![]() |
2010-02-02
, 22:31
|
Posts: 89 |
Thanked: 6 times |
Joined on Feb 2010
|
#31
|
![]() |
2010-02-17
, 19:26
|
Posts: 8 |
Thanked: 0 times |
Joined on Feb 2010
|
#32
|
i have another problem with sip. if im in wlan i can connect to my asterisk server.
if im in another wlan or umts, i installed openvpn to get a home ip adress.
but the buildin sip client seems to only try to connect over umts directly,
ssh or pinging works on both ends of openvpn
![]() |
2010-03-12
, 16:41
|
Posts: 2 |
Thanked: 1 time |
Joined on Mar 2010
|
#33
|
![]() |
2010-03-12
, 18:05
|
Posts: 89 |
Thanked: 6 times |
Joined on Feb 2010
|
#34
|
![]() |
2010-04-09
, 19:42
|
Posts: 306 |
Thanked: 106 times |
Joined on Feb 2010
|
#35
|
port 1194 proto udp dev tun ca privnet/ca.crt cert privnet/server.crt key privnet/server.key dh privnet/dh1024.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt push "redirect-gateway def1 bypass-dhcp" keepalive 10 120 comp-lzo user nobody group nobody persist-key persist-tun status openvpn-status.log verb 3
client script-security 2 up /etc/openvpn/nokia.up down /etc/openvpn/nokia.down dev tun proto udp remote asterisk.dyndns.org 1194 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert client.crt key client.key ns-cert-type server comp-lzo verb 3
nokia.up #!/bin/sh run-standalone.sh /usr/bin/mc-tool update sofiasip/sip/_3101_40asterisk_2edyndns_2eorg0 string:local-ip-address=$4 run-standalone.sh /usr/bin/mc-tool enable sofiasip/sip/_3101_40asterisk_2edyndns_2eor nokia.down run-standalone.sh /usr/bin/mc-tool disable sofiasip/sip/_3101_40asterisk_2edyndns_2eorg0
Apr 9 20:26:05 2010 OpenVPN 2.1_rc20 arm-unknown-linux-gnueabi [SSL] [LZO2] [EPOLL] [MH] [PF_INET6] built on Nov 29 2009 Fri Apr 9 20:26:05 2010 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Fri Apr 9 20:26:05 2010 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted> Fri Apr 9 20:26:05 2010 ******* WARNING *******: 'client.key' cannot be verified as a non-vulnerable key. See 'man openssl-vulnkey' for details. Fri Apr 9 20:26:05 2010 LZO compression initialized Fri Apr 9 20:26:05 2010 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] Fri Apr 9 20:26:05 2010 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Fri Apr 9 20:26:05 2010 Local Options hash (VER=V4): '41690919' Fri Apr 9 20:26:05 2010 Expected Remote Options hash (VER=V4): '530fdded' Fri Apr 9 20:26:05 2010 Socket Buffers: R=[65536->131072] S=[16384->131072] Fri Apr 9 20:26:05 2010 UDPv4 link local: [undef] Fri Apr 9 20:26:05 2010 UDPv4 link remote: [AF_INET]86.9.87.233:1194 Fri Apr 9 20:26:05 2010 TLS: Initial packet from [AF_INET]86.9.87.233:1194, sid=a7692b5f 7a0dab40 Fri Apr 9 20:26:09 2010 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=Fort-Funston_CA/emailAddress=me@myhost.mydomain Fri Apr 9 20:26:09 2010 VERIFY OK: nsCertType=SERVER Fri Apr 9 20:26:09 2010 VERIFY OK: depth=0, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=server/emailAddress=me@myhost.mydomain Fri Apr 9 20:26:16 2010 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Fri Apr 9 20:26:16 2010 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Fri Apr 9 20:26:16 2010 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Fri Apr 9 20:26:16 2010 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Fri Apr 9 20:26:16 2010 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Fri Apr 9 20:26:16 2010 [server] Peer Connection Initiated with [AF_INET]86.9.87.233:1194 Fri Apr 9 20:26:18 2010 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) Fri Apr 9 20:26:19 2010 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 1 Fri Apr 9 20:26:19 2010 OPTIONS IMPORT: timers and/or timeouts modified Fri Apr 9 20:26:19 2010 OPTIONS IMPORT: --ifconfig/up options modified Fri Apr 9 20:26:19 2010 OPTIONS IMPORT: route options modified Fri Apr 9 20:26:19 2010 ROUTE default_gateway=192.168.1.254 Fri Apr 9 20:26:19 2010 TUN/TAP device tun0 opened Fri Apr 9 20:26:19 2010 TUN/TAP TX queue length set to 100 Fri Apr 9 20:26:19 2010 /sbin/ifconfig tun0 10.8.0.6 pointopoint 10.8.0.5 mtu 1500 Fri Apr 9 20:26:19 2010 /etc/openvpn/nokia.up tun0 1500 1542 10.8.0.6 10.8.0.5 init Fri Apr 9 20:26:20 2010 /sbin/route add -net 86.9.87.233 netmask 255.255.255.255 gw 192.168.1.254 Fri Apr 9 20:26:20 2010 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.8.0.5 Fri Apr 9 20:26:20 2010 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.8.0.5 Fri Apr 9 20:26:20 2010 /sbin/route add -net 10.8.0.1 netmask 255.255.255.255 gw 10.8.0.5 Fri Apr 9 20:26:20 2010 Initialization Sequence Completed
echo 1 > /proc/sys/net/ipv4/ip_forward
![]() |
2010-04-10
, 08:44
|
Posts: 306 |
Thanked: 106 times |
Joined on Feb 2010
|
#37
|
See bug 1860.
![]() |
2010-04-10
, 19:42
|
Posts: 2,802 |
Thanked: 4,491 times |
Joined on Nov 2007
|
#38
|
![]() |
2010-04-10
, 20:54
|
Posts: 306 |
Thanked: 106 times |
Joined on Feb 2010
|
#39
|
Does 10.8.0.5 NAT traffic from the N900? It won't go far with a 10.8.0.6 source address.
![]() |
2010-04-10
, 21:34
|
Posts: 306 |
Thanked: 106 times |
Joined on Feb 2010
|
#40
|
Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.8.0.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0 10.8.0.1 10.8.0.5 255.255.255.255 UGH 0 0 0 tun0 86.9.87.233 192.168.1.254 255.255.255.255 UGH 0 0 0 wlan0 192.168.1.0 10.8.0.5 255.255.255.0 UG 0 0 0 tun0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0 0.0.0.0 10.8.0.5 128.0.0.0 UG 0 0 0 tun0 128.0.0.0 10.8.0.5 128.0.0.0 UG 0 0 0 tun0 0.0.0.0 192.168.1.254 0.0.0.0 UG 0 0 0 wlan0
#route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.8.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0 10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0