Closed Bug 553622 Opened 15 years ago Closed 15 years ago

VPN access

Categories

(Infrastructure & Operations Graveyard :: Account Requests, task)

Product:
Infrastructure & Operations Graveyard
Component:
Account Requests
Platform:
x86
Linux
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: k0scist, Assigned: sean)

Details

I am trying to get access to the VPN. I would like access both to HQ and the colo. I have followed the instructions from https://intranet.mozilla.org/IT_MPT-RemoteAccess but don't seem to have access. From /var/log/syslog: {{{ Mar 19 09:47:34 jhammel-THINK openvpn[3584]: OpenVPN 2.1_rc19 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Oct 13 2009 Mar 19 09:47:51 jhammel-THINK openvpn[3584]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Mar 19 09:47:51 jhammel-THINK openvpn[3584]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Mar 19 09:47:51 jhammel-THINK openvpn[3584]: WARNING: file 'Client.key' is group or others accessible Mar 19 09:47:51 jhammel-THINK openvpn[3584]: /usr/bin/openssl-vulnkey -q -b 2048 -m <modulus omitted> Mar 19 09:47:51 jhammel-THINK openvpn[3584]: WARNING: file 'Tls-auth.key' is group or others accessible Mar 19 09:47:51 jhammel-THINK openvpn[3584]: Control Channel Authentication: using 'Tls-auth.key' as a OpenVPN static key file Mar 19 09:47:51 jhammel-THINK openvpn[3584]: Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Mar 19 09:47:51 jhammel-THINK openvpn[3584]: Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Mar 19 09:47:51 jhammel-THINK openvpn[3584]: LZO compression initialized Mar 19 09:47:51 jhammel-THINK openvpn[3584]: Control Channel MTU parms [ L:1558 D:166 EF:66 EB:0 ET:0 EL:0 ] Mar 19 09:47:51 jhammel-THINK openvpn[3584]: Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ] Mar 19 09:47:51 jhammel-THINK openvpn[3584]: Local Options hash (VER=V4): '9e7066d2' Mar 19 09:47:51 jhammel-THINK openvpn[3584]: Expected Remote Options hash (VER=V4): '162b04de' Mar 19 09:47:51 jhammel-THINK openvpn[3590]: Socket Buffers: R=[114688->131072] S=[114688->131072] Mar 19 09:47:51 jhammel-THINK openvpn[3590]: UDPv4 link local: [undef] Mar 19 09:47:51 jhammel-THINK openvpn[3590]: UDPv4 link remote: 63.245.208.142:1194 Mar 19 09:47:51 jhammel-THINK openvpn[3590]: TLS: Initial packet from 63.245.208.142:1194, sid=e23ce44e df1ea356 Mar 19 09:47:51 jhammel-THINK openvpn[3590]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Mar 19 09:47:51 jhammel-THINK openvpn[3590]: VERIFY OK: depth=1, /C=US/ST=California/L=Mountain_View/O=Mozilla_Corporation/OU=Mozilla_OpenVPN-CA/CN=Mozilla_Corporation_CA/emailAddress=infra@mozilla.\ com Mar 19 09:47:51 jhammel-THINK openvpn[3590]: VERIFY OK: depth=0, /C=US/ST=California/L=Mountain_View/O=Mozilla_Corporation/OU=Mozilla_VPN/CN=server/emailAddress=infra@mozilla.com Mar 19 09:47:52 jhammel-THINK openvpn[3590]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Mar 19 09:47:52 jhammel-THINK openvpn[3590]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Mar 19 09:47:52 jhammel-THINK openvpn[3590]: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Mar 19 09:47:52 jhammel-THINK openvpn[3590]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Mar 19 09:47:52 jhammel-THINK openvpn[3590]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA Mar 19 09:47:52 jhammel-THINK openvpn[3590]: [server] Peer Connection Initiated with 63.245.208.142:1194 Mar 19 09:47:53 jhammel-THINK openvpn[3590]: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) Mar 19 09:47:53 jhammel-THINK openvpn[3590]: AUTH: Received AUTH_FAILED control message Mar 19 09:47:53 jhammel-THINK openvpn[3590]: TCP/UDP: Closing socket Mar 19 09:47:53 jhammel-THINK openvpn[3590]: SIGTERM[soft,auth-failure] received, process exiting }}} Please provide me VPN access to these locations or tell me what additional information I should provide in order to get this working. Thanks!
Assignee: server-ops → sean
Access granted.
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Product: mozilla.org → Infrastructure & Operations
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in before you can comment on or make changes to this bug.