bugzi83
Junior Member | Редактировать | Профиль | Сообщение | Цитировать | Сообщить модератору
проблема нипель...
есть две сети, нуно их соединить
скачал openvpn
создал ключи, и теперь тра...юсь немогу подцепить клиента..
ни одного.
вот конфиг севера
port 1194
proto udp
dev tun
topology subnet
route-method exe
route-delay 10
ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.crt"
key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.key"
dh "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\dh1024.pem"
server 10.8.0.0 255.255.255.0
route-gateway 10.8.0.1
push "route 192.168.2.0 255.255.255.0"
client-config-dir ccd "C:\\Program Files\\OpenVPN\\ccd\\office1"
route 192.168.100.0 255.255.255.0 10.8.0.2
route 10.8.0.0 255.255.255.0
client-config-dir "C:\\Program Files\\OpenVPN\\ccd"
client-to-client
keepalive 5 60
tls-server
tls-auth "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ta.key"
cipher BF-CBC
comp-lzo
persist-key
persist-tun
verb 3
вот клинет
dev tun
proto udp
port 1194
remote 77.82.xx.xx
tls-client
remote-cert-tls server
resolv-retry infinite
route-method exe
route-delay 10
pull
ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\office1.crt"
key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\office1.key"
tls-auth "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ta.key"
cipher BF-CBC
comp-lzo
persist-key
persist-tun
verb 5
keepalive 5 60
-------------------
перепробовал разные..
вот логи севера
Fri Jun 22 17:06:40 2012 OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2] [PKCS11] built on Dec 15 2011
Fri Jun 22 17:06:40 2012 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
Fri Jun 22 17:06:40 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Fri Jun 22 17:06:40 2012 Diffie-Hellman initialized with 1024 bit key
Fri Jun 22 17:06:40 2012 Control Channel Authentication: using 'C:\Program Files\OpenVPN\easy-rsa\keys\ta.key' as a OpenVPN static key file
Fri Jun 22 17:06:40 2012 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Jun 22 17:06:40 2012 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Jun 22 17:06:40 2012 TLS-Auth MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Fri Jun 22 17:06:40 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Fri Jun 22 17:06:40 2012 ROUTE default_gateway=192.168.1.254
Fri Jun 22 17:06:40 2012 TAP-WIN32 device [Подключение по локальной сети 4] opened: \\.\Global\{2DDD455D-9077-46B7-80C2-58D69CF3E47D}.tap
Fri Jun 22 17:06:40 2012 TAP-Win32 Driver Version 9.9
Fri Jun 22 17:06:40 2012 TAP-Win32 MTU=1500
Fri Jun 22 17:06:40 2012 Set TAP-Win32 TUN subnet mode network/local/netmask = 10.8.0.0/10.8.0.1/255.255.255.0 [SUCCEEDED]
Fri Jun 22 17:06:40 2012 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.8.0.1/255.255.255.0 on interface {2DDD455D-9077-46B7-80C2-58D69CF3E47D} [DHCP-serv: 10.8.0.254, lease-time: 31536000]
Fri Jun 22 17:06:40 2012 Sleeping for 10 seconds...
Fri Jun 22 17:06:50 2012 Successful ARP Flush on interface [16] {2DDD455D-9077-46B7-80C2-58D69CF3E47D}
Fri Jun 22 17:06:50 2012 C:\WINDOWS\system32\route.exe ADD 192.168.100.0 MASK 255.255.255.0 10.8.0.2
ЋЉ
Fri Jun 22 17:06:50 2012 C:\WINDOWS\system32\route.exe ADD 10.8.0.0 MASK 255.255.255.0 10.8.0.1
‘Ў®© ¤®Ў ў«Ґ-Ёп ¬ аиагв : ќв®в ®ЎкҐЄв 㦥 бгйҐбвўгҐв.
Fri Jun 22 17:06:50 2012 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Fri Jun 22 17:06:50 2012 UDPv4 link local (bound): [undef]:1194
Fri Jun 22 17:06:50 2012 UDPv4 link remote: [undef]
Fri Jun 22 17:06:50 2012 MULTI: multi_init called, r=256 v=256
Fri Jun 22 17:06:50 2012 IFCONFIG POOL: base=10.8.0.2 size=252
Fri Jun 22 17:06:50 2012 Initialization Sequence Completed
Fri Jun 22 17:06:50 2012 IPv6 in tun mode is not supported in OpenVPN 2.2
он запускается.
вот логи клиента, который сцука стоит и не пускат,
Fri Jun 22 19:09:34 2012 us=968000 UDPv4 link remote: 77.82.xx.xx:1194
Fri Jun 22 19:10:34 2012 us=78000 [UNDEF] Inactivity timeout (--ping-restart), restarting
Fri Jun 22 19:10:34 2012 us=78000 TCP/UDP: Closing socket
Fri Jun 22 19:10:34 2012 us=78000 SIGUSR1[soft,ping-restart] received, process restarting
Fri Jun 22 19:10:34 2012 us=78000 Restart pause, 2 second(s)
Fri Jun 22 19:10:36 2012 us=78000 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Fri Jun 22 19:10:36 2012 us=78000 Re-using SSL/TLS context
Fri Jun 22 19:10:36 2012 us=78000 LZO compression initialized
Fri Jun 22 19:10:36 2012 us=78000 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Fri Jun 22 19:10:36 2012 us=78000 Socket Buffers: R=[8192->8192] S=[8192->8192]
Fri Jun 22 19:10:36 2012 us=140000 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Fri Jun 22 19:10:36 2012 us=140000 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Fri Jun 22 19:10:36 2012 us=140000 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Fri Jun 22 19:10:36 2012 us=140000 Local Options hash (VER=V4): '02af3434'
Fri Jun 22 19:10:36 2012 us=140000 Expected Remote Options hash (VER=V4): '3f08d474'
Fri Jun 22 19:10:36 2012 us=140000 UDPv4 link local (bound): [undef]:1194
Fri Jun 22 19:10:36 2012 us=140000 UDPv4 link remote: 77.82.xx.xx:1194
может я чего то понимаю или не вижу, буду признателен.. |
