how to enable openvpn?
wsdjeg opened this issue · 3 comments
wsdjeg commented
Problems summary
sudo openvpn sg_vip_a.ovpn
Fri Jul 1 23:42:41 2016 OpenVPN 2.3.11 i686-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on May 12 2016
Fri Jul 1 23:42:41 2016 library versions: OpenSSL 1.0.2h 3 May 2016, LZO 2.09
Enter Auth Username: **************
Enter Auth Password: ********
Fri Jul 1 23:42:50 2016 Control Channel Authentication: tls-auth using INLINE static key file
Fri Jul 1 23:42:50 2016 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Jul 1 23:42:50 2016 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Jul 1 23:42:50 2016 Socket Buffers: R=[87380->131072] S=[16384->131072]
Fri Jul 1 23:42:50 2016 Attempting to establish TCP connection with [AF_INET]120.76.96.138:53 [nonblock]
Fri Jul 1 23:42:51 2016 TCP connection established with [AF_INET]120.76.96.138:53
Fri Jul 1 23:42:51 2016 TCPv4_CLIENT link local: [undef]
Fri Jul 1 23:42:51 2016 TCPv4_CLIENT link remote: [AF_INET]120.76.96.138:53
Fri Jul 1 23:42:51 2016 TLS: Initial packet from [AF_INET]120.76.96.138:53, sid=d55df0e3 afdeb9d1
Fri Jul 1 23:42:52 2016 VERIFY OK: depth=1, C=CN, ST=GD, L=SZ, O=LoCo, OU=LY, CN=LY, name=LY, emailAddress=2596919966@qq.com
Fri Jul 1 23:42:52 2016 VERIFY OK: nsCertType=SERVER
Fri Jul 1 23:42:52 2016 VERIFY OK: depth=0, C=CN, ST=GD, L=SZ, O=LoCo, OU=LY, CN=LY, name=LY, emailAddress=2596919966@qq.com
Fri Jul 1 23:42:52 2016 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1576', remote='link-mtu 1544'
Fri Jul 1 23:42:52 2016 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'
Fri Jul 1 23:42:52 2016 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Jul 1 23:42:52 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Jul 1 23:42:52 2016 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Jul 1 23:42:52 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Jul 1 23:42:52 2016 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
Fri Jul 1 23:42:52 2016 [LY] Peer Connection Initiated with [AF_INET]120.76.96.138:53
Fri Jul 1 23:42:54 2016 SENT CONTROL [LY]: 'PUSH_REQUEST' (status=1)
Fri Jul 1 23:42:54 2016 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route-gateway 10.3.40.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.3.40.159 255.255.255.0'
Fri Jul 1 23:42:54 2016 OPTIONS IMPORT: timers and/or timeouts modified
Fri Jul 1 23:42:54 2016 OPTIONS IMPORT: --ifconfig/up options modified
Fri Jul 1 23:42:54 2016 OPTIONS IMPORT: route options modified
Fri Jul 1 23:42:54 2016 NOTE: --mute triggered...
Fri Jul 1 23:42:54 2016 2 variation(s) on previous 5 message(s) suppressed by --mute
Fri Jul 1 23:42:54 2016 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=wlp3s0 HWADDR=78:92:9c:87:27:18
Fri Jul 1 23:42:54 2016 TUN/TAP device tun0 opened
Fri Jul 1 23:42:54 2016 TUN/TAP TX queue length set to 100
Fri Jul 1 23:42:54 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Fri Jul 1 23:42:54 2016 /usr/bin/ip link set dev tun0 up mtu 1500
Fri Jul 1 23:42:54 2016 /usr/bin/ip addr add dev tun0 10.3.40.159/24 broadcast 10.3.40.255
Fri Jul 1 23:42:54 2016 /usr/bin/ip route add 120.76.96.138/32 via 192.168.1.1
Fri Jul 1 23:42:54 2016 /usr/bin/ip route add 0.0.0.0/1 via 10.3.40.1
Fri Jul 1 23:42:54 2016 /usr/bin/ip route add 128.0.0.0/1 via 10.3.40.1
Fri Jul 1 23:42:54 2016 /usr/bin/ip route add 120.76.96.138/32 via 192.168.1.1
RTNETLINK answers: File exists
Fri Jul 1 23:42:54 2016 ERROR: Linux route add command failed: external program exited with error status: 2
Fri Jul 1 23:42:54 2016 Initialization Sequence Completed
gravcat commented
Fri Jul 1 23:42:54 2016 ERROR: Linux route add command failed: external program exited with error status: 2
wsdjeg: your openvpn configuration server-side may be attempting to push a route to a client, that already exists on the client. I would contact your VPN provider for support as you are paying for the service you mentioned.
wsdjeg commented
@gravcat thanks, I am using pptpclient now,
follow http://blog.fens.me/vpn-pptp-client-ubuntu/
but the scripts in ip-up.d/ and ip-down.d/ do not executed after pon and poff.
just read http://bbs.chinaunix.net/thread-2023922-1-1.html
than I check the code in /etc/ppp/ip-up, it auto execute scripts end with .sh in ip-up.d/ and ip-down.d/ .
so I change the file name.
wsdjeg commented
now everything works well