Thread: VPN suggestions
View Single Post
icbolsh is offline icbolsh
2009-10-17 , 17:23
Posts: 194 | Thanked: 39 times | Joined on Sep 2008
#22
Originally Posted by mikkov View Post
it seems that ivacy-tls.key wasn't imported. Apparently there is still problems in openvpn-applet (I am the author).

Easiest is to copy the file manually. Install rootsh, open X terminal, type sudo gainroot, copy with cp ivacy-tls.key /etc/openvpn
Okay sorry it took so long to get this step done. I got the file moved into the right directory. I don't get an error when I test....the light turns green when I start the client. The only problem is nothing has changed on the internet. Some sights are still blocked and Mauku still cannot connect with Twitter. I can't go to it through the browser either. I am missing something? An obvious step? Do I need to change something else?
Again thank you for all your help.

Here is the current log when I run a test:
"Sun Oct 18 01:23:08 2009 OpenVPN 2.1_rc19 arm-unknown-linux-gnueabi [SSL] [LZO2] [EPOLL] built on Sep 7 2009
Enter Auth Username:Enter Auth Password:Sun Oct 18 01:23:08 2009 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sun Oct 18 01:23:08 2009 /usr/bin/openssl-vulnkey -q -b 2048 -m <modulus omitted>
Sun Oct 18 01:23:08 2009 ******* WARNING *******: '(null)' is a known vulnerable key. See 'man openvpn-vulnkey' for details.
Sun Oct 18 01:23:08 2009 WARNING: file 'ivacy-tls.key' is group or others accessible
Sun Oct 18 01:23:08 2009 Control Channel Authentication: using 'ivacy-tls.key' as a OpenVPN static key file
Sun Oct 18 01:23:08 2009 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Oct 18 01:23:08 2009 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Oct 18 01:23:08 2009 LZO compression initialized
Sun Oct 18 01:23:08 2009 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Sun Oct 18 01:23:08 2009 RESOLVE: NOTE: openvpn.ivacy.com resolves to 3 addresses, choosing one by random
Sun Oct 18 01:23:08 2009 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Sun Oct 18 01:23:08 2009 Local Options hash (VER=V4): '504e774e'
Sun Oct 18 01:23:08 2009 Expected Remote Options hash (VER=V4): '14168603'
Sun Oct 18 01:23:08 2009 Socket Buffers: R=[105472->131072] S=[105472->131072]
Sun Oct 18 01:23:08 2009 UDPv4 link local: [undef]
Sun Oct 18 01:23:08 2009 UDPv4 link remote: 85.249.223.27:1194
Sun Oct 18 01:23:13 2009 TLS: Initial packet from 85.249.223.27:1194, sid=a20c53ca dcb26178
Sun Oct 18 01:23:13 2009 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sun Oct 18 01:23:25 2009 VERIFY OK: depth=1, /C=RU/ST=MR/L=Moscow/O=ivacy.com/CN=ivacy.com_CA/emailAddress=admin@ivacy.com
Sun Oct 18 01:23:26 2009 VERIFY OK: nsCertType=SERVER
Sun Oct 18 01:23:26 2009 VERIFY OK: depth=0, /C=RU/ST=MR/L=Moscow/O=ivacy.com/CN=openvpn.ivacy.com/emailAddress=admin@ivacy.com
Sun Oct 18 01:23:37 2009 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sun Oct 18 01:23:37 2009 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Oct 18 01:23:37 2009 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sun Oct 18 01:23:37 2009 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Oct 18 01:23:38 2009 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Sun Oct 18 01:23:38 2009 [openvpn.ivacy.com] Peer Connection Initiated with 85.249.223.27:1194
Sun Oct 18 01:23:39 2009 SENT CONTROL [openvpn.ivacy.com]: 'PUSH_REQUEST' (status=1)
Sun Oct 18 01:23:41 2009 PUSH: Received control message: 'PUSH_REPLY,route 1.0.0.0 255.0.0.0,dhcp-option DNS 1.254.2.2,dhcp-option DNS 1.254.2.3,dhcp-option DOMAIN vpn,explicit-exit-notify 2,route-gateway 1.2.124.1,topology subnet,ping 10,ping-restart 60,ifconfig 1.2.124.106 255.255.255.0'
Sun Oct 18 01:23:41 2009 OPTIONS IMPORT: timers and/or timeouts modified
Sun Oct 18 01:23:41 2009 OPTIONS IMPORT: explicit notify parm(s) modified
Sun Oct 18 01:23:41 2009 OPTIONS IMPORT: --ifconfig/up options modified
Sun Oct 18 01:23:41 2009 OPTIONS IMPORT: route options modified
Sun Oct 18 01:23:41 2009 OPTIONS IMPORT: route-related options modified
Sun Oct 18 01:23:41 2009 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sun Oct 18 01:23:41 2009 ROUTE default_gateway=192.168.15.1
Sun Oct 18 01:23:41 2009 TUN/TAP device tun0 opened
Sun Oct 18 01:23:41 2009 TUN/TAP TX queue length set to 100
Sun Oct 18 01:23:41 2009 /sbin/ifconfig tun0 1.2.124.106 netmask 255.255.255.0 mtu 1500 broadcast 1.2.124.255
Sun Oct 18 01:23:41 2009 /sbin/route add -net 85.249.223.27 netmask 255.255.255.255 gw 192.168.15.1
Sun Oct 18 01:23:42 2009 /sbin/route add -net 1.0.0.0 netmask 255.0.0.0 gw 1.2.124.1
Sun Oct 18 01:23:42 2009 Initialization Sequence Completed"

Hope that helps.
Last edited by icbolsh; 2009-10-17 at 17:30.