LINUX.ORG.RU

Ошибка подключения OpenVPN к VPS серверу.

 , , , ,


0

1

Всем привет. Столкнулся со следующей проблемой, а именно не могу подружить openvpn с VPS.

Лог

Tue May 01 19:59:10 2018 Windows version 6.2 (Windows 8 or greater) 64bit Tue May 01 19:59:10 2018 library versions: OpenSSL 1.1.0f 25 May 2017, LZO 2.10 Tue May 01 19:59:10 2018 WARNING: Your certificate is not yet valid! Tue May 01 19:59:10 2018 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication Tue May 01 19:59:10 2018 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication Tue May 01 19:59:10 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]148.251.3.246:1194 Tue May 01 19:59:10 2018 Socket Buffers: R=[65536->65536] S=[65536->65536] Tue May 01 19:59:10 2018 UDP link local: (not bound) Tue May 01 19:59:10 2018 UDP link remote: [AF_INET]148.251.3.246:1194 Tue May 01 20:00:10 2018 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Tue May 01 20:00:10 2018 TLS Error: TLS handshake failed Tue May 01 20:00:10 2018 SIGUSR1[soft,tls-error] received, process restarting

.

лог

Options error: Bad protocol: '11'. Allowed protocols with --proto option: [proto-uninitialized] [udp] [tcp-server] [tcp-client] [tcp] [udp4] [tcp4-server] [tcp4-client] [tcp4] [udp6] [tcp6-server] [tcp6-client] [tcp6] Use --help for more information.

.

Следовал инструкции github.com/Angristan/OpenVPN-install.

client dev tun proto udp sndbuf 0 rcvbuf 0 remote 148.251.3.246 1194 resolv-retry infinite nobind persist-key persist-tun remote-cert-tls server auth SHA512 cipher AES-256-CBC comp-lzo setenv opt block-outside-dns key-direction 1 verb 3

Рабочие конфиги

$ cat server.conf
port 1984
proto udp
dev tun

ca      /etc/openvpn/server/keys/ca.crt    # generated keys
cert    /etc/openvpn/server/keys/server.crt
key     /etc/openvpn/server/keys/server.key  # keep secret
dh      /etc/openvpn/server/keys/dh2048.pem

topology subnet
server 10.9.1.0 255.255.255.0  # internal tun0 connection IP
ifconfig-pool-persist ipp.txt

keepalive 10 120

client-config-dir /etc/openvpn/server/clients

remote-cert-tls client
auth            SHA256
cipher          AES-256-CBC
tls-cipher      TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384:TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA:TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA


comp-lzo         # Compression - must be turned on at both end
persist-key
persist-tun

status /var/log/openvpn-status.log
log-append /var/log/openvpn.log

verb 3  # verbose mode
client-to-client
$ cat bvn13-home.conf
client
dev tun
port 1984
proto udp

remote IP.IP.IP.IP 1984             # VPN server IP : PORT
nobind

ca /etc/openvpn/client/bvn13-home/ca.crt
cert /etc/openvpn/client/bvn13-home/bvn13-aruba.crt
key /etc/openvpn/client/bvn13-home/bvn13-aruba.key

comp-lzo
persist-key
persist-tun

remote-cert-tls server
auth            SHA256
cipher          AES-256-CBC

verb 3

auth-nocache

Но обрати внимание, что у тебя

WARNING: Your certificate is not yet valid!

bvn13 ★★★★★ ()

WARNING: Your certificate is not yet valid!

Время и часовой пояс на шиндовсе правильные выставь

OneHOM ()
Вы не можете добавлять комментарии в эту тему. Тема перемещена в архив.