Гость
Форумы
[новые:0]
/ Unix-системы
[новые:0]
[игнор отключен]
[закрыт для гостей]
/
OpenVPN на centos 5.3
[новые:0]
2 сообщений из 2, страница 1 из 1
|
|
|
OpenVPN на centos 5.3
|
|||
|---|---|---|---|
|
#18+
плиз пните в нужную сторону, что нужно делать уже не знаю. делал випиен OpenVPN-2.0.9 на удаленом сервере CentOS 5.3 клиенты WinXp SP2 делал по мануалам: tazhate.livejournal.com/28949.html dedicatesupport.com/archives/8 help me plz ужзе устал настраивать, не знаю что делать, буду благодарен за любую помощь собствено конфиг и логи сервера и клиента. если нужн выложу доп инфу по серваку, какую будет нужно.... ################## ##OPENVPN CONFIG## ################## port 5000 proto tcp dev tap0 ca /etc/openvpn/ca.crt cert /etc/openvpn/server.crt key /etc/openvpn/server.key dh /etc/openvpn/dh1024.pem tls-server tls-auth /etc/openvpn/ta.key 0 server 172.16.0.0 255.255.255.0 ifconfig-pool-persist /etc/openvpn/ipp.txt keepalive 10 120 client-config-dir /etc/openvpn/ccd/ status /var/log/openvpn-status.log log-append /var/log/openvpn.log verb 3 mute 2 cipher DES-EDE3-CBC auth MD5 max-clients 40 comp-lzo user nobody group nobody persist-key persist-tun ###################### ##CLIENT CCD CONFIG### ###################### ifconfig-push 172.16.0.4 172.16.0.50 push "redirect-gateway def1" push "route-gateway 172.16.0.1" push "dhcp-option DNS 172.16.0.1" ############################ ##client for Windows XP##### ############################ dev tap proto tcp remote xxx.xx.xxx.xxx 5000 client ca "c:\\Program Files\\OpenVPN\\config\\usa\\ca.crt" cert "c:\\Program Files\\OpenVPN\\config\\usa\\client1.crt" key "c:\\Program Files\\OpenVPN\\config\\usa\\client1.key" tls-client tls-auth "c:\\Program Files\\OpenVPN\\config\\usa\\ta.key" 1 auth MD5 cipher DES-EDE3-CBC resolv-retry infinite nobind ns-cert-type server comp-lzo persist-key persist-tun verb 3 ############################ ## Client Wxp log #### ############################ Tue Sep 29 20:43:39 2009 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct 1 2006 Tue Sep 29 20:43:39 2009 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Tue Sep 29 20:43:39 2009 Control Channel Authentication: using 'c:\Program Files\OpenVPN\config\usa\ta.key' as a OpenVPN static key file Tue Sep 29 20:43:39 2009 Outgoing Control Channel Authentication: Using 128 bit message hash 'MD5' for HMAC authentication Tue Sep 29 20:43:39 2009 Incoming Control Channel Authentication: Using 128 bit message hash 'MD5' for HMAC authentication Tue Sep 29 20:43:39 2009 LZO compression initialized Tue Sep 29 20:43:39 2009 Control Channel MTU parms [ L:1572 D:164 EF:64 EB:0 ET:0 EL:0 ] Tue Sep 29 20:43:38 2009 Data Channel MTU parms [ L:1572 D:1450 EF:40 EB:135 ET:32 EL:0 AF:3/1 ] Tue Sep 29 20:43:38 2009 Local Options hash (VER=V4): 'f25da078' Tue Sep 29 20:43:38 2009 Expected Remote Options hash (VER=V4): 'faeaddd1' Tue Sep 29 20:43:38 2009 Attempting to establish TCP connection with xxx.xx.xxx.xxx:5000 Tue Sep 29 20:43:39 2009 TCP connection established with xxx.xx.xxx.xxx:5000 Tue Sep 29 20:43:39 2009 TCPv4_CLIENT link local: [undef] Tue Sep 29 20:43:39 2009 TCPv4_CLIENT link remote: xxx.xx.xxx.xxx:5000 Tue Sep 29 20:43:39 2009 TLS: Initial packet from xxx.xx.xxx.xxx:5000, sid=cc2d9353 f2186c61 Tue Sep 29 20:43:40 2009 VERIFY OK: depth=1, /C=US/ST=CA/L=PRIVATE-VPN/O=SmCo/CN=OpenVPN-CA/emailAddress=admin@admin.com Tue Sep 29 20:43:40 2009 VERIFY OK: nsCertType=SERVER Tue Sep 29 20:43:40 2009 VERIFY OK: depth=0, /C=US/ST=CA/L=PRIVATE-VPN/O=SmCo/CN=server/emailAddress=admin@admin.com Tue Sep 29 20:43:43 2009 Data Channel Encrypt: Cipher 'DES-EDE3-CBC' initialized with 192 bit key Tue Sep 29 20:43:43 2009 Data Channel Encrypt: Using 128 bit message hash 'MD5' for HMAC authentication Tue Sep 29 20:43:43 2009 Data Channel Decrypt: Cipher 'DES-EDE3-CBC' initialized with 192 bit key Tue Sep 29 20:43:43 2009 Data Channel Decrypt: Using 128 bit message hash 'MD5' for HMAC authentication Tue Sep 29 20:43:43 2009 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Tue Sep 29 20:43:43 2009 [server] Peer Connection Initiated with xxx.xx.xxx.xxx:5000 Tue Sep 29 20:43:44 2009 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) Tue Sep 29 20:43:45 2009 PUSH: Received control message: 'PUSH_REPLY,route-gateway 172.16.0.1,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0' Tue Sep 29 20:43:45 2009 OPTIONS IMPORT: timers and/or timeouts modified Tue Sep 29 20:43:45 2009 OPTIONS IMPORT: --ifconfig/up options modified Tue Sep 29 20:43:45 2009 OPTIONS IMPORT: route options modified Tue Sep 29 20:43:45 2009 TAP-WIN32 device [Local Area Connection 6] opened: \\.\Global\{04C684F4-BDEE-4501-AD39-C4C4776FA128}.tap Tue Sep 29 20:43:45 2009 TAP-Win32 Driver Version 8.4 Tue Sep 29 20:43:45 2009 TAP-Win32 MTU=1500 Tue Sep 29 20:43:45 2009 Notified TAP-Win32 driver to set a DHCP IP/netmask of 172.16.0.2/255.255.255.0 on interface {04C684F4-BDEE-4501-AD39-C4C4776FA128} [DHCP-serv: 172.16.0.0, lease-time: 31536000] Tue Sep 29 20:43:45 2009 Successful ARP Flush on interface [589826] {04C684F4-BDEE-4501-AD39-C4C4776FA128} Tue Sep 29 20:43:45 2009 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down Tue Sep 29 20:43:45 2009 Route: Waiting for TUN/TAP interface to come up... Tue Sep 29 20:43:46 2009 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down Tue Sep 29 20:43:46 2009 Route: Waiting for TUN/TAP interface to come up... Tue Sep 29 20:43:47 2009 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down Tue Sep 29 20:43:47 2009 Route: Waiting for TUN/TAP interface to come up... Tue Sep 29 20:43:48 2009 TEST ROUTES: 0/0 succeeded len=-1 ret=1 a=0 u/d=up Tue Sep 29 20:43:48 2009 Initialization Sequence Completed ############################## #### Server conect log ####### ############################## Tue Sep 29 17:29:34 2009 TCP/UDP: Closing socket Tue Sep 29 17:29:34 2009 NOTE: --mute triggered... Tue Sep 29 17:29:34 2009 1 variation(s) on previous 2 message(s) suppressed by --mute Tue Sep 29 17:29:34 2009 SIGTERM[hard,] received, process exiting Tue Sep 29 17:29:36 2009 OpenVPN 2.0.9 i686-pc-linux [SSL] [LZO] [EPOLL] built on Sep 28 2009 Tue Sep 29 17:29:36 2009 Diffie-Hellman initialized with 1024 bit key Tue Sep 29 17:29:36 2009 Control Channel Authentication: using '/etc/openvpn/ta.key' as a OpenVPN static key file Tue Sep 29 17:29:36 2009 Outgoing Control Channel Authentication: Using 128 bit message hash 'MD5' for HMAC authentication Tue Sep 29 17:29:36 2009 Incoming Control Channel Authentication: Using 128 bit message hash 'MD5' for HMAC authentication Tue Sep 29 17:29:36 2009 TLS-Auth MTU parms [ L:1572 D:164 EF:64 EB:0 ET:0 EL:0 ] Tue Sep 29 17:29:37 2009 TUN/TAP device tap0 opened Tue Sep 29 17:29:37 2009 /sbin/ifconfig tap0 172.16.0.1 netmask 255.255.255.0 mtu 1500 broadcast 172.16.0.255 Tue Sep 29 17:29:37 2009 Data Channel MTU parms [ L:1572 D:1450 EF:40 EB:135 ET:32 EL:0 AF:3/1 ] Tue Sep 29 17:29:37 2009 GID set to nobody Tue Sep 29 17:29:37 2009 UID set to nobody Tue Sep 29 17:29:37 2009 Listening for incoming TCP connection on [undef]:5000 Tue Sep 29 17:29:37 2009 TCPv4_SERVER link local (bound): [undef]:5000 Tue Sep 29 17:29:37 2009 TCPv4_SERVER link remote: [undef] Tue Sep 29 17:29:37 2009 MULTI: multi_init called, r=256 v=256 Tue Sep 29 17:29:37 2009 IFCONFIG POOL: base=172.16.0.2 size=253 Tue Sep 29 17:29:37 2009 MULTI: TCP INIT maxclients=40 maxevents=44 Tue Sep 29 17:29:37 2009 Initialization Sequence Completed Tue Sep 29 17:29:44 2009 MULTI: multi_create_instance called Tue Sep 29 17:29:44 2009 Re-using SSL/TLS context Tue Sep 29 17:29:44 2009 LZO compression initialized Tue Sep 29 17:29:44 2009 Control Channel MTU parms [ L:1572 D:164 EF:64 EB:0 ET:0 EL:0 ] Tue Sep 29 17:29:44 2009 Data Channel MTU parms [ L:1572 D:1450 EF:40 EB:135 ET:32 EL:0 AF:3/1 ] Tue Sep 29 17:29:44 2009 Local Options hash (VER=V4): 'faeaddd1' Tue Sep 29 17:29:44 2009 Expected Remote Options hash (VER=V4): 'f25da078' Tue Sep 29 17:29:44 2009 TCP connection established with xxx.xx.xxx.xxx:1959 Tue Sep 29 17:29:44 2009 TCPv4_SERVER link local: [undef] Tue Sep 29 17:29:44 2009 TCPv4_SERVER link remote: xxx.xx.xxx.xxx:1959 Tue Sep 29 17:29:44 2009 xxx.xx.xxx.xxx:1959 TLS: Initial packet from xxx.xx.xxx.xxx:1959, sid=f6167672 1b0a25d1 Tue Sep 29 17:29:47 2009 xxx.xx.xxx.xxx:1959 VERIFY OK: depth=1, /C=US/ST=CA/L=PRIVATE-VPN/O=SmCo/CN=OpenVPN-CA/emailAddress=admin@admin.com Tue Sep 29 17:29:47 2009 xxx.xx.xxx.xxx:1959 NOTE: --mute triggered... Tue Sep 29 17:29:48 2009 xxx.xx.xxx.xxx:1959 6 variation(s) on previous 2 message(s) suppressed by --mute Tue Sep 29 17:29:48 2009 xxx.xx.xxx.xxx:1959 [client1] Peer Connection Initiated with xxx.xx.xxx.xxx:1959 Tue Sep 29 17:29:49 2009 client1/xxx.xx.xxx.xxx:1959 PUSH: Received control message: 'PUSH_REQUEST' Tue Sep 29 17:29:49 2009 client1/xxx.xx.xxx.xxx:1959 SENT CONTROL [client1]: 'PUSH_REPLY,route-gateway 172.16.0.1,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0' (status=1) Tue Sep 29 17:29:53 2009 client1/xxx.xx.xxx.xxx:1959 MULTI: Learn: 00:ff:05:c5:84:f4 -> client1/xxx.xx.xxx.xxx:1959 Tue Sep 29 17:32:04 2009 client1/xxx.xx.xxx.xxx:1959 Connection reset, restarting [-1] Tue Sep 29 17:32:04 2009 client1/xxx.xx.xxx.xxx:1959 SIGUSR1[soft,connection-reset] received, client-instance restarting Tue Sep 29 17:32:04 2009 TCP/UDP: Closing socket #################################### ... |
|||
|
:
Нравится:
Не нравится:
|
|||
| 29.09.2009, 21:17 |
|
||
2 сообщений из 2, страница 1 из 1
|
|
Форумы
[новые:0]
/ Unix-системы
[новые:0]
[игнор отключен]
[закрыт для гостей]
/
OpenVPN на centos 5.3
[новые:0]
