LINUX.ORG.RU
ФорумAdmin

OpenVPN - объединение нескольких сетей


0

0

Доброго времени суток.

Стоит задача поднять vpn пока только между сетью и 1 компом. Все настроил используя несколько статей. Но теперь возникает проблема, клиент не может законектиться. Не могу понять в чем проблема.

Вот лог клиента:

Sat Jun 9 11:42:29 2007 OpenVPN 2.0.9 i486-pc-linux-gnu [SSL] [LZO] [EPOLL] built on Jan 21 2007

Sat Jun 9 11:42:29 2007 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

Sat Jun 9 11:42:29 2007 Control Channel Authentication: using '/etc/openvpn/vserver/keys/auth.key' as a OpenVPN static key file

Sat Jun 9 11:42:29 2007 LZO compression initialized

Sat Jun 9 11:42:29 2007 Attempting to establish TCP connection with *.*.*.*:5555

Sat Jun 9 11:44:33 2007 OpenVPN 2.0.9 i486-pc-linux-gnu [SSL] [LZO] [EPOLL] built on Jan 21 2007

Sat Jun 9 11:44:33 2007 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

Sat Jun 9 11:44:33 2007 Control Channel Authentication: using '/etc/openvpn/vserver/keys/auth.key' as a OpenVPN static key file

Sat Jun 9 11:44:33 2007 LZO compression initialized

Sat Jun 9 11:44:33 2007 Attempting to establish TCP connection with *.*.*.*:5555

Sat Jun 9 11:47:42 2007 TCP: connect to *.*.*.*:5555 failed, will try again in 5 seconds: Connection timed out (errno=110)

Sat Jun 9 11:50:56 2007 TCP: connect to *.*.*.*:5555 failed, will try again in 5 seconds: Connection timed out (errno=110)

Вот лог сервера:

Sat Jun 9 11:38:40 2007 OpenVPN 2.0.9 i486-pc-linux-gnu [SSL] [LZO] [EPOLL] built on Jan 21 2007

Sat Jun 9 11:38:40 2007 WARNING: --keepalive option is missing from server config

Sat Jun 9 11:38:40 2007 Diffie-Hellman initialized with 1024 bit key

Sat Jun 9 11:38:40 2007 Control Channel Authentication: using '/etc/openvpn/vserver/keys/auth.key' as a OpenVPN static key file

Sat Jun 9 11:38:40 2007 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication

Sat Jun 9 11:38:40 2007 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication

Sat Jun 9 11:38:40 2007 TLS-Auth MTU parms [ L:1576 D:168 EF:68 EB:0 ET:0 EL:0 ]

Sat Jun 9 11:38:40 2007 TUN/TAP device tap0 opened

Sat Jun 9 11:38:40 2007 /sbin/ifconfig tap0 10.0.0.1 netmask 255.255.255.0 mtu 1500 broadcast 10.0.0.255

Sat Jun 9 11:38:40 2007 /etc/openvpn/vserver/upscript.sh tap0 1500 1576 10.0.0.1 255.255.255.0 init

Sat Jun 9 11:38:40 2007 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]

Sat Jun 9 11:38:40 2007 Listening for incoming TCP connection on [undef]:5555

Sat Jun 9 11:38:40 2007 TCPv4_SERVER link local (bound): [undef]:5555

Sat Jun 9 11:38:40 2007 TCPv4_SERVER link remote: [undef]

Sat Jun 9 11:38:40 2007 MULTI: multi_init called, r=256 v=256

Sat Jun 9 11:38:40 2007 IFCONFIG POOL: base=10.0.0.10 size=11

Sat Jun 9 11:38:40 2007 MULTI: TCP INIT maxclients=1024 maxevents=1028

Sat Jun 9 11:38:40 2007 Initialization Sequence Completed

Sat Jun 9 11:40:28 2007 TCP/UDP: Closing socket

Sat Jun 9 11:40:28 2007 Closing TUN/TAP interface

Sat Jun 9 11:40:28 2007 /etc/openvpn/vserver/downscript.sh tap0 1500 1576 10.0.0.1 255.255.255.0 init

SIOCDELRT: No such process

Sat Jun 9 11:40:28 2007 script failed: shell command exited with error status: 7

Sat Jun 9 11:40:28 2007 Exiting

Sat Jun 9 11:41:13 2007 OpenVPN 2.0.9 i486-pc-linux-gnu [SSL] [LZO] [EPOLL] built on Jan 21 2007

Sat Jun 9 11:41:13 2007 WARNING: --keepalive option is missing from server config

Sat Jun 9 11:41:13 2007 Diffie-Hellman initialized with 1024 bit key

Sat Jun 9 11:41:13 2007 Control Channel Authentication: using '/etc/openvpn/vserver/keys/auth.key' as a OpenVPN static key file

Sat Jun 9 11:41:13 2007 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication

Sat Jun 9 11:41:13 2007 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication

Sat Jun 9 11:41:13 2007 TLS-Auth MTU parms [ L:1576 D:168 EF:68 EB:0 ET:0 EL:0 ]

Sat Jun 9 11:41:13 2007 TUN/TAP device tap0 opened

Sat Jun 9 11:41:13 2007 /sbin/ifconfig tap0 10.0.0.1 netmask 255.255.255.0 mtu 1500 broadcast 10.0.0.255

Sat Jun 9 11:41:13 2007 /etc/openvpn/vserver/upscript.sh tap0 1500 1576 10.0.0.1 255.255.255.0 init

Sat Jun 9 11:41:13 2007 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]

Sat Jun 9 11:41:13 2007 Listening for incoming TCP connection on [undef]:5555

Sat Jun 9 11:41:13 2007 TCPv4_SERVER link local (bound): [undef]:5555

Sat Jun 9 11:41:13 2007 TCPv4_SERVER link remote: [undef]

Sat Jun 9 11:41:13 2007 MULTI: multi_init called, r=256 v=256

Sat Jun 9 11:41:13 2007 IFCONFIG POOL: base=10.0.0.10 size=11

Sat Jun 9 11:41:13 2007 MULTI: TCP INIT maxclients=1024 maxevents=1028

Sat Jun 9 11:41:13 2007 Initialization Sequence Completed

Sat Jun 9 11:49:11 2007 TCP/UDP: Closing socket

Sat Jun 9 11:49:11 2007 Closing TUN/TAP interface

Sat Jun 9 11:49:11 2007 /etc/openvpn/vserver/downscript.sh tap0 1500 1576 10.0.0.1 255.255.255.0 init

SIOCDELRT: No such process

Sat Jun 9 11:49:11 2007 script failed: shell command exited with error status: 7

Sat Jun 9 11:49:11 2007 Exiting

OS Debian GNU/Linux 4

Помогите разобраться в чем проблема.

Заранее спасибо.

Убрал Маршрут на сервере. Просканил порты с клиентской тачки: 5555/tcp open freeciv

Попробовал telnet *,*,*,* 5555:

Trying *,*,*,*... Connected to *,*,*,*. Escape character is '^]'. *@ЫAVэI▐}ne

Ог╗Щya═≈⌡ЛиL)╦Э|ё$FjdК*@ЫAVэI▐}nЗ⌠²L её ╔ц}%≤ф▌Ж`FjdК

Connection closed by foreign host.

Тоесть приконектится можно, но почему openvpn не может?

Morphine
() автор топика
Вы не можете добавлять комментарии в эту тему. Тема перемещена в архив.
Admin