[ Edited by崂山道士 on 2008-3-7 21:56 ] 这个连接IP不对,应该是没连接上, :'( :'( 这个情况其实网络是哦没有联通。是GPRS没有传数据。 可以把GPRS断了重连。 还是不行,虚拟网卡不停的连接。 有时候我也是这样的,我就把GPRS断了再连就可以了。你可以先配置一个宽带连接到自己VPN的配置,用来测试VPN服务是否正常。 顶~~ 我的弄了很长时间了,443端口就是没打开。
上面的和我的差不多。
有几个问题请教
运行ps | grep vpn,出现3行提示,前两行和楼主的相同,最后一行是grep vpn,不知道是什么意思?用客户端cmwap配置连接能连上但虚拟网卡连接的的ip显示是169.254.192.×,正确显示的ip应该是192.168.1.×?
感谢这几天51nb上的几位朋友加QQ帮我调试忙到深夜!
[ Edited by崂山道士 on 2008-3-21 12:32 ] 我的问题也是虚拟网卡不断的连接。。。郁闷啊,哪里做错了。。我这是招谁了哦:'(
终于成功了,
关键的地方在于,除了按照楼主和第二页的设置以外,启动命令的复制粘贴方法和格式!!!!openvpn --mktun --dev tap0
brctl addif br0 tap0
ifconfig tap0 0.0.0.0 promisc up
echo "
-----BEGIN OpenVPN Static key V1-----
这里粘KEY文件里的内容注意上下两行重复的地方
-----END OpenVPN Static key V1-----
" > /tmp/static.key
ln -s /usr/sbin/openvpn /tmp/myvpn
/tmp/myvpn --dev tap0 --secret /tmp/static.key --comp-lzo --port 443 --proto tcp-server --verb 3 --daemon
上面这段代码,复制的时候要复制一行,粘贴一行!如果粘贴后和原先的代码在一行上要加回车,如果粘贴完后自动到下一行则不用加回车!
例如" > /tmp/static.key回车
可以多试几次。
我的成功后的代码是
285 root 1004 S /tmp/myvpn --dev tap0 --secret /tmp/static.key --comp
697 root 376 S sh -c alias ping='ping -c 3'; eval "ps | grep vpn" >
701 root 284 S grep vpn
第三行和楼主的不太一样。
客户端配置用第二页的就行,但要注意关闭本机防火墙,我的诺顿防火墙开着就不行,关了就好了。
客户端连上服务器后看openvpn GUI-右键-view log的提示。
最后一句:Fri Mar 21 19:51:30 2008 Initialization Sequence Completed
客户端连接上服务器后虚拟网卡的状态:
[ Edited by崂山道士 on 2008-3-21 20:42 ] 我在我的tomato固件路由上也在试vpn,无法上网和QQ。
openvpn连接顺利,DHCP也获得了正常的IP地址、网关。
获得的DNS是否准确我不知道,DNS显示的是192.168.1.1,不过我ping外网的www.123cha.com网站的时候获得了其真实ip地址124.254.44.17,所以DNS解析应该没有问题。
最重要的一点,我能gprs-cmwap链接vpn后,输入192.168.1.1能够进入路由的设置界面,这意味着百分百vpn没有问题了,但是我为啥不能上网呢?
下面附openvpn 的 log,那位牛人告诉我是怎么回事。是路由设置吗?
Fri Mar 21 21:20:35 2008 OpenVPN 2.0.9 Win32-MinGW built on Oct1 2006
Fri Mar 21 21:20:35 2008 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Fri Mar 21 21:20:35 2008 Static Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Mar 21 21:20:35 2008 Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Mar 21 21:20:35 2008 Static Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Mar 21 21:20:35 2008 Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Mar 21 21:20:35 2008 LZO compression initialized
Fri Mar 21 21:20:35 2008 TAP-WIN32 device [本地连接 4] opened: \\.\Global\{6E59E29A-2275-4EFB-9E00-B98C3B21567D}.tap
Fri Mar 21 21:20:35 2008 TAP-Win32 Driver Version 8.4
Fri Mar 21 21:20:35 2008 TAP-Win32 MTU=1500
Fri Mar 21 21:20:35 2008 Successful ARP Flush on interface {6E59E29A-2275-4EFB-9E00-B98C3B21567D}
Fri Mar 21 21:20:35 2008 Data Channel MTU parms [ L:1579 D:1450 EF:47 EB:135 ET:32 EL:0 AF:3/1 ]
Fri Mar 21 21:20:35 2008 Local Options hash (VER=V4): '30b1d7b8'
Fri Mar 21 21:20:35 2008 Expected Remote Options hash (VER=V4): '810a7623'
Fri Mar 21 21:20:35 2008 Attempting to establish TCP connection with 10.0.0.172:80
Fri Mar 21 21:20:36 2008 TCP connection established with 10.0.0.172:80
Fri Mar 21 21:20:36 2008 Send to HTTP proxy: 'CONNECT ********.3322.org:443 HTTP/1.0'
Fri Mar 21 21:20:38 2008 HTTP proxy returned: 'HTTP/1.0 200 Connection established'
Fri Mar 21 21:20:40 2008 TCPv4_CLIENT link local:
Fri Mar 21 21:20:40 2008 TCPv4_CLIENT link remote: 10.0.0.172:80
Fri Mar 21 21:20:40 2008 Peer Connection Initiated with 10.0.0.172:80
Fri Mar 21 21:20:42 2008 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Fri Mar 21 21:20:42 2008 Route: Waiting for TUN/TAP interface to come up...
Fri Mar 21 21:20:43 2008 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Fri Mar 21 21:20:43 2008 Route: Waiting for TUN/TAP interface to come up...
Fri Mar 21 21:20:44 2008 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Fri Mar 21 21:20:44 2008 Route: Waiting for TUN/TAP interface to come up...
Fri Mar 21 21:20:45 2008 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Fri Mar 21 21:20:45 2008 Route: Waiting for TUN/TAP interface to come up...
Fri Mar 21 21:20:46 2008 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Fri Mar 21 21:20:46 2008 Route: Waiting for TUN/TAP interface to come up...
Fri Mar 21 21:20:47 2008 TEST ROUTES: 0/0 succeeded len=-1 ret=1 a=0 u/d=up
Fri Mar 21 21:20:47 2008 Initialization Sequence Completed ^^? ^^?
[ Edited by崂山道士 on 2008-3-21 21:57 ] 番茄里有ps | grep vpn这种诊断的功能吗? 为什么我的config目录里没有static.key这个文件呢,只有client.ovpn和key.txt,请楼主帮忙
[ Edited byk22m on 2008-4-6 21:32 ] 为什么我的config目录里没有static.key这个文件呢,只有client.ovpn和key.txt,请楼主帮忙 config应该是没有static.key这个文件,这个文件好像是路由器自动生成之后存放在路由器里的。 code
openvpn --mktun --dev tap0
brctl addif br0 tap0
ifconfig tap0 0.0.0.0 promisc up
echo "
-----BEGIN OpenVPN Static key V1-----
e9167931bcb07acbad135363fbbaa083
6e0cb260ac65421dd41c0ff933ca93f9
d940162dc899aaa9d951c35c97f1bd6d
69240931418b98c5444cdac07f4fa46d
4215ab9e8c79cad111105c7d84ababa4
6e2100a581d7291c692599b4357a119b
-----END OpenVPN Static key V1-----
">/tmp/static.key
ln -s /usr/sbin/openvpn /tmp/myvpn
/tmp/myvpn --dev tap0 --secret /tmp/static.key --comp-lzo --port 443 --proto tcp-server --verb 3 --daemon iptables -I INPUT 1 -p tcp --dport 443 -j ACCEPT 3043 root 364 S sh -c alias ping='ping -c 3'; eval "ps | grep vpn" >
3047 root 272 S grep vpn # Use the following to have your client computer send all traffic through your router
# (remote gateway)
remote ****.3322.org
http-proxy-retry
http-proxy 10.0.0.172 80
port 443
dev tap
secret key.txt
proto tcp-client
comp-lzo
route-gateway 192.168.1.1
redirect-gateway
[ Edited byk22m on 2008-4-14 22:51 ] Tue Apr 08 18:48:51 2008 OpenVPN 2.0.9 Win32-MSVC++ built on Dec 13 2007
Tue Apr 08 18:48:51 2008 LZO compression initialized
Tue Apr 08 18:48:51 2008 TAP-WIN32 device [本地连接 2] opened: \\.\Global\{3ACFC380-88F1-4C48-903F-04209F09FB29}.tap
Tue Apr 08 18:48:51 2008 Successful ARP Flush on interface {3ACFC380-88F1-4C48-903F-04209F09FB29}
Tue Apr 08 18:48:51 2008 Attempting to establish TCP connection with 10.0.0.172:80
Tue Apr 08 18:48:52 2008 TCP connection established with 10.0.0.172:80
Tue Apr 08 18:48:53 2008 HTTP proxy returned bad status
Tue Apr 08 18:48:53 2008 SIGUSR1 received, process restarting
Tue Apr 08 18:48:58 2008 LZO compression initialized
Tue Apr 08 18:48:58 2008 TAP-WIN32 device [本地连接 2] opened: \\.\Global\{3ACFC380-88F1-4C48-903F-04209F09FB29}.tap
Tue Apr 08 18:48:58 2008 Successful ARP Flush on interface {3ACFC380-88F1-4C48-903F-04209F09FB29}
Tue Apr 08 18:48:58 2008 Attempting to establish TCP connection with 10.0.0.172:80
Tue Apr 08 18:49:03 2008 TCP connection established with 10.0.0.172:80
Tue Apr 08 18:49:05 2008 HTTP proxy returned bad status
Tue Apr 08 18:49:05 2008 SIGUSR1 received, process restarting
Tue Apr 08 18:49:10 2008 LZO compression initialized
Tue Apr 08 18:49:10 2008 TAP-WIN32 device [本地连接 2] opened: \\.\Global\{3ACFC380-88F1-4C48-903F-04209F09FB29}.tap
Tue Apr 08 18:49:10 2008 Successful ARP Flush on interface {3ACFC380-88F1-4C48-903F-04209F09FB29}
Tue Apr 08 18:49:10 2008 Attempting to establish TCP connection with 10.0.0.172:80
Tue Apr 08 18:49:11 2008 TCP connection established with 10.0.0.172:80
Tue Apr 08 18:49:12 2008 HTTP proxy returned bad status
Tue Apr 08 18:49:12 2008 SIGUSR1 received, process restarting
Tue Apr 08 18:49:17 2008 LZO compression initialized
Tue Apr 08 18:49:17 2008 TAP-WIN32 device [本地连接 2] opened: \\.\Global\{3ACFC380-88F1-4C48-903F-04209F09FB29}.tap
Tue Apr 08 18:49:17 2008 Successful ARP Flush on interface {3ACFC380-88F1-4C48-903F-04209F09FB29}
Tue Apr 08 18:49:17 2008 Attempting to establish TCP connection with 10.0.0.172:80
Tue Apr 08 18:49:18 2008 TCP connection established with 10.0.0.172:80
Tue Apr 08 18:49:20 2008 HTTP proxy returned bad status
Tue Apr 08 18:49:20 2008 SIGUSR1 received, process restarting
Tue Apr 08 18:49:25 2008 LZO compression initialized
Tue Apr 08 18:49:25 2008 TAP-WIN32 device [本地连接 2] opened: \\.\Global\{3ACFC380-88F1-4C48-903F-04209F09FB29}.tap
Tue Apr 08 18:49:25 2008 Successful ARP Flush on interface {3ACFC380-88F1-4C48-903F-04209F09FB29}
Tue Apr 08 18:49:25 2008 Attempting to establish TCP connection with 10.0.0.172:80
Tue Apr 08 18:49:26 2008 TCP connection established with 10.0.0.172:80
Tue Apr 08 18:49:28 2008 HTTP proxy returned bad status
Tue Apr 08 18:49:28 2008 SIGUSR1 received, process restarting
Tue Apr 08 18:49:33 2008 LZO compression initialized
Tue Apr 08 18:49:33 2008 TAP-WIN32 device [本地连接 2] opened: \\.\Global\{3ACFC380-88F1-4C48-903F-04209F09FB29}.tap
Tue Apr 08 18:49:33 2008 Successful ARP Flush on interface {3ACFC380-88F1-4C48-903F-04209F09FB29}
Tue Apr 08 18:49:33 2008 Attempting to establish TCP connection with 10.0.0.172:80
Tue Apr 08 18:49:34 2008 TCP connection established with 10.0.0.172:80
Tue Apr 08 18:49:35 2008 HTTP proxy returned bad status
Tue Apr 08 18:49:35 2008 SIGUSR1 received, process restarting
Tue Apr 08 18:49:40 2008 LZO compression initialized
Tue Apr 08 18:49:40 2008 TAP-WIN32 device [本地连接 2] opened: \\.\Global\{3ACFC380-88F1-4C48-903F-04209F09FB29}.tap
Tue Apr 08 18:49:40 2008 Successful ARP Flush on interface {3ACFC380-88F1-4C48-903F-04209F09FB29}
Tue Apr 08 18:49:40 2008 Attempting to establish TCP connection with 10.0.0.172:80
Tue Apr 08 18:49:41 2008 TCP connection established with 10.0.0.172:80
Tue Apr 08 18:49:43 2008 HTTP proxy returned bad status
Tue Apr 08 18:49:43 2008 SIGUSR1 received, process restarting
Tue Apr 08 18:49:48 2008 LZO compression initialized
Tue Apr 08 18:49:48 2008 TAP-WIN32 device [本地连接 2] opened: \\.\Global\{3ACFC380-88F1-4C48-903F-04209F09FB29}.tap
Tue Apr 08 18:49:48 2008 Successful ARP Flush on interface {3ACFC380-88F1-4C48-903F-04209F09FB29}
Tue Apr 08 18:49:48 2008 Attempting to establish TCP connection with 10.0.0.172:80
Tue Apr 08 18:49:49 2008 TCP connection established with 10.0.0.172:80
Tue Apr 08 18:49:51 2008 HTTP proxy returned bad status
Tue Apr 08 18:49:51 2008 SIGUSR1 received, process restarting
Tue Apr 08 18:49:56 2008 LZO compression initialized
Tue Apr 08 18:49:56 2008 TAP-WIN32 device [本地连接 2] opened: \\.\Global\{3ACFC380-88F1-4C48-903F-04209F09FB29}.tap
Tue Apr 08 18:49:56 2008 Successful ARP Flush on interface {3ACFC380-88F1-4C48-903F-04209F09FB29}
Tue Apr 08 18:49:56 2008 Attempting to establish TCP connection with 10.0.0.172:80
Tue Apr 08 18:49:56 2008 TCP connection established with 10.0.0.172:80
Tue Apr 08 18:49:58 2008 HTTP proxy returned bad status
Tue Apr 08 18:49:58 2008 SIGUSR1 received, process restarting
Tue Apr 08 18:50:03 2008 LZO compression initialized
Tue Apr 08 18:50:03 2008 TAP-WIN32 device [本地连接 2] opened: \\.\Global\{3ACFC380-88F1-4C48-903F-04209F09FB29}.tap
Tue Apr 08 18:50:03 2008 Successful ARP Flush on interface {3ACFC380-88F1-4C48-903F-04209F09FB29}
Tue Apr 08 18:50:03 2008 Attempting to establish TCP connection with 10.0.0.172:80
Tue Apr 08 18:50:04 2008 TCP connection established with 10.0.0.172:80
Tue Apr 08 18:50:06 2008 HTTP proxy returned bad status
Tue Apr 08 18:50:06 2008 SIGUSR1 received, process restarting
Tue Apr 08 18:50:11 2008 LZO compression initialized
Tue Apr 08 18:50:11 2008 TAP-WIN32 device [本地连接 2] opened: \\.\Global\{3ACFC380-88F1-4C48-903F-04209F09FB29}.tap
Tue Apr 08 18:50:11 2008 Successful ARP Flush on interface {3ACFC380-88F1-4C48-903F-04209F09FB29}
Tue Apr 08 18:50:11 2008 Attempting to establish TCP connection with 10.0.0.172:80
Tue Apr 08 18:50:12 2008 SIGTERM received, process exiting
以上连续4楼帮我看看咋回事呀,郁闷呀 我终于成功了,其实楼主差了最重要的最后一步,就是再保存防火墙命令之后必须按一下Save Custom Script按钮,这是把static.key写入路由器,我这回终于成功了,折磨我两天了,呵呵,终于搞定了,哈哈!没有搞定的这回试试我的方法吧!!! 好文。感谢楼主分享。
客户端用什么好? 爽啊。成功了! 感谢楼上的各位分享经验。
速度很不错。
大连,10多K的速度。 好贴,楼主太强了,强烈支持 晕。有的时候要连半小时才能连上VPN。 昨天晚上才把我的磊科606无线路由的2个16v1000uF的电容换了,之前鼓包了,垃圾啊!!!