openvpn não habilita o dispositivo

0

O OpenVPN abre o dispositivo tun, mas não faz isso, portanto, não pode adicionar a rota depois. Este comando não faz o dispositivo subir

/sbin/ifconfig tun0 172.31.0.6 pointopoint 172.31.0.5 mtu 1500

Funciona bem, se eu subir o dispositivo manualmente pelo comando ip link ou

 ifconfig tun0 up

Mas preciso adicionar todas as rotas sozinho. Como posso executar sem tarefas manualmente? Aqui está meu cliente conf. O mesmo conf funciona bem no windows. Agradeço por qualquer ajuda

dev tun  
proto tcp  
remote x.x.x.x 1194  
cipher AES-128-CBC  
auth SHA1  
resolv-retry infinite  
nobind  
persist-key  
persist-tun  
client  
auth-user-pass  
verb 3

Aqui está o meu log:

Tue Aug  7 11:25:00 2018 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.  
Tue Aug  7 11:25:00 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194  
Tue Aug  7 11:25:00 2018 Socket Buffers: R=[87380->87380] S=[16384->16384]  
Tue Aug  7 11:25:00 2018 Attempting to establish TCP connection with [AF_INET]x.x.x.x:1194 [nonblock]  
Tue Aug  7 11:25:01 2018 TCP connection established with [AF_INET]x.x.x.x:1194  
Tue Aug  7 11:25:01 2018 TCP_CLIENT link local: (not bound)  
Tue Aug  7 11:25:01 2018 TCP_CLIENT link remote: [AF_INET]x.x.x.x:1194  
Tue Aug  7 11:25:01 2018 TLS: Initial packet from [AF_INET]x.x.x.x:1194, sid=8188f10d 67197c08  
Tue Aug  7 11:25:01 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this  
Tue Aug  7 11:25:01 2018 VERIFY OK: depth=1, C=DE, O=xx, CN=x.x.x.x  
Tue Aug  7 11:25:01 2018 VERIFY OK: depth=0, C=DE, O=xx, CN=x.x.x.x  
Tue Aug  7 11:25:01 2018 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA  
Tue Aug  7 11:25:01 2018 [x.x.x.x] Peer Connection Initiated with [AF_INET]x.x.x.x:1194  
Tue Aug  7 11:25:03 2018 SENT CONTROL [x.x.x.x]: 'PUSH_REQUEST' (status=1)  
Tue Aug  7 11:25:03 2018 PUSH: Received control message: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,route 172.31.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 172.31.0.6 172.31.0.5'  
Tue Aug  7 11:25:03 2018 OPTIONS IMPORT: timers and/or timeouts modified  
Tue Aug  7 11:25:03 2018 OPTIONS IMPORT: --ifconfig/up options modified  
Tue Aug  7 11:25:03 2018 OPTIONS IMPORT: route options modified  
Tue Aug  7 11:25:03 2018 Outgoing Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key  
Tue Aug  7 11:25:03 2018 Outgoing Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication  
Tue Aug  7 11:25:03 2018 Incoming Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key  
Tue Aug  7 11:25:03 2018 Incoming Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication  
Tue Aug  7 11:25:03 2018 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=enp2s0 HWADDR=1c:1b:0d:09:5f:af  
Tue Aug  7 11:25:03 2018 TUN/TAP device tun0 opened  
Tue Aug  7 11:25:03 2018 TUN/TAP TX queue length set to 100  
Tue Aug  7 11:25:03 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0  
Tue Aug  7 11:25:03 2018 /sbin/ifconfig tun0 172.31.0.6 pointopoint 172.31.0.5 mtu 1500  
Tue Aug  7 11:25:03 2018 /sbin/route add -net 192.168.1.0 netmask 255.255.255.0 gw 172.31.0.5  
SIOCADDRT: Network is unreachable  
Tue Aug  7 11:25:03 2018 ERROR: Linux route add command failed: external program exited with error status: 7  
Tue Aug  7 11:25:03 2018 /sbin/route add -net 172.31.0.0 netmask 255.255.255.0 gw 172.31.0.5  
SIOCADDRT: Network is unreachable  
Tue Aug  7 11:25:03 2018 ERROR: Linux route add command failed: external program exited with error status: 7  
Tue Aug  7 11:25:03 2018 Initialization Sequence Completed
    
por Rick 08.08.2018 / 10:32

0 respostas