每次我尝试连接下面的配置文件时,它都会卡在“登录”状态
client
dev tun
proto tcp
remote IP 443
resolv-retry infinite
nobind
persist-key
persist-tun
comp-lzo
verb 3
<ca> SERVER.CA
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</ca>
<cert> SERVER.CRT
Certificate:
...
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</cert>
<key> SERVER.KEY
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----
</key>
我使用了以下构建选项:
cp -r /usr/share/doc/openvpn-2.2.2/easy-rsa/ /etc/openvpn/
cp -irv /etc/openvpn/easy-rsa/2.0/openssl-1.0.0.cnf /etc/openvpn/easy-rsa/2.0/openssl.cnf
cd /etc/openvpn/easy-rsa/2.0
chmod 755 *
source ./vars
./vars
./clean-all
./build-ca
./build-key-server server
./build-dh
服务器配置文件
port 443 #- port
proto tcp #- protocol
dev tun
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
reneg-sec 0
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
plugin /etc/openvpn/openvpn-auth-pam.so /etc/pam.d/login
#plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login #- Comment this line if you are using FreeRADIUS
#plugin /etc/openvpn/radiusplugin.so /etc/openvpn/radiusplugin.cnf #- Uncomment this line if you are using FreeRADIUS
client-cert-not-required
username-as-common-name
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 5 30
comp-lzo
persist-key
persist-tun
status 1194.log
verb 3
答案1
看起来您正在尝试在服务器配置设置中使用用户进行连接。但是,在客户端中,您正在尝试使用密钥。
使用以下内容:
client
dev tun
proto tcp
remote IP 443
resolv-retry infinite
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
auth-user-pass
comp-lzo
verb 3
<ca>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</ca>