我的 LAN 上有一台运行开放式 VPN 服务器的 Raspberry Pi。我将此服务器从一个位置移到另一个位置(在旧位置,它运行良好)。
现在我的 Android 设备与服务器在同一个 LAN 上运行,但它们没有连接。它们的日志文件没有给我太多信息,因为它们没有收到从服务器返回的任何数据包。这也发生在我的 Ubuntu 笔记本电脑上。我更改了 .ovpn 文件以包含“float”选项。这招奏效了。我为我的其中一台 Android 设备添加了“float”选项,但运气不佳。除了这些选项之外,所有客户端的配置都是相同的。
这是我尝试连接时的服务器日志:
Tue Jun 23 10:29:56 2015 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Tue Jun 23 10:29:58 2015 192.168.1.78:38397 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1435055390) Tue Jun 23 10:29:50 2015 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Tue Jun 23 10:29:58 2015 192.168.1.78:38397 TLS Error: incoming packet authentication failed from [AF_INET]192.168.1.78:38397
Tue Jun 23 10:30:00 2015 192.168.1.78:47823 Re-using SSL/TLS context
Tue Jun 23 10:30:00 2015 192.168.1.78:47823 LZO compression initialized
Tue Jun 23 10:30:00 2015 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Tue Jun 23 10:30:00 2015 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Tue Jun 23 10:30:02 2015 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Tue Jun 23 10:30:02 2015 192.168.1.78:47823 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1435055400) Tue Jun 23 10:30:00 2015 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Tue Jun 23 10:30:02 2015 192.168.1.78:47823 TLS Error: incoming packet authentication failed from [AF_INET]192.168.1.78:47823
Tue Jun 23 10:30:04 2015 192.168.1.78:47823 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1435055400) Tue Jun 23 10:30:00 2015 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Tue Jun 23 10:30:04 2015 192.168.1.78:47823 TLS Error: incoming packet authentication failed from [AF_INET]192.168.1.78:47823
Tue Jun 23 10:30:04 2015 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Tue Jun 23 10:30:06 2015 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Tue Jun 23 10:30:06 2015 192.168.1.78:47823 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1435055400) Tue Jun 23 10:30:00 2015 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Tue Jun 23 10:30:06 2015 192.168.1.78:47823 TLS Error: incoming packet authentication failed from [AF_INET]192.168.1.78:47823
Tue Jun 23 10:30:08 2015 192.168.1.78:47823 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1435055400) Tue Jun 23 10:30:00 2015 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Tue Jun 23 10:30:08 2015 192.168.1.78:47823 TLS Error: incoming packet authentication failed from [AF_INET]192.168.1.78:47823
Tue Jun 23 10:30:10 2015 192.168.1.78:48396 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Jun 23 10:30:10 2015 192.168.1.78:48396 TLS Error: TLS handshake failed
Tue Jun 23 10:30:10 2015 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Tue Jun 23 10:30:14 2015 read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
当我从 LAN 中移除设备时,它们就会连接。
当我查看我的 ip-tables 防火墙日志(我相信位于 /var/log/messages)时,我没有看到任何内容。
这也无法与我的桌面客户端一起使用(添加“浮动”选项也不起作用),但我还没有对此进行太多故障排除,所以现在这没什么大不了的。
我只要求提出建议和意见或进一步澄清的请求。
client
dev tun
proto udp
remote notrealaddress.ovpn.net ####
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
ns-cert-type server
key-direction 1
cipher AES-128-CBC
comp-lzo
verb 1
mute 20
;added
float
(这是我的 Ubuntu x86 配置,它可以连接,但 Android 或 Windows 客户端上的相同配置无法在同一个网络上连接)