我想在 CentOS 7 服务器上设置 OpenVPN 服务器。从我的 ISP 来看,我只有公共 IPv6 地址,IPv4 在 ISP 处进行了 NAT,因此我决定将我的 VPN 配置为基于 IPv6。
我跟着这教程,这意味着我使用下载的脚本为我设置 IPv4,然后更改配置以兼容 IPv6。结果是:
port 1194
proto udp
dev tun
sndbuf 0
rcvbuf 0
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA512
tls-auth ta.key 0
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 192.168.10.1"
keepalive 10 120
cipher AES-256-CBC
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
verb 4
crl-verify crl.pem
log-append /var/log/openvpn.log
server-ipv6 2001:db8:0:123::/64
tun-ipv6
push tun-ipv6
ifconfig-ipv6 2001:db8:0:123::1 2001:db8:0:123::2
push "route-ipv6 2001:db8:0:abc::/64"
push "route-ipv6 2000::/3"
服务器成功启动,所以我client.ovpn在客户端下载了文件,但是出现了Thu Jan 10 23:53:23 2019 read UDP: Unknown error (code=10054),这应该意味着它无法连接到主机,但我已经使用 SSH 连接到目标机器。我也在1194防火墙上打开了端口。
服务器日志:
Thu Jan 10 22:55:02 2019 us=932367 event_wait : Interrupted system call (code=4)
Thu Jan 10 22:55:02 2019 us=933688 TCP/UDP: Closing socket
Thu Jan 10 22:55:02 2019 us=933822 Closing TUN/TAP interface
Thu Jan 10 22:55:02 2019 us=933907 /sbin/ip addr del dev tun0 10.8.0.1/24
RTNETLINK answers: Operation not permitted
Thu Jan 10 22:55:02 2019 us=943788 Linux ip addr del failed: external program exited with error status: 2
Thu Jan 10 22:55:02 2019 us=943944 /sbin/ip -6 addr del 2001:db8:0:123::1/64 dev tun0
RTNETLINK answers: Operation not permitted
Thu Jan 10 22:55:02 2019 us=948530 Linux ip -6 addr del failed: external program exited with error status: 2
Thu Jan 10 22:55:02 2019 us=963888 SIGTERM[hard,] received, process exiting
Thu Jan 10 22:55:03 2019 Note: option tun-ipv6 is ignored because modern operating systems do not need special IPv6 tun handling anymore.
Thu Jan 10 22:55:03 2019 us=23634 Current Parameter Settings:
Thu Jan 10 22:55:03 2019 us=23684 config = 'server.conf'
Thu Jan 10 22:55:03 2019 us=23720 mode = 1
Thu Jan 10 22:55:03 2019 us=23754 persist_config = DISABLED
Thu Jan 10 22:55:03 2019 us=23788 persist_mode = 1
Thu Jan 10 22:55:03 2019 us=23822 show_ciphers = DISABLED
Thu Jan 10 22:55:03 2019 us=23855 show_digests = DISABLED
Thu Jan 10 22:55:03 2019 us=23889 show_engines = DISABLED
Thu Jan 10 22:55:03 2019 us=23922 genkey = DISABLED
Thu Jan 10 22:55:03 2019 us=23955 key_pass_file = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=23989 show_tls_ciphers = DISABLED
Thu Jan 10 22:55:03 2019 us=24022 connect_retry_max = 0
Thu Jan 10 22:55:03 2019 us=24056 Connection profiles [0]:
Thu Jan 10 22:55:03 2019 us=24092 proto = udp
Thu Jan 10 22:55:03 2019 us=24126 local = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=24160 local_port = '1194'
Thu Jan 10 22:55:03 2019 us=24193 remote = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=24227 remote_port = '1194'
Thu Jan 10 22:55:03 2019 us=24279 remote_float = DISABLED
Thu Jan 10 22:55:03 2019 us=24313 bind_defined = DISABLED
Thu Jan 10 22:55:03 2019 us=24346 bind_local = ENABLED
Thu Jan 10 22:55:03 2019 us=24380 bind_ipv6_only = DISABLED
Thu Jan 10 22:55:03 2019 us=24413 connect_retry_seconds = 5
Thu Jan 10 22:55:03 2019 us=24447 connect_timeout = 120
Thu Jan 10 22:55:03 2019 us=24482 socks_proxy_server = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=24515 socks_proxy_port = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=24549 tun_mtu = 1500
Thu Jan 10 22:55:03 2019 us=24583 tun_mtu_defined = ENABLED
Thu Jan 10 22:55:03 2019 us=24616 link_mtu = 1500
Thu Jan 10 22:55:03 2019 us=24650 link_mtu_defined = DISABLED
Thu Jan 10 22:55:03 2019 us=24683 tun_mtu_extra = 0
Thu Jan 10 22:55:03 2019 us=24717 tun_mtu_extra_defined = DISABLED
Thu Jan 10 22:55:03 2019 us=24750 mtu_discover_type = -1
Thu Jan 10 22:55:03 2019 us=24784 fragment = 0
Thu Jan 10 22:55:03 2019 us=24818 mssfix = 1450
Thu Jan 10 22:55:03 2019 us=24854 explicit_exit_notification = 0
Thu Jan 10 22:55:03 2019 us=24887 Connection profiles END
Thu Jan 10 22:55:03 2019 us=24920 remote_random = DISABLED
Thu Jan 10 22:55:03 2019 us=24956 ipchange = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=24990 dev = 'tun'
Thu Jan 10 22:55:03 2019 us=25023 dev_type = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=25057 dev_node = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=25090 lladdr = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=25124 topology = 3
Thu Jan 10 22:55:03 2019 us=25157 ifconfig_local = '10.8.0.1'
Thu Jan 10 22:55:03 2019 us=25193 ifconfig_remote_netmask = '255.255.255.0'
Thu Jan 10 22:55:03 2019 us=25227 ifconfig_noexec = DISABLED
Thu Jan 10 22:55:03 2019 us=25274 ifconfig_nowarn = DISABLED
Thu Jan 10 22:55:03 2019 us=25307 ifconfig_ipv6_local = '2001:db8:0:123::1'
Thu Jan 10 22:55:03 2019 us=25341 ifconfig_ipv6_netbits = 64
Thu Jan 10 22:55:03 2019 us=25377 ifconfig_ipv6_remote = '2001:db8:0:123::2'
Thu Jan 10 22:55:03 2019 us=25411 shaper = 0
Thu Jan 10 22:55:03 2019 us=25445 mtu_test = 0
Thu Jan 10 22:55:03 2019 us=25478 mlock = DISABLED
Thu Jan 10 22:55:03 2019 us=25512 keepalive_ping = 10
Thu Jan 10 22:55:03 2019 us=25547 keepalive_timeout = 120
Thu Jan 10 22:55:03 2019 us=25581 inactivity_timeout = 0
Thu Jan 10 22:55:03 2019 us=25616 ping_send_timeout = 10
Thu Jan 10 22:55:03 2019 us=25650 ping_rec_timeout = 240
Thu Jan 10 22:55:03 2019 us=25685 ping_rec_timeout_action = 2
Thu Jan 10 22:55:03 2019 us=25720 ping_timer_remote = DISABLED
Thu Jan 10 22:55:03 2019 us=25755 remap_sigusr1 = 0
Thu Jan 10 22:55:03 2019 us=25789 persist_tun = ENABLED
Thu Jan 10 22:55:03 2019 us=25825 persist_local_ip = DISABLED
Thu Jan 10 22:55:03 2019 us=25861 persist_remote_ip = DISABLED
Thu Jan 10 22:55:03 2019 us=25894 persist_key = ENABLED
Thu Jan 10 22:55:03 2019 us=25940 passtos = DISABLED
Thu Jan 10 22:55:03 2019 us=25975 resolve_retry_seconds = 1000000000
Thu Jan 10 22:55:03 2019 us=26009 resolve_in_advance = DISABLED
Thu Jan 10 22:55:03 2019 us=26043 username = 'nobody'
Thu Jan 10 22:55:03 2019 us=26078 groupname = 'nobody'
Thu Jan 10 22:55:03 2019 us=26114 chroot_dir = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=26150 cd_dir = '/etc/openvpn/'
Thu Jan 10 22:55:03 2019 us=26183 selinux_context = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=26219 writepid = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=26278 up_script = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=26313 down_script = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=26347 down_pre = DISABLED
Thu Jan 10 22:55:03 2019 us=26381 up_restart = DISABLED
Thu Jan 10 22:55:03 2019 us=26415 up_delay = DISABLED
Thu Jan 10 22:55:03 2019 us=26450 daemon = DISABLED
Thu Jan 10 22:55:03 2019 us=26484 inetd = 0
Thu Jan 10 22:55:03 2019 us=26519 log = ENABLED
Thu Jan 10 22:55:03 2019 us=26555 suppress_timestamps = DISABLED
Thu Jan 10 22:55:03 2019 us=26591 machine_readable_output = DISABLED
Thu Jan 10 22:55:03 2019 us=26624 nice = 0
Thu Jan 10 22:55:03 2019 us=26660 verbosity = 4
Thu Jan 10 22:55:03 2019 us=26696 mute = 0
Thu Jan 10 22:55:03 2019 us=26729 gremlin = 0
Thu Jan 10 22:55:03 2019 us=26762 status_file = 'openvpn-status.log'
Thu Jan 10 22:55:03 2019 us=26796 status_file_version = 1
Thu Jan 10 22:55:03 2019 us=26829 status_file_update_freq = 60
Thu Jan 10 22:55:03 2019 us=26863 occ = ENABLED
Thu Jan 10 22:55:03 2019 us=26896 rcvbuf = 0
Thu Jan 10 22:55:03 2019 us=26929 sndbuf = 0
Thu Jan 10 22:55:03 2019 us=26962 mark = 0
Thu Jan 10 22:55:03 2019 us=26996 sockflags = 0
Thu Jan 10 22:55:03 2019 us=27029 fast_io = DISABLED
Thu Jan 10 22:55:03 2019 us=27062 comp.alg = 0
Thu Jan 10 22:55:03 2019 us=27098 comp.flags = 0
Thu Jan 10 22:55:03 2019 us=27132 route_script = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=27166 route_default_gateway = '10.8.0.2'
Thu Jan 10 22:55:03 2019 us=27200 route_default_metric = 0
Thu Jan 10 22:55:03 2019 us=27234 route_noexec = DISABLED
Thu Jan 10 22:55:03 2019 us=27295 route_delay = 0
Thu Jan 10 22:55:03 2019 us=27330 route_delay_window = 30
Thu Jan 10 22:55:03 2019 us=27366 route_delay_defined = DISABLED
Thu Jan 10 22:55:03 2019 us=27402 route_nopull = DISABLED
Thu Jan 10 22:55:03 2019 us=27438 route_gateway_via_dhcp = DISABLED
Thu Jan 10 22:55:03 2019 us=27472 allow_pull_fqdn = DISABLED
Thu Jan 10 22:55:03 2019 us=27507 management_addr = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=27544 management_port = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=27580 management_user_pass = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=27614 management_log_history_cache = 250
Thu Jan 10 22:55:03 2019 us=27651 management_echo_buffer_size = 100
Thu Jan 10 22:55:03 2019 us=27685 management_write_peer_info_file = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=27721 management_client_user = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=27755 management_client_group = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=27789 management_flags = 0
Thu Jan 10 22:55:03 2019 us=27826 shared_secret_file = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=27860 key_direction = 0
Thu Jan 10 22:55:03 2019 us=27896 ciphername = 'AES-256-CBC'
Thu Jan 10 22:55:03 2019 us=27930 ncp_enabled = ENABLED
Thu Jan 10 22:55:03 2019 us=27964 ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Thu Jan 10 22:55:03 2019 us=27998 authname = 'SHA512'
Thu Jan 10 22:55:03 2019 us=28034 prng_hash = 'SHA1'
Thu Jan 10 22:55:03 2019 us=28068 prng_nonce_secret_len = 16
Thu Jan 10 22:55:03 2019 us=28105 keysize = 0
Thu Jan 10 22:55:03 2019 us=28138 engine = DISABLED
Thu Jan 10 22:55:03 2019 us=28174 replay = ENABLED
Thu Jan 10 22:55:03 2019 us=28210 mute_replay_warnings = DISABLED
Thu Jan 10 22:55:03 2019 us=28260 replay_window = 64
Thu Jan 10 22:55:03 2019 us=28332 replay_time = 15
Thu Jan 10 22:55:03 2019 us=28377 packet_id_file = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=28422 use_iv = ENABLED
Thu Jan 10 22:55:03 2019 us=28476 test_crypto = DISABLED
Thu Jan 10 22:55:03 2019 us=28519 tls_server = ENABLED
Thu Jan 10 22:55:03 2019 us=28561 tls_client = DISABLED
Thu Jan 10 22:55:03 2019 us=28604 key_method = 2
Thu Jan 10 22:55:03 2019 us=28646 ca_file = 'ca.crt'
Thu Jan 10 22:55:03 2019 us=28689 ca_path = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=28731 dh_file = 'dh.pem'
Thu Jan 10 22:55:03 2019 us=28776 cert_file = 'server.crt'
Thu Jan 10 22:55:03 2019 us=28819 extra_certs_file = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=28864 priv_key_file = 'server.key'
Thu Jan 10 22:55:03 2019 us=28910 pkcs12_file = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=28952 cipher_list = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=28995 tls_cert_profile = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=29037 tls_verify = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=29080 tls_export_cert = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=29123 verify_x509_type = 0
Thu Jan 10 22:55:03 2019 us=29166 verify_x509_name = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=29208 crl_file = 'crl.pem'
Thu Jan 10 22:55:03 2019 us=29267 ns_cert_type = 0
Thu Jan 10 22:55:03 2019 us=29319 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29362 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29405 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29448 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29491 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29533 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29576 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29619 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29661 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29704 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29747 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29789 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29832 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29875 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29917 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29960 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=30005 remote_cert_eku = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=30048 ssl_flags = 0
Thu Jan 10 22:55:03 2019 us=30091 tls_timeout = 2
Thu Jan 10 22:55:03 2019 us=30134 renegotiate_bytes = -1
Thu Jan 10 22:55:03 2019 us=30177 renegotiate_packets = 0
Thu Jan 10 22:55:03 2019 us=30220 renegotiate_seconds = 3600
Thu Jan 10 22:55:03 2019 us=30288 handshake_window = 60
Thu Jan 10 22:55:03 2019 us=30332 transition_window = 3600
Thu Jan 10 22:55:03 2019 us=30375 single_session = DISABLED
Thu Jan 10 22:55:03 2019 us=30417 push_peer_info = DISABLED
Thu Jan 10 22:55:03 2019 us=30460 tls_exit = DISABLED
Thu Jan 10 22:55:03 2019 us=30502 tls_auth_file = 'ta.key'
Thu Jan 10 22:55:03 2019 us=30545 tls_crypt_file = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=30588 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=30631 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=30673 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=30716 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=30759 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=30801 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=30844 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=30889 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=30931 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=30974 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=31016 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=31059 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=31102 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=31144 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=31187 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=31229 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=31299 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31344 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31387 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31431 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31474 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31517 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31560 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31603 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31646 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31689 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31733 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31776 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31819 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31862 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31905 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31948 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31993 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32035 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32078 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32120 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32163 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32205 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32260 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32309 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32351 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32394 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32437 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32479 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32522 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32565 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32607 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32650 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32703 pkcs11_pin_cache_period = -1
Thu Jan 10 22:55:03 2019 us=32746 pkcs11_id = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=32789 pkcs11_id_management = DISABLED
Thu Jan 10 22:55:03 2019 us=32837 server_network = 10.8.0.0
Thu Jan 10 22:55:03 2019 us=32883 server_netmask = 255.255.255.0
Thu Jan 10 22:55:03 2019 us=32931 server_network_ipv6 = 2001:db8:0:123::
Thu Jan 10 22:55:03 2019 us=32975 server_netbits_ipv6 = 64
Thu Jan 10 22:55:03 2019 us=33021 server_bridge_ip = 0.0.0.0
Thu Jan 10 22:55:03 2019 us=33067 server_bridge_netmask = 0.0.0.0
Thu Jan 10 22:55:03 2019 us=33114 server_bridge_pool_start = 0.0.0.0
Thu Jan 10 22:55:03 2019 us=33160 server_bridge_pool_end = 0.0.0.0
Thu Jan 10 22:55:03 2019 us=33203 push_entry = 'redirect-gateway def1 bypass-dhcp'
Thu Jan 10 22:55:03 2019 us=33258 push_entry = 'dhcp-option DNS 192.168.10.1'
Thu Jan 10 22:55:03 2019 us=33308 push_entry = 'tun-ipv6'
Thu Jan 10 22:55:03 2019 us=33351 push_entry = 'route-ipv6 2001:db8:0:abc::/64'
Thu Jan 10 22:55:03 2019 us=33393 push_entry = 'route-ipv6 2000::/3'
Thu Jan 10 22:55:03 2019 us=33436 push_entry = 'tun-ipv6'
Thu Jan 10 22:55:03 2019 us=33479 push_entry = 'route-gateway 10.8.0.1'
Thu Jan 10 22:55:03 2019 us=33521 push_entry = 'topology subnet'
Thu Jan 10 22:55:03 2019 us=33564 push_entry = 'ping 10'
Thu Jan 10 22:55:03 2019 us=33606 push_entry = 'ping-restart 120'
Thu Jan 10 22:55:03 2019 us=33649 ifconfig_pool_defined = ENABLED
Thu Jan 10 22:55:03 2019 us=33697 ifconfig_pool_start = 10.8.0.2
Thu Jan 10 22:55:03 2019 us=33742 ifconfig_pool_end = 10.8.0.253
Thu Jan 10 22:55:03 2019 us=33787 ifconfig_pool_netmask = 255.255.255.0
Thu Jan 10 22:55:03 2019 us=33830 ifconfig_pool_persist_filename = 'ipp.txt'
Thu Jan 10 22:55:03 2019 us=33873 ifconfig_pool_persist_refresh_freq = 600
Thu Jan 10 22:55:03 2019 us=33919 ifconfig_ipv6_pool_defined = ENABLED
Thu Jan 10 22:55:03 2019 us=33976 ifconfig_ipv6_pool_base = 2001:db8:0:123::1000
Thu Jan 10 22:55:03 2019 us=34020 ifconfig_ipv6_pool_netbits = 64
Thu Jan 10 22:55:03 2019 us=34065 n_bcast_buf = 256
Thu Jan 10 22:55:03 2019 us=34107 tcp_queue_limit = 64
Thu Jan 10 22:55:03 2019 us=34153 real_hash_size = 256
Thu Jan 10 22:55:03 2019 us=34196 virtual_hash_size = 256
Thu Jan 10 22:55:03 2019 us=34255 client_connect_script = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=34307 learn_address_script = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=34352 client_disconnect_script = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=34395 client_config_dir = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=34440 ccd_exclusive = DISABLED
Thu Jan 10 22:55:03 2019 us=34485 tmp_dir = '/tmp'
Thu Jan 10 22:55:03 2019 us=34530 push_ifconfig_defined = DISABLED
Thu Jan 10 22:55:03 2019 us=34577 push_ifconfig_local = 0.0.0.0
Thu Jan 10 22:55:03 2019 us=34622 push_ifconfig_remote_netmask = 0.0.0.0
Thu Jan 10 22:55:03 2019 us=34668 push_ifconfig_ipv6_defined = DISABLED
Thu Jan 10 22:55:03 2019 us=34715 push_ifconfig_ipv6_local = ::/0
Thu Jan 10 22:55:03 2019 us=34760 push_ifconfig_ipv6_remote = ::
Thu Jan 10 22:55:03 2019 us=34802 enable_c2c = DISABLED
Thu Jan 10 22:55:03 2019 us=34845 duplicate_cn = DISABLED
Thu Jan 10 22:55:03 2019 us=34887 cf_max = 0
Thu Jan 10 22:55:03 2019 us=34931 cf_per = 0
Thu Jan 10 22:55:03 2019 us=34974 max_clients = 1024
Thu Jan 10 22:55:03 2019 us=35017 max_routes_per_client = 256
Thu Jan 10 22:55:03 2019 us=35060 auth_user_pass_verify_script = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=35102 auth_user_pass_verify_script_via_file = DISABLED
Thu Jan 10 22:55:03 2019 us=35145 auth_token_generate = DISABLED
Thu Jan 10 22:55:03 2019 us=35188 auth_token_lifetime = 0
Thu Jan 10 22:55:03 2019 us=35231 port_share_host = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=35291 port_share_port = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=35334 client = DISABLED
Thu Jan 10 22:55:03 2019 us=35376 pull = DISABLED
Thu Jan 10 22:55:03 2019 us=35419 auth_user_pass_file = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=35475 OpenVPN 2.4.6 x86_64-redhat-linux-gnu [Fedora EPEL patched] [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 26 2018
Thu Jan 10 22:55:03 2019 us=35542 library versions: OpenSSL 1.0.2k-fips 26 Jan 2017, LZO 2.06
Thu Jan 10 22:55:03 2019 us=40832 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
Thu Jan 10 22:55:03 2019 us=43372 Diffie-Hellman initialized with 2048 bit key
Thu Jan 10 22:55:03 2019 us=45102 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Jan 10 22:55:03 2019 us=45176 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Jan 10 22:55:03 2019 us=45273 TLS-Auth MTU parms [ L:1621 D:1140 EF:110 EB:0 ET:0 EL:3 ]
Thu Jan 10 22:55:03 2019 us=51203 TUN/TAP device tun0 opened
Thu Jan 10 22:55:03 2019 us=51391 TUN/TAP TX queue length set to 100
Thu Jan 10 22:55:03 2019 us=51480 do_ifconfig, tt->did_ifconfig_ipv6_setup=1
Thu Jan 10 22:55:03 2019 us=51564 /sbin/ip link set dev tun0 up mtu 1500
Thu Jan 10 22:55:03 2019 us=57581 /sbin/ip addr add dev tun0 10.8.0.1/24 broadcast 10.8.0.255
Thu Jan 10 22:55:03 2019 us=62748 /sbin/ip -6 addr add 2001:db8:0:123::1/64 dev tun0
Thu Jan 10 22:55:03 2019 us=69805 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Thu Jan 10 22:55:03 2019 us=71518 Could not determine IPv4/IPv6 protocol. Using AF_INET
Thu Jan 10 22:55:03 2019 us=71646 Socket Buffers: R=[212992->212992] S=[212992->212992]
Thu Jan 10 22:55:03 2019 us=71934 UDPv4 link local (bound): [AF_INET][undef]:1194
Thu Jan 10 22:55:03 2019 us=71981 UDPv4 link remote: [AF_UNSPEC]
Thu Jan 10 22:55:03 2019 us=72044 GID set to nobody
Thu Jan 10 22:55:03 2019 us=72105 UID set to nobody
Thu Jan 10 22:55:03 2019 us=72209 MULTI: multi_init called, r=256 v=256
Thu Jan 10 22:55:03 2019 us=72335 IFCONFIG POOL IPv6: (IPv4) size=252, size_ipv6=65536, netbits=64, base_ipv6=2001:db8:0:123::1000
Thu Jan 10 22:55:03 2019 us=72405 IFCONFIG POOL: base=10.8.0.2 size=252, ipv6=1
Thu Jan 10 22:55:03 2019 us=72477 IFCONFIG POOL LIST
Thu Jan 10 22:55:03 2019 us=72676 Initialization Sequence Completed
客户端日志(所以不允许我将其粘贴到这里)
有谁对如何解决这个问题有什么意见吗?
答案1
我正在运行 Windows 10,遇到了同样的问题
连接时出错:读取 UDP:未知错误(代码=10054)
此外,我注意到日志中有这样一行:
保存最近使用的远程地址
127.42.0.1
这是错误的 IP。快速dig @8.8.8.8 my.serverdomain.com返回了与使用默认 DNS 服务器相同的错误地址。
事实证明,该问题是由 malwarebytes 引起的。它将我的请求重定向到环回接口,因为它偷偷地激活了所有高级保护作为试用。停用所有保护(因为我无论如何都希望停用它们)可以解决该问题。
答案2
我的错误是我混淆了 IPv6 和 IPv4 配置。
虽然我有一个(可能)正确的 OpenVPN IPv4 配置,但我尝试通过 IPv6 连接,但显然,由于 udp 协议的原因,它不起作用。
当我替换正确的协议和其他一些配置参数时,一切都正常了。谢谢你的帮助