OpenVPN 未通过 UDP 连接

tag-icon tag-icon networking openvpn
OpenVPN 未通过 UDP 连接

OpenVPN 在 TCP 端口 443 上工作正常,但无法通过 UDP 端口 53 连接。我检查了防火墙。初始握手工作正常,但客户端在等待状态挂起。VPN 服务器是 Ubuntu,客户端是 Windows。

更新:刚刚尝试从不同的网络连接,一切正常。我的网络可能出了什么问题?

配置如下:

mode server
tls-server
server 172.16.130.0 255.255.255.0
port 53
proto udp
dev tun0
comp-lzo
persist-key
persist-tun
user nobody
group nogroup
duplicate-cn
keepalive 10 120
ifconfig-pool-persist ipp.txt
status openvpn-status.log
log-append /var/log/openvpn.log
verb 5

#certificates and encryption
ca easy-rsa/keys/ca.crt
cert easy-rsa/keys/home.crt
key easy-rsa/keys/home.key
dh easy-rsa/keys/dh2048.pem
tls-auth easy-rsa/keys/ta.key 0

#routes
push "route 172.16.128.0 255.255.252.0"


client
dev tun
dev-node vpn-home
proto udp
remote 89.188.126.148 53
resolv-retry infinite
nobind
persist-key
persist-tun
ca home_ca.crt
cert home-client.crt
key home-client.key
tls-auth home_ta.key 1
comp-lzo
verb 5

和日志。服务器:

Wed May 21 16:40:43 2014 us=592168 Initialization Sequence Completed
Wed May 21 16:41:02 2014 us=502237 MULTI: multi_create_instance called
Wed May 21 16:41:02 2014 us=502452 85.142.26.224:20351 Re-using SSL/TLS context
Wed May 21 16:41:02 2014 us=502597 85.142.26.224:20351 LZO compression initialized
Wed May 21 16:41:02 2014 us=503143 85.142.26.224:20351 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Wed May 21 16:41:02 2014 us=503208 85.142.26.224:20351 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed May 21 16:41:02 2014 us=503359 85.142.26.224:20351 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Wed May 21 16:41:02 2014 us=503409 85.142.26.224:20351 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Wed May 21 16:41:02 2014 us=503493 85.142.26.224:20351 Local Options hash (VER=V4): '14168603'
Wed May 21 16:41:02 2014 us=503557 85.142.26.224:20351 Expected Remote Options hash (VER=V4): '504e774e'
RWed May 21 16:41:02 2014 us=503691 85.142.26.224:20351 TLS: Initial packet from [AF_INET]85.142.26.224:20351, sid=ac1bebfb 9e347a98
WWRWWRWRWRW^C

客户:

Wed May 21 16:40:45 2014 OpenVPN 2.3.2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Aug  8 2013
Wed May 21 16:40:45 2014 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Wed May 21 16:40:45 2014 Need hold release from management interface, waiting...
Wed May 21 16:40:45 2014 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Wed May 21 16:40:45 2014 MANAGEMENT: CMD 'state on'
Wed May 21 16:40:45 2014 MANAGEMENT: CMD 'log all on'
Wed May 21 16:40:46 2014 MANAGEMENT: CMD 'hold off'
Wed May 21 16:40:46 2014 MANAGEMENT: CMD 'hold release'
Wed May 21 16:40:46 2014 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Wed May 21 16:40:46 2014 Control Channel Authentication: using 'home_ta.key' as a OpenVPN static key file
Wed May 21 16:40:46 2014 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed May 21 16:40:46 2014 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed May 21 16:40:46 2014 LZO compression initialized
Wed May 21 16:40:46 2014 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Wed May 21 16:40:46 2014 Socket Buffers: R=[8192->8192] S=[8192->8192]
Wed May 21 16:40:46 2014 MANAGEMENT: >STATE:1400676046,RESOLVE,,,
Wed May 21 16:40:46 2014 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed May 21 16:40:46 2014 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Wed May 21 16:40:46 2014 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Wed May 21 16:40:46 2014 Local Options hash (VER=V4): '504e774e'
Wed May 21 16:40:46 2014 Expected Remote Options hash (VER=V4): '14168603'
Wed May 21 16:40:46 2014 UDPv4 link local: [undef]
Wed May 21 16:40:46 2014 UDPv4 link remote: [AF_INET]89.188.126.148:53
Wed May 21 16:40:46 2014 MANAGEMENT: >STATE:1400676046,WAIT,,,

相关内容