这个是错误 原帖由 ldf365 于 2006-2-12 21:28 发表
上面是配置
这个是错误
看了你的VARS.bat,确实没什么问题,但是根据错误提示,你的
set KEY_ORG=www
这一行有错误,建议再检查一下 谢谢指点,刚才发现就是组织名字太短了 。换个长的就过去了 我晕 搞定一部分
现在客户端连服务器出现如下错误
IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
WARNING: No server certificate verification method has been enabled.See http://openvpn.net/howto.html#mitm for more info.
LZO compression initialized
Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Local Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Expected Remote Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Local Options hash (VER=V4): '69109d17'
Expected Remote Options hash (VER=V4): 'c0103fa8'
Attempting to establish TCP connection with 192.168.11.7:443
TCP connection established with 192.168.11.7:443
Socket Buffers: R= S=
TCPv4_CLIENT link local:
TCPv4_CLIENT link remote: 192.168.11.7:443
Connection reset, restarting [-1]
TCP/UDP: Closing socket
SIGUSR1 received, process restarting
Restart pause, 5 second(s) client。ovpn
client
dev tun
proto tcp-client
remote 192.168.11.7 443
resolv-retry infinite
nobind
mute-replay-warnings
ca ca.crt
cert client1.crt #这里改成我给你的相应的证书
key client1.key
comp-lzo
verb 4
status openvpn-status.log 5
suppress-timestamps
route-delay 10 10 server。ovpn
port 443
proto tcp-server
dev tun
server 192.168.0.0 255.255.255.0
keepalive 20 180
ca C:\\Program Files\\OPENVPN\\KEY\\ca.crt
cert C:\\Program Files\\OPENVPN\\KEY\\server.crt
key C:\\Program Files\\OPENVPN\\KEY\\server.key
dh C:\\Program Files\\OPENVPN\\KEY\\dh1024.pem
push "redirect-gateway def1"
push "dhcp-option DNS 192.168.0.1"
mode server
tls-server
status C:\\Program Files\\OpenVPN\\log\\openvpn-status.log
comp-lzo
verb 4 原帖由 ldf365 于 2006-2-13 23:56 发表
搞定一部分
现在客户端连服务器出现如下错误
IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.OpenVPN 2.0-beta16 and earlier used 5000 as t ...
要看服务器端的log,才能判断 ^^?,检查一下两端防火墙的配置 在顶啊.
请教老大
push "redirect-gateway def1"这个def1是什么意思? 连接正常了 ,不过又出了个问题 客户端得到ip的网关是192.168.0.5 不知道是不是我的设置问题,能pm你的qq或msn么?这样能方便一点请教你 我现在出现Cannot load DH parameters from C:\Program: error:0906D06C:PEM routines:PEM_read_bio:no start line
什么问题
顶啊!麻烦发个证书的给我,呵呵!
顶啊!麻烦发个证书的给我,呵呵!maxbai001@tom.com 原帖由 ldf365 于 2006-2-16 19:09 发表连接正常了 ,不过又出了个问题 客户端得到ip的网关是192.168.0.5 不知道是不是我的设置问题,能pm你的qq或msn么?这样能方便一点请教你
都这样,子网掩码是252,路由正常。 想请教一下LZ,本文使用的是ADSL拨号上网,上网后就有了公网地址,用代理软件可以实现VPN功能,我现在的情况是这样,单位局域网可以连上INTERNET,想在单位的机子上设置OPENVPN服务器,如何解决?谢谢。 client.log
Sat Feb 18 20:08:36 2006 us=362837 OpenVPN 2.0.5 Win32-MinGW built on Nov2 2005
Sat Feb 18 20:08:36 2006 us=363060 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Sat Feb 18 20:08:36 2006 us=363083 WARNING: No server certificate verification method has been enabled.See http://openvpn.net/howto.html#mitm for more info.
Sat Feb 18 20:08:36 2006 us=367750 LZO compression initialized
Sat Feb 18 20:08:36 2006 us=399056 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sat Feb 18 20:08:36 2006 us=407110 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Feb 18 20:08:36 2006 us=407188 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Sat Feb 18 20:08:36 2006 us=407209 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Sat Feb 18 20:08:36 2006 us=407283 Local Options hash (VER=V4): '41690919'
Sat Feb 18 20:08:36 2006 us=407310 Expected Remote Options hash (VER=V4): '530fdded'
Sat Feb 18 20:08:36 2006 us=407371 Socket Buffers: R= S=
Sat Feb 18 20:08:36 2006 us=407410 UDPv4 link local:
Sat Feb 18 20:08:36 2006 us=407428 UDPv4 link remote: 218.87.4.150:443
Sat Feb 18 20:08:36 2006 us=425737 TLS: Initial packet from 218.87.4.150:443, sid=0a54a750 2f8a6e62
Sat Feb 18 20:08:36 2006 us=573905 VERIFY OK: depth=1, /C=CN/ST=JX/L=NanChang/O=JXJCXMB/OU=cmwap/CN=double/emailAddress=ldf365@hotmail.com
Sat Feb 18 20:08:36 2006 us=573905 VERIFY OK: depth=0, /C=CN/ST=JX/O=JXJCXMB/OU=cmwap/CN=server/emailAddress=ldf365@hotmail.com
Sat Feb 18 20:08:36 2006 us=848930 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Feb 18 20:08:36 2006 us=849003 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Feb 18 20:08:36 2006 us=849104 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Feb 18 20:08:36 2006 us=849126 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Feb 18 20:08:36 2006 us=852095 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sat Feb 18 20:08:36 2006 us=852162 Peer Connection Initiated with 218.87.4.150:443
Sat Feb 18 20:08:38 2006 us=97186 SENT CONTROL : 'PUSH_REQUEST' (status=1)
Sat Feb 18 20:08:38 2006 us=119182 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway,dhcp-option DNS 192.168.0.1,route 192.168.0.0 255.255.255.0,route 192.168.0.0 255.255.255.0,ping 20,ping-restart 210,ifconfig 192.168.0.6 192.168.0.5'
Sat Feb 18 20:08:38 2006 us=119310 OPTIONS IMPORT: timers and/or timeouts modified
Sat Feb 18 20:08:38 2006 us=119329 OPTIONS IMPORT: --ifconfig/up options modified
Sat Feb 18 20:08:38 2006 us=119343 OPTIONS IMPORT: route options modified
Sat Feb 18 20:08:38 2006 us=119357 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sat Feb 18 20:08:38 2006 us=139569 TAP-WIN32 device opened: \\.\Global\{C4DAEF57-5F50-4E74-AC2C-2850F79A1818}.tap
Sat Feb 18 20:08:38 2006 us=142022 TAP-Win32 Driver Version 8.1
Sat Feb 18 20:08:38 2006 us=144149 TAP-Win32 MTU=1500
Sat Feb 18 20:08:38 2006 us=146902 Notified TAP-Win32 driver to set a DHCP IP/netmask of 192.168.0.6/255.255.255.252 on interface {C4DAEF57-5F50-4E74-AC2C-2850F79A1818}
Sat Feb 18 20:08:38 2006 us=146954 DHCP option string: 0604c0a8 0001
Sat Feb 18 20:08:38 2006 us=153644 Successful ARP Flush on interface {C4DAEF57-5F50-4E74-AC2C-2850F79A1818}
Sat Feb 18 20:08:38 2006 us=263773 TEST ROUTES: 0/0 succeeded len=3 ret=0 a=0 u/d=down
Sat Feb 18 20:08:38 2006 us=263843 Route: Waiting for TUN/TAP interface to come up...
Sat Feb 18 20:08:39 2006 us=557940 TEST ROUTES: 4/4 succeeded len=3 ret=1 a=0 u/d=up
Sat Feb 18 20:08:39 2006 us=558044 route ADD 218.87.4.150 MASK 255.255.255.255 192.168.11.1
Sat Feb 18 20:08:39 2006 us=584027 Route addition via IPAPI succeeded
Sat Feb 18 20:08:39 2006 us=584098 route DELETE 0.0.0.0 MASK 0.0.0.0 192.168.11.1
Sat Feb 18 20:08:39 2006 us=613666 Route deletion via IPAPI succeeded
Sat Feb 18 20:08:39 2006 us=618773 route ADD 0.0.0.0 MASK 0.0.0.0 192.168.0.5
Sat Feb 18 20:08:39 2006 us=630623 Route addition via IPAPI succeeded
Sat Feb 18 20:08:39 2006 us=630676 route ADD 192.168.0.0 MASK 255.255.255.0 192.168.0.5
Sat Feb 18 20:08:39 2006 us=660683 Route addition via IPAPI succeeded
Sat Feb 18 20:08:39 2006 us=660760 route ADD 192.168.0.0 MASK 255.255.255.0 192.168.0.5
Sat Feb 18 20:08:39 2006 us=669062 Route addition via IPAPI succeeded
Sat Feb 18 20:08:39 2006 us=669111 route ADD 192.168.0.0 MASK 255.255.255.0 192.168.0.5
Sat Feb 18 20:08:39 2006 us=677186 Route addition via IPAPI succeeded
Sat Feb 18 20:08:39 2006 us=677235 Initialization Sequence Completed server.log
Sat Feb 18 20:13:37 2006 us=898404 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Sat Feb 18 20:13:44 2006 us=603808 MULTI: multi_create_instance called
Sat Feb 18 20:13:44 2006 us=603884 218.87.65.61:1228 Re-using SSL/TLS context
Sat Feb 18 20:13:44 2006 us=603964 218.87.65.61:1228 LZO compression initialized
Sat Feb 18 20:13:44 2006 us=604215 218.87.65.61:1228 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sat Feb 18 20:13:44 2006 us=604620 218.87.65.61:1228 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Feb 18 20:13:44 2006 us=604752 218.87.65.61:1228 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Sat Feb 18 20:13:44 2006 us=604774 218.87.65.61:1228 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Sat Feb 18 20:13:44 2006 us=604807 218.87.65.61:1228 Local Options hash (VER=V4): '530fdded'
Sat Feb 18 20:13:44 2006 us=604832 218.87.65.61:1228 Expected Remote Options hash (VER=V4): '41690919'
Sat Feb 18 20:13:44 2006 us=604881 218.87.65.61:1228 TLS: Initial packet from 218.87.65.61:1228, sid=680edf1b 2287c672
Sat Feb 18 20:13:44 2006 us=959141 218.87.65.61:1228 VERIFY OK: depth=1, /C=CN/ST=JX/L=NanChang/O=JXJCXMB/OU=cmwap/CN=double/emailAddress=ldf365@hotmail.com
Sat Feb 18 20:13:44 2006 us=959870 218.87.65.61:1228 VERIFY OK: depth=0, /C=CN/ST=JX/O=JXJCXMB/OU=cmwap/CN=ldf/emailAddress=ldffangfan@tom.com
Sat Feb 18 20:13:45 2006 us=24030 218.87.65.61:1228 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Feb 18 20:13:45 2006 us=24076 218.87.65.61:1228 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Feb 18 20:13:45 2006 us=24137 218.87.65.61:1228 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Feb 18 20:13:45 2006 us=24158 218.87.65.61:1228 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Feb 18 20:13:45 2006 us=42741 218.87.65.61:1228 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sat Feb 18 20:13:45 2006 us=42788 218.87.65.61:1228 Peer Connection Initiated with 218.87.65.61:1228
Sat Feb 18 20:13:45 2006 us=43215 MULTI: new connection by client 'ldf' will cause previous active sessions by this client to be dropped.Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Sat Feb 18 20:13:45 2006 us=43286 MULTI: Learn: 192.168.0.6 -> ldf/218.87.65.61:1228
Sat Feb 18 20:13:45 2006 us=43305 MULTI: primary virtual IP for ldf/218.87.65.61:1228: 192.168.0.6
Sat Feb 18 20:13:46 2006 us=292631 ldf/218.87.65.61:1228 PUSH: Received control message: 'PUSH_REQUEST'
Sat Feb 18 20:13:46 2006 us=292723 ldf/218.87.65.61:1228 SENT CONTROL : 'PUSH_REPLY,redirect-gateway,dhcp-option DNS 192.168.0.1,route 192.168.0.0 255.255.255.0,route 192.168.0.0 255.255.255.0,ping 20,ping-restart 210,ifconfig 192.168.0.6 192.168.0.5' (status=1) server.ovpn
port 443
proto udp
dev tun
mode server
tls-server
server 192.168.0.0 255.255.255.0
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
push "redirect-gateway"
push "dhcp-option DNS 192.168.0.1"
push "route 192.168.0.0 255.255.255.0"
keepalive 20 210
client-to-client
status c:\\profram files\\OpenVPN\\log\\openvpn-status.log
;log c:\\profram files\\OpenVPN\\log\\openvpn.log
comp-lzo
verb 4 client.ovpn
client
dev tun
proto udp
resolv-retry infinite
nobind
remote 218.87.4.150 443
route 192.168.0.0 255.255.255.0
;mute-replay-warnings
persist-key
persist-tun
ca ca.crt
cert ldf.crt
key ldf.key
comp-lzo
verb 4
status openvpn-status.log 5 现在症状是可以连接上server 可以获得ip
但无法ping通192。168。0。1 无法上网 用宽带测试就是麻烦啊.....我都不想看了 *.*lll 晕
那算了
一个疑问。
对于hub来说,需要一个公网ip,那么对于open vpn需要公网ip吗?因为我是校园网,没有公网ip,如果我建立一个open vpn这会成为阻碍吗? 学习,谢谢。遇到错误,请帮忙
运行时遇到以下错误,望各XD帮帮忙!!!谢谢啦~~~~~~~~~~~ 看得很糊涂 请问2003不关自带防火墙可以吗有没有其他代理软件可以不关防火墙的