho configurato l'utente sia tra gli users che tra gli host compilando tutti i campi e nella vpn ho configurato la voce Only Password.
Nella documentazione ho visto anche la guida di configurazione per openvpn e ho impostato nel file config di ovpn il giusto ip pubblico del server, il certificato ca.pem ed in più ho messo anche il certificato dell'utente. Anche se penso sia inutile visto che ho impostato l'autenticazione solo con password.
Spero che con il log riusciate a darmi qualche consiglio.

Grazie
Andrea
Top
Profilo Invia messaggio privato Invia e-mail
charneval



Registrato: 03/04/10 16:30
Messaggi: 125
Residenza: perugia

MessaggioInviato: Gio Apr 08, 2010 5:19 pm    Oggetto: Rispondi citando

18:04:06 Re-using SSL/TLS context
18:04:06 LZO compression initialized
18:04:06 TCP connection established with 82.189.43.27:40725
18:04:06 TCPv4_SERVER link local: [undef]
18:04:06 TCPv4_SERVER link remote: 82.189.43.27:40725
18:04:09 82.189.43.27:40725 [massi@ADALAB.COM] Trying Kerberos 5 (External KDC) authentication
18:04:09 82.189.43.27:40725 [massi@ADALAB.COM] Kerberos 5 authentication failed for massi@ADALAB.COM: kinit(v5): Cannot find KDC for requested realm while getting initial credentials
18:04:09 82.189.43.27:40725 TLS Auth Error: Auth Username/Password verification failed for peer
18:04:11 82.189.43.27:40725 [] Peer Connection Initiated with 82.189.43.27:40725
18:04:13 82.189.43.27:40725 Connection reset, restarting [0]
18:05:37 Re-using SSL/TLS context
18:05:37 LZO compression initialized
18:05:37 TCP connection established with 82.189.43.27:29070
18:05:37 TCPv4_SERVER link local: [undef]
18:05:37 TCPv4_SERVER link remote: 82.189.43.27:29070
18:05:43 82.189.43.27:29070 [massi@ADALAB.COM] Trying Kerberos 5 (External KDC) authentication
18:05:43 82.189.43.27:29070 [massi@ADALAB.COM] Kerberos 5 authentication failed for massi@ADALAB.COM: kinit(v5): Cannot find KDC for requested realm while getting initial credentials
18:05:43 82.189.43.27:29070 TLS Auth Error: Auth Username/Password verification failed for peer
18:05:44 82.189.43.27:29070 [] Peer Connection Initiated with 82.189.43.27:29070
18:05:45 82.189.43.27:29070 Connection reset, restarting [0]



la mascherina di autenticazione utente e password si ripresenta e quindi è come se la creazione dell'utente nel server sia sbagliata.
Ottengo lo stesso errore anche se inserisco l'utente admin.
ho anche provato ad usare come utente massi@EXAMPLE.COM ma non ho avuto alcun cambiamento.

Ti posto anche il log di openvpn:

Thu Apr 08 17:57:26 2010 us=13409 Current Parameter Settings:
Thu Apr 08 17:57:26 2010 us=13487 config = 'zeroshell.ovpn'
Thu Apr 08 17:57:26 2010 us=13506 mode = 0
Thu Apr 08 17:57:26 2010 us=13523 show_ciphers = DISABLED
Thu Apr 08 17:57:26 2010 us=13540 show_digests = DISABLED
Thu Apr 08 17:57:26 2010 us=13558 show_engines = DISABLED
Thu Apr 08 17:57:26 2010 us=13576 genkey = DISABLED
Thu Apr 08 17:57:26 2010 us=13595 key_pass_file = '[UNDEF]'
Thu Apr 08 17:57:26 2010 us=13612 show_tls_ciphers = DISABLED
Thu Apr 08 17:57:26 2010 us=13629 proto = 2
Thu Apr 08 17:57:26 2010 us=13647 local = '[UNDEF]'
Thu Apr 08 17:57:26 2010 us=13666 remote_list[0] = {'92.245.172.84', 1194}
Thu Apr 08 17:57:26 2010 us=13685 remote_random = DISABLED
Thu Apr 08 17:57:26 2010 us=13704 local_port = 1194
Thu Apr 08 17:57:26 2010 us=13722 remote_port = 1194
Thu Apr 08 17:57:26 2010 us=13740 remote_float = DISABLED
Thu Apr 08 17:57:26 2010 us=13759 ipchange = '[UNDEF]'
Thu Apr 08 17:57:26 2010 us=13778 bind_local = DISABLED
Thu Apr 08 17:57:26 2010 us=13822 dev = 'tap'
Thu Apr 08 17:57:26 2010 us=13850 dev_type = '[UNDEF]'
Thu Apr 08 17:57:26 2010 us=13870 NOTE: --mute triggered...
Thu Apr 08 17:57:26 2010 us=13908 168 variation(s) on previous 20 message(s) suppressed by --mute
Thu Apr 08 17:57:26 2010 us=13932 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct 1 2006
Thu Apr 08 17:57:33 2010 us=969314 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Thu Apr 08 17:57:33 2010 us=969351 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Thu Apr 08 17:57:34 2010 us=196082 LZO compression initialized
Thu Apr 08 17:57:34 2010 us=196138 MTU DYNAMIC mtu=0, flags=1, 0 -> 140
Thu Apr 08 17:57:34 2010 us=196168 PID packet_id_init seq_backtrack=0 time_backtrack=0
Thu Apr 08 17:57:34 2010 us=196265 PID packet_id_init seq_backtrack=0 time_backtrack=0
Thu Apr 08 17:57:34 2010 us=196280 PID packet_id_init seq_backtrack=0 time_backtrack=0
Thu Apr 08 17:57:34 2010 us=196328 PID packet_id_init seq_backtrack=0 time_backtrack=0
Thu Apr 08 17:57:34 2010 us=196349 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Apr 08 17:57:34 2010 us=196388 MTU DYNAMIC mtu=1450, flags=2, 1576 -> 1450
Thu Apr 08 17:57:34 2010 us=196411 REMOTE_LIST len=1 current=0
Thu Apr 08 17:57:34 2010 us=196428 [0] 92.245.172.84:1194
Thu Apr 08 17:57:34 2010 us=270415 RESOLVE_REMOTE flags=0x0001 phase=1 rrs=0 sig=-1 status=1
Thu Apr 08 17:57:34 2010 us=270458 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Apr 08 17:57:34 2010 us=270537 Local Options String: 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Thu Apr 08 17:57:34 2010 us=270561 Expected Remote Options String: 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Thu Apr 08 17:57:34 2010 us=298526 Local Options hash (VER=V4): '31fdf004'
Thu Apr 08 17:57:34 2010 us=298601 Expected Remote Options hash (VER=V4): '3e6d1056'
Thu Apr 08 17:57:34 2010 us=298686 Attempting to establish TCP connection with 92.245.172.84:1194
Thu Apr 08 17:57:34 2010 us=711787 TCP connection established with 92.245.172.84:1194
Thu Apr 08 17:57:34 2010 us=711854 Socket Buffers: R=[8192->8192] S=[8192->8192]
Thu Apr 08 17:57:34 2010 us=711884 TCPv4_CLIENT link local: [undef]
Thu Apr 08 17:57:34 2010 us=711902 TCPv4_CLIENT link remote: 92.245.172.84:1194
Thu Apr 08 17:57:34 2010 us=712071 TCPv4_CLIENT WRITE [14] to 92.245.172.84:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
Thu Apr 08 17:57:34 2010 us=778056 TCPv4_CLIENT READ [14] from 92.245.172.84:1194: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 [ ] pid=0 DATA len=0
Thu Apr 08 17:57:34 2010 us=778138 TLS: Initial packet from 92.245.172.84:1194, sid=3d163ed1 bc8e22b4
Thu Apr 08 17:57:34 2010 us=778259 TCPv4_CLIENT WRITE [26] to 92.245.172.84:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ 0 ] pid=0 DATA len=0
Thu Apr 08 17:57:34 2010 us=902589 TCPv4_CLIENT READ [26] from 92.245.172.84:1194: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 [ 0 ] pid=0 DATA len=0
Thu Apr 08 17:57:34 2010 us=902773 TCPv4_CLIENT WRITE [22] to 92.245.172.84:1194: P_ACK_V1 kid=0 [ 0 ]
Thu Apr 08 17:57:34 2010 us=902988 TCPv4_CLIENT WRITE [102] to 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=1 DATA len=88
Thu Apr 08 17:57:34 2010 us=968118 TCPv4_CLIENT READ [22] from 92.245.172.84:1194: P_ACK_V1 kid=0 [ 0 ]
Thu Apr 08 17:57:35 2010 us=383877 TCPv4_CLIENT READ [126] from 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ 1 ] pid=1 DATA len=100
Thu Apr 08 17:57:35 2010 us=384143 TCPv4_CLIENT WRITE [22] to 92.245.172.84:1194: P_ACK_V1 kid=0 [ 1 ]
Thu Apr 08 17:57:36 2010 us=44400 TCPv4_CLIENT READ [114] from 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=2 DATA len=100
Thu Apr 08 17:57:36 2010 us=44567 TCPv4_CLIENT READ [114] from 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=3 DATA len=100
Thu Apr 08 17:57:36 2010 us=44633 TCPv4_CLIENT READ [114] from 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=4 DATA len=100
Thu Apr 08 17:57:36 2010 us=44742 TCPv4_CLIENT WRITE [22] to 92.245.172.84:1194: P_ACK_V1 kid=0 [ 2 ]
Thu Apr 08 17:57:36 2010 us=44909 TCPv4_CLIENT WRITE [26] to 92.245.172.84:1194: P_ACK_V1 kid=0 [ 3 4 ]
Thu Apr 08 17:57:36 2010 us=130457 TCPv4_CLIENT READ [114] from 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=5 DATA len=100
Thu Apr 08 17:57:36 2010 us=130670 TCPv4_CLIENT WRITE [22] to 92.245.172.84:1194: P_ACK_V1 kid=0 [ 5 ]
Thu Apr 08 17:57:36 2010 us=265267 TCPv4_CLIENT READ [114] from 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=6 DATA len=100
Thu Apr 08 17:57:36 2010 us=265470 TCPv4_CLIENT WRITE [22] to 92.245.172.84:1194: P_ACK_V1 kid=0 [ 6 ]
Thu Apr 08 17:57:36 2010 us=328083 TCPv4_CLIENT READ [114] from 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=7 DATA len=100
Thu Apr 08 17:57:36 2010 us=366252 VERIFY OK: depth=1, /C=IT/O=Zeroshell.net/OU=Example/CN=ZeroShell_Example_CA/emailAddress=Fulvio.Ricciardi@zeroshell.net
Thu Apr 08 17:57:36 2010 us=367125 VERIFY OK: depth=0, /OU=Hosts/CN=massi.adalab
Thu Apr 08 17:57:36 2010 us=367239 TCPv4_CLIENT READ [114] from 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=8 DATA len=100
Thu Apr 08 17:57:36 2010 us=367380 TCPv4_CLIENT WRITE [22] to 92.245.172.84:1194: P_ACK_V1 kid=0 [ 7 ]
Thu Apr 08 17:57:36 2010 us=367464 TCPv4_CLIENT WRITE [22] to 92.245.172.84:1194: P_ACK_V1 kid=0 [ 8 ]
Thu Apr 08 17:57:36 2010 us=390808 TCPv4_CLIENT READ [114] from 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=9 DATA len=100
Thu Apr 08 17:57:36 2010 us=391002 TCPv4_CLIENT WRITE [22] to 92.245.172.84:1194: P_ACK_V1 kid=0 [ 9 ]
Thu Apr 08 17:57:36 2010 us=518204 TCPv4_CLIENT READ [114] from 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=10 DATA len=100
Thu Apr 08 17:57:36 2010 us=518461 TCPv4_CLIENT WRITE [22] to 92.245.172.84:1194: P_ACK_V1 kid=0 [ 10 ]
Thu Apr 08 17:57:36 2010 us=587759 TCPv4_CLIENT READ [72] from 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=11 DATA len=58
Thu Apr 08 17:57:36 2010 us=647327 TCPv4_CLIENT WRITE [126] to 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ 11 ] pid=2 DATA len=100
Thu Apr 08 17:57:36 2010 us=647449 TCPv4_CLIENT WRITE [112] to 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=3 DATA len=98
Thu Apr 08 17:57:36 2010 us=886885 TCPv4_CLIENT READ [22] from 92.245.172.84:1194: P_ACK_V1 kid=0 [ 2 ]
Thu Apr 08 17:57:37 2010 us=259018 TCPv4_CLIENT READ [85] from 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ 3 ] pid=12 DATA len=59
Thu Apr 08 17:57:37 2010 us=259390 TCPv4_CLIENT WRITE [126] to 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ 12 ] pid=4 DATA len=100
Thu Apr 08 17:57:37 2010 us=259541 TCPv4_CLIENT WRITE [114] to 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=5 DATA len=100
Thu Apr 08 17:57:37 2010 us=259601 TCPv4_CLIENT WRITE [114] to 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=6 DATA len=100
Thu Apr 08 17:57:37 2010 us=259656 TCPv4_CLIENT WRITE [44] to 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=7 DATA len=30
Thu Apr 08 17:57:37 2010 us=259694 ACK output sequence broken: [8] 4 5 6 7
Thu Apr 08 17:57:37 2010 us=411161 TCPv4_CLIENT READ [22] from 92.245.172.84:1194: P_ACK_V1 kid=0 [ 4 ]
Thu Apr 08 17:57:38 2010 us=369269 TCPv4_CLIENT READ [22] from 92.245.172.84:1194: P_ACK_V1 kid=0 [ 5 ]
Thu Apr 08 17:57:39 2010 us=621008 TCPv4_CLIENT WRITE [114] to 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=6 DATA len=100
Thu Apr 08 17:57:39 2010 us=621255 TCPv4_CLIENT WRITE [44] to 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=7 DATA len=30
Thu Apr 08 17:57:39 2010 us=851785 TCPv4_CLIENT READ [22] from 92.245.172.84:1194: P_ACK_V1 kid=0 [ 6 ]
Thu Apr 08 17:57:39 2010 us=851883 TCPv4_CLIENT READ [126] from 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ 7 ] pid=13 DATA len=100
Thu Apr 08 17:57:39 2010 us=851994 TCPv4_CLIENT READ [114] from 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=14 DATA len=100
Thu Apr 08 17:57:39 2010 us=852038 TCPv4_CLIENT READ [80] from 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=15 DATA len=66
Thu Apr 08 17:57:39 2010 us=852138 Client pre_master: e372f01d c54d991e 23b5174d 67d05a56 358e98e3 235f5453 10cc764c 776604d6 d11e0559 478b76f3 58a7e952 8ea61a48
Thu Apr 08 17:57:39 2010 us=852178 Client random1: 503eaa0b ddae4d01 b7799ab4 eeb23be1 5294c3bb b10508cc 81cd0f69 c8b358a3
Thu Apr 08 17:57:39 2010 us=852218 Client random2: 41227130 5637cbb2 cbfbc14a 13f85d44 7a015040 7b94b925 cc02888a 55b7c5cf
Thu Apr 08 17:57:39 2010 us=852261 Server pre_master: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
Thu Apr 08 17:57:39 2010 us=852298 Server random1: 90dd09f3 523e9188 195aae15 b3f46494 f8fcd745 dd3417cb 639f3648 7e674272
Thu Apr 08 17:57:39 2010 us=852334 Server random2: d925b712 2802501b dfc3e4a6 56bb77a6 81453c8e 7d55e1a5 886e6b95 1dd33630
Thu Apr 08 17:57:39 2010 us=852372 tls1_P_hash sec: e372f01d c54d991e 23b5174d 67d05a56 358e98e3 235f5453
Thu Apr 08 17:57:39 2010 us=852440 tls1_P_hash seed: 4f70656e 56504e20 6d617374 65722073 65637265 74503eaa 0bddae4d 01b7799a b4eeb23b e15294c3 bbb10508 cc81cd0f 69c8b358 a390dd09 f3523e91 88195aae 15b3f464 94f8fcd7 45dd3417 cb639f36 487e6742 72
Thu Apr 08 17:57:39 2010 us=852525 tls1_P_hash out: c517c47e 43c40822 443a5ed5 cd27a7fc 24b22dfe 599f06b2 25e2013c 5ff3703a 28522b1f 195b72d6 d8588515 e50a9bc5
Thu Apr 08 17:57:39 2010 us=852561 tls1_P_hash sec: 10cc764c 776604d6 d11e0559 478b76f3 58a7e952 8ea61a48
Thu Apr 08 17:57:39 2010 us=852629 tls1_P_hash seed: 4f70656e 56504e20 6d617374 65722073 65637265 74503eaa 0bddae4d 01b7799a b4eeb23b e15294c3 bbb10508 cc81cd0f 69c8b358 a390dd09 f3523e91 88195aae 15b3f464 94f8fcd7 45dd3417 cb639f36 487e6742 72
Thu Apr 08 17:57:39 2010 us=852716 tls1_P_hash out: 4895d383 46b1f608 8d9d43bb ff9c6117 3d8072eb 611a34bc 7614928b 9d7e4a7e b241c19e 931755f9 202f4f3e e6fea8ce
Thu Apr 08 17:57:39 2010 us=852765 tls1_PRF out[48]: 8d8217fd 0575fe2a c9a71d6e 32bbc6eb 19325f15 3885320e 53f693b7 c28d3a44 9a13ea81 8a4c272f f877ca2b 03f4330b
Thu Apr 08 17:57:39 2010 us=852801 tls1_P_hash sec: 8d8217fd 0575fe2a c9a71d6e 32bbc6eb 19325f15 3885320e
Thu Apr 08 17:57:39 2010 us=852879 tls1_P_hash seed: 4f70656e 56504e20 6b657920 65787061 6e73696f 6e412271 305637cb b2cbfbc1 4a13f85d 447a0150 407b94b9 25cc0288 8a55b7c5 cfd925b7 12280250 1bdfc3e4 a656bb77 a681453c 8e7d55e1 a5886e6b 951dd336 30d15f2b b338a7c6 323d163e d1bc8e22 b4
Thu Apr 08 17:57:39 2010 us=853109 tls1_P_hash out: 0dac3ae0 3a9c1d96 35f74fb0 1fa04840 cf4d4da5 4beb0d5c 57cffa47 dde0dffa 72d355a9 7b1238e9 712f7a58 fdbdf0a8 a3f08f6c f92dd961 7a4c2910 c50e13c1 915dce1e fc13cd73 3997ac16 7f1b53d0 1dfe8d0d f9e72193 da45b2d8 5c08e592 a300f04c 2e2d4de4 4eb35985 09f4eb47 9744e61d c9456aee 60e22c97 36524b25 6994d555 a0204c52 ec90b806 fc1f8da3 6b09e43e b6dceb89 c0d7e3d0 2a5faad6 327990db cc1236f7 32cdb9c6 7b8afc5a b1fb706d 6c0ccaa9 81d20db1 241196ff 0dced85f ac2d2d7d 6453c9fe cc8656a0 7c2fcf6d b00c81be a607ddce f2268cd8 d4b28622 00f938fe e861b5cf 20115010 093caf00 ad53c1d9 cbbd5713 64c96e40
Thu Apr 08 17:57:39 2010 us=853154 tls1_P_hash sec: 53f693b7 c28d3a44 9a13ea81 8a4c272f f877ca2b 03f4330b
Thu Apr 08 17:57:39 2010 us=853228 tls1_P_hash seed: 4f70656e 56504e20 6b657920 65787061 6e73696f 6e412271 305637cb b2cbfbc1 4a13f85d 447a0150 407b94b9 25cc0288 8a55b7c5 cfd925b7 12280250 1bdfc3e4 a656bb77 a681453c 8e7d55e1 a5886e6b 951dd336 30d15f2b b338a7c6 323d163e d1bc8e22 b4
Thu Apr 08 17:57:39 2010 us=853517 tls1_P_hash out: cd76af02 5afffb79 df197d28 2a8b8369 ecbb1008 356dd773 7a6533f1 d682ebf2 07292651 ca2646d0 11edb5c3 570e30c0 959b4b47 5865c42b d70d03aa 5433a764 21e86336 c42765e2 c45c1bf0 04cc6196 08688406 3c2625c5 1a438717 4a59cf96 351dd2c1 0e689ae4 5ceb874e 7a658d3f 7bed4998 1b3dd0c8 26490fa4 cad84481 9e61ef5b 9acb8b75 ee87ddca 5f9e6d4d b3dc2004 c3a9380b 67564ece 4fa2feb8 e50b2718 ad947502 a79e7df3 336cc7e3 aa6d5ba8 7dd49e14 3194e472 c92d9665 2cac484b 867c8f4a a69d0d57 bca3dee7 c8c2dd19 c7e389da 34fed9ae ed0eafbf d618f959 2331cde1 d08a579f 1a65138f ef8732b0 15082aef d80422e5 9e6ccfca
Thu Apr 08 17:57:39 2010 us=853711 tls1_PRF out[256]: c0da95e2 6063e6ef eaee3298 352bcb29 23f65dad 7e86da2f 2daac9b6 0b623408 75fa73f8 b1347e39 60c2cf9b aab3c068 366bc42b a1481d4a ad412aba 913db4a5 b0b5ad28 3834a891 fdcbb7e6 7bd73246 1596090b c5c10456 c00635cf 16512a04 961d228d 2045d700 1258decb 73916678 eca9af85 d278ba26 46ab2333 fc8a0fa4 f7f53a0e 3aebc727 021765cc a381e0ee d8d5c43a 7575d382 a781ad1e 65fd546e d772b7c3 618643f5 9553c435 48e63bb9 1b962bc5 11d854bd b046e9c3 ed3c009a 21629014 2a51a237 c2cec4a9 70258847 b4ed1274 77ef0864 92f90460 1f282367 02aa7f7b 23c8f51f 38ebe250 3a74439f e6bb9db0 b85beb36 13b975f6 faa5a18a
Thu Apr 08 17:57:39 2010 us=853756 NOTE: --mute triggered...
Thu Apr 08 17:57:39 2010 us=863480 4 variation(s) on previous 20 message(s) suppressed by --mute
Thu Apr 08 17:57:39 2010 us=863522 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Apr 08 17:57:39 2010 us=863554 Data Channel Encrypt: CIPHER KEY: c0da95e2 6063e6ef eaee3298 352bcb29
Thu Apr 08 17:57:39 2010 us=863589 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Apr 08 17:57:39 2010 us=863620 Data Channel Encrypt: HMAC KEY: b0b5ad28 3834a891 fdcbb7e6 7bd73246 1596090b
Thu Apr 08 17:57:39 2010 us=863698 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Apr 08 17:57:39 2010 us=863725 Data Channel Decrypt: CIPHER KEY: f7f53a0e 3aebc727 021765cc a381e0ee
Thu Apr 08 17:57:39 2010 us=863753 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Apr 08 17:57:39 2010 us=863782 Data Channel Decrypt: HMAC KEY: 21629014 2a51a237 c2cec4a9 70258847 b4ed1274
Thu Apr 08 17:57:39 2010 us=871785 TCPv4_CLIENT WRITE [22] to 92.245.172.84:1194: P_ACK_V1 kid=0 [ 13 ]
Thu Apr 08 17:57:39 2010 us=871980 TCPv4_CLIENT WRITE [26] to 92.245.172.84:1194: P_ACK_V1 kid=0 [ 14 15 ]
Thu Apr 08 17:57:39 2010 us=872033 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Apr 08 17:57:39 2010 us=872076 [massi.adalab] Peer Connection Initiated with 92.245.172.84:1194
Thu Apr 08 17:57:39 2010 us=960945 TCPv4_CLIENT READ [126] from 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ 6 ] pid=13 DATA len=100
Thu Apr 08 17:57:39 2010 us=961043 TCPv4_CLIENT READ [114] from 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=14 DATA len=100
Thu Apr 08 17:57:39 2010 us=961089 TCPv4_CLIENT READ [80] from 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=15 DATA len=66
Thu Apr 08 17:57:39 2010 us=961121 TCPv4_CLIENT READ [22] from 92.245.172.84:1194: P_ACK_V1 kid=0 [ 7 ]
Thu Apr 08 17:57:39 2010 us=961200 TCPv4_CLIENT WRITE [22] to 92.245.172.84:1194: P_ACK_V1 kid=0 [ 13 ]
Thu Apr 08 17:57:39 2010 us=961263 TCPv4_CLIENT WRITE [26] to 92.245.172.84:1194: P_ACK_V1 kid=0 [ 14 15 ]
Thu Apr 08 17:57:41 2010 us=212824 SENT CONTROL [massi.adalab]: 'PUSH_REQUEST' (status=1)
Thu Apr 08 17:57:41 2010 us=212915 TCPv4_CLIENT WRITE [104] to 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=8 DATA len=90
Thu Apr 08 17:57:41 2010 us=336473 TCPv4_CLIENT READ [22] from 92.245.172.84:1194: P_ACK_V1 kid=0 [ 8 ]
Thu Apr 08 17:57:41 2010 us=555225 TCPv4_CLIENT READ [104] from 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=16 DATA len=90
Thu Apr 08 17:57:41 2010 us=555385 AUTH: Received AUTH_FAILED control message
Thu Apr 08 17:57:41 2010 us=555433 PID packet_id_free
Thu Apr 08 17:57:41 2010 us=555649 PID packet_id_free
Thu Apr 08 17:57:41 2010 us=555669 PID packet_id_free
Thu Apr 08 17:57:41 2010 us=555684 PID packet_id_free
Thu Apr 08 17:57:41 2010 us=555737 PID packet_id_free
Thu Apr 08 17:57:41 2010 us=555754 PID packet_id_free
Thu Apr 08 17:57:41 2010 us=555769 PID packet_id_free
Thu Apr 08 17:57:41 2010 us=555786 PID packet_id_free
Thu Apr 08 17:57:41 2010 us=555903 TCP/UDP: Closing socket
Thu Apr 08 17:57:41 2010 us=556097 PID packet_id_free
Thu Apr 08 17:57:41 2010 us=556137 SIGTERM[soft,auth-failure] received, process exiting
Thu Apr 08 17:57:41 2010 us=557102 Closing Win32 semaphore 'openvpn_netcmd'
Thu Apr 08 17:57:41 2010 us=832961 Current Parameter Settings:
Thu Apr 08 17:57:41 2010 us=833016 config = 'zeroshell.ovpn'
Thu Apr 08 17:57:41 2010 us=833030 mode = 0
Thu Apr 08 17:57:41 2010 us=833041 show_ciphers = DISABLED
Thu Apr 08 17:57:41 2010 us=833052 show_digests = DISABLED
Thu Apr 08 17:57:41 2010 us=833063 show_engines = DISABLED
Thu Apr 08 17:57:41 2010 us=833074 genkey = DISABLED
Thu Apr 08 17:57:41 2010 us=833086 key_pass_file = '[UNDEF]'
Thu Apr 08 17:57:41 2010 us=833097 show_tls_ciphers = DISABLED
Thu Apr 08 17:57:41 2010 us=833108 proto = 2
Thu Apr 08 17:57:41 2010 us=833118 local = '[UNDEF]'
Thu Apr 08 17:57:41 2010 us=833131 remote_list[0] = {'92.245.172.84', 1194}
Thu Apr 08 17:57:41 2010 us=833142 remote_random = DISABLED
Thu Apr 08 17:57:41 2010 us=833153 local_port = 1194
Thu Apr 08 17:57:41 2010 us=833164 remote_port = 1194
Thu Apr 08 17:57:41 2010 us=833176 remote_float = DISABLED
Thu Apr 08 17:57:41 2010 us=833186 ipchange = '[UNDEF]'
Thu Apr 08 17:57:41 2010 us=833197 bind_local = DISABLED
Thu Apr 08 17:57:41 2010 us=833208 dev = 'tap'
Thu Apr 08 17:57:41 2010 us=833219 dev_type = '[UNDEF]'
Thu Apr 08 17:57:41 2010 us=833230 NOTE: --mute triggered...
Thu Apr 08 17:57:41 2010 us=833255 168 variation(s) on previous 20 message(s) suppressed by --mute
Thu Apr 08 17:57:41 2010 us=833271 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct 1 2006


Visto che ancora sono su un server di prove potrei crearti un utente per farti fare un controllo, ma vorrei riuscire a capire prima dove sbaglio.
GRAZIE
Andrea
_________________
ADALAB Officina Informatica Perugia
Top
Profilo Invia messaggio privato
Francesco Steno



Registrato: 26/03/10 14:59
Messaggi: 181

MessaggioInviato: Ven Apr 09, 2010 12:21 pm    Oggetto: Rispondi citando

Sembrerebbe proprio un problema di autenticazione ....
sei sicuro di scrivere username e password in modo corretto ?
Lo username deve essere solo il nome utente, senza il resto, e passord con i giusti caratteri (maiuscoli e minuscoli) ...

Ho provato ad autenticarmi al mio server di test che ho a casa, sbagliando di proposito la username e la password, ed ho avuto in cambio i log come i tuoi.

Un congislio, che mi viene di darti, e' quello di creare un utente test, con una password semplice (solo numeri,magari), e testare nuovamente il servizio....
Se il problema persiste, allora c'e' qualcosa di errato nella gestione degli utenti.
Top
Profilo Invia messaggio privato Invia e-mail
charneval



Registrato: 03/04/10 16:30
Messaggi: 125
Residenza: perugia

MessaggioInviato: Ven Apr 09, 2010 1:18 pm    Oggetto: Rispondi citando

Grazie del consiglio, ho fatto come dici e appena puoi ti chiedo gentilmente se puoi fare una prova dalla tua macchina.

ip pubblico server ZS test: 92.245.172.84
nome utente per collegamento openvpn: vpn
password: 123456

Ho creato un nuovo user, il server vpn è impostato sull'autenticazione only password.

ca.pem

-----BEGIN CERTIFICATE-----
MIIDeDCCAuGgAwIBAgIJAP2kQiMK5DYWMA0GCSqGSIb3DQEBBQUAMIGFMQswCQYD
VQQGEwJJVDEWMBQGA1UEChMNWmVyb3NoZWxsLm5ldDEQMA4GA1UECxMHRXhhbXBs
ZTEdMBsGA1UEAxMUWmVyb1NoZWxsIEV4YW1wbGUgQ0ExLTArBgkqhkiG9w0BCQEW
HkZ1bHZpby5SaWNjaWFyZGlAemVyb3NoZWxsLm5ldDAeFw0wNjAzMTYxODM0Mzda
Fw0xNjAzMTMxODM0MzdaMIGFMQswCQYDVQQGEwJJVDEWMBQGA1UEChMNWmVyb3No
ZWxsLm5ldDEQMA4GA1UECxMHRXhhbXBsZTEdMBsGA1UEAxMUWmVyb1NoZWxsIEV4
YW1wbGUgQ0ExLTArBgkqhkiG9w0BCQEWHkZ1bHZpby5SaWNjaWFyZGlAemVyb3No
ZWxsLm5ldDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApwjOsH9dYyV60xZc
LdeY5/KGa189RL5mP12XM+trZBQZHg2zhREqg5H+Fvue3ej/w+ASA2EKXZKpXZrg
Isj1OOjiiyYIYVVLO1RDnZtn+w44g4qU9qYntC1RKXF2lYsDDfLjmIkO8Cy45FAS
o2fzVvxVc6QSCZd3UJfq0yU9CxUCAwEAAaOB7TCB6jAdBgNVHQ4EFgQUGJ7LISEN
pdY2eam+jLY7Uhy4qT4wgboGA1UdIwSBsjCBr4AUGJ7LISENpdY2eam+jLY7Uhy4
qT6hgYukgYgwgYUxCzAJBgNVBAYTAklUMRYwFAYDVQQKEw1aZXJvc2hlbGwubmV0
MRAwDgYDVQQLEwdFeGFtcGxlMR0wGwYDVQQDExRaZXJvU2hlbGwgRXhhbXBsZSBD
QTEtMCsGCSqGSIb3DQEJARYeRnVsdmlvLlJpY2NpYXJkaUB6ZXJvc2hlbGwubmV0
ggkA/aRCIwrkNhYwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCWpmAg
ykS653ZUYhDesy3P0o9bF59vqFuhFtxOad1GdX9+y+QH8T4FZbNxO+rpbSQuKFlU
xCr2w/0ih0n7JGBuEn0fXnmhOZvbogjo0zQJtIJpRhAy/zJZca/nRWXfmYSt85hk
dkBOT55tHtvagClLIguQzyWlZ6bkcLDVRw03Sw==
-----END CERTIFICATE-----

Pensavo fosse la maniera più semplice per gestire la vpn con ZS, senza implementare i certificati X509, ma forse dovrò iniziare a studiare più a fondo il funzionamento delle VPN.

Ciao
Andrea
_________________
ADALAB Officina Informatica Perugia
Top
Profilo Invia messaggio privato
Francesco Steno



Registrato: 26/03/10 14:59
Messaggi: 181

MessaggioInviato: Ven Apr 09, 2010 1:37 pm    Oggetto: Rispondi citando

no, non riesco .... credo sia qualche impostazione dell'utente.

2010-04-09 14:38:35 *Tunnelblick: /Applications/Tunnelblick.app/Contents/Resources/openvpn --management-query-passwords --cd /Users/overdrive/Library/Application Support/Tunnelblick/Configurations --daemon --management-hold --management 127.0.0.1 1337 --config /Users/overdrive/Library/Application Support/Tunnelblick/Configurations/test.conf --script-security 2 --up "/Applications/Tunnelblick.app/Contents/Resources/client.up.osx.sh" --down "/Applications/Tunnelblick.app/Contents/Resources/client.down.osx.sh" --up-restart
2010-04-09 14:38:35 SUCCESS: pid=24438
2010-04-09 14:38:35 SUCCESS: real-time state notification set to ON
2010-04-09 14:38:35 SUCCESS: real-time log notification set to ON
2010-04-09 14:38:35 Current Parameter Settings:
2010-04-09 14:38:35 config = '/Users/overdrive/Library/Application Support/Tunnelblick/Configurations/test.conf'
2010-04-09 14:38:35 mode = 0
2010-04-09 14:38:35 show_ciphers = DISABLED
2010-04-09 14:38:35 show_digests = DISABLED
2010-04-09 14:38:35 show_engines = DISABLED
2010-04-09 14:38:35 genkey = DISABLED
2010-04-09 14:38:35 key_pass_file = '[UNDEF]'
2010-04-09 14:38:35 show_tls_ciphers = DISABLED
2010-04-09 14:38:35 Connection profiles [default]:
2010-04-09 14:38:35 proto = tcp-client
2010-04-09 14:38:35 local = '[UNDEF]'
2010-04-09 14:38:35 local_port = 0
2010-04-09 14:38:35 remote = '92.245.172.84'
2010-04-09 14:38:35 remote_port = 1194
2010-04-09 14:38:35 remote_float = DISABLED
2010-04-09 14:38:35 bind_defined = DISABLED
2010-04-09 14:38:35 bind_local = DISABLED
2010-04-09 14:38:35 connect_retry_seconds = 5
2010-04-09 14:38:35 connect_timeout = 10
2010-04-09 14:38:35 NOTE: --mute triggered...
2010-04-09 14:38:35 238 variation(s) on previous 20 message(s) suppressed by --mute
2010-04-09 14:38:35 OpenVPN 2.1.1 i386-apple-darwin10.2.0 [SSL] [LZO2] [PKCS11] built on Feb 24 2010
2010-04-09 14:38:35 MANAGEMENT: TCP Socket listening on 127.0.0.1:1337
2010-04-09 14:38:35 waiting...
2010-04-09 14:38:35 MANAGEMENT: Client connected from 127.0.0.1:1337
2010-04-09 14:38:35 MANAGEMENT: CMD 'pid'
2010-04-09 14:38:35 MANAGEMENT: CMD 'state on'
2010-04-09 14:38:35 MANAGEMENT: CMD 'log on all'
2010-04-09 14:38:35 END
2010-04-09 14:38:35 MANAGEMENT: CMD 'hold release'
2010-04-09 14:38:35 SUCCESS: hold release succeeded
2010-04-09 14:38:43 MANAGEMENT: CMD 'username "Auth" "vpn"'
2010-04-09 14:38:43 but not yet verified
2010-04-09 14:38:43 MANAGEMENT: CMD 'password [...]'
2010-04-09 14:38:43 but not yet verified
2010-04-09 14:38:43 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
....
....
2010-04-09 14:38:49 [massi.adalab] Peer Connection Initiated with 92.245.172.84:1194
2010-04-09 14:38:50
2010-04-09 14:38:51 SENT CONTROL [massi.adalab]: 'PUSH_REQUEST' (status=1)
2010-04-09 14:38:51 TCPv4_CLIENT WRITE [104] to 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=8 DATA len=90
2010-04-09 14:38:51 TCPv4_CLIENT READ [22] from 92.245.172.84:1194: P_ACK_V1 kid=0 [ 8 ]
2010-04-09 14:38:51 TCPv4_CLIENT READ [104] from 92.245.172.84:1194: P_CONTROL_V1 kid=0 [ ] pid=25 DATA len=90
2010-04-09 14:38:51 AUTH: Received AUTH_FAILED control message
2010-04-09 14:38:51 PID packet_id_free
2010-04-09 14:38:51 PID packet_id_free
2010-04-09 14:38:51 PID packet_id_free
2010-04-09 14:38:51 PID packet_id_free
2010-04-09 14:38:51 PID packet_id_free
2010-04-09 14:38:51 PID packet_id_free
2010-04-09 14:38:51 PID packet_id_free
2010-04-09 14:38:51 PID packet_id_free
2010-04-09 14:38:51 TCP/UDP: Closing socket
2010-04-09 14:38:51 PID packet_id_free
2010-04-09 14:38:51 process exiting



Preferendo usare il certificato online, che e' + semplice da scaricare e salvare, ho controllato anche se l'utente aveva accesso al sistema (per quel poco che puo' fare....), ed ho visto che il sistema mi ha fatto entrare, quindi e' da escludere che l'utente non sia stato creato, e che la username e/o password siano sbagliate.
Il problema, a parer mio, e' in qualche parametro di configurazioe dell'utente, e dell'hostname. Prova ancora a dare un occhiata, e descrivici il processo che utilizzi ....
Top
Profilo Invia messaggio privato Invia e-mail
charneval



Registrato: 03/04/10 16:30
Messaggi: 125
Residenza: perugia

MessaggioInviato: Ven Apr 09, 2010 1:48 pm    Oggetto: Rispondi citando

1194 tcp è la porta in ascolto.
_________________
ADALAB Officina Informatica Perugia
Top
Profilo Invia messaggio privato
charneval



Registrato: 03/04/10 16:30
Messaggi: 125
Residenza: perugia

MessaggioInviato: Ven Apr 09, 2010 1:58 pm    Oggetto: Rispondi citando

Ho rincontrollato la procedura che uso per la creazione dell'utente.
Nel nome ho visto che in automatico lui va a inserire l'utente all'interno del dominio example.com, e credo che io abbia fatto qualche errore qui.
ora l'utente vpn è nel dominio di default ed ho eliminato l'altro dominio da me creato.
_________________
ADALAB Officina Informatica Perugia
Top
Profilo Invia messaggio privato
charneval



Registrato: 03/04/10 16:30
Messaggi: 125
Residenza: perugia

MessaggioInviato: Ven Apr 09, 2010 2:08 pm    Oggetto: Rispondi citando

oltre all'user ho creato un host: host/vpn.adalab@EXAMPLE.COM
che ha la stessa password.
Tra i domini di autenticazione ho solo quello di default e quindi ho rimosso tutte le modifiche che avevo fatto in precedenza ma credo stia sbagliando durante la creazione degli utenti.
Appena posso posto in dettaglio tutti i passaggi.

Grazie
_________________
ADALAB Officina Informatica Perugia
Top
Profilo Invia messaggio privato
charneval



Registrato: 03/04/10 16:30
Messaggi: 125
Residenza: perugia

MessaggioInviato: Sab Apr 10, 2010 3:09 pm    Oggetto: Rispondi citando

ecco i passaggi per la creazione dell'utente che poi verrà usato per la VPN:

user: vpn01
passw: vpn_01

nel link ci sono le immagini dei passaggi che ho fatto per la creazione dell'utente e la configurazione della vpn.

http://picasaweb.google.it/charneval/ZEROSHELL?feat=directlink

fatemi sapere se devo darvi più informazioni per risolvere il problema e capire dove sbaglio.
Il mio dubbio è nel domain che vado a scrivere quando creo l'hosts, e non vorrei che poi il database kerberos di default non permette l'autenticazione con l'utente remoto di openvpn.

Grazie
[/img]
_________________
ADALAB Officina Informatica Perugia
Top
Profilo Invia messaggio privato
charneval



Registrato: 03/04/10 16:30
Messaggi: 125
Residenza: perugia

MessaggioInviato: Dom Apr 25, 2010 9:13 am    Oggetto: RISOLTO Rispondi citando

Ho risolto il problema, in pratica ho rifatto una nuova configurazione di ZS creando un nuovo profilo dove questa volta sono stato più attento nella compilazione e poi è andato tutto liscio.
E' veramente molto semplice la sua configurazione e con OpenVPN funziona molto bene.

Grazie a tutti del Forum.....

Andrea
_________________
ADALAB Officina Informatica Perugia
Top
Profilo Invia messaggio privato
Mostra prima i messaggi di:   
Nuovo argomento   Rispondi    Indice del forum -> VPN Tutti i fusi orari sono GMT + 1 ora
Pagina 1 di 1

 
Vai a:  
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi


Powered by phpBB © 2001, 2005 phpBB Group
phpbb.it