1
German - Deutsch / Re: Möchte PC blocken - Rule wird nicht genommen
« on: December 09, 2022, 10:13:42 am »
Danke für die Antwort.
Werde ich mal probieren.
Werde ich mal probieren.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
2021-09-02T12:25:38 openvpn[92283] 62.127.130.81:9018 VERIFY SCRIPT OK: depth=0, C=DE, ST=Bavaria, L=Alzenau, O=PSTproducts GmbH, emailAddress=heinz.krischeu@kb-consulting.de, CN=kriesterer
2021-09-02T12:25:38 openvpn[92283] 62.127.130.81:9018 VERIFY OK: depth=1, C=DE, ST=Bavaria, L=Alzenau, O=PSTproducts GmbH, emailAddress=heinz.krischeu@kb-consulting.de, CN=FW02 PSTproducts GmbH
2021-09-02T12:25:38 openvpn[92283] 62.127.130.81:9018 VERIFY SCRIPT OK: depth=1, C=DE, ST=Bavaria, L=Alzenau, O=PSTproducts GmbH, emailAddress=heinz.krischeu@kb-consulting.de, CN=FW02 PSTproducts GmbH
2021-09-02T12:25:38 openvpn[92283] 62.127.130.81:9018 TLS: Initial packet from [AF_INET]62.127.130.81:9018, sid=ec6f3931 5ea07a04
2021-09-02T12:25:38 openvpn[92283] 62.127.130.81:9018 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
2021-09-02T12:25:38 openvpn[92283] 62.127.130.81:9018 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
2021-09-02T12:25:31 openvpn[92283] Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2021-09-02T12:25:31 openvpn[92283] Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021-09-02T12:25:31 openvpn[92283] Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021-09-02T12:25:31 openvpn[92283] WARNING: 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA256'
2021-09-02T12:25:31 openvpn[92283] WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1549', remote='link-mtu 1524'
2021-09-02T12:25:31 openvpn[92283] TLS: Username/Password authentication succeeded for username 'mhase' [CN SET]
2021-09-02T12:25:31 openvpn[73346] user 'mhase' authenticated using 'Local Database'
2021-09-02T12:28:27 openvpn[92283] MANAGEMENT: CMD 'status 2'
2021-09-02T12:28:27 openvpn[92283] MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock
2021-09-02T12:27:43 openvpn[92283] kriesterer/62.127.130.81:9999 PUSH: Received control message: 'PUSH_REQUEST'
2021-09-02T12:27:43 openvpn[92283] kriesterer/62.127.130.81:9999 TLS Error: incoming packet authentication failed from [AF_INET]62.127.130.81:9999
2021-09-02T12:27:43 openvpn[92283] kriesterer/62.127.130.81:9999 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #13 / time = (1630578461) 2021-09-02 12:27:41 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
2021-09-02T12:27:42 openvpn[92283] kriesterer/62.127.130.81:9999 SENT CONTROL [kriesterer]: 'PUSH_REPLY,route 10.1.0.0 255.255.0.0,dhcp-option DOMAIN pst.local,dhcp-option DNS 10.1.3.34,dhcp-option DNS 10.1.3.21,route 172.168.192.0 255.255.255.0,topology net30,ping 10,ping-restart 60,ifconfig 172.168.192.14 172.168.192.13,peer-id 7,cipher AES-256-GCM' (status=1)
2021-09-02T12:27:42 openvpn[92283] kriesterer/62.127.130.81:9999 PUSH: Received control message: 'PUSH_REQUEST'
2021-09-02T12:27:42 openvpn[92283] Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021-09-02T12:27:42 openvpn[92283] Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021-09-02T12:27:42 openvpn[92283] MULTI: primary virtual IP for kriesterer/62.127.130.81:9999: 172.168.192.14
2021-09-02T12:27:42 openvpn[92283] MULTI: Learn: 172.168.192.14 -> kriesterer/62.127.130.81:9999
2021-09-02T12:27:42 openvpn[92283] MULTI_sva: pool returned IPv4=172.168.192.14, IPv6=(Not enabled)
2021-09-02T12:27:42 openvpn[92283] MULTI: new connection by client 'kriesterer' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
2021-09-02T12:27:42 openvpn[92283] 62.127.130.81:9999 [kriesterer] Peer Connection Initiated with [AF_INET]62.127.130.81:9999
2021-09-02T12:27:42 openvpn[92283] 62.127.130.81:9999 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2021-09-02T12:27:42 openvpn[92283] 62.127.130.81:9999 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1549', remote='link-mtu 1521'
2021-09-02T12:27:42 openvpn[92283] 62.127.130.81:9999 TLS: Username/Password authentication succeeded for username 'kriesterer' [CN SET]
2021-09-02T12:27:42 openvpn[17334] user 'kriesterer' authenticated using 'Local Database'
2021-09-02T12:27:42 openvpn[92283] 62.127.130.81:9999 peer info: IV_SSO=openurl
2021-09-02T12:27:42 openvpn[92283] 62.127.130.81:9999 peer info: IV_GUI_VER=net.openvpn.connect.ios_3.2.3-3760
Keine Ahnung was du mit dem Port Forwarding auf dem LAN Interface bezweckst..Du meinst, es sollte so wie es ist, eigentlich funktionieren, daß ich vom LAN ins WLAN komme?
Standardmässig kommt LAN überall hin ("Default allow LAN to any rule").