Forum Freedom-IP VPN

Forum d'entraide de la communauté Freedom-IP VPN

Vous n'êtes pas identifié(e).

#1 2012-08-22 13:25:10

benjaltf4
Membres de confiance
Inscription : 2011-11-27
Messages : 610

Temps de connexion long

Hi,

Le log :

Wed Aug 22 14:07:20 2012 SIGTERM[hard,] received, process exiting
Wed Aug 22 14:21:53 2012 OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2] [PKCS11] built on Dec 15 2011
Wed Aug 22 14:21:53 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Wed Aug 22 14:21:54 2012 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Wed Aug 22 14:21:54 2012 LZO compression initialized
Wed Aug 22 14:22:41 2012 Attempting to establish TCP connection with 94.23.150.162:443
Wed Aug 22 14:22:44 2012 TCP connection established with 94.23.150.162:443
Wed Aug 22 14:22:44 2012 TCPv4_CLIENT link local: [undef]
Wed Aug 22 14:22:44 2012 TCPv4_CLIENT link remote: 94.23.150.162:443
Wed Aug 22 14:22:45 2012 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Wed Aug 22 14:22:47 2012 [server] Peer Connection Initiated with 94.23.150.162:443
Wed Aug 22 14:22:49 2012 TAP-WIN32 device [Connexion au réseau local 2] opened: \\.\Global\{0B3BD374-AD45-4020-A5B1-A1819FB284C2}.tap
Wed Aug 22 14:22:49 2012 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.8.15.2/255.255.255.252 on interface {0B3BD374-AD45-4020-A5B1-A1819FB284C2} [DHCP-serv: 10.8.15.1, lease-time: 31536000]
Wed Aug 22 14:22:49 2012 Successful ARP Flush on interface [14] {0B3BD374-AD45-4020-A5B1-A1819FB284C2}
 OK!
 OK!
 OK!
 OK!
Wed Aug 22 14:22:53 2012 Initialization Sequence Completed

Près d'une minute au lieu des 10 secondes habituelles, ya un petit soucis non ?

Thx

Hors ligne

#2 2012-08-22 13:37:31

David
Bof !!!
Inscription : 2012-01-30
Messages : 6 132

Re : Temps de connexion long

Bonjour ...

Effectivement, c'est un peu long. Je viens de faire le test et pas de soucis (10 secondes) :

Wed Aug 22 12:33:23 2012 OpenVPN 2.2.1 i486-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Dec 20 2011
Wed Aug 22 12:33:23 2012 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Wed Aug 22 12:33:23 2012 Control Channel Authentication: using '/etc/openvpn/Freedom-IP/ta.key' as a OpenVPN static key file
Wed Aug 22 12:33:23 2012 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Aug 22 12:33:23 2012 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Aug 22 12:33:23 2012 LZO compression initialized
Wed Aug 22 12:33:23 2012 Control Channel MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
Wed Aug 22 12:33:23 2012 Socket Buffers: R=[87380->131072] S=[16384->131072]
Wed Aug 22 12:33:23 2012 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Aug 22 12:33:23 2012 Local Options hash (VER=V4): '2f2c6498'
Wed Aug 22 12:33:23 2012 Expected Remote Options hash (VER=V4): '9915e4a2'
Wed Aug 22 12:33:23 2012 Attempting to establish TCP connection with [AF_INET]94.23.150.162:443 [nonblock]
Wed Aug 22 12:33:24 2012 TCP connection established with [AF_INET]94.23.150.162:443
Wed Aug 22 12:33:24 2012 TCPv4_CLIENT link local: [undef]
Wed Aug 22 12:33:24 2012 TCPv4_CLIENT link remote: [AF_INET]94.23.150.162:443
Wed Aug 22 12:33:24 2012 TLS: Initial packet from [AF_INET]94.23.150.162:443, sid=585c22cc 973ff43b
Wed Aug 22 12:33:24 2012 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Wed Aug 22 12:33:26 2012 VERIFY OK: depth=1, /C=FR/ST=CA/L=Amsterdam/O=Fort-Funston/CN=Fort-Funston_CA/emailAddress=admin@Freedom-IP.com
Wed Aug 22 12:33:26 2012 VERIFY OK: nsCertType=SERVER
Wed Aug 22 12:33:26 2012 VERIFY OK: depth=0, /C=FR/ST=CA/L=Amsterdam/O=Fort-Funston/CN=server/emailAddress=admin@Freedom-IP.com
Wed Aug 22 12:33:28 2012 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Wed Aug 22 12:33:28 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Aug 22 12:33:28 2012 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Wed Aug 22 12:33:28 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Aug 22 12:33:28 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Wed Aug 22 12:33:28 2012 [server] Peer Connection Initiated with [AF_INET]94.23.150.162:443
Wed Aug 22 12:33:30 2012 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Wed Aug 22 12:33:30 2012 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.2.38 10.8.2.37'
Wed Aug 22 12:33:30 2012 OPTIONS IMPORT: timers and/or timeouts modified
Wed Aug 22 12:33:30 2012 OPTIONS IMPORT: --ifconfig/up options modified
Wed Aug 22 12:33:30 2012 OPTIONS IMPORT: route options modified
Wed Aug 22 12:33:30 2012 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed Aug 22 12:33:30 2012 ROUTE default_gateway=10.76.78.1
Wed Aug 22 12:33:30 2012 TUN/TAP device tun0 opened
Wed Aug 22 12:33:30 2012 TUN/TAP TX queue length set to 100
Wed Aug 22 12:33:30 2012 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Aug 22 12:33:30 2012 /sbin/ifconfig tun0 10.8.2.38 pointopoint 10.8.2.37 mtu 1500
Wed Aug 22 12:33:30 2012 /etc/openvpn/Freedom-IP/up.sh tun0 1500 1560 10.8.2.38 10.8.2.37 init
Wed Aug 22 12:33:33 2012 /sbin/route add -net 94.23.150.162 netmask 255.255.255.255 gw 10.76.78.1
Wed Aug 22 12:33:33 2012 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.8.2.37
Wed Aug 22 12:33:33 2012 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.8.2.37
Wed Aug 22 12:33:33 2012 /sbin/route add -net 10.8.0.1 netmask 255.255.255.255 gw 10.8.2.37
Wed Aug 22 12:33:33 2012 Initialization Sequence Completed

Peut être qu'il y a eut énormément de traffic sur le réseau lors de l'initialisation du VPN ... ou si vous êtes en Wifi, il y a peut être eut une renégociation de bail dhcp, une mauvaise réception temporaire ... ou directement la connexion ADSL qui s'est ré initialisée.

Si cela venait à se reproduire, essayez avec un autre serveur (un d'Irlande pour être certain de passer par une autre route.

Cordialement, David.

Hors ligne

#3 2012-08-22 13:52:30

benjaltf4
Membres de confiance
Inscription : 2011-11-27
Messages : 610

Re : Temps de connexion long

Re,

Wifi : Ok
Vidage cache DNS : Effectué
Changement de tout les fichiers de config : Ok

Le soucis ne semble venir que du serveur NL2, Quelqu'un pour confirmer ?
@David : Tutoie-moi x)

Hors ligne

#4 2012-08-22 14:29:27

David
Bof !!!
Inscription : 2012-01-30
Messages : 6 132

Re : Temps de connexion long

Re ...

Pour les logs que vous avez mis sur votre message initial, le port est 443 (comme celui de ma première réponse) ... Sinon NL2, le port 8080, voici les logs (26 secondes ... avec saisie de l'identifiant et du mot de passe) :

Wed Aug 22 15:08:12 2012 OpenVPN 2.1.3 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Feb 20 2012
Enter Auth Username:fip_XXXXXXX
Enter Auth Password:
Wed Aug 22 15:08:28 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Wed Aug 22 15:08:29 2012 WARNING: file 'ta.key' is group or others accessible
Wed Aug 22 15:08:29 2012 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Wed Aug 22 15:08:29 2012 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Aug 22 15:08:29 2012 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Aug 22 15:08:29 2012 LZO compression initialized
Wed Aug 22 15:08:29 2012 Control Channel MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
Wed Aug 22 15:08:29 2012 Socket Buffers: R=[87380->131072] S=[16384->131072]
Wed Aug 22 15:08:29 2012 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Aug 22 15:08:29 2012 Local Options hash (VER=V4): '2f2c6498'
Wed Aug 22 15:08:29 2012 Expected Remote Options hash (VER=V4): '9915e4a2'
Wed Aug 22 15:08:29 2012 Attempting to establish TCP connection with [AF_INET]94.23.150.162:8080 [nonblock]
Wed Aug 22 15:08:30 2012 TCP connection established with [AF_INET]94.23.150.162:8080
Wed Aug 22 15:08:30 2012 TCPv4_CLIENT link local: [undef]
Wed Aug 22 15:08:30 2012 TCPv4_CLIENT link remote: [AF_INET]94.23.150.162:8080
Wed Aug 22 15:08:30 2012 TLS: Initial packet from [AF_INET]94.23.150.162:8080, sid=0e1501f1 fd6db0ca
Wed Aug 22 15:08:30 2012 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Wed Aug 22 15:08:33 2012 VERIFY OK: depth=1, /C=FR/ST=CA/L=Amsterdam/O=Fort-Funston/CN=Fort-Funston_CA/emailAddress=admin@Freedom-IP.com
Wed Aug 22 15:08:33 2012 VERIFY OK: nsCertType=SERVER
Wed Aug 22 15:08:33 2012 VERIFY OK: depth=0, /C=FR/ST=CA/L=Amsterdam/O=Fort-Funston/CN=server/emailAddress=admin@Freedom-IP.com
Wed Aug 22 15:08:35 2012 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Wed Aug 22 15:08:35 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Aug 22 15:08:35 2012 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Wed Aug 22 15:08:35 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Aug 22 15:08:35 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Wed Aug 22 15:08:35 2012 [server] Peer Connection Initiated with [AF_INET]94.23.150.162:8080
Wed Aug 22 15:08:37 2012 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Wed Aug 22 15:08:38 2012 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route 10.9.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.9.1.26 10.9.1.25'
Wed Aug 22 15:08:38 2012 OPTIONS IMPORT: timers and/or timeouts modified
Wed Aug 22 15:08:38 2012 OPTIONS IMPORT: --ifconfig/up options modified
Wed Aug 22 15:08:38 2012 OPTIONS IMPORT: route options modified
Wed Aug 22 15:08:38 2012 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed Aug 22 15:08:38 2012 ROUTE default_gateway=192.168.2.1
Wed Aug 22 15:08:38 2012 TUN/TAP device tun0 opened
Wed Aug 22 15:08:38 2012 TUN/TAP TX queue length set to 100
Wed Aug 22 15:08:38 2012 /sbin/ifconfig tun0 10.9.1.26 pointopoint 10.9.1.25 mtu 1500
Wed Aug 22 15:08:38 2012 /sbin/route add -net 94.23.150.162 netmask 255.255.255.255 gw 192.168.2.1
Wed Aug 22 15:08:38 2012 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.9.1.25
Wed Aug 22 15:08:38 2012 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.9.1.25
Wed Aug 22 15:08:38 2012 /sbin/route add -net 10.9.0.1 netmask 255.255.255.255 gw 10.9.1.25
Wed Aug 22 15:08:38 2012 Initialization Sequence Completed

Cordialement, David.

ps : pas en public wink

Hors ligne

#5 2012-08-22 14:37:47

benjaltf4
Membres de confiance
Inscription : 2011-11-27
Messages : 610

Re : Temps de connexion long

C'est normal où il y a un soucis alors ?


PS : Même en MP tu me vouvoyais xD

Hors ligne

#6 2012-08-22 15:07:27

David
Bof !!!
Inscription : 2012-01-30
Messages : 6 132

Re : Temps de connexion long

Re ..

De mon coté tout semble bon (10 Secondes en automatique sur NL et 26 secondes avec saisie de l'identifiant et du mot de passe sur NL2 ... et je suis actuellement sur un HotSpot) ... si le délai de connexion est toujours aussi long, c'est peut être dut à votre ligne / connexion ou à une modification matériel ou logiciel de votre intranet.

Voir pour faire un test de connexion d'ici 2 heures pour voir s'il y a une différence.
Et aussi attendre des réponses et témoignages publiés par d'autres membres smile

Cordialement, David.

Hors ligne

#7 2012-08-22 15:44:44

benjaltf4
Membres de confiance
Inscription : 2011-11-27
Messages : 610

Re : Temps de connexion long

Le truc c'est que sa ne semble que venir que du serveur NL2 x)

Hors ligne

#8 2012-08-22 15:52:14

David
Bof !!!
Inscription : 2012-01-30
Messages : 6 132

Re : Temps de connexion long

Re ...

Avec une authentification automatique sur NL2, la connexion ne dure que 10 secondes :

Wed Aug 22 16:43:48 2012 OpenVPN 2.1.3 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Feb 20 2012
Wed Aug 22 16:43:48 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Wed Aug 22 16:43:48 2012 WARNING: file 'ta.key' is group or others accessible
Wed Aug 22 16:43:48 2012 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Wed Aug 22 16:43:48 2012 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Aug 22 16:43:48 2012 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Aug 22 16:43:48 2012 LZO compression initialized
Wed Aug 22 16:43:48 2012 Control Channel MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
Wed Aug 22 16:43:48 2012 Socket Buffers: R=[87380->131072] S=[16384->131072]
Wed Aug 22 16:43:48 2012 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Aug 22 16:43:48 2012 Local Options hash (VER=V4): '2f2c6498'
Wed Aug 22 16:43:48 2012 Expected Remote Options hash (VER=V4): '9915e4a2'
Wed Aug 22 16:43:48 2012 Attempting to establish TCP connection with [AF_INET]94.23.150.162:8080 [nonblock]
Wed Aug 22 16:43:49 2012 TCP connection established with [AF_INET]94.23.150.162:8080
Wed Aug 22 16:43:49 2012 TCPv4_CLIENT link local: [undef]
Wed Aug 22 16:43:49 2012 TCPv4_CLIENT link remote: [AF_INET]94.23.150.162:8080
Wed Aug 22 16:43:49 2012 TLS: Initial packet from [AF_INET]94.23.150.162:8080, sid=f13db5be a4895d0c
Wed Aug 22 16:43:49 2012 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Wed Aug 22 16:43:52 2012 VERIFY OK: depth=1, /C=FR/ST=CA/L=Amsterdam/O=Fort-Funston/CN=Fort-Funston_CA/emailAddress=admin@Freedom-IP.com
Wed Aug 22 16:43:52 2012 VERIFY OK: nsCertType=SERVER
Wed Aug 22 16:43:52 2012 VERIFY OK: depth=0, /C=FR/ST=CA/L=Amsterdam/O=Fort-Funston/CN=server/emailAddress=admin@Freedom-IP.com
Wed Aug 22 16:43:55 2012 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Wed Aug 22 16:43:55 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Aug 22 16:43:55 2012 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Wed Aug 22 16:43:55 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Aug 22 16:43:55 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Wed Aug 22 16:43:55 2012 [server] Peer Connection Initiated with [AF_INET]94.23.150.162:8080
Wed Aug 22 16:43:57 2012 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Wed Aug 22 16:43:58 2012 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route 10.9.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.9.1.26 10.9.1.25'
Wed Aug 22 16:43:58 2012 OPTIONS IMPORT: timers and/or timeouts modified
Wed Aug 22 16:43:58 2012 OPTIONS IMPORT: --ifconfig/up options modified
Wed Aug 22 16:43:58 2012 OPTIONS IMPORT: route options modified
Wed Aug 22 16:43:58 2012 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed Aug 22 16:43:58 2012 ROUTE default_gateway=192.168.2.1
Wed Aug 22 16:43:58 2012 TUN/TAP device tun0 opened
Wed Aug 22 16:43:58 2012 TUN/TAP TX queue length set to 100
Wed Aug 22 16:43:58 2012 /sbin/ifconfig tun0 10.9.1.26 pointopoint 10.9.1.25 mtu 1500
Wed Aug 22 16:43:58 2012 /sbin/route add -net 94.23.150.162 netmask 255.255.255.255 gw 192.168.2.1
Wed Aug 22 16:43:58 2012 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.9.1.25
Wed Aug 22 16:43:58 2012 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.9.1.25
Wed Aug 22 16:43:58 2012 /sbin/route add -net 10.9.0.1 netmask 255.255.255.255 gw 10.9.1.25
Wed Aug 22 16:43:58 2012 Initialization Sequence Completed

Et en plus la machine fait une compilation croisée ... donc travaille à 100% smile

Cordialement, David.

Hors ligne

#9 2012-08-22 16:28:40

benjaltf4
Membres de confiance
Inscription : 2011-11-27
Messages : 610

Re : Temps de connexion long

Hors ligne

Pied de page des forums