Bonjour à tous 🙂,
J'essaye désespérément d'établir une connexion VPN, en vain...🙁.
Voici mes essais avec "openvpn":
http://www.lefred.be/node/184
J'ai modifié en conséquence le fichier concerné:
[alexandre@ludwig ~]$ cat /usr/lib/systemd/system/NetworkManager.service
[Unit]
Description=Network Manager
Wants=network.target
Before=network.target network.service
[Service]
Type=dbus
BusName=org.freedesktop.NetworkManager
ExecStart=/usr/sbin/NetworkManager --no-daemon
# NM doesn't want systemd to kill its children for it
KillMode=process
# Add by alex to allow openvpn
Environment="NSS_HASH_ALG_SUPPORT=+MD5"
Environment="OPENSSL_ENABLE_MD5_VERIFY=1"
[Install]
WantedBy=multi-user.target
Alias=dbus-org.freedesktop.NetworkManager.service
Also=NetworkManager-dispatcher.service
[alexandre@ludwig ~]$
Rien de mieux 🙁. Je continu:
http://forums.untangle.com/openvpn/35217-fedora-21-fails-verify-md5-certs.html
Même démarche avec le fichier concerné:
[alexandre@ludwig ~]$ cat .bashrc
# .bashrc
# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
# User specific aliases and functions
export LD_LIBRARY_PATH=/usr/local/lib
export LD_LIBRARY_PATH=/usr/local/lib
# add by alex to allow openvpn
export OPENSSL_ENABLE_MD5_VERIFY=1
[alexandre@ludwig ~]$
Toujours rien :-?.
Je continue donc:
https://ask.fedoraproject.org/en/question/62909/cant-connect-to-vpn-on-fedora-21/
J’exécute ces commandes:
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p gre -j ACCEPT
firewall-cmd --direct --add-rule ipv6 filter INPUT 0 -p gre -j ACCEPT
firewall-cmd --reload
Avec succès mais sans résultats pour le VPN :roll:🙁.
Je passe au PPTP pour voir: toujours rien !!!!!!!
Avec les informations du lien précédent, je modifie le fichier suivant:
[alexandre@ludwig ~]$ cat /etc/ppp/options.pptp
###############################################################################
# $Id: options.pptp,v 1.4 2012/08/30 21:34:13 quozl Exp $
#
# Sample PPTP PPP options file /etc/ppp/options.pptp
# Options used by PPP when a connection is made by a PPTP client.
# This file can be referred to by an /etc/ppp/peers file for the tunnel.
# Changes are effective on the next connection. See "man pppd".
#
# You are expected to change this file to suit your system. As
# packaged, it requires PPP 2.4.2 or later from http://ppp.samba.org/
# and the kernel MPPE module available from the CVS repository also on
# http://ppp.samba.org/, which is packaged for DKMS as kernel_ppp_mppe.
###############################################################################
# Lock the port
lock
# Authentication
# We don't need the tunnel server to authenticate itself
noauth
# We won't do PAP, EAP, CHAP, or MSCHAP, but we will accept MSCHAP-V2
# (you may need to remove these refusals if the server is not using MPPE)
refuse-pap
refuse-eap
refuse-chap
#refuse-mschap
# Compression
# Turn off compression protocols we know won't be used
nobsdcomp
nodeflate
# Encryption
# (There have been multiple versions of PPP with encryption support,
# choose which of the following sections you will use. Note that MPPE
# requires the use of MSCHAP-V2 during authentication)
#
# Note that using PPTP with MPPE and MSCHAP-V2 should be considered
# insecure:
# http://marc.info/?l=pptpclient-devel&m=134372640219039&w=2
# https://github.com/moxie0/chapcrack/blob/master/README.md
# http://technet.microsoft.com/en-us/security/advisory/2743314
# http://ppp.samba.org/ the PPP project version of PPP by Paul Mackarras
# ppp-2.4.2 or later with MPPE only, kernel module ppp_mppe.o
# If the kernel is booted in FIPS mode (fips=1), the ppp_mppe.ko module
# is not allowed and PPTP-MPPE is not available.
# {{{
# Require MPPE 128-bit encryption
#require-mppe-128
# }}}
# http://mppe-mppc.alphacron.de/ fork from PPP project by Jan Dubiec
# ppp-2.4.2 or later with MPPE and MPPC, kernel module ppp_mppe_mppc.o
# {{{
# Require MPPE 128-bit encryption
#mppe required,stateless
# }}}
[alexandre@ludwig ~]$
Pas mieux 🙁.
Je me rabats sur ce bon lien de notre forum:
http://forums.fedora-fr.org/viewtopic.php?id=63442
Je créé donc ce fichier:
[alexandre@ludwig ~]$ cat /etc/modules-load.d/nf_conntrack_pptp.conf
nf_conntrack_pptp
[alexandre@ludwig ~]$
Encore rien !!!!!!!! même en arrêtant le pare-feu...
Je rajoute donc tous les paquets "conntrack" dont "conntrack-tools" qui me parait nécessaire.
Toujours rien de rien, et là, je ne sais plus quoi faire...
Il ne me reste plus qu'à solliciter votre aide. Merci.
Amicalement.
pll