pfSense + OpenVPN:无法 Ping 远程 LAN

pfSense + OpenVPN:无法 Ping 远程 LAN

问题:

我可以从 OpenVPN 客户端 ping pfSense OpenVPN 服务器,但无法 ping 远程 pfSense/OpenVPN LAN 上的设备。

情况描述:

下图显示了我的小型测试网络拓扑

  • 我无法从 TestPC3 和 TestPC2 ping 并访问 TestPC1(ping 192.168.168.240 不起作用)
  • 我可以从 TestPC3 和 TestPC2 运行 OpenVPN 来 ping pfSense(ping 192.168.168.1 和 ping 192.168.188.1 均可)
  • 测试 PC3 包含到 VPN GW 的静态路由:192.168.168.0 255.255.255.0 192.168.188.1
  • 测试 PC2 包含到 VPN GW 的静态路由:192.168.168.0 255.255.255.0 192.168.188.1
  • 测试PC1有DG:192.168.168.1,即OpenVPN服务器。换句话说,PC3和PC2应该能够找到PC1,并且PC1使用OpenVPN将所有响应发送到pfSense服务器。

我的问题是: 出了什么问题以及为什么通讯不畅?

网络拓扑结构:

  pfSense LAN: 192.168.168.0/24
  OpenVPN Tunnel LAN: 192.168.188.0/24


  ╔═══════════╗ OpenVPN Established
  ║  TestPC3  ║ LAN IP: 192.168.4.200
  ╚═══════════╝ OpenVPN Tunnel IP: 192.168.188.3
        │       Routing table contains: 192.168.168.0 255.255.255.0 192.168.188.1
 ╔══════════════╗
 ║   Internet   ║
 ╚══════════════╝
╔════════════════╗WAN: Dynamic IP Address
║   ISP Router   ║LAN IP: 192.168.178.1
╚════════════════╝Default Gateway to Internet
      │   │
      │   │
      │   └───────────────────────────────────────┐
      │                                           │
      │                                           │
╔═══════════════╗WAN: 192.168.178.10       ╔═════════════╗ OpenVPN Established
║    pfSense    ║LAN:192.168.168.1         ║   TestPC 2  ║ LAN IP: 192.168.178.3
╚═══════════════╝DG: 192.168.178.1         ╚═════════════╝ DG: 192.168.178.1
        │        Tunnel: 192.168.188.1                     Open VPN Tunnel IP: 192.168.188.2
        │                                                  Routing table contains: 192.168.168.0 255.255.255.0 192.168.188.1
 ╔══════════════╗DG: 192.168.168.1
 ║   TestPC 1   ║LAN IP: 192.168.168.240
 ╚══════════════╝

测试PC 3 OpenVPN日志(动词4):

Wed Sep 09 09:46:00 2015 us=374489 Current Parameter Settings:
Wed Sep 09 09:46:00 2015 us=374489   config = 'firewall-udp-1194-vpn_user_name-config.ovpn'
Wed Sep 09 09:46:00 2015 us=374489   mode = 0
Wed Sep 09 09:46:00 2015 us=374489   show_ciphers = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   show_digests = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   show_engines = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   genkey = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   key_pass_file = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   show_tls_ciphers = DISABLED
Wed Sep 09 09:46:00 2015 us=374489 Connection profiles [default]:
Wed Sep 09 09:46:00 2015 us=374489   proto = udp
Wed Sep 09 09:46:00 2015 us=374489   local = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   local_port = 0
Wed Sep 09 09:46:00 2015 us=374489   remote = '[domainname].com'
Wed Sep 09 09:46:00 2015 us=374489   remote_port = 1194
Wed Sep 09 09:46:00 2015 us=374489   remote_float = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   bind_defined = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   bind_local = ENABLED
Wed Sep 09 09:46:00 2015 us=374489   connect_retry_seconds = 5
Wed Sep 09 09:46:00 2015 us=374489   connect_timeout = 10
Wed Sep 09 09:46:00 2015 us=374489   connect_retry_max = 0
Wed Sep 09 09:46:00 2015 us=374489   socks_proxy_server = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   socks_proxy_port = 0
Wed Sep 09 09:46:00 2015 us=374489   socks_proxy_retry = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   tun_mtu = 1500
Wed Sep 09 09:46:00 2015 us=374489   tun_mtu_defined = ENABLED
Wed Sep 09 09:46:00 2015 us=374489   link_mtu = 1500
Wed Sep 09 09:46:00 2015 us=374489   link_mtu_defined = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   tun_mtu_extra = 0
Wed Sep 09 09:46:00 2015 us=374489   tun_mtu_extra_defined = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   mtu_discover_type = -1
Wed Sep 09 09:46:00 2015 us=374489   fragment = 0
Wed Sep 09 09:46:00 2015 us=374489   mssfix = 1450
Wed Sep 09 09:46:00 2015 us=374489   explicit_exit_notification = 0
Wed Sep 09 09:46:00 2015 us=374489 Connection profiles END
Wed Sep 09 09:46:00 2015 us=374489   remote_random = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   ipchange = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   dev = 'tun'
Wed Sep 09 09:46:00 2015 us=374489   dev_type = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   dev_node = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   lladdr = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   topology = 1
Wed Sep 09 09:46:00 2015 us=374489   tun_ipv6 = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   ifconfig_local = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   ifconfig_remote_netmask = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   ifconfig_noexec = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   ifconfig_nowarn = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   ifconfig_ipv6_local = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   ifconfig_ipv6_netbits = 0
Wed Sep 09 09:46:00 2015 us=374489   ifconfig_ipv6_remote = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   shaper = 0
Wed Sep 09 09:46:00 2015 us=374489   mtu_test = 0
Wed Sep 09 09:46:00 2015 us=374489   mlock = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   keepalive_ping = 0
Wed Sep 09 09:46:00 2015 us=374489   keepalive_timeout = 0
Wed Sep 09 09:46:00 2015 us=374489   inactivity_timeout = 0
Wed Sep 09 09:46:00 2015 us=374489   ping_send_timeout = 0
Wed Sep 09 09:46:00 2015 us=374489   ping_rec_timeout = 0
Wed Sep 09 09:46:00 2015 us=374489   ping_rec_timeout_action = 0
Wed Sep 09 09:46:00 2015 us=374489   ping_timer_remote = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   remap_sigusr1 = 0
Wed Sep 09 09:46:00 2015 us=374489   persist_tun = ENABLED
Wed Sep 09 09:46:00 2015 us=374489   persist_local_ip = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   persist_remote_ip = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   persist_key = ENABLED
Wed Sep 09 09:46:00 2015 us=374489   passtos = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   resolve_retry_seconds = 1000000000
Wed Sep 09 09:46:00 2015 us=374489   username = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   groupname = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   chroot_dir = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   cd_dir = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   writepid = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   up_script = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   down_script = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   down_pre = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   up_restart = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   up_delay = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   daemon = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   inetd = 0
Wed Sep 09 09:46:00 2015 us=374489   log = ENABLED
Wed Sep 09 09:46:00 2015 us=374489   suppress_timestamps = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   nice = 0
Wed Sep 09 09:46:00 2015 us=374489   verbosity = 4
Wed Sep 09 09:46:00 2015 us=374489   mute = 0
Wed Sep 09 09:46:00 2015 us=374489   status_file = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   status_file_version = 1
Wed Sep 09 09:46:00 2015 us=374489   status_file_update_freq = 60
Wed Sep 09 09:46:00 2015 us=374489   occ = ENABLED
Wed Sep 09 09:46:00 2015 us=374489   rcvbuf = 0
Wed Sep 09 09:46:00 2015 us=374489   sndbuf = 0
Wed Sep 09 09:46:00 2015 us=374489   sockflags = 0
Wed Sep 09 09:46:00 2015 us=374489   fast_io = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   lzo = 7
Wed Sep 09 09:46:00 2015 us=374489   route_script = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   route_default_gateway = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   route_default_metric = 0
Wed Sep 09 09:46:00 2015 us=374489   route_noexec = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   route_delay = 5
Wed Sep 09 09:46:00 2015 us=374489   route_delay_window = 30
Wed Sep 09 09:46:00 2015 us=374489   route_delay_defined = ENABLED
Wed Sep 09 09:46:00 2015 us=374489   route_nopull = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   route_gateway_via_dhcp = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   max_routes = 100
Wed Sep 09 09:46:00 2015 us=374489   allow_pull_fqdn = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   management_addr = '127.0.0.1'
Wed Sep 09 09:46:00 2015 us=374489   management_port = 25340
Wed Sep 09 09:46:00 2015 us=374489   management_user_pass = 'stdin'
Wed Sep 09 09:46:00 2015 us=374489   management_log_history_cache = 250
Wed Sep 09 09:46:00 2015 us=374489   management_echo_buffer_size = 100
Wed Sep 09 09:46:00 2015 us=374489   management_write_peer_info_file = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   management_client_user = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   management_client_group = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   management_flags = 6
Wed Sep 09 09:46:00 2015 us=374489   shared_secret_file = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   key_direction = 2
Wed Sep 09 09:46:00 2015 us=374489   ciphername_defined = ENABLED
Wed Sep 09 09:46:00 2015 us=374489   ciphername = 'AES-256-CBC'
Wed Sep 09 09:46:00 2015 us=374489   authname_defined = ENABLED
Wed Sep 09 09:46:00 2015 us=374489   authname = 'SHA1'
Wed Sep 09 09:46:00 2015 us=374489   prng_hash = 'SHA1'
Wed Sep 09 09:46:00 2015 us=374489   prng_nonce_secret_len = 16
Wed Sep 09 09:46:00 2015 us=374489   keysize = 0
Wed Sep 09 09:46:00 2015 us=374489   engine = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   replay = ENABLED
Wed Sep 09 09:46:00 2015 us=374489   mute_replay_warnings = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   replay_window = 64
Wed Sep 09 09:46:00 2015 us=374489   replay_time = 15
Wed Sep 09 09:46:00 2015 us=374489   packet_id_file = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   use_iv = ENABLED
Wed Sep 09 09:46:00 2015 us=374489   test_crypto = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   tls_server = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   tls_client = ENABLED
Wed Sep 09 09:46:00 2015 us=374489   key_method = 2
Wed Sep 09 09:46:00 2015 us=374489   ca_file = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   ca_path = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   dh_file = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   cert_file = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   priv_key_file = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   pkcs12_file = 'firewall-udp-1194-vpn_user_name.p12'
Wed Sep 09 09:46:00 2015 us=374489   cryptoapi_cert = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   cipher_list = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   tls_verify = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   tls_export_cert = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   verify_x509_type = 2
Wed Sep 09 09:46:00 2015 us=374489   verify_x509_name = 'OrganisationVPNServerCert'
Wed Sep 09 09:46:00 2015 us=374489   crl_file = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   ns_cert_type = 1
Wed Sep 09 09:46:00 2015 us=374489   remote_cert_ku[i] = 0
Wed Sep 09 09:46:00 2015 us=374489   remote_cert_ku[i] = 0
Wed Sep 09 09:46:00 2015 us=374489   remote_cert_ku[i] = 0
Wed Sep 09 09:46:00 2015 us=374489   remote_cert_ku[i] = 0
Wed Sep 09 09:46:00 2015 us=374489   remote_cert_ku[i] = 0
Wed Sep 09 09:46:00 2015 us=374489   remote_cert_ku[i] = 0
Wed Sep 09 09:46:00 2015 us=374489   remote_cert_ku[i] = 0
Wed Sep 09 09:46:00 2015 us=374489   remote_cert_ku[i] = 0
Wed Sep 09 09:46:00 2015 us=374489   remote_cert_ku[i] = 0
Wed Sep 09 09:46:00 2015 us=374489   remote_cert_ku[i] = 0
Wed Sep 09 09:46:00 2015 us=374489   remote_cert_ku[i] = 0
Wed Sep 09 09:46:00 2015 us=374489   remote_cert_ku[i] = 0
Wed Sep 09 09:46:00 2015 us=374489   remote_cert_ku[i] = 0
Wed Sep 09 09:46:00 2015 us=374489   remote_cert_ku[i] = 0
Wed Sep 09 09:46:00 2015 us=374489   remote_cert_ku[i] = 0
Wed Sep 09 09:46:00 2015 us=374489   remote_cert_ku[i] = 0
Wed Sep 09 09:46:00 2015 us=374489   remote_cert_eku = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   ssl_flags = 0
Wed Sep 09 09:46:00 2015 us=374489   tls_timeout = 2
Wed Sep 09 09:46:00 2015 us=374489   renegotiate_bytes = 0
Wed Sep 09 09:46:00 2015 us=374489   renegotiate_packets = 0
Wed Sep 09 09:46:00 2015 us=374489   renegotiate_seconds = 3600
Wed Sep 09 09:46:00 2015 us=374489   handshake_window = 60
Wed Sep 09 09:46:00 2015 us=374489   transition_window = 3600
Wed Sep 09 09:46:00 2015 us=374489   single_session = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   push_peer_info = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   tls_exit = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   tls_auth_file = 'firewall-udp-1194-vpn_user_name-tls.key'
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_protected_authentication = DISABLED   
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_protected_authentication = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_protected_authentication = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_protected_authentication = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_protected_authentication = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_protected_authentication = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_protected_authentication = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_private_mode = 00000000
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_private_mode = 00000000
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_private_mode = 00000000
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_private_mode = 00000000
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_private_mode = 00000000
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_private_mode = 00000000
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_private_mode = 00000000
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_private_mode = 00000000
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_private_mode = 00000000
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_private_mode = 00000000
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_private_mode = 00000000
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_private_mode = 00000000
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_private_mode = 00000000
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_cert_private = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_cert_private = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_cert_private = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_cert_private = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_cert_private = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_cert_private = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_cert_private = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_cert_private = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_cert_private = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_cert_private = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_cert_private = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_cert_private = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_cert_private = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_cert_private = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_cert_private = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_cert_private = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_pin_cache_period = -1
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_id = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   pkcs11_id_management = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   server_network = 0.0.0.0
Wed Sep 09 09:46:00 2015 us=374489   server_netmask = 0.0.0.0
Wed Sep 09 09:46:00 2015 us=374489   server_network_ipv6 = ::
Wed Sep 09 09:46:00 2015 us=374489   server_netbits_ipv6 = 0
Wed Sep 09 09:46:00 2015 us=374489   server_bridge_ip = 0.0.0.0
Wed Sep 09 09:46:00 2015 us=374489   server_bridge_netmask = 0.0.0.0
Wed Sep 09 09:46:00 2015 us=374489   server_bridge_pool_start = 0.0.0.0
Wed Sep 09 09:46:00 2015 us=374489   server_bridge_pool_end = 0.0.0.0
Wed Sep 09 09:46:00 2015 us=374489   ifconfig_pool_defined = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   ifconfig_pool_start = 0.0.0.0
Wed Sep 09 09:46:00 2015 us=374489   ifconfig_pool_end = 0.0.0.0
Wed Sep 09 09:46:00 2015 us=374489   ifconfig_pool_netmask = 0.0.0.0
Wed Sep 09 09:46:00 2015 us=374489   ifconfig_pool_persist_filename = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   ifconfig_pool_persist_refresh_freq = 600
Wed Sep 09 09:46:00 2015 us=374489   ifconfig_ipv6_pool_defined = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   ifconfig_ipv6_pool_base = ::
Wed Sep 09 09:46:00 2015 us=374489   ifconfig_ipv6_pool_netbits = 0
Wed Sep 09 09:46:00 2015 us=374489   n_bcast_buf = 256
Wed Sep 09 09:46:00 2015 us=374489   tcp_queue_limit = 64
Wed Sep 09 09:46:00 2015 us=374489   real_hash_size = 256
Wed Sep 09 09:46:00 2015 us=374489   virtual_hash_size = 256
Wed Sep 09 09:46:00 2015 us=374489   client_connect_script = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   learn_address_script = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   client_disconnect_script = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   client_config_dir = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   ccd_exclusive = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   tmp_dir = 'C:\Users\Bunka\AppData\Local\Temp\'
Wed Sep 09 09:46:00 2015 us=374489   push_ifconfig_defined = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   push_ifconfig_local = 0.0.0.0
Wed Sep 09 09:46:00 2015 us=374489   push_ifconfig_remote_netmask = 0.0.0.0
Wed Sep 09 09:46:00 2015 us=374489   push_ifconfig_ipv6_defined = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   push_ifconfig_ipv6_local = ::/0
Wed Sep 09 09:46:00 2015 us=374489   push_ifconfig_ipv6_remote = ::
Wed Sep 09 09:46:00 2015 us=374489   enable_c2c = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   duplicate_cn = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   cf_max = 0
Wed Sep 09 09:46:00 2015 us=374489   cf_per = 0
Wed Sep 09 09:46:00 2015 us=374489   max_clients = 1024
Wed Sep 09 09:46:00 2015 us=374489   max_routes_per_client = 256
Wed Sep 09 09:46:00 2015 us=374489   auth_user_pass_verify_script = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   auth_user_pass_verify_script_via_file = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   client = ENABLED
Wed Sep 09 09:46:00 2015 us=374489   pull = ENABLED
Wed Sep 09 09:46:00 2015 us=374489   auth_user_pass_file = 'stdin'
Wed Sep 09 09:46:00 2015 us=374489   show_net_up = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   route_method = 0
Wed Sep 09 09:46:00 2015 us=374489   ip_win32_defined = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   ip_win32_type = 3
Wed Sep 09 09:46:00 2015 us=374489   dhcp_masq_offset = 0
Wed Sep 09 09:46:00 2015 us=374489   dhcp_lease_time = 31536000
Wed Sep 09 09:46:00 2015 us=374489   tap_sleep = 0
Wed Sep 09 09:46:00 2015 us=374489   dhcp_options = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   dhcp_renew = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   dhcp_pre_release = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   dhcp_release = DISABLED
Wed Sep 09 09:46:00 2015 us=374489   domain = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   netbios_scope = '[UNDEF]'
Wed Sep 09 09:46:00 2015 us=374489   netbios_node_type = 0
Wed Sep 09 09:46:00 2015 us=374489   disable_nbt = DISABLED
Wed Sep 09 09:46:00 2015 us=374489 OpenVPN 2.3.8 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Aug  4 2015
Wed Sep 09 09:46:00 2015 us=374489 library versions: OpenSSL 1.0.1p 9 Jul 2015, LZO 2.08
Enter Management Password:
Wed Sep 09 09:46:00 2015 us=374489 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Wed Sep 09 09:46:00 2015 us=374489 Need hold release from management interface, waiting...
Wed Sep 09 09:46:00 2015 us=864494 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Wed Sep 09 09:46:00 2015 us=973389 MANAGEMENT: CMD 'state on'
Wed Sep 09 09:46:00 2015 us=973389 MANAGEMENT: CMD 'log all on'
Wed Sep 09 09:46:01 2015 us=159203 MANAGEMENT: CMD 'hold off'
Wed Sep 09 09:46:01 2015 us=160203 MANAGEMENT: CMD 'hold release'
Wed Sep 09 09:46:14 2015 us=673489 MANAGEMENT: CMD 'username "Auth" "vpn_user_name"'
Wed Sep 09 09:46:14 2015 us=689115 MANAGEMENT: CMD 'password [...]'
Wed Sep 09 09:46:14 2015 us=758594 Control Channel Authentication: using 'firewall-udp-1194-vpn_user_name-tls.key' as a OpenVPN static key file
Wed Sep 09 09:46:14 2015 us=758594 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 09 09:46:14 2015 us=758594 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 09 09:46:14 2015 us=758594 LZO compression initialized
Wed Sep 09 09:46:14 2015 us=758594 Control Channel MTU parms [ L:1558 D:166 EF:66 EB:0 ET:0 EL:3 ]
Wed Sep 09 09:46:14 2015 us=758594 Socket Buffers: R=[65536->65536] S=[65536->65536]
Wed Sep 09 09:46:14 2015 us=758594 MANAGEMENT: >STATE:1441784774,RESOLVE,,,
Wed Sep 09 09:46:14 2015 us=842453 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:143 ET:0 EL:3 AF:3/1 ]
Wed Sep 09 09:46:14 2015 us=842453 Local Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'
Wed Sep 09 09:46:14 2015 us=842453 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'
Wed Sep 09 09:46:14 2015 us=842453 Local Options hash (VER=V4): '9e7066d2'
Wed Sep 09 09:46:14 2015 us=842453 Expected Remote Options hash (VER=V4): '162b04de'
Wed Sep 09 09:46:14 2015 us=842453 UDPv4 link local (bound): [undef]
Wed Sep 09 09:46:14 2015 us=842453 UDPv4 link remote: [AF_INET][My Public IP Addr.]:1194
Wed Sep 09 09:46:14 2015 us=842453 MANAGEMENT: >STATE:1441784774,WAIT,,,
Wed Sep 09 09:46:14 2015 us=842453 MANAGEMENT: >STATE:1441784774,AUTH,,,
Wed Sep 09 09:46:14 2015 us=842453 TLS: Initial packet from [AF_INET][My Public IP Addr.]:1194, sid=21186e69 f17bd219
Wed Sep 09 09:46:14 2015 us=842453 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Wed Sep 09 09:46:14 2015 us=873716 VERIFY OK: depth=1, C=SK, ST=MyCity, L=MyCity, O=Company, [email protected], CN=OrganisationVPNCA
Wed Sep 09 09:46:14 2015 us=873716 VERIFY OK: nsCertType=SERVER
Wed Sep 09 09:46:14 2015 us=873716 VERIFY X509NAME OK: C=SK, ST=MyCity, L=MyCity, O=Company, [email protected], CN=OrganisationVPNServerCert
Wed Sep 09 09:46:14 2015 us=873716 VERIFY OK: depth=0, C=SK, ST=MyCity, L=MyCity, O=Company, [email protected], CN=OrganisationVPNServerCert
Wed Sep 09 09:46:14 2015 us=957707 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Wed Sep 09 09:46:14 2015 us=957707 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 09 09:46:14 2015 us=957707 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Wed Sep 09 09:46:14 2015 us=957707 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 09 09:46:14 2015 us=957707 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Wed Sep 09 09:46:14 2015 us=958194 [OrganisationVPNServerCert] Peer Connection Initiated with [AF_INET][My Public IP Addr.]:1194
Wed Sep 09 09:46:16 2015 us=155262 MANAGEMENT: >STATE:1441784776,GET_CONFIG,,,
Wed Sep 09 09:46:17 2015 us=352292 SENT CONTROL [OrganisationVPNServerCert]: 'PUSH_REQUEST' (status=1)
Wed Sep 09 09:46:17 2015 us=355285 PUSH: Received control message: 'PUSH_REPLY,route 192.168.168.0 255.255.255.0,dhcp-option DOMAIN Organisation.com,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route 192.168.168.0 255.255.255.0,route-gateway 192.168.188.1,topology subnet,ping 10,ping-restart 60,ifconfig 192.168.188.2 255.255.255.0'
Wed Sep 09 09:46:17 2015 us=355285 OPTIONS IMPORT: timers and/or timeouts modified
Wed Sep 09 09:46:17 2015 us=355285 OPTIONS IMPORT: --ifconfig/up options modified
Wed Sep 09 09:46:17 2015 us=355285 OPTIONS IMPORT: route options modified
Wed Sep 09 09:46:17 2015 us=355285 OPTIONS IMPORT: route-related options modified
Wed Sep 09 09:46:17 2015 us=355285 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed Sep 09 09:46:17 2015 us=362299 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Sep 09 09:46:17 2015 us=362299 MANAGEMENT: >STATE:1441784777,ASSIGN_IP,,192.168.188.2,
Wed Sep 09 09:46:17 2015 us=362299 open_tun, tt->ipv6=0
Wed Sep 09 09:46:17 2015 us=364301 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{335D22B2-F76A-41B2-B16E-348169C58614}.tap
Wed Sep 09 09:46:17 2015 us=364301 TAP-Windows Driver Version 9.21 
Wed Sep 09 09:46:17 2015 us=364301 TAP-Windows MTU=1500
Wed Sep 09 09:46:17 2015 us=366301 Set TAP-Windows TUN subnet mode network/local/netmask = 192.168.188.0/192.168.188.2/255.255.255.0 [SUCCEEDED]
Wed Sep 09 09:46:17 2015 us=366301 Notified TAP-Windows driver to set a DHCP IP/netmask of 192.168.188.2/255.255.255.0 on interface {335D22B2-F76A-41B2-B16E-348169C58614} [DHCP-serv: 192.168.188.254, lease-time: 31536000]
Wed Sep 09 09:46:17 2015 us=366301 DHCP option string: 0f0e6669 6c657265 736f7274 2e636f6d 06080808 08080808 0404
Wed Sep 09 09:46:17 2015 us=367290 Successful ARP Flush on interface [3] {335D22B2-F76A-41B2-B16E-348169C58614}
Wed Sep 09 09:46:22 2015 us=952185 TEST ROUTES: 2/2 succeeded len=2 ret=1 a=0 u/d=up
Wed Sep 09 09:46:22 2015 us=952185 MANAGEMENT: >STATE:1441784782,ADD_ROUTES,,,
Wed Sep 09 09:46:22 2015 us=953187 C:\Windows\system32\route.exe ADD 192.168.168.0 MASK 255.255.255.0 192.168.188.1
Wed Sep 09 09:46:22 2015 us=956188 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Wed Sep 09 09:46:22 2015 us=956188 Route addition via IPAPI succeeded [adaptive]
Wed Sep 09 09:46:22 2015 us=956188 C:\Windows\system32\route.exe ADD 192.168.168.0 MASK 255.255.255.0 192.168.188.1
Wed Sep 09 09:46:22 2015 us=959190 ROUTE: route addition failed using CreateIpForwardEntry: The object already exists.   [status=5010 if_index=3]
Wed Sep 09 09:46:22 2015 us=959190 Route addition via IPAPI failed [adaptive]
Wed Sep 09 09:46:22 2015 us=959190 Route addition fallback to route.exe
Wed Sep 09 09:46:22 2015 us=959190 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Wed Sep 09 09:46:23 2015 us=5949 Initialization Sequence Completed
Wed Sep 09 09:46:23 2015 us=5949 MANAGEMENT: >STATE:1441784783,CONNECTED,SUCCESS,192.168.188.2,[My Public IP Addr.]
Wed Sep 09 10:46:14 2015 us=366478 TLS: soft reset sec=0 bytes=976355/0 pkts=8121/0
Wed Sep 09 10:46:14 2015 us=397729 VERIFY OK: depth=1, C=SK, ST=MyCity, L=MyCity, O=Company, [email protected], CN=OrganisationVPNCA
Wed Sep 09 10:46:14 2015 us=397729 VERIFY OK: nsCertType=SERVER
Wed Sep 09 10:46:14 2015 us=397729 VERIFY X509NAME OK: C=SK, ST=MyCity, L=MyCity, O=Company, [email protected], CN=OrganisationVPNServerCert
Wed Sep 09 10:46:14 2015 us=397729 VERIFY OK: depth=0, C=SK, ST=MyCity, L=MyCity, O=Company, [email protected], CN=OrganisationVPNServerCert
Wed Sep 09 10:46:14 2015 us=475693 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Wed Sep 09 10:46:14 2015 us=475693 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 09 10:46:14 2015 us=475693 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Wed Sep 09 10:46:14 2015 us=475693 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 09 10:46:14 2015 us=475693 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA

非常感谢。

相关内容