Podarilo sa mi dostať takýto výpis pri if configu, takže takto by malo po správnosti vyzerať tun 0 ?
tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.9.8.1 netmask 255.255.255.0 destination 10.9.8.1
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Stále sa mi ale neotvoril pot 1194. Takže sa neviem s klientom pripojiť
Tu je log zo servera:
Sat Mar 15 12:58:03 2014 OpenVPN 2.3.2 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Sep 12 2013
Sat Mar 15 12:58:03 2014 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
Sat Mar 15 12:58:03 2014 Diffie-Hellman initialized with 1024 bit key
Sat Mar 15 12:58:03 2014 Socket Buffers: R=[212992->131072] S=[212992->131072]
Sat Mar 15 12:58:03 2014 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=wlp4s0 HWADDR=5c:ac:4c:17:52:2b
Sat Mar 15 12:58:03 2014 OpenVPN ROUTE: OpenVPN needs a gateway parameter for a --route option and no default was specified by either --route-gateway or --ifconfig options
Sat Mar 15 12:58:03 2014 OpenVPN ROUTE: failed to parse/resolve route for host/network: 10.9.8.0
Sat Mar 15 12:58:03 2014 TUN/TAP device tun0 opened
Sat Mar 15 12:58:03 2014 TUN/TAP TX queue length set to 100
Sat Mar 15 12:58:03 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Sat Mar 15 12:58:03 2014 /usr/sbin/ip link set dev tun0 up mtu 1500
Sat Mar 15 12:58:03 2014 /usr/sbin/ip addr add dev tun0 10.9.8.1/24 broadcast 10.9.8.255
Sat Mar 15 12:58:03 2014 UDPv4 link local (bound): [undef]
Sat Mar 15 12:58:03 2014 UDPv4 link remote: [undef]
Sat Mar 15 12:58:03 2014 MULTI: multi_init called, r=256 v=256
Sat Mar 15 12:58:03 2014 IFCONFIG POOL: base=10.9.8.2 size=252, ipv6=0
Sat Mar 15 12:58:03 2014 Initialization Sequence Completed
Sat Mar 15 12:58:05 2014 192.168.1.18:54484 TLS: Initial packet from [AF_INET]192.168.1.18:54484, sid=38626a8e b0c9193f
Sat Mar 15 12:58:07 2014 192.168.1.18:54485 TLS: Initial packet from [AF_INET]192.168.1.18:54485, sid=7b738894 b724b416
Sat Mar 15 12:58:09 2014 192.168.1.18:54486 TLS: Initial packet from [AF_INET]192.168.1.18:54486, sid=830f0f75 9e2669ab
Sat Mar 15 12:58:11 2014 192.168.1.18:54487 TLS: Initial packet from [AF_INET]192.168.1.18:54487, sid=b1f09061 d642f071
Sat Mar 15 12:58:13 2014 192.168.1.18:54488 TLS: Initial packet from [AF_INET]192.168.1.18:54488, sid=5e023cc4 8b30337a
Sat Mar 15 12:58:15 2014 192.168.1.18:54489 TLS: Initial packet from [AF_INET]192.168.1.18:54489, sid=94ace245 30b3c5b4
Sat Mar 15 12:58:17 2014 192.168.1.18:54490 TLS: Initial packet from [AF_INET]192.168.1.18:54490, sid=7f08e9d3 8bcbe513
Sat Mar 15 12:58:19 2014 192.168.1.18:54491 TLS: Initial packet from [AF_INET]192.168.1.18:54491, sid=a0d19026 aff755e2
Sat Mar 15 12:58:21 2014 192.168.1.18:54492 TLS: Initial packet from [AF_INET]192.168.1.18:54492, sid=05bfe1ff 74357737
Sat Mar 15 12:58:23 2014 192.168.1.18:54493 TLS: Initial packet from [AF_INET]192.168.1.18:54493, sid=0048f42c 35113d0a
Sat Mar 15 12:58:25 2014 192.168.1.18:54494 TLS: Initial packet from [AF_INET]192.168.1.18:54494, sid=ab6b6250 a52a46fc
Sat Mar 15 12:58:27 2014 192.168.1.18:54495 TLS: Initial packet from [AF_INET]192.168.1.18:54495, sid=db82f9d5 f852cfb6
Sat Mar 15 12:58:29 2014 192.168.1.18:54496 TLS: Initial packet from [AF_INET]192.168.1.18:54496, sid=a9e58c3c bac92564
Sat Mar 15 12:58:31 2014 192.168.1.18:54497 TLS: Initial packet from [AF_INET]192.168.1.18:54497, sid=02171788 93cfe082
Sat Mar 15 12:59:05 2014 192.168.1.18:54484 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Mar 15 12:59:05 2014 192.168.1.18:54484 TLS Error: TLS handshake failed
Sat Mar 15 12:59:05 2014 192.168.1.18:54484 SIGUSR1[soft,tls-error] received, client-instance restarting
Sat Mar 15 12:59:07 2014 192.168.1.18:54485 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Mar 15 12:59:07 2014 192.168.1.18:54485 TLS Error: TLS handshake failed
Sat Mar 15 12:59:07 2014 192.168.1.18:54485 SIGUSR1[soft,tls-error] received, client-instance restarting
Sat Mar 15 12:59:10 2014 192.168.1.18:54486 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Mar 15 12:59:10 2014 192.168.1.18:54486 TLS Error: TLS handshake failed
Sat Mar 15 12:59:10 2014 192.168.1.18:54486 SIGUSR1[soft,tls-error] received, client-instance restarting
Sat Mar 15 12:59:11 2014 192.168.1.18:54487 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Mar 15 12:59:11 2014 192.168.1.18:54487 TLS Error: TLS handshake failed
Sat Mar 15 12:59:11 2014 192.168.1.18:54487 SIGUSR1[soft,tls-error] received, client-instance restarting
Sat Mar 15 12:59:14 2014 192.168.1.18:54488 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Mar 15 12:59:14 2014 192.168.1.18:54488 TLS Error: TLS handshake failed
Sat Mar 15 12:59:14 2014 192.168.1.18:54488 SIGUSR1[soft,tls-error] received, client-instance restarting
Sat Mar 15 12:59:15 2014 192.168.1.18:54489 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Mar 15 12:59:15 2014 192.168.1.18:54489 TLS Error: TLS handshake failed
Sat Mar 15 12:59:15 2014 192.168.1.18:54489 SIGUSR1[soft,tls-error] received, client-instance restarting
Sat Mar 15 12:59:17 2014 192.168.1.18:54490 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Mar 15 12:59:17 2014 192.168.1.18:54490 TLS Error: TLS handshake failed
Sat Mar 15 12:59:17 2014 192.168.1.18:54490 SIGUSR1[soft,tls-error] received, client-instance restarting
Sat Mar 15 12:59:19 2014 192.168.1.18:54491 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Mar 15 12:59:19 2014 192.168.1.18:54491 TLS Error: TLS handshake failed
Sat Mar 15 12:59:19 2014 192.168.1.18:54491 SIGUSR1[soft,tls-error] received, client-instance restarting
Sat Mar 15 12:59:21 2014 192.168.1.18:54492 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Mar 15 12:59:21 2014 192.168.1.18:54492 TLS Error: TLS handshake failed
Sat Mar 15 12:59:21 2014 192.168.1.18:54492 SIGUSR1[soft,tls-error] received, client-instance restarting
Sat Mar 15 12:59:23 2014 192.168.1.18:54493 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Mar 15 12:59:23 2014 192.168.1.18:54493 TLS Error: TLS handshake failed
Sat Mar 15 12:59:23 2014 192.168.1.18:54493 SIGUSR1[soft,tls-error] received, client-instance restarting
Sat Mar 15 12:59:25 2014 192.168.1.18:54494 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Mar 15 12:59:25 2014 192.168.1.18:54494 TLS Error: TLS handshake failed
Sat Mar 15 12:59:25 2014 192.168.1.18:54494 SIGUSR1[soft,tls-error] received, client-instance restarting
Sat Mar 15 12:59:27 2014 192.168.1.18:54495 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Mar 15 12:59:27 2014 192.168.1.18:54495 TLS Error: TLS handshake failed
Sat Mar 15 12:59:27 2014 192.168.1.18:54495 SIGUSR1[soft,tls-error] received, client-instance restarting
Sat Mar 15 12:59:29 2014 192.168.1.18:54496 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Mar 15 12:59:29 2014 192.168.1.18:54496 TLS Error: TLS handshake failed
Sat Mar 15 12:59:29 2014 192.168.1.18:54496 SIGUSR1[soft,tls-error] received, client-instance restarting
Sat Mar 15 12:59:31 2014 192.168.1.18:54497 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Mar 15 12:59:31 2014 192.168.1.18:54497 TLS Error: TLS handshake failed
Sat Mar 15 12:59:31 2014 192.168.1.18:54497 SIGUSR1[soft,tls-error] received, client-instance restarting
A tu je server config ako som ho upravil
port 1194
proto udp
dev tun
mode server
server 10.9.8.0 255.255.255.0
client-to-client
topology subnet
ifconfig-pool-persist 10.9.8.2 10.9.8.5 255.255.255.0
ca /etc/openvpn/ca.crt
cert /etc/openvpn/masina.crt
key /etc/openvpn/masina.key
dh /etc/openvpn/dh1024.pem
push “route 192.168.1.14 255.255.255.0″
push “route 10.9.8.0 255.255.255.0 10.9.8.1″
route 10.9.8.0 255.255.255.0
keepalive 10 120
cipher AES-128-CBC # AES
comp-lzo
persist-key
persist-tun
status /var/log/openvpn-status.log
log-append /var/log/openvpn.log
verb 3
mute 20
CA podpisuje aj subory pre klienta ? Myslím ccertifikat a kluc ? …lebo keď kontrolujem ca certifikat a certifikat serveru vypise mi OK a ked kontrolujem certifikat klienta a ca.crt tak mi vypíše
# openssl verify -CAfile ca.crt client1.crt
unable to load certificate
140497244940160:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: TRUSTED CERTIFICATE