Mój klient dał mi plik klienta OpenVPN ( .ovpn
) i muszę się połączyć z jego serwerem. Nie mam doświadczenia z OpenVPN.
Zainstalowałem go i wypróbowałem następujące polecenie:
openvpn --config ./client_file.ovpn --remote <address>
Ale zawiesza się przy „Rozpoczęto sekwencję inicjalizacji”.
Na ekranie pojawia się:
Wed Jul 13 17:26:08 2011 OpenVPN 2.1.0 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 20 2010
Wed Jul 13 17:26:08 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Wed Jul 13 17:26:08 2011 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Wed Jul 13 17:26:09 2011 Control Channel Authentication: tls-auth using INLINE static key file
Wed Jul 13 17:26:09 2011 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Jul 13 17:26:09 2011 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Jul 13 17:26:09 2011 LZO compression initialized
Wed Jul 13 17:26:09 2011 Control Channel MTU parms [ L:1544 D:168 EF:68 EB:0 ET:0 EL:0 ]
Wed Jul 13 17:26:10 2011 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Jul 13 17:26:10 2011 Local Options hash (VER=V4): 'ee93268d'
Wed Jul 13 17:26:10 2011 Expected Remote Options hash (VER=V4): 'bd577cd1'
Wed Jul 13 17:26:10 2011 Attempting to establish TCP connection with [AF_INET]200.52.42.236:444 [nonblock]
Wed Jul 13 17:26:11 2011 TCP connection established with [AF_INET]200.52.42.236:444
Wed Jul 13 17:26:11 2011 Socket Buffers: R=[87380->200000] S=[16384->200000]
Wed Jul 13 17:26:11 2011 TCPv4_CLIENT link local: [undef]
Wed Jul 13 17:26:11 2011 TCPv4_CLIENT link remote: [AF_INET]200.52.42.236:444
Wed Jul 13 17:26:11 2011 TLS: Initial packet from [AF_INET]200.52.42.236:444, sid=df9a1fe0 57e10cfd
Wed Jul 13 17:26:13 2011 VERIFY OK: depth=1, /CN=OpenVPN_CA
Wed Jul 13 17:26:13 2011 VERIFY OK: nsCertType=SERVER
Wed Jul 13 17:26:13 2011 VERIFY OK: depth=0, /CN=OpenVPN_Server
Wed Jul 13 17:26:17 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Jul 13 17:26:17 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Jul 13 17:26:17 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Jul 13 17:26:17 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Jul 13 17:26:17 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Wed Jul 13 17:26:17 2011 [OpenVPN_Server] Peer Connection Initiated with [AF_INET]200.52.42.236:444
Wed Jul 13 17:26:19 2011 SENT CONTROL [OpenVPN_Server]: 'PUSH_REQUEST' (status=1)
Wed Jul 13 17:26:20 2011 PUSH: Received control message: 'PUSH_REPLY,explicit-exit-notify,topology subnet,route-delay 5 30,dhcp-pre-release,dhcp-renew,dhcp-release,route-metric 101,ping 5,ping-restart 40,socket-flags TCP_NODELAY,redirect-private local,redirect-private bypass-dhcp,redirect-private bypass-dns,route-gateway 10.10.0.1,route 10.8.0.0 255.255.255.0,route 10.9.0.0 255.255.255.0,comp-lzo yes,ifconfig 10.10.0.103 255.255.255.0'
Wed Jul 13 17:26:20 2011 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:4: dhcp-pre-release (2.1.0)
Wed Jul 13 17:26:20 2011 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:5: dhcp-renew (2.1.0)
Wed Jul 13 17:26:20 2011 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:6: dhcp-release (2.1.0)
Wed Jul 13 17:26:20 2011 OPTIONS IMPORT: timers and/or timeouts modified
Wed Jul 13 17:26:20 2011 OPTIONS IMPORT: --explicit-exit-notify can only be used with --proto udp
Wed Jul 13 17:26:20 2011 OPTIONS IMPORT: LZO parms modified
Wed Jul 13 17:26:20 2011 OPTIONS IMPORT: --socket-flags option modified
Wed Jul 13 17:26:20 2011 Socket flags: TCP_NODELAY=1 succeeded
Wed Jul 13 17:26:20 2011 OPTIONS IMPORT: --ifconfig/up options modified
Wed Jul 13 17:26:20 2011 OPTIONS IMPORT: route options modified
Wed Jul 13 17:26:20 2011 OPTIONS IMPORT: route-related options modified
Wed Jul 13 17:26:20 2011 ROUTE default_gateway=192.168.1.1
Wed Jul 13 17:26:20 2011 TUN/TAP device tun0 opened
Wed Jul 13 17:26:20 2011 TUN/TAP TX queue length set to 100
Wed Jul 13 17:26:20 2011 /sbin/ifconfig tun0 10.10.0.103 netmask 255.255.255.0 mtu 1500 broadcast 10.10.0.255
Wed Jul 13 17:26:25 2011 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.10.0.1 metric 101
Wed Jul 13 17:26:25 2011 /sbin/route add -net 10.9.0.0 netmask 255.255.255.0 gw 10.10.0.1 metric 101
Wed Jul 13 17:26:25 2011 Initialization Sequence Completed
openvpn
ma tryb pełny? Powinien pokazać wszystkie szczegóły tego, co się tutaj dzieje. Sprawdź, czy ma -v
opcję lub podobny.