staging.inyokaproject.org

via DuckDuckGo

openvpn server funktioniert nicht mehr

Status: Ungelöst | Ubuntu-Version: Server 18.04 (Bionic Beaver)
Antworten |

defc0n

Anmeldungsdatum:
21. Mai 2014

Beiträge: 30
Zitieren
3. November 2019 22:09

Hallo allerseits

Auf 16LTS hat der VPN-Server noch funktioniert (glaub ich, hab ihn schon länger nicht mehr benutzt)... Nun hab ich festgestellt, dass der nicht mehr läuft.

Ich verwende Google Authenticator und möchte eigentlich auch den client ausschalten (oder muss der auf dem Server laufen?), weiss aber nicht wie.

Ich würde mich freuen, wenn mir jemand helfen könnte.

Danke und Gruss, defc0n

Nov  3 22:01:05 gatekeeper ovpn-server[31806]: PLUGIN_CLOSE: /usr/lib/x86_64-linux-gnu/openvpn/plugins/openvpn-plugin-auth-pam.so
Nov  3 22:01:05 gatekeeper ovpn-server[31806]: SIGTERM[hard,] received, process exiting
Nov  3 22:01:05 gatekeeper ovpn-client[474]: OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2019
Nov  3 22:01:05 gatekeeper ovpn-client[474]: library versions: OpenSSL 1.1.1  11 Sep 2018, LZO 2.08
Nov  3 22:01:05 gatekeeper ovpn-client[474]: WARNING: --ns-cert-type is DEPRECATED.  Use --remote-cert-tls instead.
Nov  3 22:01:05 gatekeeper ovpn-client[474]: TCP/UDP: Preserving recently used remote address: [AF_INET]192.168.2.6:1194
Nov  3 22:01:05 gatekeeper systemd[1]: Started OpenVPN connection to client.
Nov  3 22:01:05 gatekeeper ovpn-client[474]: Socket Buffers: R=[212992->212992] S=[212992->212992]
Nov  3 22:01:05 gatekeeper ovpn-client[474]: UDP link local: (not bound)
Nov  3 22:01:05 gatekeeper ovpn-client[474]: UDP link remote: [AF_INET]192.168.2.6:1194
Nov  3 22:01:05 gatekeeper systemd[1]: Stopped OpenVPN connection to server.
Nov  3 22:01:05 gatekeeper systemd[1]: Starting OpenVPN connection to server...
Nov  3 22:01:05 gatekeeper ovpn-server[490]: OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2019
Nov  3 22:01:05 gatekeeper ovpn-server[490]: library versions: OpenSSL 1.1.1  11 Sep 2018, LZO 2.08
Nov  3 22:01:05 gatekeeper systemd[1]: Started OpenVPN connection to server.
Nov  3 22:01:05 gatekeeper ovpn-server[490]: PLUGIN_INIT: POST /usr/lib/x86_64-linux-gnu/openvpn/plugins/openvpn-plugin-auth-pam.so '[/usr/lib/x86_64-linux-gnu/openvpn/plugins/openvpn-plugin-auth-pam.so] [openvpn]' intercepted=PLUGIN_AUTH_USER_PASS_VERIFY
Nov  3 22:01:05 gatekeeper ovpn-server[490]: Diffie-Hellman initialized with 2048 bit key
Nov  3 22:01:05 gatekeeper ovpn-server[490]: ROUTE_GATEWAY 192.168.2.1/255.255.255.0 IFACE=eth0 HWADDR=00:0c:29:f4:f8:9f
Nov  3 22:01:05 gatekeeper ovpn-server[490]: TUN/TAP device tun0 opened
Nov  3 22:01:05 gatekeeper ovpn-server[490]: TUN/TAP TX queue length set to 100
Nov  3 22:01:05 gatekeeper ovpn-server[490]: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Nov  3 22:01:05 gatekeeper ovpn-server[490]: /sbin/ip link set dev tun0 up mtu 1500
Nov  3 22:01:05 gatekeeper systemd-networkd[16695]: tun0: Gained carrier
Nov  3 22:01:05 gatekeeper networkd-dispatcher[610]: WARNING:Unknown index 17 seen, reloading interface list
Nov  3 22:01:05 gatekeeper systemd-timesyncd[5329]: Network configuration changed, trying to establish connection.
Nov  3 22:01:05 gatekeeper ovpn-server[490]: /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
Nov  3 22:01:05 gatekeeper systemd-networkd[16695]: tun0: Gained IPv6LL
Nov  3 22:01:05 gatekeeper systemd[1]: Starting resolvconf-pull-resolved.service...
Nov  3 22:01:05 gatekeeper ovpn-server[490]: /sbin/ip route add 10.8.0.0/24 via 10.8.0.2
Nov  3 22:01:05 gatekeeper named[6522]: listening on IPv4 interface tun0, 10.8.0.1#53
Nov  3 22:01:05 gatekeeper ovpn-server[490]: Could not determine IPv4/IPv6 protocol. Using AF_INET
Nov  3 22:01:05 gatekeeper ovpn-server[490]: Socket Buffers: R=[212992->212992] S=[212992->212992]
Nov  3 22:01:05 gatekeeper systemd-timesyncd[5329]: Synchronized to time server [2001:67c:1560:8003::c8]:123 (ntp.ubuntu.com).
Nov  3 22:01:05 gatekeeper ovpn-server[490]: UDPv4 link local (bound): [AF_INET][undef]:1194
Nov  3 22:01:05 gatekeeper ovpn-server[490]: UDPv4 link remote: [AF_UNSPEC]
Nov  3 22:01:05 gatekeeper ovpn-server[490]: MULTI: multi_init called, r=256 v=256
Nov  3 22:01:05 gatekeeper ovpn-server[490]: IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Nov  3 22:01:05 gatekeeper ovpn-server[490]: ifconfig_pool_read(), in='client1,10.8.0.4', TODO: IPv6
Nov  3 22:01:05 gatekeeper ovpn-server[490]: succeeded -> ifconfig_pool_set()
Nov  3 22:01:05 gatekeeper ovpn-server[490]: IFCONFIG POOL LIST
Nov  3 22:01:05 gatekeeper ovpn-server[490]: client1,10.8.0.4
Nov  3 22:01:05 gatekeeper ovpn-server[490]: Initialization Sequence Completed
Nov  3 22:01:05 gatekeeper systemd-timesyncd[5329]: Network configuration changed, trying to establish connection.
Nov  3 22:01:05 gatekeeper systemd[1]: Started resolvconf-pull-resolved.service.
Nov  3 22:01:05 gatekeeper systemd-timesyncd[5329]: Synchronized to time server [2001:67c:1560:8003::c8]:123 (ntp.ubuntu.com).
Nov  3 22:01:08 gatekeeper ovpn-server[490]: 192.168.2.6:34628 TLS: Initial packet from [AF_INET]192.168.2.6:34628, sid=80b0ec65 4062ce84
Nov  3 22:01:08 gatekeeper ovpn-client[474]: TLS: Initial packet from [AF_INET]192.168.2.6:1194, sid=d84f11b9 e19cdb0d
Nov  3 22:01:08 gatekeeper ovpn-client[474]: VERIFY OK: depth=1, C=CH, ST=Basel-Land, L=Reinach, O=intranet, OU=intranet.*******.name, CN=intranet CA, name=EasyRSA, emailAddress=*******@*******.name
Nov  3 22:01:08 gatekeeper ovpn-client[474]: VERIFY OK: nsCertType=SERVER
Nov  3 22:01:08 gatekeeper ovpn-client[474]: VERIFY OK: depth=0, C=CH, ST=Basel-Land, L=Reinach, O=intranet, OU=intranet.*******.name, CN=server, name=EasyRSA, emailAddress=*******@*******.name
Nov  3 22:01:08 gatekeeper ovpn-server[490]: 192.168.2.6:34628 VERIFY OK: depth=1, C=CH, ST=Basel-Land, L=Reinach, O=intranet, OU=intranet.*******.name, CN=intranet CA, name=EasyRSA, emailAddress=*******@*******.name
Nov  3 22:01:08 gatekeeper ovpn-server[490]: 192.168.2.6:34628 VERIFY OK: depth=0, C=CH, ST=Basel-Land, L=Reinach, O=intranet, OU=intranet.*******.name, CN=client1, name=EasyRSA, emailAddress=*******@*******.name
Nov  3 22:01:08 gatekeeper ovpn-server[490]: 192.168.2.6:34628 peer info: IV_VER=2.4.4
Nov  3 22:01:08 gatekeeper ovpn-server[490]: 192.168.2.6:34628 peer info: IV_PLAT=linux
Nov  3 22:01:08 gatekeeper ovpn-server[490]: 192.168.2.6:34628 peer info: IV_PROTO=2
Nov  3 22:01:08 gatekeeper ovpn-server[490]: 192.168.2.6:34628 peer info: IV_NCP=2
Nov  3 22:01:08 gatekeeper ovpn-server[490]: 192.168.2.6:34628 peer info: IV_LZ4=1
Nov  3 22:01:08 gatekeeper ovpn-server[490]: 192.168.2.6:34628 peer info: IV_LZ4v2=1
Nov  3 22:01:08 gatekeeper ovpn-server[490]: 192.168.2.6:34628 peer info: IV_LZO=1
Nov  3 22:01:08 gatekeeper ovpn-server[490]: 192.168.2.6:34628 peer info: IV_COMP_STUB=1
Nov  3 22:01:08 gatekeeper ovpn-server[490]: 192.168.2.6:34628 peer info: IV_COMP_STUBv2=1
Nov  3 22:01:08 gatekeeper ovpn-server[490]: 192.168.2.6:34628 peer info: IV_TCPNL=1
Nov  3 22:01:08 gatekeeper ovpn-server[490]: 192.168.2.6:34628 TLS Error: Auth Username/Password was not provided by peer
Nov  3 22:01:08 gatekeeper ovpn-server[490]: 192.168.2.6:34628 TLS Error: TLS handshake failed
Nov  3 22:01:08 gatekeeper ovpn-server[490]: 192.168.2.6:34628 SIGUSR1[soft,tls-error] received, client-instance restarting
Antworten |