Bonjour,

J'aimerai me connecter un mon serveur VPN qui se trouve sur un VPS ovh. Je suis dans une école qui possède un proxy pour gérer les connexion de tout les élèves.

Seulement j'ai l'impression que le proxy bloque la connexion a mon VPN et je ne sais pas comment y remédier..

J'ai tester mon VPN perso et le VPN FroznWay, les deux fonctionne quand je suis connecter depuis chez moi ou depuis la connexion 4G de mon téléphone mais du moment ou je suis connecter au wi-fi de l'école la connexion échoue.

Voici le résultat console quand je suis connecter en 4G:

hugo@hugo-X751LX:~/Téléchargements/open$ sudo openvpn --config FrozenWay.ovpn 
[sudo] password for hugo: 
Thu Mar 24 17:26:44 2016 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec  1 2014
Enter Auth Username:gotexx
Enter Auth Password:
Thu Mar 24 17:26:51 2016 WARNING: file 'auth.key' is group or others accessible
Thu Mar 24 17:26:51 2016 Control Channel Authentication: using 'auth.key' as a OpenVPN static key file
Thu Mar 24 17:26:51 2016 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Mar 24 17:26:51 2016 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Mar 24 17:26:51 2016 Socket Buffers: R=[87380->131072] S=[16384->131072]
Thu Mar 24 17:26:51 2016 RESOLVE: Cannot resolve host address: 51-254-57-137.fw-5674.com: Temporary failure in name resolution
Thu Mar 24 17:26:51 2016 RESOLVE: Cannot resolve host address: 51-254-57-137.fw-5674.com: Temporary failure in name resolution
Thu Mar 24 17:26:56 2016 RESOLVE: Cannot resolve host address: 51-254-57-137.fw-5674.com: Temporary failure in name resolution
Thu Mar 24 17:27:01 2016 RESOLVE: Cannot resolve host address: 51-254-57-137.fw-5674.com: Temporary failure in name resolution
^CThu Mar 24 17:27:01 2016 RESOLVE: signal received during DNS resolution attempt
Thu Mar 24 17:27:01 2016 SIGINT[hard,init_instance] received, process exiting
hugo@hugo-X751LX:~/Téléchargements/open$ sudo openvpn --config FrozenWay.ovpn 
Thu Mar 24 17:27:10 2016 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec  1 2014
Enter Auth Username:gotexx
Enter Auth Password:
Thu Mar 24 17:27:16 2016 WARNING: file 'auth.key' is group or others accessible
Thu Mar 24 17:27:16 2016 Control Channel Authentication: using 'auth.key' as a OpenVPN static key file
Thu Mar 24 17:27:16 2016 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Mar 24 17:27:16 2016 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Mar 24 17:27:16 2016 Socket Buffers: R=[87380->131072] S=[16384->131072]
Thu Mar 24 17:27:16 2016 Attempting to establish TCP connection with [AF_INET]51.254.57.137:443 [nonblock]
Thu Mar 24 17:27:17 2016 TCP connection established with [AF_INET]51.254.57.137:443
Thu Mar 24 17:27:17 2016 TCPv4_CLIENT link local: [undef]
Thu Mar 24 17:27:17 2016 TCPv4_CLIENT link remote: [AF_INET]51.254.57.137:443
Thu Mar 24 17:27:17 2016 TLS: Initial packet from [AF_INET]51.254.57.137:443, sid=11756513 c72e9477
Thu Mar 24 17:27:17 2016 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Thu Mar 24 17:27:17 2016 VERIFY OK: depth=1, C=FR, ST=France, L=Paris, O=FrozenWay, OU=FrozenWay, CN=FrozenWay, emailAddress=admin@frozenway.com
Thu Mar 24 17:27:17 2016 VERIFY OK: nsCertType=SERVER
Thu Mar 24 17:27:17 2016 VERIFY OK: depth=0, C=FR, ST=France, O=FrozenWay, OU=FrozenWay, CN=FrozenWay, emailAddress=admin@frozenway.com
Thu Mar 24 17:27:18 2016 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Mar 24 17:27:18 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Mar 24 17:27:18 2016 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Mar 24 17:27:18 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Mar 24 17:27:18 2016 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Mar 24 17:27:18 2016 [FrozenWay] Peer Connection Initiated with [AF_INET]51.254.57.137:443
Thu Mar 24 17:27:20 2016 SENT CONTROL [FrozenWay]: 'PUSH_REQUEST' (status=1)
Thu Mar 24 17:27:20 2016 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 10.13.0.1,dhcp-option WINS 10.13.0.1,route 10.13.0.1,topology net30,socket-flags TCP_NODELAY,ifconfig 10.13.20.174 10.13.20.173'
Thu Mar 24 17:27:20 2016 OPTIONS IMPORT: --socket-flags option modified
Thu Mar 24 17:27:20 2016 Socket flags: TCP_NODELAY=1 succeeded
Thu Mar 24 17:27:20 2016 OPTIONS IMPORT: --ifconfig/up options modified
Thu Mar 24 17:27:20 2016 OPTIONS IMPORT: route options modified
Thu Mar 24 17:27:20 2016 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Thu Mar 24 17:27:20 2016 ROUTE_GATEWAY 192.168.43.1/255.255.255.0 IFACE=wlan0 HWADDR=28:c2:dd:50:65:8b
Thu Mar 24 17:27:20 2016 TUN/TAP device tun0 opened
Thu Mar 24 17:27:20 2016 TUN/TAP TX queue length set to 100
Thu Mar 24 17:27:20 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Thu Mar 24 17:27:20 2016 /sbin/ip link set dev tun0 up mtu 1500
Thu Mar 24 17:27:20 2016 /sbin/ip addr add dev tun0 local 10.13.20.174 peer 10.13.20.173
Thu Mar 24 17:27:20 2016 /sbin/ip route add 51.254.57.137/32 via 192.168.43.1
Thu Mar 24 17:27:20 2016 /sbin/ip route del 0.0.0.0/0
Thu Mar 24 17:27:20 2016 /sbin/ip route add 0.0.0.0/0 via 10.13.20.173
Thu Mar 24 17:27:20 2016 /sbin/ip route add 10.13.0.1/32 via 10.13.20.173
Thu Mar 24 17:27:20 2016 Initialization Sequence Completed

Et voici le résultat quand je suis connecté en wi-fi:

hugo@hugo-X751LX:~/Téléchargements/open$ sudo openvpn --config FrozenWay.ovpn 
Thu Mar 24 17:29:28 2016 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec  1 2014
Enter Auth Username:gotexx
Enter Auth Password:
Thu Mar 24 17:29:34 2016 WARNING: file 'auth.key' is group or others accessible
Thu Mar 24 17:29:34 2016 Control Channel Authentication: using 'auth.key' as a OpenVPN static key file
Thu Mar 24 17:29:34 2016 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Mar 24 17:29:34 2016 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Mar 24 17:29:34 2016 Socket Buffers: R=[87380->131072] S=[16384->131072]
Thu Mar 24 17:29:34 2016 RESOLVE: Cannot resolve host address: 51-254-57-137.fw-5674.com: Temporary failure in name resolution
Thu Mar 24 17:29:34 2016 RESOLVE: Cannot resolve host address: 51-254-57-137.fw-5674.com: Temporary failure in name resolution
Thu Mar 24 17:29:39 2016 RESOLVE: Cannot resolve host address: 51-254-57-137.fw-5674.com: Temporary failure in name resolution
^CThu Mar 24 17:29:41 2016 RESOLVE: signal received during DNS resolution attempt
Thu Mar 24 17:29:41 2016 SIGINT[hard,init_instance] received, process exiting

Pour info pour mon VPS perso j'ai suivi le tutoriel de Korben: http://korben.info/installer-openvpn.html

Merci d'avance pour vos réponses

-
Edité par GotExx 24 mars 2016 à 17:32:45

Salut,

Déjà comme tu peux le voir tu as un souci DNS :

Thu Mar 24 17:29:34 2016 RESOLVE: Cannot resolve host address: 51-254-57-137.fw-5674.com: Temporary failure in name resolution

Donc dans ton fichier de conf, remplace ça

51-254-57-137.fw-5674.com

avec ça

51.254.57.137:443

Bonjour,

Merci de votre réponse malheureusement j'obtient l'erreur suivante m’indiquant qu'il ne connait pas le service:

Fri Mar 25 09:13:22 2016 RESOLVE: Cannot resolve host address: 51.254.57.137:443: Name or service not known

Voici le résultat concernant mon VPS perso:

hugo@hugo-X751LX:~/Téléchargements/open$ sudo openvpn --config /home/hugo/Téléchargements/client.ovpn 
Fri Mar 25 09:08:45 2016 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec  1 2014
Enter Auth Username:hugo
Enter Auth Password:
Fri Mar 25 09:08:50 2016 Control Channel Authentication: tls-auth using INLINE static key file
Fri Mar 25 09:08:50 2016 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Mar 25 09:08:50 2016 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Mar 25 09:08:50 2016 Socket Buffers: R=[212992->200000] S=[212992->200000]
Fri Mar 25 09:08:50 2016 UDPv4 link local: [undef]
Fri Mar 25 09:08:50 2016 UDPv4 link remote: [AF_INET]51.255.44.255:1194
Fri Mar 25 09:08:54 2016 Server poll timeout, restarting
Fri Mar 25 09:08:54 2016 SIGUSR1[soft,server_poll] received, process restarting

Ah oui, essaye de mettre juste l'IP (je pense que le port tu l'as renseigné dans un autre attribut non ?).

C'est pas le même problème pour ton perso par contre... Essaye d'augmenter le poll mais je pense pas que ça s'améliorera.

Essayons déjà de résoudre le problème avec FrozenWay, et si on a le même résultat à la fin c'est peut-être qu'il y a un autre blocage au niveau du réseau de ton école.

Connexion refusée:

Fri Mar 25 09:47:02 2016 TCP: connect to [AF_INET]51.254.57.137:1194 failed, will try again in 0 seconds: Connection refused

Il me semble que le port HTTPS (443) est ouvert dans mon école.

Voici mon fichier de configuration:

client
dev tun
port 443
remote 51.254.57.137
proto tcp-client
ns-cert-type server
reneg-sec 0
auth-user-pass
nobind
comp-lzo
redirect-gateway
ping 10
ping-exit 30
persist-tun
persist-key
persist-local-ip
connect-retry 0
verb 3
ca frozenway.crt
tls-auth auth.key

Merci

-
Edité par GotExx 25 mars 2016 à 12:17:18

SALUT J EMERAI SA VOIRECOMMENT CONTOUNER LES VPN SURTOUT CELUI DE YOUR FREEDOM

MON MAILEST:KONANWILFRIED3@GMAIL.COM

Oui au temps pour moi:

hugo@hugo-X751LX:~/Documents/openvpn/frozenway$ openvpn --config /home/hugo/Documents/openvpn/frozenway/FrozenWay.ovpn 
Wed Mar 30 09:51:08 2016 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec  1 2014
Enter Auth Username:gotexx
Enter Auth Password:
Wed Mar 30 09:51:13 2016 WARNING: file 'auth.key' is group or others accessible
Wed Mar 30 09:51:13 2016 Control Channel Authentication: using 'auth.key' as a OpenVPN static key file
Wed Mar 30 09:51:13 2016 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Mar 30 09:51:13 2016 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Mar 30 09:51:13 2016 Socket Buffers: R=[87380->131072] S=[16384->131072]
Wed Mar 30 09:51:13 2016 Attempting to establish TCP connection with [AF_INET]51.254.57.137:443 [nonblock]
Wed Mar 30 09:51:14 2016 TCP connection established with [AF_INET]51.254.57.137:443
Wed Mar 30 09:51:14 2016 TCPv4_CLIENT link local: [undef]
Wed Mar 30 09:51:14 2016 TCPv4_CLIENT link remote: [AF_INET]51.254.57.137:443
Wed Mar 30 09:51:14 2016 Connection reset, restarting [-1]
Wed Mar 30 09:51:14 2016 SIGUSR1[soft,connection-reset] received, process restarting

Et en sudo:

hugo@hugo-X751LX:~/Documents/openvpn/frozenway$ sudo openvpn --config FrozenWay.ovpn 
[sudo] password for hugo: 
Wed Mar 30 11:25:25 2016 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec  1 2014
Enter Auth Username:gotexx
Enter Auth Password:
Wed Mar 30 11:25:32 2016 Control Channel Authentication: using 'auth.key' as a OpenVPN static key file
Wed Mar 30 11:25:32 2016 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Mar 30 11:25:32 2016 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Mar 30 11:25:32 2016 Socket Buffers: R=[87380->131072] S=[16384->131072]
Wed Mar 30 11:25:32 2016 Attempting to establish TCP connection with [AF_INET]51.254.57.137:443 [nonblock]
Wed Mar 30 11:25:33 2016 TCP connection established with [AF_INET]51.254.57.137:443
Wed Mar 30 11:25:33 2016 TCPv4_CLIENT link local: [undef]
Wed Mar 30 11:25:33 2016 TCPv4_CLIENT link remote: [AF_INET]51.254.57.137:443
Wed Mar 30 11:25:33 2016 Connection reset, restarting [-1]
Wed Mar 30 11:25:33 2016 SIGUSR1[soft,connection-reset] received, process restarting

Voici la bonne réponse console.

Merci

-
Edité par GotExx 30 mars 2016 à 11:26:46

OK donc cette fois tu te connectes mais il y a un souci au niveau du serveur. Impossible ici d'en savoir plus sans les logs, mais j'imagine que tu n'y a pas accès si c'est du frozenway ?

En tout cas pour ton vpn perso de base c'est normal que ça ne marche pas vu que le port 1194 est sûrement filtré par le réseau de ton école. Utilise le port 443 sur ton propre serveur aussi si tu peux, et réessaye. Tu auras surement le même problème, mais là tu pourras vérifier côté serveur ce qu'il se passe.

Bonjour,

A priori il y a des restrictions sur le réseau wifi que tu souhaites utiliser.

Pour tester tu peux utiliser la commande 

#telnet "IP_VPN" "port_VPN"

Bonjour,

@TomA4: Voici le résultat de la commande:

ugo@hugo-X751LX:~$ telnet "51.255.44.255" "443"
Trying 51.255.44.255...
Connected to 51.255.44.255.
Escape character is '^]'.
Connection closed by foreign host.

@Doezer: Voici le résultat pour mon VPN Perso:

hugo@hugo-X751LX:~$ sudo openvpn --config /home/hugo/Documents/openvpn/perso/client.ovpn
[sudo] password for hugo: 
Mon Apr  4 09:35:12 2016 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec  1 2014
Enter Auth Username:hugo
Enter Auth Password:
Mon Apr  4 09:35:17 2016 Control Channel Authentication: tls-auth using INLINE static key file
Mon Apr  4 09:35:17 2016 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Apr  4 09:35:17 2016 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Apr  4 09:35:17 2016 Socket Buffers: R=[87380->200000] S=[16384->200000]
Mon Apr  4 09:35:17 2016 Attempting to establish TCP connection with [AF_INET]51.255.44.255:443 [nonblock]
Mon Apr  4 09:35:18 2016 TCP connection established with [AF_INET]51.255.44.255:443
Mon Apr  4 09:35:18 2016 TCPv4_CLIENT link local: [undef]
Mon Apr  4 09:35:18 2016 TCPv4_CLIENT link remote: [AF_INET]51.255.44.255:443
Mon Apr  4 09:35:18 2016 Connection reset, restarting [-1]
Mon Apr  4 09:35:18 2016 SIGUSR1[soft,connection-reset] received, process restarting

Ou ce trouve les logs que tu cherche ?

Voici la ligne qu me concerne dans l'administration de OpenVPN Access Server:

vps222498.ovh.net,hugo,04/04/16 09:34,00:00,VPN,80.215.243.47,172.27.224.2,TCP,443,4.00 KB,4.37 KB,

Mais aucune erreur n'est afficher

Tu peux utiliser la connexion de ton smartphone monter le tunnel et faire la commandes #netstat -ano pour voir le/les ports utilisés s'il te plait ? 

Ensuite il faudrait basculer sur la connexion wifi et tester le/les ports relevés avec la commande telnet.

Salut.

Est-ce qu'il serait possible de nous montrer le contenu de tes fichiers de configuration client et serveur de ton VPN perso ? (Le fichier de conf serveur est probablement dans /etc/openvpn)