Problem z połączeniem z serwerem OpenVPN


0

Mój klient dał mi plik klienta OpenVPN ( .ovpn) i muszę się połączyć z jego serwerem. Nie mam doświadczenia z OpenVPN.

Zainstalowałem go i wypróbowałem następujące polecenie:

openvpn --config ./client_file.ovpn --remote <address>

Ale zawiesza się przy „Rozpoczęto sekwencję inicjalizacji”.

Na ekranie pojawia się:

Wed Jul 13 17:26:08 2011 OpenVPN 2.1.0 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 20 2010
Wed Jul 13 17:26:08 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Wed Jul 13 17:26:08 2011 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Wed Jul 13 17:26:09 2011 Control Channel Authentication: tls-auth using INLINE static key file
Wed Jul 13 17:26:09 2011 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Jul 13 17:26:09 2011 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Jul 13 17:26:09 2011 LZO compression initialized
Wed Jul 13 17:26:09 2011 Control Channel MTU parms [ L:1544 D:168 EF:68 EB:0 ET:0 EL:0 ]
Wed Jul 13 17:26:10 2011 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Jul 13 17:26:10 2011 Local Options hash (VER=V4): 'ee93268d'
Wed Jul 13 17:26:10 2011 Expected Remote Options hash (VER=V4): 'bd577cd1'
Wed Jul 13 17:26:10 2011 Attempting to establish TCP connection with [AF_INET]200.52.42.236:444 [nonblock]
Wed Jul 13 17:26:11 2011 TCP connection established with [AF_INET]200.52.42.236:444
Wed Jul 13 17:26:11 2011 Socket Buffers: R=[87380->200000] S=[16384->200000]
Wed Jul 13 17:26:11 2011 TCPv4_CLIENT link local: [undef]
Wed Jul 13 17:26:11 2011 TCPv4_CLIENT link remote: [AF_INET]200.52.42.236:444
Wed Jul 13 17:26:11 2011 TLS: Initial packet from [AF_INET]200.52.42.236:444, sid=df9a1fe0 57e10cfd
Wed Jul 13 17:26:13 2011 VERIFY OK: depth=1, /CN=OpenVPN_CA
Wed Jul 13 17:26:13 2011 VERIFY OK: nsCertType=SERVER
Wed Jul 13 17:26:13 2011 VERIFY OK: depth=0, /CN=OpenVPN_Server
Wed Jul 13 17:26:17 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128   bit key
Wed Jul 13 17:26:17 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication                                                                            
Wed Jul 13 17:26:17 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key                                                                                         
Wed Jul 13 17:26:17 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication                                                                            
Wed Jul 13 17:26:17 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA                                                                                
Wed Jul 13 17:26:17 2011 [OpenVPN_Server] Peer Connection Initiated with [AF_INET]200.52.42.236:444                                                                                 
Wed Jul 13 17:26:19 2011 SENT CONTROL [OpenVPN_Server]: 'PUSH_REQUEST' (status=1)                                                                                                   
Wed Jul 13 17:26:20 2011 PUSH: Received control message: 'PUSH_REPLY,explicit-exit-notify,topology subnet,route-delay 5 30,dhcp-pre-release,dhcp-renew,dhcp-release,route-metric 101,ping 5,ping-restart 40,socket-flags TCP_NODELAY,redirect-private local,redirect-private bypass-dhcp,redirect-private bypass-dns,route-gateway 10.10.0.1,route 10.8.0.0 255.255.255.0,route 10.9.0.0 255.255.255.0,comp-lzo yes,ifconfig 10.10.0.103 255.255.255.0'                                                                                                     
Wed Jul 13 17:26:20 2011 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:4: dhcp-pre-release (2.1.0)                                                   
Wed Jul 13 17:26:20 2011 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:5: dhcp-renew (2.1.0)                                                         
Wed Jul 13 17:26:20 2011 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:6: dhcp-release (2.1.0)                                                       
Wed Jul 13 17:26:20 2011 OPTIONS IMPORT: timers and/or timeouts modified           
Wed Jul 13 17:26:20 2011 OPTIONS IMPORT: --explicit-exit-notify can only be used with --proto udp                                                                                   
Wed Jul 13 17:26:20 2011 OPTIONS IMPORT: LZO parms modified
Wed Jul 13 17:26:20 2011 OPTIONS IMPORT: --socket-flags option modified
Wed Jul 13 17:26:20 2011 Socket flags: TCP_NODELAY=1 succeeded
Wed Jul 13 17:26:20 2011 OPTIONS IMPORT: --ifconfig/up options modified
Wed Jul 13 17:26:20 2011 OPTIONS IMPORT: route options modified
Wed Jul 13 17:26:20 2011 OPTIONS IMPORT: route-related options modified
Wed Jul 13 17:26:20 2011 ROUTE default_gateway=192.168.1.1
Wed Jul 13 17:26:20 2011 TUN/TAP device tun0 opened
Wed Jul 13 17:26:20 2011 TUN/TAP TX queue length set to 100
Wed Jul 13 17:26:20 2011 /sbin/ifconfig tun0 10.10.0.103 netmask 255.255.255.0 mtu 1500 broadcast 10.10.0.255
Wed Jul 13 17:26:25 2011 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.10.0.1 metric 101
Wed Jul 13 17:26:25 2011 /sbin/route add -net 10.9.0.0 netmask 255.255.255.0 gw 10.10.0.1 metric 101
Wed Jul 13 17:26:25 2011 Initialization Sequence Completed

1
Czy możesz zrobić pastebin wyjścia? (Lub co zostanie zalogowane do syslog). Nie ma tylko jednej standardowej konfiguracji dla openvpn, obsługuje ona wiele opcji i metod połączenia. Dane wyjściowe byłyby pomocne w diagnozowaniu.
Drav Sloan,

Czy openvpnma tryb pełny? Powinien pokazać wszystkie szczegóły tego, co się tutaj dzieje. Sprawdź, czy ma -vopcję lub podobny.
new123456
Korzystając z naszej strony potwierdzasz, że przeczytałeś(-aś) i rozumiesz nasze zasady używania plików cookie i zasady ochrony prywatności.
Licensed under cc by-sa 3.0 with attribution required.