我正在尝试连接到我在 centos7 上安装的 openvpn 服务器(按照本教程https://www.digitalocean.com/community/tutorials/how-to-setup-and-configure-an-openvpn-server-on-centos-7),握手似乎正在发生,但是连接不断重置。以下是日志:
客户端
Wed Jun 28 23:42:48 2017 OpenVPN 2.3.11 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO]
[PKCS11] [IPv6] built on May 10 2016
Wed Jun 28 23:42:48 2017 Windows version 6.2 (Windows 8 or greater) 64bit
Wed Jun 28 23:42:48 2017 library versions: OpenSSL 1.0.1t 3 May 2016, LZO 2.09
Wed Jun 28 23:42:48 2017 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Wed Jun 28 23:42:48 2017 Need hold release from management interface, waiting...
Wed Jun 28 23:42:48 2017 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Wed Jun 28 23:42:48 2017 MANAGEMENT: CMD 'state on'
Wed Jun 28 23:42:48 2017 MANAGEMENT: CMD 'log all on'
Wed Jun 28 23:42:49 2017 MANAGEMENT: CMD 'hold off'
Wed Jun 28 23:42:49 2017 MANAGEMENT: CMD 'hold release'
Wed Jun 28 23:42:49 2017 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Wed Jun 28 23:42:49 2017 Socket Buffers: R=[65536->65536] S=[65536->65536]
Wed Jun 28 23:42:49 2017 Attempting to establish TCP connection with [AF_INET]41.124.127.66:1194 [nonblock]
Wed Jun 28 23:42:49 2017 MANAGEMENT: >STATE:1498686169,TCP_CONNECT,,,
Wed Jun 28 23:42:50 2017 TCP connection established with [AF_INET]41.124.127.66:1194
Wed Jun 28 23:42:50 2017 TCPv4_CLIENT link local: [undef]
Wed Jun 28 23:42:50 2017 TCPv4_CLIENT link remote: [AF_INET]41.124.127.66:1194
Wed Jun 28 23:42:50 2017 MANAGEMENT: >STATE:1498686170,WAIT,,,
Wed Jun 28 23:42:50 2017 MANAGEMENT: >STATE:1498686170,AUTH,,,
Wed Jun 28 23:42:50 2017 TLS: Initial packet from [AF_INET]41.124.127.66:1194, sid=16544047 8d1189bc
Wed Jun 28 23:42:52 2017 Connection reset, restarting [-1]
Wed Jun 28 23:42:52 2017 SIGUSR1[soft,connection-reset] received, process restarting
Wed Jun 28 23:42:52 2017 MANAGEMENT: >STATE:1498686172,RECONNECTING,connection-reset,,
Wed Jun 28 23:42:52 2017 Restart pause, 5 second(s)
Wed Jun 28 23:42:57 2017 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Wed Jun 28 23:42:57 2017 Socket Buffers: R=[65536->65536] S=[65536->65536]
Wed Jun 28 23:42:57 2017 Attempting to establish TCP connection with [AF_INET]41.124.127.66:1194 [nonblock]
Wed Jun 28 23:42:57 2017 MANAGEMENT: >STATE:1498686177,TCP_CONNECT,,,
Wed Jun 28 23:42:58 2017 TCP connection established with [AF_INET]41.124.127.66:1194
Wed Jun 28 23:42:58 2017 TCPv4_CLIENT link local: [undef]
Wed Jun 28 23:42:58 2017 TCPv4_CLIENT link remote: [AF_INET]41.124.127.66:1194
Wed Jun 28 23:42:58 2017 MANAGEMENT: >STATE:1498686178,WAIT,,,
Wed Jun 28 23:42:58 2017 MANAGEMENT: >STATE:1498686178,AUTH,,,
Wed Jun 28 23:42:58 2017 TLS: Initial packet from [AF_INET]41.124.127.66:1194, sid=97dc8edb 5fa1846c
Wed Jun 28 23:42:58 2017 Connection reset, restarting [-1]
Wed Jun 28 23:42:58 2017 SIGUSR1[soft,connection-reset] received, process restarting
Wed Jun 28 23:42:58 2017 MANAGEMENT: >STATE:1498686178,RECONNECTING,connection-reset,,
Wed Jun 28 23:42:58 2017 Restart pause, 5 second(s)
服务器端
Wed Jun 28 21:34:02 2017 us=261389 Current Parameter Settings:
Wed Jun 28 21:34:02 2017 us=261470 config = 'server.conf'
Wed Jun 28 21:34:02 2017 us=261483 mode = 1
Wed Jun 28 21:34:02 2017 us=261491 persist_config = DISABLED
Wed Jun 28 21:34:02 2017 us=261498 persist_mode = 1
Wed Jun 28 21:34:02 2017 us=261504 show_ciphers = DISABLED
Wed Jun 28 21:34:02 2017 us=261510 show_digests = DISABLED
Wed Jun 28 21:34:02 2017 us=261516 show_engines = DISABLED
Wed Jun 28 21:34:02 2017 us=261522 genkey = DISABLED
Wed Jun 28 21:34:02 2017 us=261528 key_pass_file = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261535 show_tls_ciphers = DISABLED
Wed Jun 28 21:34:02 2017 us=261542 Connection profiles [default]:
Wed Jun 28 21:34:02 2017 us=261549 proto = tcp-server
Wed Jun 28 21:34:02 2017 us=261555 local = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261562 local_port = 1194
Wed Jun 28 21:34:02 2017 us=261568 remote = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261574 remote_port = 1194
Wed Jun 28 21:34:02 2017 us=261580 remote_float = DISABLED
Wed Jun 28 21:34:02 2017 us=261586 bind_defined = DISABLED
Wed Jun 28 21:34:02 2017 us=261592 bind_local = ENABLED
Wed Jun 28 21:34:02 2017 us=261598 connect_retry_seconds = 5
Wed Jun 28 21:34:02 2017 us=261604 connect_timeout = 10
Wed Jun 28 21:34:02 2017 us=261610 connect_retry_max = 0
Wed Jun 28 21:34:02 2017 us=261616 socks_proxy_server = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261623 socks_proxy_port = 0
Wed Jun 28 21:34:02 2017 us=261628 socks_proxy_retry = DISABLED
Wed Jun 28 21:34:02 2017 us=261635 tun_mtu = 1500
Wed Jun 28 21:34:02 2017 us=261641 tun_mtu_defined = ENABLED
Wed Jun 28 21:34:02 2017 us=261647 link_mtu = 1500
Wed Jun 28 21:34:02 2017 us=261653 link_mtu_defined = DISABLED
Wed Jun 28 21:34:02 2017 us=261659 tun_mtu_extra = 0
Wed Jun 28 21:34:02 2017 us=261665 tun_mtu_extra_defined = DISABLED
Wed Jun 28 21:34:02 2017 us=261671 mtu_discover_type = -1
Wed Jun 28 21:34:02 2017 us=261677 fragment = 0
Wed Jun 28 21:34:02 2017 us=261683 mssfix = 1450
Wed Jun 28 21:34:02 2017 us=261689 explicit_exit_notification = 0
Wed Jun 28 21:34:02 2017 us=261695 Connection profiles END
Wed Jun 28 21:34:02 2017 us=261701 remote_random = DISABLED
Wed Jun 28 21:34:02 2017 us=261707 ipchange = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261718 dev = 'tun'
Wed Jun 28 21:34:02 2017 us=261727 dev_type = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261733 dev_node = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261739 lladdr = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261746 topology = 1
Wed Jun 28 21:34:02 2017 us=261752 tun_ipv6 = DISABLED
Wed Jun 28 21:34:02 2017 us=261759 ifconfig_local = '10.8.0.1'
Wed Jun 28 21:34:02 2017 us=261765 ifconfig_remote_netmask = '10.8.0.2'
Wed Jun 28 21:34:02 2017 us=261771 ifconfig_noexec = DISABLED
Wed Jun 28 21:34:02 2017 us=261777 ifconfig_nowarn = DISABLED
Wed Jun 28 21:34:02 2017 us=261783 ifconfig_ipv6_local = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261789 ifconfig_ipv6_netbits = 0
Wed Jun 28 21:34:02 2017 us=261796 ifconfig_ipv6_remote = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261802 shaper = 0
Wed Jun 28 21:34:02 2017 us=261808 mtu_test = 0
Wed Jun 28 21:34:02 2017 us=261814 mlock = DISABLED
Wed Jun 28 21:34:02 2017 us=261821 keepalive_ping = 10
Wed Jun 28 21:34:02 2017 us=261828 keepalive_timeout = 120
Wed Jun 28 21:34:02 2017 us=261835 inactivity_timeout = 0
Wed Jun 28 21:34:02 2017 us=261841 ping_send_timeout = 10
Wed Jun 28 21:34:02 2017 us=261847 ping_rec_timeout = 240
Wed Jun 28 21:34:02 2017 us=261853 ping_rec_timeout_action = 2
Wed Jun 28 21:34:02 2017 us=261859 ping_timer_remote = DISABLED
Wed Jun 28 21:34:02 2017 us=261865 remap_sigusr1 = 0
Wed Jun 28 21:34:02 2017 us=261871 persist_tun = ENABLED
Wed Jun 28 21:34:02 2017 us=261877 persist_local_ip = DISABLED
Wed Jun 28 21:34:02 2017 us=261883 persist_remote_ip = DISABLED
Wed Jun 28 21:34:02 2017 us=261889 persist_key = ENABLED
Wed Jun 28 21:34:02 2017 us=261895 passtos = DISABLED
Wed Jun 28 21:34:02 2017 us=261901 resolve_retry_seconds = 1000000000
Wed Jun 28 21:34:02 2017 us=261915 username = 'nobody'
Wed Jun 28 21:34:02 2017 us=261922 groupname = 'nobody'
Wed Jun 28 21:34:02 2017 us=261928 chroot_dir = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261934 cd_dir = '/etc/openvpn/'
Wed Jun 28 21:34:02 2017 us=261940 writepid = '/var/run/openvpn/server.pid'
Wed Jun 28 21:34:02 2017 us=261946 up_script = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261952 down_script = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=261958 down_pre = DISABLED
Wed Jun 28 21:34:02 2017 us=261965 up_restart = DISABLED
Wed Jun 28 21:34:02 2017 us=261970 up_delay = DISABLED
Wed Jun 28 21:34:02 2017 us=261976 daemon = ENABLED
Wed Jun 28 21:34:02 2017 us=261982 inetd = 0
Wed Jun 28 21:34:02 2017 us=261988 log = ENABLED
Wed Jun 28 21:34:02 2017 us=261995 suppress_timestamps = DISABLED
Wed Jun 28 21:34:02 2017 us=262001 nice = 0
Wed Jun 28 21:34:02 2017 us=262038 verbosity = 6
Wed Jun 28 21:34:02 2017 us=262047 mute = 0
Wed Jun 28 21:34:02 2017 us=262053 gremlin = 0
Wed Jun 28 21:34:02 2017 us=262060 status_file = 'openvpn-status.log'
Wed Jun 28 21:34:02 2017 us=262066 status_file_version = 1
Wed Jun 28 21:34:02 2017 us=262072 status_file_update_freq = 60
Wed Jun 28 21:34:02 2017 us=262078 occ = ENABLED
Wed Jun 28 21:34:02 2017 us=262084 rcvbuf = 0
Wed Jun 28 21:34:02 2017 us=262090 sndbuf = 0
Wed Jun 28 21:34:02 2017 us=262096 mark = 0
Wed Jun 28 21:34:02 2017 us=262102 sockflags = 0
Wed Jun 28 21:34:02 2017 us=262108 fast_io = DISABLED
Wed Jun 28 21:34:02 2017 us=262114 lzo = 7
Wed Jun 28 21:34:02 2017 us=262120 route_script = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262126 route_default_gateway = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262132 route_default_metric = 0
Wed Jun 28 21:34:02 2017 us=262139 route_noexec = DISABLED
Wed Jun 28 21:34:02 2017 us=262145 route_delay = 0
Wed Jun 28 21:34:02 2017 us=262151 route_delay_window = 30
Wed Jun 28 21:34:02 2017 us=262157 route_delay_defined = DISABLED
Wed Jun 28 21:34:02 2017 us=262163 route_nopull = DISABLED
Wed Jun 28 21:34:02 2017 us=262170 route_gateway_via_dhcp = DISABLED
Wed Jun 28 21:34:02 2017 us=262176 max_routes = 100
Wed Jun 28 21:34:02 2017 us=262182 allow_pull_fqdn = DISABLED
Wed Jun 28 21:34:02 2017 us=262189 route 10.8.0.0/255.255.255.0/nil/nil
Wed Jun 28 21:34:02 2017 us=262196 management_addr = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262202 management_port = 0
Wed Jun 28 21:34:02 2017 us=262221 management_user_pass = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262229 management_log_history_cache = 250
Wed Jun 28 21:34:02 2017 us=262235 management_echo_buffer_size = 100
Wed Jun 28 21:34:02 2017 us=262242 management_write_peer_info_file = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262248 management_client_user = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262254 management_client_group = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262261 management_flags = 0
Wed Jun 28 21:34:02 2017 us=262267 shared_secret_file = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262273 key_direction = 0
Wed Jun 28 21:34:02 2017 us=262280 ciphername_defined = ENABLED
Wed Jun 28 21:34:02 2017 us=262286 ciphername = 'BF-CBC'
Wed Jun 28 21:34:02 2017 us=262293 authname_defined = ENABLED
Wed Jun 28 21:34:02 2017 us=262299 authname = 'SHA1'
Wed Jun 28 21:34:02 2017 us=262305 prng_hash = 'SHA1'
Wed Jun 28 21:34:02 2017 us=262312 prng_nonce_secret_len = 16
Wed Jun 28 21:34:02 2017 us=262318 keysize = 0
Wed Jun 28 21:34:02 2017 us=262324 engine = DISABLED
Wed Jun 28 21:34:02 2017 us=262330 replay = ENABLED
Wed Jun 28 21:34:02 2017 us=262336 mute_replay_warnings = DISABLED
Wed Jun 28 21:34:02 2017 us=262342 replay_window = 64
Wed Jun 28 21:34:02 2017 us=262348 replay_time = 15
Wed Jun 28 21:34:02 2017 us=262354 packet_id_file = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262360 use_iv = ENABLED
Wed Jun 28 21:34:02 2017 us=262366 test_crypto = DISABLED
Wed Jun 28 21:34:02 2017 us=262372 tls_server = ENABLED
Wed Jun 28 21:34:02 2017 us=262378 tls_client = DISABLED
Wed Jun 28 21:34:02 2017 us=262384 key_method = 2
Wed Jun 28 21:34:02 2017 us=262396 ca_file = 'ca.crt'
Wed Jun 28 21:34:02 2017 us=262402 ca_path = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262408 dh_file = 'dh2048.pem'
Wed Jun 28 21:34:02 2017 us=262414 cert_file = 'server.crt'
Wed Jun 28 21:34:02 2017 us=262421 extra_certs_file = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262427 priv_key_file = 'server.key'
Wed Jun 28 21:34:02 2017 us=262434 pkcs12_file = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262440 cipher_list = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262446 tls_verify = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262452 tls_export_cert = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262459 verify_x509_type = 0
Wed Jun 28 21:34:02 2017 us=262467 verify_x509_name = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262474 crl_file = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262480 ns_cert_type = 0
Wed Jun 28 21:34:02 2017 us=262486 remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262492 remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262498 remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262504 remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262510 remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262516 remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262522 remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262528 remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262534 remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262540 remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262545 remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262551 remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262557 remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262563 remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262569 remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262575 remote_cert_ku[i] = 0
Wed Jun 28 21:34:02 2017 us=262581 remote_cert_eku = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262587 ssl_flags = 0
Wed Jun 28 21:34:02 2017 us=262593 tls_timeout = 2
Wed Jun 28 21:34:02 2017 us=262599 renegotiate_bytes = 0
Wed Jun 28 21:34:02 2017 us=262605 renegotiate_packets = 0
Wed Jun 28 21:34:02 2017 us=262611 renegotiate_seconds = 3600
Wed Jun 28 21:34:02 2017 us=262617 handshake_window = 60
Wed Jun 28 21:34:02 2017 us=262624 transition_window = 3600
Wed Jun 28 21:34:02 2017 us=262630 single_session = DISABLED
Wed Jun 28 21:34:02 2017 us=262636 push_peer_info = DISABLED
Wed Jun 28 21:34:02 2017 us=262643 tls_exit = DISABLED
Wed Jun 28 21:34:02 2017 us=262649 tls_auth_file = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=262656 pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262662 pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262668 pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262674 pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262680 pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262686 pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262692 pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262698 pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262704 pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262710 pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262717 pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262724 pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262732 pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262739 pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262746 pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262752 pkcs11_protected_authentication = DISABLED
Wed Jun 28 21:34:02 2017 us=262759 pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262766 pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262772 pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262779 pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262791 pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262797 pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262803 pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262809 pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262816 pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262823 pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262830 pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262838 pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262846 pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262853 pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262860 pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262868 pkcs11_private_mode = 00000000
Wed Jun 28 21:34:02 2017 us=262875 pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262882 pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262890 pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262897 pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262904 pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262911 pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262918 pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262925 pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262932 pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262940 pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262947 pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262954 pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262962 pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262970 pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262977 pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262985 pkcs11_cert_private = DISABLED
Wed Jun 28 21:34:02 2017 us=262993 pkcs11_pin_cache_period = -1
Wed Jun 28 21:34:02 2017 us=263000 pkcs11_id = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=263007 pkcs11_id_management = DISABLED
Wed Jun 28 21:34:02 2017 us=263017 server_network = 10.8.0.0
Wed Jun 28 21:34:02 2017 us=263026 server_netmask = 255.255.255.0
Wed Jun 28 21:34:02 2017 us=263037 server_network_ipv6 = ::
Wed Jun 28 21:34:02 2017 us=263044 server_netbits_ipv6 = 0
Wed Jun 28 21:34:02 2017 us=263052 server_bridge_ip = 0.0.0.0
Wed Jun 28 21:34:02 2017 us=263060 server_bridge_netmask = 0.0.0.0
Wed Jun 28 21:34:02 2017 us=263073 server_bridge_pool_start = 0.0.0.0
Wed Jun 28 21:34:02 2017 us=263082 server_bridge_pool_end = 0.0.0.0
Wed Jun 28 21:34:02 2017 us=263089 push_entry = 'redirect-gateway def1 bypass-dhcp'
Wed Jun 28 21:34:02 2017 us=263096 push_entry = 'dhcp-option DNS 8.8.8.8'
Wed Jun 28 21:34:02 2017 us=263103 push_entry = 'dhcp-option DNS 8.8.4.4'
Wed Jun 28 21:34:02 2017 us=263111 push_entry = 'route 10.8.0.1'
Wed Jun 28 21:34:02 2017 us=263118 push_entry = 'topology net30'
Wed Jun 28 21:34:02 2017 us=263125 push_entry = 'ping 10'
Wed Jun 28 21:34:02 2017 us=263133 push_entry = 'ping-restart 120'
Wed Jun 28 21:34:02 2017 us=263140 ifconfig_pool_defined = ENABLED
Wed Jun 28 21:34:02 2017 us=263148 ifconfig_pool_start = 10.8.0.4
Wed Jun 28 21:34:02 2017 us=263156 ifconfig_pool_end = 10.8.0.251
Wed Jun 28 21:34:02 2017 us=263164 ifconfig_pool_netmask = 0.0.0.0
Wed Jun 28 21:34:02 2017 us=263171 ifconfig_pool_persist_filename = 'ipp.txt'
Wed Jun 28 21:34:02 2017 us=263179 ifconfig_pool_persist_refresh_freq = 600
Wed Jun 28 21:34:02 2017 us=263186 ifconfig_ipv6_pool_defined = DISABLED
Wed Jun 28 21:34:02 2017 us=263194 ifconfig_ipv6_pool_base = ::
Wed Jun 28 21:34:02 2017 us=263201 ifconfig_ipv6_pool_netbits = 0
Wed Jun 28 21:34:02 2017 us=263218 n_bcast_buf = 256
Wed Jun 28 21:34:02 2017 us=263227 tcp_queue_limit = 64
Wed Jun 28 21:34:02 2017 us=263234 real_hash_size = 256
Wed Jun 28 21:34:02 2017 us=263241 virtual_hash_size = 256
Wed Jun 28 21:34:02 2017 us=263249 client_connect_script = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=263255 learn_address_script = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=263269 client_disconnect_script = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=263276 client_config_dir = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=263283 ccd_exclusive = DISABLED
Wed Jun 28 21:34:02 2017 us=263290 tmp_dir = '/tmp'
Wed Jun 28 21:34:02 2017 us=263297 push_ifconfig_defined = DISABLED
Wed Jun 28 21:34:02 2017 us=263306 push_ifconfig_local = 0.0.0.0
Wed Jun 28 21:34:02 2017 us=263315 push_ifconfig_remote_netmask = 0.0.0.0
Wed Jun 28 21:34:02 2017 us=263322 push_ifconfig_ipv6_defined = DISABLED
Wed Jun 28 21:34:02 2017 us=263329 push_ifconfig_ipv6_local = ::/0
Wed Jun 28 21:34:02 2017 us=263336 push_ifconfig_ipv6_remote = ::
Wed Jun 28 21:34:02 2017 us=263342 enable_c2c = DISABLED
Wed Jun 28 21:34:02 2017 us=263349 duplicate_cn = DISABLED
Wed Jun 28 21:34:02 2017 us=263355 cf_max = 0
Wed Jun 28 21:34:02 2017 us=263362 cf_per = 0
Wed Jun 28 21:34:02 2017 us=263368 max_clients = 1024
Wed Jun 28 21:34:02 2017 us=263375 max_routes_per_client = 256
Wed Jun 28 21:34:02 2017 us=263382 auth_user_pass_verify_script = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=263388 auth_user_pass_verify_script_via_file = DISABLED
Wed Jun 28 21:34:02 2017 us=263394 port_share_host = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=263401 port_share_port = 0
Wed Jun 28 21:34:02 2017 us=263407 client = DISABLED
Wed Jun 28 21:34:02 2017 us=263413 pull = DISABLED
Wed Jun 28 21:34:02 2017 us=263419 auth_user_pass_file = '[UNDEF]'
Wed Jun 28 21:34:02 2017 us=263427 OpenVPN 2.3.11 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on May 10 2016
Wed Jun 28 21:34:02 2017 us=263443 library versions: OpenSSL 1.0.1e-fips 11 Feb 2013, LZO 2.06
Wed Jun 28 21:34:02 2017 us=275926 Diffie-Hellman initialized with 2048 bit key
Wed Jun 28 21:34:02 2017 us=276626 TLS-Auth MTU parms [ L:1544 D:1210 EF:40 EB:0 ET:0 EL:3 ]
Wed Jun 28 21:34:02 2017 us=276665 Socket Buffers: R=[87380->87380] S=[16384->16384]
Wed Jun 28 21:34:02 2017 us=276851 ROUTE_GATEWAY 41.124.254.1/255.255.255.0 IFACE=eth0 HWADDR=f2:3c:91:79:07:a1
Wed Jun 28 21:34:02 2017 us=277532 TUN/TAP device tun0 opened
Wed Jun 28 21:34:02 2017 us=277560 TUN/TAP TX queue length set to 100
Wed Jun 28 21:34:02 2017 us=277575 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Jun 28 21:34:02 2017 us=277601 /usr/sbin/ip link set dev tun0 up mtu 1500
Wed Jun 28 21:34:02 2017 us=282681 /usr/sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
Wed Jun 28 21:34:02 2017 us=288983 /usr/sbin/ip route add 10.8.0.0/24 via 10.8.0.2
Wed Jun 28 21:34:02 2017 us=290287 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:143 ET:0 EL:3 AF:3/1 ]
Wed Jun 28 21:34:02 2017 us=290677 GID set to nobody
Wed Jun 28 21:34:02 2017 us=290696 UID set to nobody
Wed Jun 28 21:34:02 2017 us=290709 Listening for incoming TCP connection on [undef]
Wed Jun 28 21:34:02 2017 us=290721 TCPv4_SERVER link local (bound): [undef]
Wed Jun 28 21:34:02 2017 us=290727 TCPv4_SERVER link remote: [undef]
Wed Jun 28 21:34:02 2017 us=290737 MULTI: multi_init called, r=256 v=256
Wed Jun 28 21:34:02 2017 us=290769 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Wed Jun 28 21:34:02 2017 us=290779 ifconfig_pool_read(), in='client,10.8.0.4', TODO: IPv6
Wed Jun 28 21:34:02 2017 us=290788 succeeded -> ifconfig_pool_set()
Wed Jun 28 21:34:02 2017 us=290794 IFCONFIG POOL LIST
Wed Jun 28 21:34:02 2017 us=290800 client,10.8.0.4
Wed Jun 28 21:34:02 2017 us=290818 MULTI: TCP INIT maxclients=1024 maxevents=1028
Wed Jun 28 21:34:02 2017 us=290838 Initialization Sequence Completed
Wed Jun 28 21:34:12 2017 us=294771 MULTI: multi_create_instance called
Wed Jun 28 21:34:12 2017 us=294934 Re-using SSL/TLS context
Wed Jun 28 21:34:12 2017 us=295009 LZO compression initialized
Wed Jun 28 21:34:12 2017 us=295144 Control Channel MTU parms [ L:1544 D:1210 EF:40 EB:0 ET:0 EL:3 ]
Wed Jun 28 21:34:12 2017 us=295166 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:143 ET:0 EL:3 AF:3/1 ]
Wed Jun 28 21:34:12 2017 us=295194 Local Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Wed Jun 28 21:34:12 2017 us=295225 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Wed Jun 28 21:34:12 2017 us=295241 Local Options hash (VER=V4): 'c0103fa8'
Wed Jun 28 21:34:12 2017 us=295250 Expected Remote Options hash (VER=V4): '69109d17'
Wed Jun 28 21:34:12 2017 us=295282 TCP connection established with [AF_INET]45.247.102.142:52355
Wed Jun 28 21:34:12 2017 us=295291 TCPv4_SERVER link local: [undef]
Wed Jun 28 21:34:12 2017 us=295296 TCPv4_SERVER link remote: [AF_INET]45.247.102.142:52355
Wed Jun 28 21:34:13 2017 us=467508 45.247.102.142:52355 TCPv4_SERVER READ [14] from [AF_INET]45.247.102.142:52355: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
Wed Jun 28 21:34:13 2017 us=467577 45.247.102.142:52355 TLS: Initial packet from [AF_INET]45.247.102.142:52355, sid=5758c05e 539a249f
Wed Jun 28 21:34:13 2017 us=467615 45.247.102.142:52355 TCPv4_SERVER WRITE [26] to [AF_INET]45.247.102.142:52355: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 [ 0 ] pid=0 DATA len=0
Wed Jun 28 21:34:13 2017 us=967139 45.247.102.142:52355 Connection reset, restarting [-1]
Wed Jun 28 21:34:13 2017 us=967232 45.247.102.142:52355 SIGUSR1[soft,connection-reset] received, client-instance restarting
Wed Jun 28 21:34:13 2017 us=967384 TCP/UDP: Closing socket
最后它以重启循环结束。我无法从日志中找出我做错了什么。
答案1
我只需将服务器协议从 tcp 更改为 udp 即可解决问题。但还是不知道为什么