ono totiz prikaz redirect-gateway zna parametry jen local, def1 a jeste par dalsich, ale ne IP adresu. tento prikaz tedy vyhodte. Bude tam jen redirect-gateway def1, ten druhy s IP ne. (IP adresu brany si vymysli klient sam podle IP a routy serveru s VPN.)
Doufam, ze tohle je posledni chytak
[/quote]
dle vaší rady jsme to zapoznámkoval, furt to nejde.
log clienta:
WRWWRWRRRWWRWRWRRWWRWRWRRWWRWRWRRWWRWRWRRWWRWRWRRWWRWWWWRWRRRWWWRWRWRRWWRWRWRRWWRWRWRRWWRWRWRRRRRRRWWRWRWRRWWRWRWRRWWWWWRRRRRRWWWRRRRWWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWRrWrWrWrWrWrWrWrWrWRwRwWRThu Jun 02 09:21:04 2011 us=750000 Current Parameter Settings:
Thu Jun 02 09:21:04 2011 us=750000 config = 'client.ovpn'
Thu Jun 02 09:21:05 2011 us=406000 server_network = 0.0.0.0
Thu Jun 02 09:21:05 2011 us=406000 server_netmask = 0.0.0.0
Thu Jun 02 09:21:05 2011 us=406000 server_bridge_ip = 0.0.0.0
Thu Jun 02 09:21:05 2011 us=453000 server_bridge_netmask = 0.0.0.0
Thu Jun 02 09:21:05 2011 us=453000 server_bridge_pool_start = 0.0.0.0
Thu Jun 02 09:21:05 2011 us=453000 server_bridge_pool_end = 0.0.0.0
Thu Jun 02 09:21:05 2011 us=453000 ifconfig_pool_defined = DISABLED
Thu Jun 02 09:21:05 2011 us=453000 ifconfig_pool_start = 0.0.0.0
Thu Jun 02 09:21:05 2011 us=453000 ifconfig_pool_end = 0.0.0.0
Thu Jun 02 09:21:05 2011 us=453000 ifconfig_pool_netmask = 0.0.0.0
Thu Jun 02 09:21:05 2011 us=453000 ifconfig_pool_persist_filename = '[UNDEF]'
Thu Jun 02 09:21:05 2011 us=453000 ifconfig_pool_persist_refresh_freq = 600
Thu Jun 02 09:21:05 2011 us=562000 OpenVPN 2.1.4 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Nov 8 2010
Thu Jun 02 09:21:05 2011 us=562000 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Thu Jun 02 09:21:05 2011 us=890000 LZO compression initialized
Thu Jun 02 09:21:05 2011 us=890000 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Jun 02 09:21:05 2011 us=906000 Socket Buffers: R=[8192->8192] S=[8192->8192]
Thu Jun 02 09:21:05 2011 us=921000 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Jun 02 09:21:05 2011 us=921000 Local Options String: 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Thu Jun 02 09:21:05 2011 us=921000 Expected Remote Options String: 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Thu Jun 02 09:21:05 2011 us=921000 Local Options hash (VER=V4): '31fdf004'
Thu Jun 02 09:21:05 2011 us=921000 Expected Remote Options hash (VER=V4): '3e6d1056'
Thu Jun 02 09:21:05 2011 us=921000 Attempting to establish TCP connection with xxx..5:1194
Thu Jun 02 09:21:05 2011 us=921000 TCP connection established with xxx..5:1194
Thu Jun 02 09:21:05 2011 us=921000 TCPv4_CLIENT link local (bound): [undef]:1194
Thu Jun 02 09:21:05 2011 us=921000 TCPv4_CLIENT link remote: xxx..5:1194
Thu Jun 02 09:21:05 2011 us=937000 TLS: Initial packet from xxx..5:1194, sid=a468ffc3 fb79c212
Thu Jun 02 09:21:06 2011 us=171000 VERIFY OK: depth=1, /C=CZ/ST=VYSOCINA/L=Chotebor/O=xxx.as_/OU=IT/CN=pam/emailAddress=it.manager@xxx..cz
Thu Jun 02 09:21:06 2011 us=171000 VERIFY OK: nsCertType=SERVER
Thu Jun 02 09:21:06 2011 us=171000 VERIFY OK: depth=0, /C=CZ/ST=VYSOCINA/O=xxx.as_/OU=IT/CN=pam/emailAddress=it.manager@xxx..cz
Thu Jun 02 09:21:07 2011 us=62000 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Jun 02 09:21:07 2011 us=62000 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jun 02 09:21:07 2011 us=62000 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Jun 02 09:21:07 2011 us=62000 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jun 02 09:21:07 2011 us=78000 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Jun 02 09:21:07 2011 us=78000 [pam] Peer Connection Initiated with xxx..5:1194
Thu Jun 02 09:21:09 2011 us=390000 SENT CONTROL [pam]: 'PUSH_REQUEST' (status=1)
Thu Jun 02 09:21:09 2011 us=578000 PUSH: Received control message: 'PUSH_REPLY,route 172.17.88.254 255.255.0.0,redirect-gateway def1,dhcp-option DNS 172.17.88.254,ping 10,ping-restart 120,ifconfig 172.17.88.100 255.255.0.0'
Thu Jun 02 09:21:09 2011 us=578000 OPTIONS IMPORT: timers and/or timeouts modified
Thu Jun 02 09:21:09 2011 us=578000 OPTIONS IMPORT: --ifconfig/up options modified
Thu Jun 02 09:21:09 2011 us=578000 OPTIONS IMPORT: route options modified
Thu Jun 02 09:21:09 2011 us=578000 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Thu Jun 02 09:21:09 2011 us=609000 ROUTE default_gateway=10.200.0.254
Thu Jun 02 09:21:09 2011 us=609000 OpenVPN ROUTE: OpenVPN needs a gateway parameter for a --route option and no default was specified by either --route-gateway or --ifconfig options
Thu Jun 02 09:21:09 2011 us=609000 OpenVPN ROUTE: failed to parse/resolve route for host/network: 172.17.88.254
Thu Jun 02 09:21:09 2011 us=609000 TAP-WIN32 device [Připojení k místní síti 3] opened: \\.\Global\{91D8FE2B-1684-45F3-B02F-FEE9EB1A89B1}.tap
Thu Jun 02 09:21:09 2011 us=625000 TAP-Win32 Driver Version 9.7
Thu Jun 02 09:21:09 2011 us=625000 TAP-Win32 MTU=1500
Thu Jun 02 09:21:09 2011 us=640000 Notified TAP-Win32 driver to set a DHCP IP/netmask of 172.17.88.100/255.255.0.0 on interface {91D8FE2B-1684-45F3-B02F-FEE9EB1A89B1} [DHCP-serv: 172.17.0.0, lease-time: 31536000]
Thu Jun 02 09:21:09 2011 us=640000 DHCP option string: 0604ac11 58fe
Thu Jun 02 09:21:09 2011 us=640000 Successful ARP Flush on interface [3] {91D8FE2B-1684-45F3-B02F-FEE9EB1A89B1}
Thu Jun 02 09:21:13 2011 us=703000 TEST ROUTES: 0/0 succeeded len=0 ret=1 a=0 u/d=up
Thu Jun 02 09:21:13 2011 us=703000 NOTE: unable to redirect default gateway -- VPN gateway parameter (--route-gateway or --ifconfig) is missing
Thu Jun 02 09:21:13 2011 us=703000 Initialization Sequence Completed
Díky za pomoc.