Ahoj, mam problem s OpenVPN. Asi pul roku jsem ji nepouzival a ted se nespojim. Nevim, jestli jsem za tu dobu neco nemenil.
Nespojim se ani z Android klienta, ani z Ubuntu 16.04. Driv ochodily oba.
Config serveru:
mode server
tls-server
port 1194
proto udp
dev tun1
server 10.123.2.0 255.255.255.0
topology subnet
client-to-client
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh2048.pem
log-append /var/log/openvpn_UDP1194
status /var/run/vpn_UDP1194.status 10
user nobody
group nogroup
keepalive 10 120
comp-lzo
verb 5
persist-key
persist-tun
push "route 10.123.1.0 255.255.255.0 10.123.2.1"
push "route 10.123.2.0 255.255.255.0 10.123.2.1"
push "dhcp-option DNS 10.123.2.1"
push "route-gateway 10.123.2.1"
push "redirect-gateway def1"
ifconfig-pool-persist ip_pool_UDP1194.txt
max-clients 5
Config klienta:
client
remote example.net 1194
ca /etc/openvpn/ca.crt
cert /etc/openvpn/martin.crt
key /etc/openvpn/martin.key
comp-lzo yes
dev tun
proto udp
nobind
auth-nocache
persist-key
persist-tun
verb 5
Log ze serveru:
Sat Oct 22 18:05:38 2016 us=683954 MULTI: multi_create_instance called
Sat Oct 22 18:05:38 2016 us=684334 37.188.132.120:61613 Re-using SSL/TLS context
Sat Oct 22 18:05:38 2016 us=684562 37.188.132.120:61613 LZO compression initialized
Sat Oct 22 18:05:38 2016 us=685062 37.188.132.120:61613 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sat Oct 22 18:05:38 2016 us=685173 37.188.132.120:61613 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Oct 22 18:05:38 2016 us=685355 37.188.132.120:61613 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Sat Oct 22 18:05:38 2016 us=685430 37.188.132.120:61613 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Sat Oct 22 18:05:38 2016 us=685553 37.188.132.120:61613 Local Options hash (VER=V4): '530fdded'
Sat Oct 22 18:05:38 2016 us=685666 37.188.132.120:61613 Expected Remote Options hash (VER=V4): '41690919'
RSat Oct 22 18:05:38 2016 us=685858 37.188.132.120:61613 TLS: Initial packet from [AF_INET]37.188.132.120:61613, sid=6e5f88fc eacadaa1
WWRWRWSat Oct 22 18:05:52 2016 us=246304 37.188.132.120:61607 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Oct 22 18:05:52 2016 us=246487 37.188.132.120:61607 TLS Error: TLS handshake failed
Sat Oct 22 18:05:52 2016 us=246962 37.188.132.120:61607 SIGUSR1[soft,tls-error] received, client-instance restarting
WRWWRWSat Oct 22 18:06:38 2016 us=680194 37.188.132.120:61613 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Oct 22 18:06:38 2016 us=680370 37.188.132.120:61613 TLS Error: TLS handshake failed
Sat Oct 22 18:06:38 2016 us=680801 37.188.132.120:61613 SIGUSR1[soft,tls-error] received, client-instance restarting
Sat Oct 22 18:06:40 2016 us=849236 MULTI: multi_create_instance called
Sat Oct 22 18:06:40 2016 us=849411 37.188.132.120:61616 Re-using SSL/TLS context
Sat Oct 22 18:06:40 2016 us=849504 37.188.132.120:61616 LZO compression initialized
Sat Oct 22 18:06:40 2016 us=849734 37.188.132.120:61616 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sat Oct 22 18:06:40 2016 us=849809 37.188.132.120:61616 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Oct 22 18:06:40 2016 us=849936 37.188.132.120:61616 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Sat Oct 22 18:06:40 2016 us=849991 37.188.132.120:61616 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Sat Oct 22 18:06:40 2016 us=850070 37.188.132.120:61616 Local Options hash (VER=V4): '530fdded'
Sat Oct 22 18:06:40 2016 us=850139 37.188.132.120:61616 Expected Remote Options hash (VER=V4): '41690919'
RSat Oct 22 18:06:40 2016 us=850262 37.188.132.120:61616 TLS: Initial packet from [AF_INET]37.188.132.120:61616, sid=0d9fa230 6813bc97
WRWWRWWRW^C
Log z klienta:
client # openvpn --config client.conf
...
Sat Oct 22 18:05:35 2016 us=372594 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Feb 2 2016
Sat Oct 22 18:05:35 2016 us=372624 library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08
Sat Oct 22 18:05:35 2016 us=372803 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Enter Private Key Password: *********
Sat Oct 22 18:05:38 2016 us=215609 LZO compression initialized
Sat Oct 22 18:05:38 2016 us=215803 Control Channel MTU parms [ L:1542 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat Oct 22 18:05:38 2016 us=215869 Socket Buffers: R=[212992->212992] S=[212992->212992]
Sat Oct 22 18:05:38 2016 us=672864 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:143 ET:0 EL:3 AF:3/1 ]
Sat Oct 22 18:05:38 2016 us=672980 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Sat Oct 22 18:05:38 2016 us=673012 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Sat Oct 22 18:05:38 2016 us=673080 Local Options hash (VER=V4): '41690919'
Sat Oct 22 18:05:38 2016 us=673128 Expected Remote Options hash (VER=V4): '530fdded'
Sat Oct 22 18:05:38 2016 us=673170 UDPv4 link local: [undef]
Sat Oct 22 18:05:38 2016 us=673206 UDPv4 link remote: [AF_INET]1.2.3.4:1194
WWWWWSat Oct 22 18:06:38 2016 us=342885 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Oct 22 18:06:38 2016 us=342958 TLS Error: TLS handshake failed
Sat Oct 22 18:06:38 2016 us=343195 TCP/UDP: Closing socket
Sat Oct 22 18:06:38 2016 us=343263 SIGUSR1[soft,tls-error] received, process restarting
Sat Oct 22 18:06:38 2016 us=343313 Restart pause, 2 second(s)
Sat Oct 22 18:06:40 2016 us=343439 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sat Oct 22 18:06:40 2016 us=343503 Re-using SSL/TLS context
Sat Oct 22 18:06:40 2016 us=343534 LZO compression initialized
Sat Oct 22 18:06:40 2016 us=343587 Control Channel MTU parms [ L:1542 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat Oct 22 18:06:40 2016 us=343616 Socket Buffers: R=[212992->212992] S=[212992->212992]
Sat Oct 22 18:06:40 2016 us=844549 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:143 ET:0 EL:3 AF:3/1 ]
Sat Oct 22 18:06:40 2016 us=844657 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Sat Oct 22 18:06:40 2016 us=844692 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Sat Oct 22 18:06:40 2016 us=844753 Local Options hash (VER=V4): '41690919'
Sat Oct 22 18:06:40 2016 us=844804 Expected Remote Options hash (VER=V4): '530fdded'
Sat Oct 22 18:06:40 2016 us=844847 UDPv4 link local: [undef]
Sat Oct 22 18:06:40 2016 us=844886 UDPv4 link remote: [AF_INET]1.2.3.4:1194
WWWW^CSat Oct 22 18:07:00 2016 us=52421 event_wait : Interrupted system call (code=4)
Sat Oct 22 18:07:00 2016 us=52709 TCP/UDP: Closing socket
Sat Oct 22 18:07:00 2016 us=52789 SIGINT[hard,] received, process exiting
Cely log z klienta, protoze tady je limit na 20k znaku.
http://pastebin.com/MngR0ynwNapada vas nekoho, co delam spatne?