OpenVPN:Mac 客户端未连接到 Xubuntu 服务器

OpenVPN:Mac 客户端未连接到 Xubuntu 服务器

我一直试图在运行 Xubuntu 14.04 的服务器和运行 Mac OSX Yosemite 的客户端之间配置 VPN 连接,但没有成功。我正尝试使用 Tunnelblick 建立连接。我的防火墙日志没有相关信息可发布。我已为 Mac 打开了端口 1194、443 和 943。我似乎无法解决这个问题。我将感谢所有帮助,我不想因此而失败。

这是SERVER.CONF:

mode server  
local 192.168.1.XXX #ip of your openvpn server  
port 1194  
proto udp  
dev tun  
ca ca.crt  
cert reinhardtserver.crt  
cert reinhardtserver.key  
dh dh2048.pem  
server 10.8.0.0 255.255.255.0  
ifconfig 10.8.0.1 255.255.255.0  
push "dhcp-option DOMAIN coryreinhardt.com"  
push "dhcp-option DNS 10.6.11.4"  
ifconfig-pool-persist ipp.txt  
keepalive 10 120  
tls-server  
tls-auth ta.key 0  
comp-lzo  
user nobody  
group nobody  
persist-key  
persist-tun  
status openvpn-status.log  
verb1  
client-to-client   
push "route 192.168.0.0 255.255.255.0"`

客户端配置:

client  
proto udp  
dev tun  
port 1194  
remote 192.168.1.XXX 1194  
resolv-retry infinite  
nobind  
persist-key  
persist-tun  
;mute-replay-warnings  
tls-client  
ca ca.crt  
cert client1.crt  
key client1.key  
tls-auth ta.key 1  
comp-lzo  
verb 3  

隧道跟踪日志:

2015-08-29 20:40:42 *Tunnelblick: openvpnstart starting OpenVPN
2015-08-29 20:40:42 *Tunnelblick: OS X 10.10.5; Tunnelblick 3.5.3 (build 4270.4371); prior version 3.4.2 (build 4055.4161)
2015-08-29 20:40:42 *Tunnelblick: Attempting connection with server using shadow copy; Set nameserver = 1; monitoring connection
2015-08-29 20:40:42 *Tunnelblick: openvpnstart start server.tblk 1337 1 0 1 0 16688 -ptADGNWradsgnw 2.3.6
2015-08-29 20:40:44 *Tunnelblick: openvpnstart log:
 OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):

      /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3.6/openvpn
      --daemon
      --log
      /Library/Application Support/Tunnelblick/Logs/-SUsers-Sreinhardt-SLibrary-SApplication Support-STunnelblick-SConfigurations-Sserver.tblk-SContents-SResources-Sconfig.ovpn.1_0_1_0_16688.1337.openvpn.log
      --cd
      /Library/Application Support/Tunnelblick/Users/reinhardt/server.tblk/Contents/Resources
      --config
      /Library/Application Support/Tunnelblick/Users/reinhardt/server.tblk/Contents/Resources/config.ovpn
      --cd
      /Library/Application Support/Tunnelblick/Users/reinhardt/server.tblk/Contents/Resources
      --management
      127.0.0.1
      1337
      --management-query-passwords
      --management-hold
      --script-security
      2
      --up
      /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -d -f -m -w -ptADGNWradsgnw
      --down
      /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -d -f -m -w -ptADGNWradsgnw

2015-08-29 20:40:43 OpenVPN 2.3.6 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [PKCS11] [MH] [IPv6] built on Jul 10 2015
2015-08-29 20:40:43 library versions: OpenSSL 1.0.1p 9 Jul 2015, LZO 2.08
2015-08-29 20:40:43 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:1337
2015-08-29 20:40:43 Need hold release from management interface, waiting...
2015-08-29 20:40:44 *Tunnelblick: Established communication with OpenVPN
2015-08-29 20:40:44 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1337
2015-08-29 20:40:44 MANAGEMENT: CMD 'pid'
2015-08-29 20:40:44 MANAGEMENT: CMD 'state on'
2015-08-29 20:40:44 MANAGEMENT: CMD 'state'
2015-08-29 20:40:44 MANAGEMENT: CMD 'bytecount 1'
2015-08-29 20:40:44 MANAGEMENT: CMD 'hold release'
2015-08-29 20:40:44 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
2015-08-29 20:40:44 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2015-08-29 20:40:44 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
2015-08-29 20:40:44 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2015-08-29 20:40:44 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2015-08-29 20:40:44 Socket Buffers: R=[196724->65536] S=[9216->65536]
2015-08-29 20:40:44 UDPv4 link local: [undef]
2015-08-29 20:40:44 UDPv4 link remote: [AF_INET]192.168.1.236:1194
2015-08-29 20:40:44 MANAGEMENT: >STATE:1440906044,WAIT,,,
2015-08-29 20:41:45 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2015-08-29 20:41:45 TLS Error: TLS handshake failed
2015-08-29 20:41:45 SIGUSR1[soft,tls-error] received, process restarting
2015-08-29 20:41:45 MANAGEMENT: >STATE:1440906105,RECONNECTING,tls-error,,
2015-08-29 20:41:45 MANAGEMENT: CMD 'hold release'
2015-08-29 20:41:45 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
2015-08-29 20:41:45 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2015-08-29 20:41:45 Socket Buffers: R=[196724->65536] S=[9216->65536]
2015-08-29 20:41:45 UDPv4 link local: [undef]
2015-08-29 20:41:45 UDPv4 link remote: [AF_INET]192.168.1.236:1194
2015-08-29 20:41:45 MANAGEMENT: >STATE:1440906105,WAIT,,,
2015-08-29 20:42:46 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2015-08-29 20:42:46 TLS Error: TLS handshake failed
2015-08-29 20:42:46 SIGUSR1[soft,tls-error] received, process restarting
2015-08-29 20:42:46 MANAGEMENT: >STATE:1440906166,RECONNECTING,tls-error,,
2015-08-29 20:42:46 MANAGEMENT: CMD 'hold release'
2015-08-29 20:42:46 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
2015-08-29 20:42:46 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2015-08-29 20:42:46 Socket Buffers: R=[196724->65536] S=[9216->65536]
2015-08-29 20:42:46 UDPv4 link local: [undef]
2015-08-29 20:42:46 UDPv4 link remote: [AF_INET]192.168.1.236:1194
2015-08-29 20:42:46 MANAGEMENT: >STATE:1440906166,WAIT,,,
2015-08-29 20:42:47 *Tunnelblick: Disconnecting; VPN Details… window disconnect button pressed
2015-08-29 20:42:47 *Tunnelblick: Disconnecting using 'kill'
2015-08-29 20:42:47 event_wait : Interrupted system call (code=4)
2015-08-29 20:42:47 SIGTERM[hard,] received, process exiting
2015-08-29 20:42:47 MANAGEMENT: >STATE:1440906167,EXITING,SIGTERM,,
2015-08-29 20:42:49 *Tunnelblick: No 'post-disconnect.sh' script to execute
2015-08-29 20:42:49 *Tunnelblick: Expected disconnection occurred.

这里是来自 Xubuntu 的 ifconfig :

root@reinhardt:/etc/openvpn# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:26:22:1e:c6:58  
      UP BROADCAST MULTICAST  MTU:1500  Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000 
      RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

lo        Link encap:Local Loopback  
      inet addr:127.0.X.X  Mask:255.0.0.0
      inet6 addr: ::1/128 Scope:Host
      UP LOOPBACK RUNNING  MTU:65536  Metric:1
      RX packets:3290 errors:0 dropped:0 overruns:0 frame:0
      TX packets:3290 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0 
      RX bytes:308681 (308.6 KB)  TX bytes:308681 (308.6 KB)

wlan0     Link encap:Ethernet  HWaddr 00:26:5e:69:27:0d  
      inet addr:192.168.1.XXX  Bcast:192.168.1.XXX  Mask:255.255.XXX.X
      inet6 addr: 2602:30a:2e8c:9a20:5c1a:7c51:8bcc:8720/64 Scope:Global
      inet6 addr: 2602:30a:2e8c:9a20:226:5eff:fe69:270d/64 Scope:Global
      inet6 addr: fe80::226:5eff:fe69:270d/64 Scope:Link
      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
      RX packets:41514 errors:0 dropped:0 overruns:0 frame:0
      TX packets:16935 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000 
      RX bytes:11636203 (11.6 MB)  TX bytes:2545476 (2.5 MB)

相关内容