Member
Статус: Не в сети Регистрация: 10.06.2008 Откуда: Москва Фото: 5
Народ, все привет нужна помощь местных гуру по OpenVPN… Есть сервер вин 7 с OVPN Локальный ip 192.168.2.10 (сеть 192.168.2.0/24) шлюз 192.168.2.1 dns там же. Имею статический ip на выходе и доменное имя с привязкой. Прокинут маршрут и открыты порты до сервера. 192.168.2.10:55555 Ip адрес виртуального сервера 10.10.10.1 255.255.255.0 Настройки сервера :
mode server #Режим работы – Сервер port 55555 #порт на котором работает сервер (слушает клиентов) route-delay 10 proto tcp-server #Протокол передачи данных tls-server #Криптографический протокол передачи duplicate-cn mssfix dev tun #Какой режим туннелирования использльзовать L3 tun-mtu 1500 auth MD5 ca C:\\VPN\\config\\MyServer\\ca.crt cert C:\\VPN\\config\\MyServer\\MyServer.crt #Ключи, сертифекаты и шифрование канала...... key C:\\VPN\\config\\MyServer\\MyServer.key dh C:\\VPN\\config\\MyServer\\dh1024.pem server 10.10.10.0 255.255.255.0 #Пулл адресов push "route 192.168.2.0 255.255.255.0" #Передача клиентам маршрута до локальной сети client-to-client # видимость клиентов между собой keepalive 10 120 # жизнь пакета cipher AES-128-CBC #Метод шифрования comp-lzo #сжатия данных в туннеле persist-key persist-tun verb 3
Настройка клиента:
client remote ******(доменное имя) port 55555 proto tcp-client tls-client route-delay 10 nobind dev tun auth MD5 tun-mtu 1500 ca ca.crt cert Sergey.crt key Sergey.key cipher AES-128-CBC route-method exe route-delay 2 comp-lzo persist-key persist-tun verb 3
Клиент и сервер коннектются замечательно…. Клиент получает ip 10.10.1.6 Видимость по ip 10.10.10.1(вирт. ip сервера с физ. локал. ip 192.168.2.10) расшаренные ресурсы есть, а вот сеть 192.168.2.0 не видит не фига… и по ip 192.168.2.10 не видно ресурсов. Что делать? На сервере был изменен ключ…. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters IpEnableRouter значение 1
Добавлено спустя 1 час 19 минут 59 секунд: Всем спасибо.... тему в принципе можно закрывать по данному вопросу, оказалось тупил режим л3 туннеля, как только перевел на л2(tap) и обратно все законектилось..... Хотя можно и оставить если такой темы нету.... на форуме по поводу настроек конфига для openVPN......
Member
Статус: Не в сети Регистрация: 10.06.2008 Откуда: Москва Фото: 5
Так как, создавал тему по openVPN, решил для всех желающих запилить видео... с манами по настройки данной программы... Инструкция по созданию OpenVPN сервера: Все части вместе...... 3 части + дополнение, и реальный тест с игрой.
1 часть...
2 часть...
3 часть...
Дополнение.....
Тест с игрой......
Рабочие конфиги::: Сервер... Маршрутизация на хосте..... режим работы l2 tap....
dev-node "joni" #имя нашего адаптера mode server #Режим работы – Сервер port 55555 #порт на котором работает сервер (слушает клиентов)
dev tap #Какой режим туннелирования использльзовать L2
proto tcp-server #Протокол передачи данных
tls-server #Криптографический протокол передачи tls-auth C:\\CLOVPN\\config\\tls_key\\mykey.key 0
duplicate-cn #вкл. множества клиентов с одним ключом
push "route 192.168.2.0 255.255.255.0" #передача клиентам маршрут внутрь моей локалки
Клиент....
#dev-node "Имя адаптера" remote ****** #вместо звездочек удаленный ip адрес. client port 55555 dev tap proto tcp-client tls-client tls-auth mykey.key 1 remote-cert-tls server route-delay 2 auth MD5 tun-mtu 1500 tun-mtu-extra 32 mssfix 1450 ca ca.crt cert имя сертификата клиента.crt key имя ключа клиента.key pull cipher AES-128-CBC comp-lzo persist-key persist-tun verb 3 route-method exe route-delay 3
Сервер... и клиент.. режим работы l3 tun....
В конфиг сервера внести изменения.. добавить - topology subnet и dev tun dev tap и duplicate-cn за комментировать.... в клиенте... добавить - dev tun dev tap за комментировать...
Последний раз редактировалось хона 09.03.2016 10:39, всего редактировалось 1 раз.
Member
Статус: Не в сети Регистрация: 10.06.2008 Откуда: Москва Фото: 5
Sitronix писал(а):
я сначала подумал что ты у ГРУ просишь помощи, ну да ладно...
Да именно.... было так, пару недель назад, что дало толчок самому освоить все хитрости... данной программы. Надеюсь, что кому нибудь пригодиться, так как на крик о помощи при настройки была тишина,...
Member
Статус: Не в сети Регистрация: 28.08.2011 Откуда: Красноярск
opnvpn
Thu Apr 07 15:55:46 2016 OpenVPN 2.3.10 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Mar 10 2016 Thu Apr 07 15:55:46 2016 Windows version 6.1 (Windows 7) Thu Apr 07 15:55:46 2016 library versions: OpenSSL 1.0.1s 1 Mar 2016, LZO 2.09 Thu Apr 07 15:55:46 2016 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet. Thu Apr 07 15:55:46 2016 Diffie-Hellman initialized with 1024 bit key Thu Apr 07 15:55:46 2016 Control Channel Authentication: using 'C:\OpenVPN\config\te.key' as a OpenVPN static key file Thu Apr 07 15:55:46 2016 Outgoing Control Channel Authentication: Using 128 bit message hash 'MD5' for HMAC authentication Thu Apr 07 15:55:46 2016 Incoming Control Channel Authentication: Using 128 bit message hash 'MD5' for HMAC authentication Thu Apr 07 15:55:46 2016 Socket Buffers: R=[8192->8192] S=[8192->8192] Thu Apr 07 15:55:46 2016 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 I=12 HWADDR=00:0c:29:cf:9d:18 Thu Apr 07 15:55:46 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Thu Apr 07 15:55:46 2016 open_tun, tt->ipv6=0 Thu Apr 07 15:55:46 2016 TAP-WIN32 device [vpn] opened: \\.\Global\{357A157A-F837-4FB2-936B-4A4BC04FD72D}.tap Thu Apr 07 15:55:46 2016 TAP-Windows Driver Version 9.21 Thu Apr 07 15:55:46 2016 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.10.10.1/255.255.255.0 on interface {357A157A-F837-4FB2-936B-4A4BC04FD72D} [DHCP-serv: 10.10.10.0, lease-time: 31536000] Thu Apr 07 15:55:46 2016 Sleeping for 10 seconds... Thu Apr 07 15:55:56 2016 Successful ARP Flush on interface [15] {357A157A-F837-4FB2-936B-4A4BC04FD72D} Thu Apr 07 15:55:56 2016 C:\Windows\system32\route.exe ADD 10.10.10.0 MASK 255.255.255.0 10.10.10.1 Thu Apr 07 15:55:56 2016 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem Thu Apr 07 15:55:56 2016 Listening for incoming TCP connection on [undef] Thu Apr 07 15:55:56 2016 TCPv4_SERVER link local (bound): [undef] Thu Apr 07 15:55:56 2016 TCPv4_SERVER link remote: [undef] Thu Apr 07 15:55:56 2016 MULTI: multi_init called, r=256 v=256 Thu Apr 07 15:55:56 2016 IFCONFIG POOL: base=10.10.10.2 size=253, ipv6=0 Thu Apr 07 15:55:56 2016 MULTI: TCP INIT maxclients=60 maxevents=64 Thu Apr 07 15:55:56 2016 Initialization Sequence Completed Thu Apr 07 16:02:53 2016 OpenVPN 2.3.10 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Mar 10 2016 Thu Apr 07 16:02:53 2016 Windows version 6.1 (Windows 7) Thu Apr 07 16:02:53 2016 library versions: OpenSSL 1.0.1s 1 Mar 2016, LZO 2.09 Thu Apr 07 16:02:53 2016 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet. Thu Apr 07 16:02:54 2016 Diffie-Hellman initialized with 1024 bit key Thu Apr 07 16:02:54 2016 Control Channel Authentication: using 'C:\OpenVPN\config\te.key' as a OpenVPN static key file Thu Apr 07 16:02:54 2016 Outgoing Control Channel Authentication: Using 128 bit message hash 'MD5' for HMAC authentication Thu Apr 07 16:02:54 2016 Incoming Control Channel Authentication: Using 128 bit message hash 'MD5' for HMAC authentication Thu Apr 07 16:02:54 2016 Socket Buffers: R=[8192->8192] S=[8192->8192] Thu Apr 07 16:02:54 2016 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 I=12 HWADDR=00:0c:29:cf:9d:18 Thu Apr 07 16:02:54 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Thu Apr 07 16:02:54 2016 open_tun, tt->ipv6=0 Thu Apr 07 16:02:54 2016 TAP-WIN32 device [vpn] opened: \\.\Global\{357A157A-F837-4FB2-936B-4A4BC04FD72D}.tap Thu Apr 07 16:02:54 2016 TAP-Windows Driver Version 9.21 Thu Apr 07 16:02:54 2016 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.10.10.1/255.255.255.0 on interface {357A157A-F837-4FB2-936B-4A4BC04FD72D} [DHCP-serv: 10.10.10.0, lease-time: 31536000] Thu Apr 07 16:02:54 2016 Sleeping for 10 seconds... Thu Apr 07 16:03:04 2016 Successful ARP Flush on interface [15] {357A157A-F837-4FB2-936B-4A4BC04FD72D} Thu Apr 07 16:03:04 2016 C:\Windows\system32\route.exe ADD 10.10.10.0 MASK 255.255.255.0 10.10.10.1 Thu Apr 07 16:03:04 2016 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem Thu Apr 07 16:03:04 2016 Listening for incoming TCP connection on [undef] Thu Apr 07 16:03:04 2016 TCPv4_SERVER link local (bound): [undef] Thu Apr 07 16:03:04 2016 TCPv4_SERVER link remote: [undef] Thu Apr 07 16:03:04 2016 MULTI: multi_init called, r=256 v=256 Thu Apr 07 16:03:04 2016 IFCONFIG POOL: base=10.10.10.2 size=253, ipv6=0 Thu Apr 07 16:03:04 2016 MULTI: TCP INIT maxclients=60 maxevents=64 Thu Apr 07 16:03:04 2016 Initialization Sequence Completed Thu Apr 07 16:03:06 2016 TCP connection established with [AF_INET]192.168.1.1:1047 Thu Apr 07 16:03:07 2016 192.168.1.1:1047 TLS: Initial packet from [AF_INET]192.168.1.1:1047, sid=3249c276 9cbd9d32 Thu Apr 07 16:03:07 2016 192.168.1.1:1047 VERIFY ERROR: depth=0, error=unsupported certificate purpose: C=RU, ST=RU, L=Moskow, O=OpenVPN, OU=changeme, CN=tony, name=changeme, emailAddress=mail@host.domain Thu Apr 07 16:03:07 2016 192.168.1.1:1047 TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned Thu Apr 07 16:03:07 2016 192.168.1.1:1047 TLS Error: TLS object -> incoming plaintext read error Thu Apr 07 16:03:07 2016 192.168.1.1:1047 TLS Error: TLS handshake failed Thu Apr 07 16:03:07 2016 192.168.1.1:1047 Fatal TLS error (check_tls_errors_co), restarting Thu Apr 07 16:03:07 2016 192.168.1.1:1047 SIGUSR1[soft,tls-error] received, client-instance restarting Thu Apr 07 16:03:12 2016 TCP connection established with [AF_INET]192.168.1.1:1048 Thu Apr 07 16:03:13 2016 192.168.1.1:1048 TLS: Initial packet from [AF_INET]192.168.1.1:1048, sid=b5dc5a78 bceae67c Thu Apr 07 16:03:14 2016 192.168.1.1:1048 VERIFY ERROR: depth=0, error=unsupported certificate purpose: C=RU, ST=RU, L=Moskow, O=OpenVPN, OU=changeme, CN=tony, name=changeme, emailAddress=mail@host.domain Thu Apr 07 16:03:14 2016 192.168.1.1:1048 TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned Thu Apr 07 16:03:14 2016 192.168.1.1:1048 TLS Error: TLS object -> incoming plaintext read error Thu Apr 07 16:03:14 2016 192.168.1.1:1048 TLS Error: TLS handshake failed Thu Apr 07 16:03:14 2016 192.168.1.1:1048 Fatal TLS error (check_tls_errors_co), restarting Thu Apr 07 16:03:14 2016 192.168.1.1:1048 SIGUSR1[soft,tls-error] received, client-instance restarting Thu Apr 07 16:03:19 2016 TCP connection established with [AF_INET]192.168.1.1:1049 Thu Apr 07 16:03:20 2016 192.168.1.1:1049 TLS: Initial packet from [AF_INET]192.168.1.1:1049, sid=c1b2bb3e c67fd265 Thu Apr 07 16:03:20 2016 192.168.1.1:1049 VERIFY ERROR: depth=0, error=unsupported certificate purpose: C=RU, ST=RU, L=Moskow, O=OpenVPN, OU=changeme, CN=tony, name=changeme, emailAddress=mail@host.domain Thu Apr 07 16:03:20 2016 192.168.1.1:1049 TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned Thu Apr 07 16:03:20 2016 192.168.1.1:1049 TLS Error: TLS object -> incoming plaintext read error Thu Apr 07 16:03:20 2016 192.168.1.1:1049 TLS Error: TLS handshake failed Thu Apr 07 16:03:20 2016 192.168.1.1:1049 Fatal TLS error (check_tls_errors_co), restarting Thu Apr 07 16:03:20 2016 192.168.1.1:1049 SIGUSR1[soft,tls-error] received, client-instance restarting Thu Apr 07 16:03:25 2016 TCP connection established with [AF_INET]192.168.1.1:1050 Thu Apr 07 16:03:26 2016 192.168.1.1:1050 TLS: Initial packet from [AF_INET]192.168.1.1:1050, sid=6e638be9 e18f3d4b Thu Apr 07 16:03:26 2016 192.168.1.1:1050 VERIFY ERROR: depth=0, error=unsupported certificate purpose: C=RU, ST=RU, L=Moskow, O=OpenVPN, OU=changeme, CN=tony, name=changeme, emailAddress=mail@host.domain Thu Apr 07 16:03:26 2016 192.168.1.1:1050 TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned Thu Apr 07 16:03:26 2016 192.168.1.1:1050 TLS Error: TLS object -> incoming plaintext read error Thu Apr 07 16:03:26 2016 192.168.1.1:1050 TLS Error: TLS handshake failed Thu Apr 07 16:03:26 2016 192.168.1.1:1050 Fatal TLS error (check_tls_errors_co), restarting Thu Apr 07 16:03:26 2016 192.168.1.1:1050 SIGUSR1[soft,tls-error] received, client-instance restarting Thu Apr 07 16:03:31 2016 TCP connection established with [AF_INET]192.168.1.1:1051 Thu Apr 07 16:03:32 2016 192.168.1.1:1051 TLS: Initial packet from [AF_INET]192.168.1.1:1051, sid=296e8c92 10db5862 Thu Apr 07 16:03:32 2016 192.168.1.1:1051 VERIFY ERROR: depth=0, error=unsupported certificate purpose: C=RU, ST=RU, L=Moskow, O=OpenVPN, OU=changeme, CN=tony, name=changeme, emailAddress=mail@host.domain Thu Apr 07 16:03:32 2016 192.168.1.1:1051 TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned Thu Apr 07 16:03:32 2016 192.168.1.1:1051 TLS Error: TLS object -> incoming plaintext read error Thu Apr 07 16:03:32 2016 192.168.1.1:1051 TLS Error: TLS handshake failed Thu Apr 07 16:03:32 2016 192.168.1.1:1051 Fatal TLS error (check_tls_errors_co), restarting Thu Apr 07 16:03:32 2016 192.168.1.1:1051 SIGUSR1[soft,tls-error] received, client-instance restarting Thu Apr 07 16:03:37 2016 TCP connection established with [AF_INET]192.168.1.1:1052 Thu Apr 07 16:03:38 2016 192.168.1.1:1052 TLS: Initial packet from [AF_INET]192.168.1.1:1052, sid=2b8794ff ec9b77d0 Thu Apr 07 16:03:39 2016 192.168.1.1:1052 VERIFY ERROR: depth=0, error=unsupported certificate purpose: C=RU, ST=RU, L=Moskow, O=OpenVPN, OU=changeme, CN=tony, name=changeme, emailAddress=mail@host.domain Thu Apr 07 16:03:39 2016 192.168.1.1:1052 TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned Thu Apr 07 16:03:39 2016 192.168.1.1:1052 TLS Error: TLS object -> incoming plaintext read error Thu Apr 07 16:03:39 2016 192.168.1.1:1052 TLS Error: TLS handshake failed Thu Apr 07 16:03:39 2016 192.168.1.1:1052 Fatal TLS error (check_tls_errors_co), restarting Thu Apr 07 16:03:39 2016 192.168.1.1:1052 SIGUSR1[soft,tls-error] received, client-instance restarting Thu Apr 07 16:03:44 2016 TCP connection established with [AF_INET]192.168.1.1:1053 Thu Apr 07 16:03:45 2016 192.168.1.1:1053 TLS: Initial packet from [AF_INET]192.168.1.1:1053, sid=96e40123 55e0f75b Thu Apr 07 16:03:45 2016 192.168.1.1:1053 VERIFY ERROR: depth=0, error=unsupported certificate purpose: C=RU, ST=RU, L=Moskow, O=OpenVPN, OU=changeme, CN=tony, name=changeme, emailAddress=mail@host.domain Thu Apr 07 16:03:45 2016 192.168.1.1:1053 TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned Thu Apr 07 16:03:45 2016 192.168.1.1:1053 TLS Error: TLS object -> incoming plaintext read error Thu Apr 07 16:03:45 2016 192.168.1.1:1053 TLS Error: TLS handshake failed Thu Apr 07 16:03:45 2016 192.168.1.1:1053 Fatal TLS error (check_tls_errors_co), restarting Thu Apr 07 16:03:45 2016 192.168.1.1:1053 SIGUSR1[soft,tls-error] received, client-instance restarting Thu Apr 07 16:03:50 2016 TCP connection established with [AF_INET]192.168.1.1:1054 Thu Apr 07 16:03:51 2016 192.168.1.1:1054 TLS: Initial packet from [AF_INET]192.168.1.1:1054, sid=2524ca7f 1ec24244 Thu Apr 07 16:03:51 2016 192.168.1.1:1054 VERIFY ERROR: depth=0, error=unsupported certificate purpose: C=RU, ST=RU, L=Moskow, O=OpenVPN, OU=changeme, CN=tony, name=changeme, emailAddress=mail@host.domain Thu Apr 07 16:03:51 2016 192.168.1.1:1054 TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned Thu Apr 07 16:03:51 2016 192.168.1.1:1054 TLS Error: TLS object -> incoming plaintext read error Thu Apr 07 16:03:51 2016 192.168.1.1:1054 TLS Error: TLS handshake failed Thu Apr 07 16:03:51 2016 192.168.1.1:1054 Fatal TLS error (check_tls_errors_co), restarting Thu Apr 07 16:03:51 2016 192.168.1.1:1054 SIGUSR1[soft,tls-error] received, client-instance restarting
openvpnstatus
OpenVPN CLIENT LIST Updated,Thu Apr 07 16:04:04 2016 Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since UNDEF,192.168.1.1:1056,84,52,Thu Apr 07 16:04:02 2016 ROUTING TABLE Virtual Address,Common Name,Real Address,Last Ref GLOBAL STATS Max bcast/mcast queue length,1 END
ни как не может подключится взял уже тупо твои конфиги и нехрена. серверна винде 7 клиент на xp постоянно идет переподключения и по другим портам он тупа начинает их перебирать.
Добавлено спустя : opnvpn
Thu Apr 07 15:55:46 2016 OpenVPN 2.3.10 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Mar 10 2016 Thu Apr 07 15:55:46 2016 Windows version 6.1 (Windows 7) Thu Apr 07 15:55:46 2016 library versions: OpenSSL 1.0.1s 1 Mar 2016, LZO 2.09 Thu Apr 07 15:55:46 2016 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet. Thu Apr 07 15:55:46 2016 Diffie-Hellman initialized with 1024 bit key Thu Apr 07 15:55:46 2016 Control Channel Authentication: using 'C:\OpenVPN\config\te.key' as a OpenVPN static key file Thu Apr 07 15:55:46 2016 Outgoing Control Channel Authentication: Using 128 bit message hash 'MD5' for HMAC authentication Thu Apr 07 15:55:46 2016 Incoming Control Channel Authentication: Using 128 bit message hash 'MD5' for HMAC authentication Thu Apr 07 15:55:46 2016 Socket Buffers: R=[8192->8192] S=[8192->8192] Thu Apr 07 15:55:46 2016 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 I=12 HWADDR=00:0c:29:cf:9d:18 Thu Apr 07 15:55:46 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Thu Apr 07 15:55:46 2016 open_tun, tt->ipv6=0 Thu Apr 07 15:55:46 2016 TAP-WIN32 device [vpn] opened: \\.\Global\{357A157A-F837-4FB2-936B-4A4BC04FD72D}.tap Thu Apr 07 15:55:46 2016 TAP-Windows Driver Version 9.21 Thu Apr 07 15:55:46 2016 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.10.10.1/255.255.255.0 on interface {357A157A-F837-4FB2-936B-4A4BC04FD72D} [DHCP-serv: 10.10.10.0, lease-time: 31536000] Thu Apr 07 15:55:46 2016 Sleeping for 10 seconds... Thu Apr 07 15:55:56 2016 Successful ARP Flush on interface [15] {357A157A-F837-4FB2-936B-4A4BC04FD72D} Thu Apr 07 15:55:56 2016 C:\Windows\system32\route.exe ADD 10.10.10.0 MASK 255.255.255.0 10.10.10.1 Thu Apr 07 15:55:56 2016 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem Thu Apr 07 15:55:56 2016 Listening for incoming TCP connection on [undef] Thu Apr 07 15:55:56 2016 TCPv4_SERVER link local (bound): [undef] Thu Apr 07 15:55:56 2016 TCPv4_SERVER link remote: [undef] Thu Apr 07 15:55:56 2016 MULTI: multi_init called, r=256 v=256 Thu Apr 07 15:55:56 2016 IFCONFIG POOL: base=10.10.10.2 size=253, ipv6=0 Thu Apr 07 15:55:56 2016 MULTI: TCP INIT maxclients=60 maxevents=64 Thu Apr 07 15:55:56 2016 Initialization Sequence Completed Thu Apr 07 16:02:53 2016 OpenVPN 2.3.10 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Mar 10 2016 Thu Apr 07 16:02:53 2016 Windows version 6.1 (Windows 7) Thu Apr 07 16:02:53 2016 library versions: OpenSSL 1.0.1s 1 Mar 2016, LZO 2.09 Thu Apr 07 16:02:53 2016 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet. Thu Apr 07 16:02:54 2016 Diffie-Hellman initialized with 1024 bit key Thu Apr 07 16:02:54 2016 Control Channel Authentication: using 'C:\OpenVPN\config\te.key' as a OpenVPN static key file Thu Apr 07 16:02:54 2016 Outgoing Control Channel Authentication: Using 128 bit message hash 'MD5' for HMAC authentication Thu Apr 07 16:02:54 2016 Incoming Control Channel Authentication: Using 128 bit message hash 'MD5' for HMAC authentication Thu Apr 07 16:02:54 2016 Socket Buffers: R=[8192->8192] S=[8192->8192] Thu Apr 07 16:02:54 2016 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 I=12 HWADDR=00:0c:29:cf:9d:18 Thu Apr 07 16:02:54 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Thu Apr 07 16:02:54 2016 open_tun, tt->ipv6=0 Thu Apr 07 16:02:54 2016 TAP-WIN32 device [vpn] opened: \\.\Global\{357A157A-F837-4FB2-936B-4A4BC04FD72D}.tap Thu Apr 07 16:02:54 2016 TAP-Windows Driver Version 9.21 Thu Apr 07 16:02:54 2016 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.10.10.1/255.255.255.0 on interface {357A157A-F837-4FB2-936B-4A4BC04FD72D} [DHCP-serv: 10.10.10.0, lease-time: 31536000] Thu Apr 07 16:02:54 2016 Sleeping for 10 seconds... Thu Apr 07 16:03:04 2016 Successful ARP Flush on interface [15] {357A157A-F837-4FB2-936B-4A4BC04FD72D} Thu Apr 07 16:03:04 2016 C:\Windows\system32\route.exe ADD 10.10.10.0 MASK 255.255.255.0 10.10.10.1 Thu Apr 07 16:03:04 2016 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem Thu Apr 07 16:03:04 2016 Listening for incoming TCP connection on [undef] Thu Apr 07 16:03:04 2016 TCPv4_SERVER link local (bound): [undef] Thu Apr 07 16:03:04 2016 TCPv4_SERVER link remote: [undef] Thu Apr 07 16:03:04 2016 MULTI: multi_init called, r=256 v=256 Thu Apr 07 16:03:04 2016 IFCONFIG POOL: base=10.10.10.2 size=253, ipv6=0 Thu Apr 07 16:03:04 2016 MULTI: TCP INIT maxclients=60 maxevents=64 Thu Apr 07 16:03:04 2016 Initialization Sequence Completed Thu Apr 07 16:03:06 2016 TCP connection established with [AF_INET]192.168.1.1:1047 Thu Apr 07 16:03:07 2016 192.168.1.1:1047 TLS: Initial packet from [AF_INET]192.168.1.1:1047, sid=3249c276 9cbd9d32 Thu Apr 07 16:03:07 2016 192.168.1.1:1047 VERIFY ERROR: depth=0, error=unsupported certificate purpose: C=RU, ST=RU, L=Moskow, O=OpenVPN, OU=changeme, CN=tony, name=changeme, emailAddress=mail@host.domain Thu Apr 07 16:03:07 2016 192.168.1.1:1047 TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned Thu Apr 07 16:03:07 2016 192.168.1.1:1047 TLS Error: TLS object -> incoming plaintext read error Thu Apr 07 16:03:07 2016 192.168.1.1:1047 TLS Error: TLS handshake failed Thu Apr 07 16:03:07 2016 192.168.1.1:1047 Fatal TLS error (check_tls_errors_co), restarting Thu Apr 07 16:03:07 2016 192.168.1.1:1047 SIGUSR1[soft,tls-error] received, client-instance restarting Thu Apr 07 16:03:12 2016 TCP connection established with [AF_INET]192.168.1.1:1048 Thu Apr 07 16:03:13 2016 192.168.1.1:1048 TLS: Initial packet from [AF_INET]192.168.1.1:1048, sid=b5dc5a78 bceae67c Thu Apr 07 16:03:14 2016 192.168.1.1:1048 VERIFY ERROR: depth=0, error=unsupported certificate purpose: C=RU, ST=RU, L=Moskow, O=OpenVPN, OU=changeme, CN=tony, name=changeme, emailAddress=mail@host.domain Thu Apr 07 16:03:14 2016 192.168.1.1:1048 TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned Thu Apr 07 16:03:14 2016 192.168.1.1:1048 TLS Error: TLS object -> incoming plaintext read error Thu Apr 07 16:03:14 2016 192.168.1.1:1048 TLS Error: TLS handshake failed Thu Apr 07 16:03:14 2016 192.168.1.1:1048 Fatal TLS error (check_tls_errors_co), restarting Thu Apr 07 16:03:14 2016 192.168.1.1:1048 SIGUSR1[soft,tls-error] received, client-instance restarting Thu Apr 07 16:03:19 2016 TCP connection established with [AF_INET]192.168.1.1:1049 Thu Apr 07 16:03:20 2016 192.168.1.1:1049 TLS: Initial packet from [AF_INET]192.168.1.1:1049, sid=c1b2bb3e c67fd265 Thu Apr 07 16:03:20 2016 192.168.1.1:1049 VERIFY ERROR: depth=0, error=unsupported certificate purpose: C=RU, ST=RU, L=Moskow, O=OpenVPN, OU=changeme, CN=tony, name=changeme, emailAddress=mail@host.domain Thu Apr 07 16:03:20 2016 192.168.1.1:1049 TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned Thu Apr 07 16:03:20 2016 192.168.1.1:1049 TLS Error: TLS object -> incoming plaintext read error Thu Apr 07 16:03:20 2016 192.168.1.1:1049 TLS Error: TLS handshake failed Thu Apr 07 16:03:20 2016 192.168.1.1:1049 Fatal TLS error (check_tls_errors_co), restarting Thu Apr 07 16:03:20 2016 192.168.1.1:1049 SIGUSR1[soft,tls-error] received, client-instance restarting Thu Apr 07 16:03:25 2016 TCP connection established with [AF_INET]192.168.1.1:1050 Thu Apr 07 16:03:26 2016 192.168.1.1:1050 TLS: Initial packet from [AF_INET]192.168.1.1:1050, sid=6e638be9 e18f3d4b Thu Apr 07 16:03:26 2016 192.168.1.1:1050 VERIFY ERROR: depth=0, error=unsupported certificate purpose: C=RU, ST=RU, L=Moskow, O=OpenVPN, OU=changeme, CN=tony, name=changeme, emailAddress=mail@host.domain Thu Apr 07 16:03:26 2016 192.168.1.1:1050 TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned Thu Apr 07 16:03:26 2016 192.168.1.1:1050 TLS Error: TLS object -> incoming plaintext read error Thu Apr 07 16:03:26 2016 192.168.1.1:1050 TLS Error: TLS handshake failed Thu Apr 07 16:03:26 2016 192.168.1.1:1050 Fatal TLS error (check_tls_errors_co), restarting Thu Apr 07 16:03:26 2016 192.168.1.1:1050 SIGUSR1[soft,tls-error] received, client-instance restarting Thu Apr 07 16:03:31 2016 TCP connection established with [AF_INET]192.168.1.1:1051 Thu Apr 07 16:03:32 2016 192.168.1.1:1051 TLS: Initial packet from [AF_INET]192.168.1.1:1051, sid=296e8c92 10db5862 Thu Apr 07 16:03:32 2016 192.168.1.1:1051 VERIFY ERROR: depth=0, error=unsupported certificate purpose: C=RU, ST=RU, L=Moskow, O=OpenVPN, OU=changeme, CN=tony, name=changeme, emailAddress=mail@host.domain Thu Apr 07 16:03:32 2016 192.168.1.1:1051 TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned Thu Apr 07 16:03:32 2016 192.168.1.1:1051 TLS Error: TLS object -> incoming plaintext read error Thu Apr 07 16:03:32 2016 192.168.1.1:1051 TLS Error: TLS handshake failed Thu Apr 07 16:03:32 2016 192.168.1.1:1051 Fatal TLS error (check_tls_errors_co), restarting Thu Apr 07 16:03:32 2016 192.168.1.1:1051 SIGUSR1[soft,tls-error] received, client-instance restarting Thu Apr 07 16:03:37 2016 TCP connection established with [AF_INET]192.168.1.1:1052 Thu Apr 07 16:03:38 2016 192.168.1.1:1052 TLS: Initial packet from [AF_INET]192.168.1.1:1052, sid=2b8794ff ec9b77d0 Thu Apr 07 16:03:39 2016 192.168.1.1:1052 VERIFY ERROR: depth=0, error=unsupported certificate purpose: C=RU, ST=RU, L=Moskow, O=OpenVPN, OU=changeme, CN=tony, name=changeme, emailAddress=mail@host.domain Thu Apr 07 16:03:39 2016 192.168.1.1:1052 TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned Thu Apr 07 16:03:39 2016 192.168.1.1:1052 TLS Error: TLS object -> incoming plaintext read error Thu Apr 07 16:03:39 2016 192.168.1.1:1052 TLS Error: TLS handshake failed Thu Apr 07 16:03:39 2016 192.168.1.1:1052 Fatal TLS error (check_tls_errors_co), restarting Thu Apr 07 16:03:39 2016 192.168.1.1:1052 SIGUSR1[soft,tls-error] received, client-instance restarting Thu Apr 07 16:03:44 2016 TCP connection established with [AF_INET]192.168.1.1:1053 Thu Apr 07 16:03:45 2016 192.168.1.1:1053 TLS: Initial packet from [AF_INET]192.168.1.1:1053, sid=96e40123 55e0f75b Thu Apr 07 16:03:45 2016 192.168.1.1:1053 VERIFY ERROR: depth=0, error=unsupported certificate purpose: C=RU, ST=RU, L=Moskow, O=OpenVPN, OU=changeme, CN=tony, name=changeme, emailAddress=mail@host.domain Thu Apr 07 16:03:45 2016 192.168.1.1:1053 TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned Thu Apr 07 16:03:45 2016 192.168.1.1:1053 TLS Error: TLS object -> incoming plaintext read error Thu Apr 07 16:03:45 2016 192.168.1.1:1053 TLS Error: TLS handshake failed Thu Apr 07 16:03:45 2016 192.168.1.1:1053 Fatal TLS error (check_tls_errors_co), restarting Thu Apr 07 16:03:45 2016 192.168.1.1:1053 SIGUSR1[soft,tls-error] received, client-instance restarting Thu Apr 07 16:03:50 2016 TCP connection established with [AF_INET]192.168.1.1:1054 Thu Apr 07 16:03:51 2016 192.168.1.1:1054 TLS: Initial packet from [AF_INET]192.168.1.1:1054, sid=2524ca7f 1ec24244 Thu Apr 07 16:03:51 2016 192.168.1.1:1054 VERIFY ERROR: depth=0, error=unsupported certificate purpose: C=RU, ST=RU, L=Moskow, O=OpenVPN, OU=changeme, CN=tony, name=changeme, emailAddress=mail@host.domain Thu Apr 07 16:03:51 2016 192.168.1.1:1054 TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned Thu Apr 07 16:03:51 2016 192.168.1.1:1054 TLS Error: TLS object -> incoming plaintext read error Thu Apr 07 16:03:51 2016 192.168.1.1:1054 TLS Error: TLS handshake failed Thu Apr 07 16:03:51 2016 192.168.1.1:1054 Fatal TLS error (check_tls_errors_co), restarting Thu Apr 07 16:03:51 2016 192.168.1.1:1054 SIGUSR1[soft,tls-error] received, client-instance restarting
openvpnstatus
OpenVPN CLIENT LIST Updated,Thu Apr 07 16:04:04 2016 Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since UNDEF,192.168.1.1:1056,84,52,Thu Apr 07 16:04:02 2016 ROUTING TABLE Virtual Address,Common Name,Real Address,Last Ref GLOBAL STATS Max bcast/mcast queue length,1 END
ни как не может подключится взял уже тупо твои конфиги и нехрена. серверна винде 7 клиент на xp постоянно идет переподключения и по другим портам он тупа начинает их перебирать.
Выруби роутинг ты же в локалке и роутишь сам на себя - если включен. И желательно сменить ip подсети, что и данный лог об этом говорит
NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
Сейчас этот форум просматривают: нет зарегистрированных пользователей и гости: 6
Вы не можете начинать темы Вы не можете отвечать на сообщения Вы не можете редактировать свои сообщения Вы не можете удалять свои сообщения Вы не можете добавлять вложения