kenadak

Forum Replies Created

Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
    Posts
  • in reply to: High utilization drops lan to lan VPN #45087
    kenadak
    Member

    if you can tell me how to clear some of this inactivity dropouts that would be good too.

    here is the log:

    23:15:11 [UNDEF] Inactivity timeout (–ping-restart), restarting
    23:15:11 SIGUSR1[soft,ping-restart] received, process restarting
    23:15:13 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    23:15:13 LZO compression initialized
    23:15:13 TUN/TAP device VPN01 opened
    23:15:13 UDPv4 link local (bound): [undef]:1195
    23:15:13 UDPv4 link remote: 72.17.244.58:1195
    23:15:17 [UNDEF] Inactivity timeout (–ping-restart), restarting
    23:15:17 SIGUSR1[soft,ping-restart] received, process restarting
    23:15:19 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    23:15:19 LZO compression initialized
    23:15:19 TUN/TAP device VPN01 opened
    23:15:19 UDPv4 link local (bound): [undef]:1195
    23:15:19 UDPv4 link remote: 72.17.244.58:1195
    23:15:22 [UNDEF] Inactivity timeout (–ping-restart), restarting
    23:15:22 SIGUSR1[soft,ping-restart] received, process restarting
    23:15:24 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    23:15:24 LZO compression initialized
    23:15:24 TUN/TAP device VPN01 opened
    23:15:24 UDPv4 link local (bound): [undef]:1195
    23:15:24 UDPv4 link remote: 72.17.244.58:1195
    23:15:27 [UNDEF] Inactivity timeout (–ping-restart), restarting
    23:15:27 SIGUSR1[soft,ping-restart] received, process restarting
    23:15:29 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    23:15:29 LZO compression initialized
    23:15:29 TUN/TAP device VPN01 opened
    23:15:29 UDPv4 link local (bound): [undef]:1195
    23:15:29 UDPv4 link remote: 72.17.244.58:1195
    23:15:32 [UNDEF] Inactivity timeout (–ping-restart), restarting
    23:15:32 SIGUSR1[soft,ping-restart] received, process restarting
    23:15:34 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    23:15:34 LZO compression initialized
    23:15:34 TUN/TAP device VPN01 opened
    23:15:34 UDPv4 link local (bound): [undef]:1195
    23:15:34 UDPv4 link remote: 72.17.244.58:1195
    23:15:37 [UNDEF] Inactivity timeout (–ping-restart), restarting
    23:15:37 SIGUSR1[soft,ping-restart] received, process restarting
    23:15:39 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    23:15:39 LZO compression initialized
    23:15:39 TUN/TAP device VPN01 opened
    23:15:39 UDPv4 link local (bound): [undef]:1195
    23:15:39 UDPv4 link remote: 72.17.244.58:1195
    23:15:42 [UNDEF] Inactivity timeout (–ping-restart), restarting
    23:15:42 SIGUSR1[soft,ping-restart] received, process restarting
    23:15:44 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    23:15:44 LZO compression initialized
    23:15:44 TUN/TAP device VPN01 opened
    23:15:44 UDPv4 link local (bound): [undef]:1195
    23:15:44 UDPv4 link remote: 72.17.244.58:1195
    23:15:47 [UNDEF] Inactivity timeout (–ping-restart), restarting
    23:15:47 SIGUSR1[soft,ping-restart] received, process restarting
    23:15:49 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    23:15:49 LZO compression initialized
    23:15:49 TUN/TAP device VPN01 opened
    23:15:49 UDPv4 link local (bound): [undef]:1195
    23:15:49 UDPv4 link remote: 72.17.244.58:1195
    23:15:52 [UNDEF] Inactivity timeout (–ping-restart), restarting
    23:15:52 SIGUSR1[soft,ping-restart] received, process restarting
    23:15:54 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    23:15:54 LZO compression initialized
    23:15:54 TUN/TAP device VPN01 opened
    23:15:54 UDPv4 link local (bound): [undef]:1195
    23:15:54 UDPv4 link remote: 72.17.244.58:1195
    23:15:57 [UNDEF] Inactivity timeout (–ping-restart), restarting
    23:15:57 SIGUSR1[soft,ping-restart] received, process restarting
    23:15:59 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    23:15:59 LZO compression initialized
    23:15:59 TUN/TAP device VPN01 opened
    23:15:59 UDPv4 link local (bound): [undef]:1195
    23:15:59 UDPv4 link remote: 72.17.244.58:1195
    23:16:02 [UNDEF] Inactivity timeout (–ping-restart), restarting
    23:16:02 SIGUSR1[soft,ping-restart] received, process restarting
    23:16:04 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    23:16:04 LZO compression initialized
    23:16:04 TUN/TAP device VPN01 opened
    23:16:04 UDPv4 link local (bound): [undef]:1195
    23:16:04 UDPv4 link remote: 72.17.244.58:1195
    23:16:04 [marietta.dc-cpa.com] Peer Connection Initiated with 72.17.244.58:1195
    23:16:05 Initialization Sequence Completed
    23:24:52 [marietta.dc-cpa.com] Inactivity timeout (–ping-restart), restarting
    23:24:52 SIGUSR1[soft,ping-restart] received, process restarting
    23:24:54 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    23:24:54 LZO compression initialized
    23:24:54 TUN/TAP device VPN01 opened
    23:24:54 UDPv4 link local (bound): [undef]:1195
    23:24:54 UDPv4 link remote: 72.17.244.58:1195
    23:24:54 TLS Error: local/remote TLS keys are out of sync: 72.17.244.58:1195 [0]
    23:24:56 TLS Error: local/remote TLS keys are out of sync: 72.17.244.58:1195 [0]
    23:24:56 [marietta.dc-cpa.com] Peer Connection Initiated with 72.17.244.58:1195
    23:24:57 Initialization Sequence Completed
    23:47:05 [marietta.dc-cpa.com] Inactivity timeout (–ping-restart), restarting
    23:47:05 SIGUSR1[soft,ping-restart] received, process restarting
    23:47:07 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    23:47:07 LZO compression initialized
    23:47:07 TUN/TAP device VPN01 opened
    23:47:07 UDPv4 link local (bound): [undef]:1195
    23:47:07 UDPv4 link remote: 72.17.244.58:1195
    23:47:07 TLS Error: local/remote TLS keys are out of sync: 72.17.244.58:1195 [0]
    23:47:07 [marietta.dc-cpa.com] Peer Connection Initiated with 72.17.244.58:1195
    23:47:08 Initialization Sequence Completed

    in reply to: Routing Mail #45048
    kenadak
    Member

    I do appreciate the response. luckily I had the clients in a range from 1-128 and the server was above that so I just sub-netted the Mail server so that his “local network” didn’t include the router. this fixed it for this client but having the masquerade turned off for incoming packets would be good.

    in reply to: Bonding with lines of different capacity? #45033
    kenadak
    Member

    I believe you can “Score” the routes so that the Cable line could get a higher score than the 2 DSL lines and it would Fill the Cable line first then fail over to the DSL… theoretically you will get 16Mbps but you’re upstream is so limited this may not be very practical. I find that cable upstream is much less reliable than DSL, so you may see issues if the scoring of the routes is bi-directional more of your upstream would be pushed up a lower speed/less reliable line. good luck.

    in reply to: Bridged VPN connection between 2 offices. #45026
    kenadak
    Member

    you answered your own question… the DHCP at both ends is to insure if the VPN is unavailible the users of each lan can get to the internet.

    thanks for the port for bootp I should have thought of that.

    Ken

    in reply to: VPN with both lan to lan and lan to Host. #44959
    kenadak
    Member

    I wanted to point out that in the Network section of the forum I posted a mini diagram of what the LAN-LAN VPN looks like.

    in reply to: Setting up a DSL modem to Zeroshell #45023
    kenadak
    Member

    there are 2 solutions to this:

    Bridge the modem to the ZeroShell and THEN setup PPPOE to your ISP on the ZeroShell.

    or

    setup PPPOE on the Modem and set the ZeroShell to the DMZ on the modem.

    both of these will work… some routers only allow 1 VPN tunnel through at a time so you may want to use the bridge if you plan on having more than one VPN tunnel open at any one time.

    in reply to: VPN with both lan to lan and lan to Host. #44956
    kenadak
    Member

    I’ll help with the documentation but I’m no expert.

    I’ll post a how-to for Lan to Lan VPN the way I have it set up.

    how do I create the Pre-shared key for L2TP or is there some other way to get the certificate over to XP I’d appreciate how to do it.

Viewing 7 posts - 1 through 7 (of 7 total)