Re: [44net] Accessing AMPRNet via VPN

[root@kb9mwr openvpn]# nmap 85.188.1.118 -p 1773 Starting Nmap 5.00 ( http://nmap.org ) at 2015-10-16 12:17 CDT Interesting ports on amprgw.rats.fi (85.188.1.118): PORT STATE SERVICE 1773/tcp closed unknown Nmap done: 1 IP address (1 host up) scanned in 0.52 seconds Despite this, it works for me: [root@kb9mwr openvpn]# openvpn client.conf Fri Oct 16 12:18:07 2015 OpenVPN 2.2.2 i686-redhat-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] built on Apr 5 2012 Fri Oct 16 12:18:07 2015 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Fri Oct 16 12:18:07 2015 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Fri Oct 16 12:18:07 2015 WARNING: file 'client.key' is group or others accessible Fri Oct 16 12:18:07 2015 LZO compression initialized Fri Oct 16 12:18:07 2015 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] Fri Oct 16 12:18:07 2015 Socket Buffers: R=[110592->131072] S=[110592->131072] Fri Oct 16 12:18:07 2015 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Fri Oct 16 12:18:07 2015 Local Options hash (VER=V4): '41690919' Fri Oct 16 12:18:07 2015 Expected Remote Options hash (VER=V4): '530fdded' Fri Oct 16 12:18:07 2015 UDPv4 link local (bound): [undef]:1194 Fri Oct 16 12:18:07 2015 UDPv4 link remote: 85.188.1.118:1773 Fri Oct 16 12:18:07 2015 TLS: Initial packet from 85.188.1.118:1773, sid=af8cd2e6 8b7e00df Fri Oct 16 12:18:08 2015 VERIFY OK: depth=1, /O=AMPRnet/CN=OH7LZB_VPN_service_CA Fri Oct 16 12:18:08 2015 VERIFY OK: depth=0, /CN=ampr-gw.he.fi Fri Oct 16 12:18:10 2015 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Fri Oct 16 12:18:10 2015 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Fri Oct 16 12:18:10 2015 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Fri Oct 16 12:18:10 2015 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Fri Oct 16 12:18:10 2015 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA Fri Oct 16 12:18:10 2015 [ampr-gw.he.fi] Peer Connection Initiated with 85.188.1.118:1773 Fri Oct 16 12:18:12 2015 SENT CONTROL [ampr-gw.he.fi]: 'PUSH_REQUEST' (status=1) Fri Oct 16 12:18:12 2015 PUSH: Received control message: 'PUSH_REPLY,route 44.0.0.0 255.0.0.0,route 44.139.11.0 255.255.255.192,topology net30,ping 24,ping-restart 120,ifconfig 44.139.11.58 44.139.11.57' Fri Oct 16 12:18:12 2015 OPTIONS IMPORT: timers and/or timeouts modified Fri Oct 16 12:18:12 2015 OPTIONS IMPORT: --ifconfig/up options modified Fri Oct 16 12:18:12 2015 OPTIONS IMPORT: route options modified Fri Oct 16 12:18:12 2015 ROUTE default_gateway=192.168.1.1 Fri Oct 16 12:18:12 2015 TUN/TAP device tun0 opened Fri Oct 16 12:18:12 2015 TUN/TAP TX queue length set to 100 Fri Oct 16 12:18:12 2015 /sbin/ip link set dev tun0 up mtu 1500 Fri Oct 16 12:18:12 2015 /sbin/ip addr add dev tun0 local 44.139.11.58 peer 44.139.11.57 Fri Oct 16 12:18:12 2015 /sbin/ip route add 44.0.0.0/8 via 44.139.11.57 Fri Oct 16 12:18:12 2015 /sbin/ip route add 44.139.11.0/26 via 44.139.11.57 Fri Oct 16 12:18:12 2015 Initialization Sequence Completed [root@kb9mwr openvpn]# ifconfig tun0 tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:44.139.11.58 P-t-P:44.139.11.57 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:1 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:48 (48.0 b) TX bytes:0 (0.0 b)