Bonjour à tous 🙂,
Je cherche mettre en place une connexion VPN. Après beaucoup de tâtonnements, j'ai réussi à faire fonctionner quelque chose de satisfaisant, mais la configuration est à refaire après chaque redémarrage. J'utilise
VPNbook en suivant ce
tuto:
[root@alexdell ~]# cd /home/alexandre/Téléchargements/VPNBook.com-OpenVPN-Euro1
[root@alexdell VPNBook.com-OpenVPN-Euro1]# ls
idmdp vpnbook-euro1-udp25000.ovpn
vpnbook-euro1-tcp443.ovpn vpnbook-euro1-udp53.ovpn
vpnbook-euro1-tcp80.ovpn
[root@alexdell VPNBook.com-OpenVPN-Euro1]# openvpn --config vpnbook-euro1-tcp443.ovpn
Sun Feb 23 10:09:56 2014 OpenVPN 2.3.2 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Sep 12 2013
Enter Auth Username:vpnbook
Enter Auth Password:
Sun Feb 23 10:11:00 2014 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sun Feb 23 10:11:00 2014 NOTE: --fast-io is disabled since we are not using UDP
Sun Feb 23 10:11:00 2014 Socket Buffers: R=[87380->131072] S=[16384->131072]
Sun Feb 23 10:11:00 2014 Attempting to establish TCP connection with [AF_INET]93.115.84.195:443 [nonblock]
Sun Feb 23 10:11:01 2014 TCP connection established with [AF_INET]93.115.84.195:443
Sun Feb 23 10:11:01 2014 TCPv4_CLIENT link local: [undef]
Sun Feb 23 10:11:01 2014 TCPv4_CLIENT link remote: [AF_INET]93.115.84.195:443
Sun Feb 23 10:11:01 2014 TLS: Initial packet from [AF_INET]93.115.84.195:443, sid=d95bf1ff afd71880
Sun Feb 23 10:11:01 2014 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sun Feb 23 10:11:02 2014 VERIFY OK: depth=1, C=CH, ST=Zurich, L=Zurich, O=vpnbook.com, OU=IT, CN=vpnbook.com, name=vpnbook.com, emailAddress=admin@vpnbook.com
Sun Feb 23 10:11:02 2014 VERIFY OK: depth=0, C=CH, ST=Zurich, L=Zurich, O=vpnbook.com, OU=IT, CN=vpnbook.com, name=vpnbook.com, emailAddress=admin@vpnbook.com
Sun Feb 23 10:11:03 2014 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Sun Feb 23 10:11:03 2014 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Feb 23 10:11:03 2014 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Sun Feb 23 10:11:03 2014 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Feb 23 10:11:03 2014 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sun Feb 23 10:11:03 2014 [vpnbook.com] Peer Connection Initiated with [AF_INET]93.115.84.195:443
Sun Feb 23 10:11:05 2014 SENT CONTROL [vpnbook.com]: 'PUSH_REQUEST' (status=1)
Sun Feb 23 10:11:05 2014 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 195.60.76.114,dhcp-option DNS 195.60.76.115,route 10.9.0.1,topology net30,ping 5,ping-restart 30,ifconfig 10.9.3.234 10.9.3.233'
Sun Feb 23 10:11:05 2014 OPTIONS IMPORT: timers and/or timeouts modified
Sun Feb 23 10:11:05 2014 OPTIONS IMPORT: --ifconfig/up options modified
Sun Feb 23 10:11:05 2014 OPTIONS IMPORT: route options modified
Sun Feb 23 10:11:05 2014 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sun Feb 23 10:11:05 2014 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=wlp6s0 HWADDR=00:22:5f:8e:a7:0b
Sun Feb 23 10:11:05 2014 TUN/TAP device tun1 opened
Sun Feb 23 10:11:05 2014 TUN/TAP TX queue length set to 100
Sun Feb 23 10:11:05 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Sun Feb 23 10:11:05 2014 /usr/sbin/ip link set dev tun1 up mtu 1500
Sun Feb 23 10:11:05 2014 /usr/sbin/ip addr add dev tun1 local 10.9.3.234 peer 10.9.3.233
Sun Feb 23 10:11:07 2014 /usr/sbin/ip route add 93.115.84.195/32 via 192.168.1.1
Sun Feb 23 10:11:07 2014 /usr/sbin/ip route add 0.0.0.0/1 via 10.9.3.233
Sun Feb 23 10:11:07 2014 /usr/sbin/ip route add 128.0.0.0/1 via 10.9.3.233
Sun Feb 23 10:11:07 2014 /usr/sbin/ip route add 10.9.0.1/32 via 10.9.3.233
Sun Feb 23 10:11:07 2014 Initialization Sequence Completed
Voilà, mais je dois refaire la manip à chaque redémarrage:-(. Je cherche donc une solution pour que ce réglage soit persistant;
Merci pour votre aide.
A bientôt.
pll