我有一台 DS 1813+(DSM 5 4493 Update 1 - 最新),在设置 OpenVPN 时遇到问题:
- DS 的第三个接口直接连接到静态 IP,DS 防火墙设置为仅允许该接口上的 VPN 应用,阻止所有其他应用
- LAN:
192.168.1.x(DS 通过端口 1 和 2 与其连接) - VPN:(
10.8.0.x使用默认服务器配置)
- LAN:
我已经在内部实现了它,但是当我远程连接时,握手失败:
- 日志:
12:35:10 OpenVPN 2.3.4 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Jun 5 2014 12:35:10 library versions: OpenSSL 1.0.1h 5 Jun 2014, LZO 2.05 12:35:23 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. 12:35:23 UDPv4 link local (bound): [undef] 12:35:23 UDPv4 link remote: [AF_INET] MY STATIC IP:1194 12:36:23 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 12:36:23 TLS Error: TLS handshake failed 12:36:23 SIGUSR1[soft,tls-error] received, process restarting 12:36:25 WARNING: No server certificate verification method has been enabled. #See http://openvpn.net/howto.html#mitm for more info. 12:36:25 UDPv4 link local (bound): [undef] 12:36:25 UDPv4 link remote: [AF_INET]MY STATIC IP:1194 - 配置(Windows 8.1 64位:OpenVPN GUI - 最新):
tls-client dev tun proto udp remote xxx.xxx.xxx.xxx 1194 dhcp-option DNS 192.168.1.2 redirect-gateway def1 pull script-security 2 # Self signed cert: ca ca-ds.crt auth-user-pass auth-nocache #tls-remote synology.com comp-lzo reneg-sec 0
有任何想法吗?
答案1
Synology NAS 上有两个 LAN,LAN1 和 LAN2;请确保针对 OpenVPN 常规设置页面中指定的 LAN# 设置了 1194 的端口转发。