Meus registros dizem que uma conexão foi estabelecida, mas não consigo pingar o host.
Aqui estão meus registros.
May 24 10:42:57 openvpn[9163]: /etc/rc.filter_configure tun0 1500 1544 10.0.8.1 10.0.8.2 init
May 24 10:42:57 openvpn[9163]: SIGTERM[hard,] received, process exiting
May 24 10:42:59 openvpn[9742]: OpenVPN 2.0.6 i386-portbld-freebsd7.2 [SSL] [LZO] built on Dec 4 2009
May 24 10:42:59 openvpn[9742]: WARNING: file '/var/etc/openvpn_server0.key' is group or others accessible
May 24 10:42:59 openvpn[9742]: gw 112.202.0.1
May 24 10:42:59 openvpn[9742]: TUN/TAP device /dev/tun0 opened
May 24 10:42:59 openvpn[9742]: /sbin/ifconfig tun0 10.0.8.1 10.0.8.2 mtu 1500 netmask 255.255.255.255 up
May 24 10:42:59 openvpn[9742]: /etc/rc.filter_configure tun0 1500 1544 10.0.8.1 10.0.8.2 init
May 24 10:43:00 openvpn[9757]: Listening for incoming TCP connection on [undef]:1194
May 24 10:43:00 openvpn[9757]: TCPv4_SERVER link local (bound): [undef]:1194
May 24 10:43:00 openvpn[9757]: TCPv4_SERVER link remote: [undef]
May 24 10:43:00 openvpn[9757]: Initialization Sequence Completed
May 24 10:43:02 openvpn[9757]: Re-using SSL/TLS context
May 24 10:43:02 openvpn[9757]: LZO compression initialized
May 24 10:43:02 openvpn[9757]: TCP connection established with 119.93.150.4:47750
May 24 10:43:02 openvpn[9757]: TCPv4_SERVER link local: [undef]
May 24 10:43:02 openvpn[9757]: TCPv4_SERVER link remote: 119.93.150.4:47750
May 24 10:43:06 openvpn[9757]: 119.93.150.4:47750 [client] Peer Connection Initiated with 119.93.150.4:47750
May 24 10:42:57 openvpn[7489]: Connection reset, restarting [0]
May 24 10:42:57 openvpn[7489]: SIGUSR1[soft,connection-reset] received, process restarting
May 24 10:43:02 openvpn[7489]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
May 24 10:43:02 openvpn[7489]: Re-using SSL/TLS context
May 24 10:43:02 openvpn[7489]: LZO compression initialized
May 24 10:43:02 openvpn[7489]: Attempting to establish TCP connection with 112.202.103.45:1194
May 24 10:43:02 openvpn[7489]: TCP connection established with 112.202.103.45:1194
May 24 10:43:02 openvpn[7489]: TCPv4_CLIENT link local: [undef]
May 24 10:43:02 openvpn[7489]: TCPv4_CLIENT link remote: 112.202.103.45:1194
May 24 10:43:06 openvpn[7489]: [server] Peer Connection Initiated with 112.202.103.45:1194
May 24 10:43:08 openvpn[7489]: Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:1: 112.202.103.45 (2.0.6)
May 24 10:43:08 openvpn[7489]: Preserving previous TUN/TAP instance: tun0
May 24 10:43:08 openvpn[7489]: Initialization Sequence Completed
Qual poderia ser o problema?
Parece que, mesmo que pareça ter uma opção "push" no arquivo de configuração do firewall2, há um problema sintático:
May 24 10:43:08 openvpn[7489]: Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:1: 112.202.103.45 (2.0.6)
Depois que isso for corrigido, você deverá ter o roteamento pelo túnel, que dará acesso ao firewall2 às máquinas na outra extremidade do túnel.
Tivemos o mesmo problema usando o OpenVPN. A correção que encontramos foi que o OpenVPN deve sempre ser executado como administrador. Eu sei que parece ridículo, mas funciona.
Além do push, que provavelmente não é suficiente para interromper a conexão, os logs parecem normais. Você provavelmente está perdendo uma rota ou tem a rota errada, em uma ou ambas as extremidades.