Opgelost! Ga naar oplossing.
Mon Dec 3 13:14:56 2018 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220
#!/bin/bash
#
# Parses DHCP options from openvpn to update resolv.conf
# To use set as 'up' and 'down' script in your openvpn *.conf:
# up /etc/openvpn/update-resolv-conf
# down /etc/openvpn/update-resolv-conf
#
# Used snippets of resolvconf script by Thomas Hood and Chris Hanson.
# Licensed under the GNU GPL. See /usr/share/common-licenses/GPL.
#
# Example envs set from openvpn:
#
# foreign_option_1='dhcp-option DNS 193.43.27.132'
# foreign_option_2='dhcp-option DNS 193.43.27.133'
# foreign_option_3='dhcp-option DOMAIN be.bnc.ch'
#
[ -x /sbin/resolvconf ] || exit 0
[ "$script_type" ] || exit 0
[ "$dev" ] || exit 0
split_into_parts()
{
part1="$1"
part2="$2"
part3="$3"
}
case "$script_type" in
up)
NMSRVRS=""
SRCHS=""
for optionvarname in ${!foreign_option_*} ; do
option="${!optionvarname}"
echo "$option"
split_into_parts $option
if [ "$part1" = "dhcp-option" ] ; then
if [ "$part2" = "DNS" ] ; then
NMSRVRS="${NMSRVRS:+$NMSRVRS }$part3"
elif [ "$part2" = "DOMAIN" ] ; then
SRCHS="${SRCHS:+$SRCHS }$part3"
fi
fi
done
R=""
[ "$SRCHS" ] && R="search $SRCHS
"
for NS in $NMSRVRS ; do
R="${R}nameserver $NS
"
done
echo -n "$R" | /sbin/resolvconf -a "${dev}.openvpn"
;;
down)
/sbin/resolvconf -d "${dev}.openvpn"
;;
esac
chmod +x /etc/openvpn/update-resolv-conf
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
Jij bent de IT-hulplijn in je straat, de verlichting werkt thuis op commando en je groet de pakketbezorger met de slimme deurbel. Herkenbaar? Dan zijn de Community events echt iets voor jou! Doe mee en sluit je aan.
tls-auth login.txt
auth-user-pass login.txt
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
9aaf4ed69be7de2175f919ce46c8619benn0geenhe1eb0e1cijfersen1etters
-----END OpenVPN Static key V1-----
yourusername
yourpassword
ca xxxx.crt
tls-auth ta.key
remote us-6.goosevpn.com 443
client
proto tcp-client
dev tun
auth-user-pass login.txt
cipher AES-256-CBC
nobind
verb 3
comp-lzo
tun-mtu 1470
mssfix 1460
keepalive 5 60
ca xxxx.crt
log /etc/openvpn/openvpn.log
ifconfig
route
traceroute 1.1.1.1
Mon Dec 3 13:14:51 2018 OpenVPN 2.3.6 mipsel-oe-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Mar 2 2018
Mon Dec 3 13:14:51 2018 library versions: OpenSSL 1.0.2a 19 Mar 2015, LZO 2.09
Mon Dec 3 13:14:51 2018 WARNING: file 'login.txt' is group or others accessible
Mon Dec 3 13:14:51 2018 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1470)
Mon Dec 3 13:14:51 2018 Socket Buffers: R=[87380->131072] S=[16384->131072]
Mon Dec 3 13:14:51 2018 Attempting to establish TCP connection with [AF_INET]204.155.30.9:443 [nonblock]
Mon Dec 3 13:14:52 2018 TCP connection established with [AF_INET]204.155.30.9:443
Mon Dec 3 13:14:52 2018 TCPv4_CLIENT link local: [undef]
Mon Dec 3 13:14:52 2018 TCPv4_CLIENT link remote: [AF_INET]204.155.30.9:443
Mon Dec 3 13:14:52 2018 TLS: Initial packet from [AF_INET]204.155.30.9:443, sid=518adb91 6121a8db
Mon Dec 3 13:14:52 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Dec 3 13:14:52 2018 VERIFY OK: depth=1, C=NL, ST=South Holland, L=Rotterdam, O=GOOSE, OU=MyOrganizationalUnit, CN=GOOSE CA, name=EasyRSA, emailAddress=info@goosevpn.com
Mon Dec 3 13:14:52 2018 Validating certificate key usage
Mon Dec 3 13:14:52 2018 ++ Certificate has key usage 00a0, expects 00a0
Mon Dec 3 13:14:52 2018 VERIFY KU OK
Mon Dec 3 13:14:52 2018 Validating certificate extended key usage
Mon Dec 3 13:14:52 2018 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Mon Dec 3 13:14:52 2018 VERIFY EKU OK
Mon Dec 3 13:14:52 2018 VERIFY OK: depth=0, C=NL, ST=South Holland, L=Rotterdam, O=GOOSE, OU=MyOrganizationalUnit, CN=vpn.goosevpn.com, name=EasyRSA, emailAddress=info@goosevpn.com
Mon Dec 3 13:14:54 2018 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1530', remote='link-mtu 9060'
Mon Dec 3 13:14:54 2018 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1470', remote='tun-mtu 9000'
Mon Dec 3 13:14:54 2018 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Dec 3 13:14:54 2018 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Dec 3 13:14:54 2018 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Dec 3 13:14:54 2018 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Dec 3 13:14:54 2018 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Mon Dec 3 13:14:54 2018 [vpn.goosevpn.com] Peer Connection Initiated with [AF_INET]204.155.30.9:443
Mon Dec 3 13:14:56 2018 SENT CONTROL [vpn.goosevpn.com]: 'PUSH_REQUEST' (status=1)
Mon Dec 3 13:14:56 2018 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route 10.31.4.1,topology net30,ping 5,ping-restart 60,socket-flags TCP_NODELAY,ifconfig 10.31.4.18 10.31.4.17'
Mon Dec 3 13:14:56 2018 OPTIONS IMPORT: timers and/or timeouts modified
Mon Dec 3 13:14:56 2018 OPTIONS IMPORT: --socket-flags option modified
Mon Dec 3 13:14:56 2018 Socket flags: TCP_NODELAY=1 succeeded
Mon Dec 3 13:14:56 2018 OPTIONS IMPORT: --ifconfig/up options modified
Mon Dec 3 13:14:56 2018 OPTIONS IMPORT: route options modified
Mon Dec 3 13:14:56 2018 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mon Dec 3 13:14:56 2018 ROUTE_GATEWAY 192.168.178.1/255.255.255.0 IFACE=wlan0 HWADDR=f4:28:53:00:0d:43
Mon Dec 3 13:14:56 2018 TUN/TAP device tun0 opened
Mon Dec 3 13:14:56 2018 TUN/TAP TX queue length set to 100
Mon Dec 3 13:14:56 2018 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mon Dec 3 13:14:56 2018 /sbin/ip link set dev tun0 up mtu 1470
Mon Dec 3 13:14:56 2018 /sbin/ip addr add dev tun0 local 10.31.4.18 peer 10.31.4.17
Mon Dec 3 13:14:56 2018 /sbin/ip route add 204.155.30.9/32 via 192.168.178.1
Mon Dec 3 13:14:56 2018 /sbin/ip route add 0.0.0.0/1 via 10.31.4.17
Mon Dec 3 13:14:56 2018 /sbin/ip route add 128.0.0.0/1 via 10.31.4.17
Mon Dec 3 13:14:56 2018 /sbin/ip route add 10.31.4.1/32 via 10.31.4.17
Mon Dec 3 13:14:56 2018 Initialization Sequence Completed
Vul de belangrijkste trefwoorden in en vind het topic die past bij je vraag. Onze community zit boordevol kennis.
Start je eigen topic en krijg hulp van anderen. Op de community helpen ervaren klanten je graag op weg.