Aller au contenu

Messages recommandés

Posté(e)

Bonjour le Forum.

J'ai un soucis avec mon openVPN:

il y a une semaine, je n'arrivais plus a ouvrir une connexion OpenVPN.

J'ai résolus le problème en désinstallant VPN serveur du Nas puis en le réinstallant et tout reconfigurer.

 

Maintenant, J'arrive à me connecter au VPN, mais pas moyen d'ouvrir un dossier partagé ou de me connecté sur le NAS avec son IP 10.0.0.5:5000.

J'ai se problème autant sur mon Mac (TunnelBlick) que sur mon iPhone.

Je pense que le soucis vient du Syno parce que j'ai exactement la même configuration sur un autre NAS et celui-là fonctionne très bien.

 

Merci pour votre aide.

Geoff

Voici les log du mac

2019-12-05 11:12:06.375535 *Tunnelblick: macOS 10.15.1 (19B88); Tunnelblick 3.8.1 (build 5400); prior version 3.8.0 (build 5370)
2019-12-05 11:12:06.925813 *Tunnelblick: Attempting connection with VPNConfig using shadow copy; Set nameserver = 769; monitoring connection
2019-12-05 11:12:06.926172 *Tunnelblick: openvpnstart start VPNConfig.tblk 56024 769 0 1 0 49456 -ptADGNWradsgnw 2.4.7-openssl-1.0.2t
2019-12-05 11:12:06.966747 *Tunnelblick: openvpnstart starting OpenVPN
2019-12-05 11:12:07.181667 OpenVPN 2.4.7 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Sep 11 2019
2019-12-05 11:12:07.181810 library versions: OpenSSL 1.0.2t  10 Sep 2019, LZO 2.10
2019-12-05 11:12:07.184132 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:56024
2019-12-05 11:12:07.184214 Need hold release from management interface, waiting...
2019-12-05 11:12:07.551400 *Tunnelblick: openvpnstart log:
     OpenVPN started successfully.
     Command used to start OpenVPN (one argument per displayed line):
          /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.4.7-openssl-1.0.2t/openvpn
          --daemon
          --log /Library/Application Support/Tunnelblick/Logs/-SUsers-Sgeoff-SLibrary-SApplication Support-STunnelblick-SConfigurations-SVPNConfig.tblk-SContents-SResources-Sconfig.ovpn.769_0_1_0_49456.56024.openvpn.log
          --cd /Library/Application Support/Tunnelblick/Users/geoff/VPNConfig.tblk/Contents/Resources
          --machine-readable-output
          --setenv IV_GUI_VER "net.tunnelblick.tunnelblick 5400 3.8.1 (build 5400)"
          --verb 3
          --config /Library/Application Support/Tunnelblick/Users/geoff/VPNConfig.tblk/Contents/Resources/config.ovpn
          --setenv TUNNELBLICK_CONFIG_FOLDER /Library/Application Support/Tunnelblick/Users/geoff/VPNConfig.tblk/Contents/Resources
          --verb 3
          --cd /Library/Application Support/Tunnelblick/Users/geoff/VPNConfig.tblk/Contents/Resources
          --management 127.0.0.1 56024 /Library/Application Support/Tunnelblick/kcplakeblmiehagacajfjimeaojikpakffaafbio.mip
          --management-query-passwords
          --management-hold
          --script-security 2
          --route-up /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -d -f -m -w -ptADGNWradsgnw
          --down /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -d -f -m -w -ptADGNWradsgnw
2019-12-05 11:12:07.568682 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:56024
2019-12-05 11:12:07.621731 MANAGEMENT: CMD 'pid'
2019-12-05 11:12:07.622046 MANAGEMENT: CMD 'auth-retry interact'
2019-12-05 11:12:07.622148 MANAGEMENT: CMD 'state on'
2019-12-05 11:12:07.622265 MANAGEMENT: CMD 'state'
2019-12-05 11:12:07.622411 MANAGEMENT: CMD 'bytecount 1'
2019-12-05 11:12:07.629261 *Tunnelblick: Established communication with OpenVPN
2019-12-05 11:12:07.630253 *Tunnelblick: >INFO:OpenVPN Management Interface Version 1 -- type 'help' for more info
2019-12-05 11:12:07.632854 MANAGEMENT: CMD 'hold release'
2019-12-05 11:12:07.656386 *Tunnelblick: Obtained VPN username and password from the Keychain
2019-12-05 11:12:07.656717 MANAGEMENT: CMD 'username "Auth" "xxxx"'
2019-12-05 11:12:07.656784 MANAGEMENT: CMD 'password [...]'
2019-12-05 11:12:07.657351 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
2019-12-05 11:12:07.657380 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2019-12-05 11:12:07.662694 MANAGEMENT: >STATE:1575540727,RESOLVE,,,,,,
2019-12-05 11:12:07.720076 TCP/UDP: Preserving recently used remote address: [AF_INET]80.200.xx.xxx:1194
2019-12-05 11:12:07.720194 Socket Buffers: R=[786896->786896] S=[9216->9216]
2019-12-05 11:12:07.720229 UDP link local (bound): [AF_INET][undef]:1194
2019-12-05 11:12:07.720245 UDP link remote: [AF_INET]80.200.xx.xxx:1194
2019-12-05 11:12:07.720375 MANAGEMENT: >STATE:1575540727,WAIT,,,,,,
2019-12-05 11:12:07.736767 MANAGEMENT: >STATE:1575540727,AUTH,,,,,,
2019-12-05 11:12:07.736946 TLS: Initial packet from [AF_INET]80.200.xx.xxx:1194, sid=0060ef90 1cfde631
2019-12-05 11:12:07.737794 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2019-12-05 11:12:07.817158 VERIFY OK: depth=1, C=TW, ST=Taiwan, L=Taipei, O=Synology Inc., OU=Certificate Authority, CN=Synology Inc. CA, emailAddress=product@synology.com
2019-12-05 11:12:07.819205 VERIFY OK: depth=0, C=TW, ST=Taiwan, L=Taipei, O=Synology Inc., OU=FTP Team, CN=synology.com, emailAddress=product@synology.com
2019-12-05 11:12:08.320959 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
2019-12-05 11:12:08.321108 [synology.com] Peer Connection Initiated with [AF_INET]80.200.xx.xxx:1194
2019-12-05 11:12:09.576863 MANAGEMENT: >STATE:1575540729,GET_CONFIG,,,,,,
2019-12-05 11:12:09.577072 SENT CONTROL [synology.com]: 'PUSH_REQUEST' (status=1)
2019-12-05 11:12:09.596383 PUSH: Received control message: 'PUSH_REPLY,route 10.0.1.0 255.255.255.0,route 10.8.0.0 255.255.255.0,route 10.8.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.8.0.6 10.8.0.5'
2019-12-05 11:12:09.596577 OPTIONS IMPORT: timers and/or timeouts modified
2019-12-05 11:12:09.596607 OPTIONS IMPORT: --ifconfig/up options modified
2019-12-05 11:12:09.596626 OPTIONS IMPORT: route options modified
2019-12-05 11:12:09.596882 Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
2019-12-05 11:12:09.596914 Outgoing Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
2019-12-05 11:12:09.596979 Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
2019-12-05 11:12:09.597005 Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
2019-12-05 11:12:09.597817 Opening utun (connect(AF_SYS_CONTROL)): Resource busy (errno=16)
2019-12-05 11:12:09.597890 Opening utun (connect(AF_SYS_CONTROL)): Resource busy (errno=16)
2019-12-05 11:12:09.597932 Opening utun (connect(AF_SYS_CONTROL)): Resource busy (errno=16)
2019-12-05 11:12:09.597969 Opening utun (connect(AF_SYS_CONTROL)): Resource busy (errno=16)
2019-12-05 11:12:09.598003 Opening utun (connect(AF_SYS_CONTROL)): Resource busy (errno=16)
2019-12-05 11:12:09.598037 Opening utun (connect(AF_SYS_CONTROL)): Resource busy (errno=16)
2019-12-05 11:12:09.598290 Opened utun device utun6
2019-12-05 11:12:09.598406 MANAGEMENT: >STATE:1575540729,ASSIGN_IP,,10.8.0.6,,,,
2019-12-05 11:12:09.598537 /sbin/ifconfig utun6 delete
                           ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2019-12-05 11:12:09.612883 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2019-12-05 11:12:09.612950 /sbin/ifconfig utun6 10.8.0.6 10.8.0.5 mtu 1500 netmask 255.255.255.255 up
2019-12-05 11:12:09.616051 MANAGEMENT: >STATE:1575540729,ADD_ROUTES,,,,,,
2019-12-05 11:12:09.616103 /sbin/route add -net 10.0.1.0 10.8.0.5 255.255.255.0
                           add net 10.0.1.0: gateway 10.8.0.5
2019-12-05 11:12:09.623334 /sbin/route add -net 10.8.0.0 10.8.0.5 255.255.255.0
                           add net 10.8.0.0: gateway 10.8.0.5
2019-12-05 11:12:09.625902 /sbin/route add -net 10.8.0.1 10.8.0.5 255.255.255.255
                           add net 10.8.0.1: gateway 10.8.0.5
                           11:12:09 *Tunnelblick:  **********************************************
                           11:12:09 *Tunnelblick:  Start of output from client.up.tunnelblick.sh
                           11:12:11 *Tunnelblick:  NOTE: No network configuration changes need to be made.
                           11:12:11 *Tunnelblick:  WARNING: Will NOT monitor for other network configuration changes.
                           11:12:11 *Tunnelblick:  DNS servers '172.22.250.232 172.22.250.233' will be used for DNS queries when the VPN is active
                           11:12:11 *Tunnelblick:  NOTE: The DNS servers do not include any free public DNS servers known to Tunnelblick. This may cause DNS queries to fail or be intercepted or falsified even if they are directed through the VPN. Specify only known public DNS servers or DNS servers located on the VPN network to avoid such problems.
                           11:12:11 *Tunnelblick:  Flushed the DNS cache via dscacheutil
                           11:12:11 *Tunnelblick:  /usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil
                           11:12:11 *Tunnelblick:  Notified mDNSResponder that the DNS cache was flushed
                           11:12:11 *Tunnelblick:  Notified mDNSResponderHelper that the DNS cache was flushed
                           11:12:11 *Tunnelblick:  End of output from client.up.tunnelblick.sh
                           11:12:11 *Tunnelblick:  **********************************************
2019-12-05 11:12:11.912982 Initialization Sequence Completed
2019-12-05 11:12:11.913102 MANAGEMENT: >STATE:1575540731,CONNECTED,SUCCESS,10.8.0.6,80.200.xx.xxx,1194,,
2019-12-05 11:12:12.132970 *Tunnelblick: Warning: DNS server address 172.22.250.232 is not a public IP address and is not being routed through the VPN.


2019-12-05 11:12:12.242561 *Tunnelblick: Warning: DNS server address 172.22.250.233 is not a public IP address and is not being routed through the VPN.


2019-12-05 11:12:18.604710 *Tunnelblick: This computer's apparent public IP address (164.15.8.1) was unchanged after the connection was made
2019-12-05 11:12:58.938362 *Tunnelblick: Disconnecting; 'Disconnect' (toggle) menu command invoked
2019-12-05 11:12:59.246103 *Tunnelblick: Disconnecting using 'kill'
2019-12-05 11:12:59.420757 event_wait : Interrupted system call (code=4)
2019-12-05 11:12:59.421368 /sbin/route delete -net 10.0.1.0 10.8.0.5 255.255.255.0
                           delete net 10.0.1.0: gateway 10.8.0.5
2019-12-05 11:12:59.424731 /sbin/route delete -net 10.8.0.0 10.8.0.5 255.255.255.0
                           delete net 10.8.0.0: gateway 10.8.0.5
2019-12-05 11:12:59.427502 /sbin/route delete -net 10.8.0.1 10.8.0.5 255.255.255.255
                           delete net 10.8.0.1: gateway 10.8.0.5
2019-12-05 11:12:59.430144 Closing TUN/TAP interface
2019-12-05 11:12:59.430593 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -d -f -m -w -ptADGNWradsgnw utun6 1500 1602 10.8.0.6 10.8.0.5 init
                           11:12:59 *Tunnelblick:  **********************************************
                           11:12:59 *Tunnelblick:  Start of output from client.down.tunnelblick.sh
                           11:13:00 *Tunnelblick:  WARNING: Not restoring network settings because no saved Tunnelblick DNS information was found.
                           11:13:00 *Tunnelblick:  Flushed the DNS cache with dscacheutil -flushcache
                           11:13:00 *Tunnelblick:  Notified mDNSResponder that the DNS cache was flushed
                           11:13:00 *Tunnelblick:  End of output from client.down.tunnelblick.sh
                           11:13:00 *Tunnelblick:  **********************************************
2019-12-05 11:13:00.633064 SIGTERM[hard,] received, process exiting
2019-12-05 11:13:00.633100 MANAGEMENT: >STATE:1575540780,EXITING,SIGTERM,,,,,
2019-12-05 11:13:00.893028 *Tunnelblick: Expected disconnection occurred.

 

Posté(e)

oui, j'arrive en local.

 

J'ai trouvé mon erreur:

Le firewall 😂 en déinstallant vpnserveur, il avait retiré les droits sur le firewall et j'avais complement oublié de verifier cela.

 

C'est donc en ordre 😉

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
×
  • Créer...

Information importante

Nous avons placé des cookies sur votre appareil pour aider à améliorer ce site. Vous pouvez choisir d’ajuster vos paramètres de cookie, sinon nous supposerons que vous êtes d’accord pour continuer.