리눅스

OpenVPN 클라이언트 연결(홍석범님 보안관리 실무서적 관련)

최광민 작성
작성일 2007.03.30 11:31

5,549 조회
0 추천
목록

최저가 서버호스팅 제공 : 85,000원/월

안녕하십니까 몇일째 openvpn 때문에 삽질의 연속이군요..

홍보성님등 여러분들의 도움으로 어찌 어찌 서버의 실행과 클라이언트의 연결까지는 된것 같은데...

Windows XP (클라이언트)에서 연결후 가상의 네트웍 디바이스인 "로컬영역 연결 4"가 네크워크 케이블 언플러그 상태로 나옵니다.

Openvpn Client 의 커넥션은 이루어 졌구요..

openvpn client 측 conifg와 로그를 첨부 합니다.

============================= config =====================================

client
tls-client

dev tap0
;dev tun0

proto udp

remote 220.95.214.33 1194

#ifconfig 10.1.0.2 255.255.255.0

ping 10

resolv-retry infinite

nobind

# Downgrade privileges after initialization (non-Windows only)
;user nobody
;group nobody

persist-key
persist-tun

ca ca.crt
cert client.crt
key client.key

comp-lzo

verb 4

============================ status log ====================================

Fri Mar 30 11:26:39 2007 us=274088 Current Parameter Settings:
Fri Mar 30 11:26:39 2007 us=274158   config = 'client.ovpn'
Fri Mar 30 11:26:39 2007 us=274171   mode = 0
Fri Mar 30 11:26:39 2007 us=274183   show_ciphers = DISABLED
Fri Mar 30 11:26:39 2007 us=274196   show_digests = DISABLED
Fri Mar 30 11:26:39 2007 us=274208   show_engines = DISABLED
Fri Mar 30 11:26:39 2007 us=274220   genkey = DISABLED
Fri Mar 30 11:26:39 2007 us=274233   key_pass_file = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=274246   show_tls_ciphers = DISABLED
Fri Mar 30 11:26:39 2007 us=274258   proto = 0
Fri Mar 30 11:26:39 2007 us=274269   local = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=274283   remote_list[0] = {'220.95.214.33', 1194}
Fri Mar 30 11:26:39 2007 us=274296   remote_random = DISABLED
Fri Mar 30 11:26:39 2007 us=274308   local_port = 1194
Fri Mar 30 11:26:39 2007 us=274320   remote_port = 1194
Fri Mar 30 11:26:39 2007 us=274332   remote_float = DISABLED
Fri Mar 30 11:26:39 2007 us=274345   ipchange = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=274357   bind_local = DISABLED
Fri Mar 30 11:26:39 2007 us=274369   dev = 'tap0'
Fri Mar 30 11:26:39 2007 us=274380   dev_type = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=274392   dev_node = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=274406   tun_ipv6 = DISABLED
Fri Mar 30 11:26:39 2007 us=274418   ifconfig_local = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=274431   ifconfig_remote_netmask = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=274445   ifconfig_noexec = DISABLED
Fri Mar 30 11:26:39 2007 us=274458   ifconfig_nowarn = DISABLED
Fri Mar 30 11:26:39 2007 us=274470   shaper = 0
Fri Mar 30 11:26:39 2007 us=274482   tun_mtu = 1500
Fri Mar 30 11:26:39 2007 us=274494   tun_mtu_defined = ENABLED
Fri Mar 30 11:26:39 2007 us=274507   link_mtu = 1500
Fri Mar 30 11:26:39 2007 us=274519   link_mtu_defined = DISABLED
Fri Mar 30 11:26:39 2007 us=274532   tun_mtu_extra = 32
Fri Mar 30 11:26:39 2007 us=274545   tun_mtu_extra_defined = ENABLED
Fri Mar 30 11:26:39 2007 us=274558   fragment = 0
Fri Mar 30 11:26:39 2007 us=274570   mtu_discover_type = -1
Fri Mar 30 11:26:39 2007 us=274583   mtu_test = 0
Fri Mar 30 11:26:39 2007 us=274596   mlock = DISABLED
Fri Mar 30 11:26:39 2007 us=274609   keepalive_ping = 0
Fri Mar 30 11:26:39 2007 us=274621   keepalive_timeout = 0
Fri Mar 30 11:26:39 2007 us=274634   inactivity_timeout = 0
Fri Mar 30 11:26:39 2007 us=274647   ping_send_timeout = 10
Fri Mar 30 11:26:39 2007 us=274660   ping_rec_timeout = 120
Fri Mar 30 11:26:39 2007 us=274679   ping_rec_timeout_action = 2
Fri Mar 30 11:26:39 2007 us=274693   ping_timer_remote = DISABLED
Fri Mar 30 11:26:39 2007 us=274705   remap_sigusr1 = 0
Fri Mar 30 11:26:39 2007 us=274717   explicit_exit_notification = 0
Fri Mar 30 11:26:39 2007 us=274730   persist_tun = ENABLED
Fri Mar 30 11:26:39 2007 us=274742   persist_local_ip = DISABLED
Fri Mar 30 11:26:39 2007 us=274754   persist_remote_ip = DISABLED
Fri Mar 30 11:26:39 2007 us=274767   persist_key = ENABLED
Fri Mar 30 11:26:39 2007 us=274779   mssfix = 1450
Fri Mar 30 11:26:39 2007 us=274791   resolve_retry_seconds = 1000000000
Fri Mar 30 11:26:39 2007 us=274803   connect_retry_seconds = 5
Fri Mar 30 11:26:39 2007 us=274815   username = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=274828   groupname = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=274841   chroot_dir = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=274853   cd_dir = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=274865   writepid = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=274877   up_script = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=274889   down_script = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=274900   down_pre = DISABLED
Fri Mar 30 11:26:39 2007 us=274912   up_restart = DISABLED
Fri Mar 30 11:26:39 2007 us=274924   up_delay = DISABLED
Fri Mar 30 11:26:39 2007 us=274936   daemon = DISABLED
Fri Mar 30 11:26:39 2007 us=274948   inetd = 0
Fri Mar 30 11:26:39 2007 us=274960   log = DISABLED
Fri Mar 30 11:26:39 2007 us=274972   suppress_timestamps = DISABLED
Fri Mar 30 11:26:39 2007 us=274985   nice = 0
Fri Mar 30 11:26:39 2007 us=275002   verbosity = 4
Fri Mar 30 11:26:39 2007 us=442847   mute = 0
Fri Mar 30 11:26:39 2007 us=442869   gremlin = 0
Fri Mar 30 11:26:39 2007 us=442881   status_file = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=442895   status_file_version = 1
Fri Mar 30 11:26:39 2007 us=442908   status_file_update_freq = 60
Fri Mar 30 11:26:39 2007 us=442921   occ = ENABLED
Fri Mar 30 11:26:39 2007 us=442934   rcvbuf = 0
Fri Mar 30 11:26:39 2007 us=442948   sndbuf = 0
Fri Mar 30 11:26:39 2007 us=442961   socks_proxy_server = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=442983   socks_proxy_port = 0
Fri Mar 30 11:26:39 2007 us=442996   socks_proxy_retry = DISABLED
Fri Mar 30 11:26:39 2007 us=443009   fast_io = DISABLED
Fri Mar 30 11:26:39 2007 us=443021   comp_lzo = ENABLED
Fri Mar 30 11:26:39 2007 us=443034   comp_lzo_adaptive = ENABLED
Fri Mar 30 11:26:39 2007 us=443047   route_script = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=443060   route_default_gateway = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=443073   route_noexec = DISABLED
Fri Mar 30 11:26:39 2007 us=452903   route_delay = 0
Fri Mar 30 11:26:39 2007 us=452923   route_delay_window = 30
Fri Mar 30 11:26:39 2007 us=452936   route_delay_defined = ENABLED
Fri Mar 30 11:26:39 2007 us=452950   management_addr = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=452963   management_port = 0
Fri Mar 30 11:26:39 2007 us=452976   management_user_pass = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=452989   management_log_history_cache = 250
Fri Mar 30 11:26:39 2007 us=453005   management_echo_buffer_size = 100
Fri Mar 30 11:26:39 2007 us=453019   management_query_passwords = DISABLED
Fri Mar 30 11:26:39 2007 us=453032   management_hold = DISABLED
Fri Mar 30 11:26:39 2007 us=453046   shared_secret_file = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=453059   key_direction = 0
Fri Mar 30 11:26:39 2007 us=453072   ciphername_defined = ENABLED
Fri Mar 30 11:26:39 2007 us=453085   ciphername = 'BF-CBC'
Fri Mar 30 11:26:39 2007 us=453098   authname_defined = ENABLED
Fri Mar 30 11:26:39 2007 us=463627   authname = 'SHA1'
Fri Mar 30 11:26:39 2007 us=463648   keysize = 0
Fri Mar 30 11:26:39 2007 us=463660   engine = DISABLED
Fri Mar 30 11:26:39 2007 us=463673   replay = ENABLED
Fri Mar 30 11:26:39 2007 us=463686   mute_replay_warnings = DISABLED
Fri Mar 30 11:26:39 2007 us=463699   replay_window = 64
Fri Mar 30 11:26:39 2007 us=463712   replay_time = 15
Fri Mar 30 11:26:39 2007 us=463724   packet_id_file = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=463737   use_iv = ENABLED
Fri Mar 30 11:26:39 2007 us=463750   test_crypto = DISABLED
Fri Mar 30 11:26:39 2007 us=463762   tls_server = DISABLED
Fri Mar 30 11:26:39 2007 us=463775   tls_client = ENABLED
Fri Mar 30 11:26:39 2007 us=463787   key_method = 2
Fri Mar 30 11:26:39 2007 us=463800   ca_file = 'ca.crt'
Fri Mar 30 11:26:39 2007 us=463813   dh_file = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=463825   cert_file = 'client.crt'
Fri Mar 30 11:26:39 2007 us=474792   priv_key_file = 'client.key'
Fri Mar 30 11:26:39 2007 us=474813   pkcs12_file = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=474825   cryptoapi_cert = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=474839   cipher_list = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=474851   tls_verify = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=474864   tls_remote = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=474878   crl_file = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=474901   ns_cert_type = 0
Fri Mar 30 11:26:39 2007 us=474913   tls_timeout = 2
Fri Mar 30 11:26:39 2007 us=474926   renegotiate_bytes = 0
Fri Mar 30 11:26:39 2007 us=474939   renegotiate_packets = 0
Fri Mar 30 11:26:39 2007 us=474953   renegotiate_seconds = 3600
Fri Mar 30 11:26:39 2007 us=474966   handshake_window = 60
Fri Mar 30 11:26:39 2007 us=474978   transition_window = 3600
Fri Mar 30 11:26:39 2007 us=474992   single_session = DISABLED
Fri Mar 30 11:26:39 2007 us=475005   tls_exit = DISABLED
Fri Mar 30 11:26:39 2007 us=487389   tls_auth_file = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=487423   server_network = 0.0.0.0
Fri Mar 30 11:26:39 2007 us=487437   server_netmask = 0.0.0.0
Fri Mar 30 11:26:39 2007 us=487451   server_bridge_ip = 0.0.0.0
Fri Mar 30 11:26:39 2007 us=487465   server_bridge_netmask = 0.0.0.0
Fri Mar 30 11:26:39 2007 us=487479   server_bridge_pool_start = 0.0.0.0
Fri Mar 30 11:26:39 2007 us=487493   server_bridge_pool_end = 0.0.0.0
Fri Mar 30 11:26:39 2007 us=487507   ifconfig_pool_defined = DISABLED
Fri Mar 30 11:26:39 2007 us=487520   ifconfig_pool_start = 0.0.0.0
Fri Mar 30 11:26:39 2007 us=487534   ifconfig_pool_end = 0.0.0.0
Fri Mar 30 11:26:39 2007 us=487548   ifconfig_pool_netmask = 0.0.0.0
Fri Mar 30 11:26:39 2007 us=487563   ifconfig_pool_persist_filename = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=487601   ifconfig_pool_persist_refresh_freq = 600
Fri Mar 30 11:26:39 2007 us=487616   ifconfig_pool_linear = DISABLED
Fri Mar 30 11:26:39 2007 us=487629   n_bcast_buf = 256
Fri Mar 30 11:26:39 2007 us=499552   tcp_queue_limit = 64
Fri Mar 30 11:26:39 2007 us=499572   real_hash_size = 256
Fri Mar 30 11:26:39 2007 us=499584   virtual_hash_size = 256
Fri Mar 30 11:26:39 2007 us=499597   client_connect_script = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=499611   learn_address_script = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=499624   client_disconnect_script = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=499637   client_config_dir = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=499650   ccd_exclusive = DISABLED
Fri Mar 30 11:26:39 2007 us=499662   tmp_dir = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=499676   push_ifconfig_defined = DISABLED
Fri Mar 30 11:26:39 2007 us=499692   push_ifconfig_local = 0.0.0.0
Fri Mar 30 11:26:39 2007 us=499707   push_ifconfig_remote_netmask = 0.0.0.0
Fri Mar 30 11:26:39 2007 us=499721   enable_c2c = DISABLED
Fri Mar 30 11:26:39 2007 us=499734   duplicate_cn = DISABLED
Fri Mar 30 11:26:39 2007 us=499746   cf_max = 0
Fri Mar 30 11:26:39 2007 us=510510   cf_per = 0
Fri Mar 30 11:26:39 2007 us=510533   max_clients = 1024
Fri Mar 30 11:26:39 2007 us=510546   max_routes_per_client = 256
Fri Mar 30 11:26:39 2007 us=510559   client_cert_not_required = DISABLED
Fri Mar 30 11:26:39 2007 us=510573   username_as_common_name = DISABLED
Fri Mar 30 11:26:39 2007 us=510587   auth_user_pass_verify_script = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=510601   auth_user_pass_verify_script_via_file = DISABLED
Fri Mar 30 11:26:39 2007 us=510614   client = ENABLED
Fri Mar 30 11:26:39 2007 us=510627   pull = ENABLED
Fri Mar 30 11:26:39 2007 us=510640   auth_user_pass_file = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=510657   show_net_up = DISABLED
Fri Mar 30 11:26:39 2007 us=510670   route_method = 0
Fri Mar 30 11:26:39 2007 us=510683   ip_win32_defined = DISABLED
Fri Mar 30 11:26:39 2007 us=510695   ip_win32_type = 3
Fri Mar 30 11:26:39 2007 us=510709   dhcp_masq_offset = 0
Fri Mar 30 11:26:39 2007 us=522677   dhcp_lease_time = 31536000
Fri Mar 30 11:26:39 2007 us=522697   tap_sleep = 0
Fri Mar 30 11:26:39 2007 us=522710   dhcp_options = DISABLED
Fri Mar 30 11:26:39 2007 us=522723   dhcp_renew = DISABLED
Fri Mar 30 11:26:39 2007 us=522758   dhcp_pre_release = DISABLED
Fri Mar 30 11:26:39 2007 us=522770   dhcp_release = DISABLED
Fri Mar 30 11:26:39 2007 us=522782   domain = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=522795   netbios_scope = '[UNDEF]'
Fri Mar 30 11:26:39 2007 us=522808   netbios_node_type = 0
Fri Mar 30 11:26:39 2007 us=522820   disable_nbt = DISABLED
Fri Mar 30 11:26:39 2007 us=522843 OpenVPN 2.0.7 Win32-MinGW [SSL] [LZO] built on Apr 12 2006
Fri Mar 30 11:26:39 2007 us=522987 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Fri Mar 30 11:26:39 2007 us=523003 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Fri Mar 30 11:26:39 2007 us=539178 LZO compression initialized
Fri Mar 30 11:26:39 2007 us=539324 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
Fri Mar 30 11:26:39 2007 us=540997 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
Fri Mar 30 11:26:39 2007 us=541056 Local Options String: 'V4,dev-type tap,link-mtu 1574,tun-mtu 1532,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Fri Mar 30 11:26:39 2007 us=541072 Expected Remote Options String: 'V4,dev-type tap,link-mtu 1574,tun-mtu 1532,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Fri Mar 30 11:26:39 2007 us=541109 Local Options hash (VER=V4): 'd79ca330'
Fri Mar 30 11:26:39 2007 us=541133 Expected Remote Options hash (VER=V4): 'f7df56b8'
Fri Mar 30 11:26:39 2007 us=541173 Socket Buffers: R=[8192->8192] S=[8192->8192]
Fri Mar 30 11:26:39 2007 us=541195 UDPv4 link local: [undef]
Fri Mar 30 11:26:39 2007 us=554198 UDPv4 link remote: 220.95.214.33:1194
Fri Mar 30 11:26:39 2007 us=583347 TLS: Initial packet from 220.95.214.33:1194, sid=52826737 ae06d2ac
Fri Mar 30 11:26:39 2007 us=660291 VERIFY OK: depth=1, /C=KR/ST=NA/L=SEOUL/O=BeNICE/OU=IDC/CN=benice-web/emailAddress=rootchoi@benicetech.co.kr
Fri Mar 30 11:26:39 2007 us=661103 VERIFY OK: depth=0, /C=KR/ST=NA/O=BeNICE/OU=IDC/CN=benice-web/emailAddress=rootchoi@benicetech.co.kr

도움주시면 정말 감사하겠습니다.

이전

페도라 코어4에서 Raid 1 로 구성시 문제

작성일 2007.03.31 00:51
다음

OpenVPN 클라이언트 연결(홍석범님 보안관리 실무서적 관련)

작성일 2007.03.31 01:16

등록된 댓글이 없습니다.

로그인한 회원만 댓글 등록이 가능합니다.

메뉴
검색
클라우드포털

OpenVPN 클라이언트 연결(홍석범님 보안관리 실무서적 관련)

공지사항

뉴스광장

작성자 정보

컨텐츠 정보

본문

관련자료

공지사항

뉴스광장