想用openvpn做成以证书验证,配置如下server.conf: [quote] port 1494 proto udp dev tun ca ca.crt cert server.crt key server.key dh dh1024.pem server 10.1.0.0 255.255.255.0 push "route 10.1.0.0 255.255.255.0" push "route 10.1.1.0 255.255.255.0" client-config-dir /etc/vpn/ccd route 10.1.1.0 255.255.255.0 client-to-client keepalive 10 120 ...
by 屠龙 - 服务器应用 - 2009-09-04 08:52:02 阅读(2078) 回复(2)
OS: freebsd 6.2 ============= openvpn.conf 配置如下:==================== port 1194 proto udp dev tun ca ca.crt cert server.crt key server.key dh dh1024.pem server 172.17.17.0 255.255.255.0 client-to-client keepalive 10 120 tls-auth ta.key 0 auth-user-pass-verify checkpwd via-env client-cert-not-required username-as-common-name push "redirect-gateway" comp-lzo user nobody group nobody persist-key...
hash 'SHA1' for HMAC authentication Sat Sep 17 20:27:54 2005 us=345338 TLS-Auth MTU parms [ L:1573 D:166 EF:66 EB:0 ET:0 EL:0 ] Sat Sep 17 20:27:54 2005 us=376866 Note: Cannot open TUN/TAP dev /dev/net/tun: No such device (err no=19) Sat Sep 17 20:27:54 2005 us=377642 Note: Attempting fallback to kernel 2.2 TUN/TAP interface Sat Sep 17 20:27:54 2005 us=520450 Cannot allocate TUN/TAP dev dynamicall...
本人用openvpn+win2003 服务端使用 sample-config中的server 没有任何修改 客户端使用 sample-config中的client 只修改了ip 链接的时候 出现connection to server was terminated 这个错误困扰很久了 不论我怎么修改配置文件或者按照网上一些高人的配置过程 都出现这个问题 :cry:请教各位大侠 这个错误是什么原因造成的 谢谢各位拉!:em16::em16:
看了下man及安装目录,有些不是很明白,请给予指出。 (1)easy-rsa/build-inter Make an intermediate CA certificate/private key pair using a locally generated root certificate. build-inter文件作用是利用本地的root证书来生成CA证书或私密密钥对。此文件的使用前提是先用build-ca产生根证书。 理解的对么? (2)easy-rsa/build-req Build a certificate signing request and private key. Use this when your root certi...
我下载了一个PPC版本的openvpn,很难连上去.不知道为什么.只连过上去一次,后来就再也连不上了.知道为什么吗? 客户端配置如下: client dev tun proto tcp remote xxx.xxx.xxx.xxx 443 auth-user-pass resolv-retry infinite nobind http-proxy 10.0.0.172 80 http-proxy-retry http-proxy-timeout 10 mute-replay-warnings keepalive 10 120 persist-key persist-tun ca "\\Program Files\\openvpn\\config\\hxca.crt" tls-auth "\\...
客户端出现如下错误E:\Program Files\openvpn\log\client.log Wed Jan 04 13:21:32 2006 NOTE: --user option is not implemented on Windows Wed Jan 04 13:21:32 2006 NOTE: --group option is not implemented on Windows Options error: Parameter --cert cannot be used when --cryptoapicert is also specified. Use --help for more information.
Tue Feb 19 22:40:05 2008 openvpn 2.1_rc7 Win32-MinGW [SSL] [LZO2] [PKCS11] built on Jan 29 2008 Tue Feb 19 22:40:05 2008 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Tue Feb 19 22:40:05 2008 LZO compression initialized Tue Feb 19 22:40:05 2008 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ] 这个win2003上...
客户端能连上服务器,但是没有有什么流理,日志提示: Thu May 03 20:40:34 2007 Bad LZO decompression header byte: 250 Thu May 03 20:40:34 2007 Bad LZO decompression header byte: 250 这是服务器端日志 Thu May 03 20:40:34 2007 ppc/202.105.20.253:41284 Bad LZO decompression header byte: 85 Thu May 03 20:40:34 2007 ppc/202.105.20.253:41284 Bad LZO decompression header byte: 85 服务器的配置文件如下: port ...
make all-am if cc -DHAVE_CONFIG_H -I. -I. -I. -I/usr/local/include -I. -O2 -fno-strict-aliasing -pipe -MT base64.o -MD -MP -MF ".deps/base64.Tpo" -c -o base64.o base64.c; then mv -f ".deps/base64.Tpo" ".deps/base64.Po"; else rm -f ".deps/base64.Tpo"; exit 1; fi if cc -DHAVE_CONFIG_H -I. -I. -I. -I/usr/local/include -I. -O2 -fno-strict-aliasing -pipe -MT buffer.o -MD -MP -MF ".deps/buffer...
log文件提示如下 Tue May 30 03:46:03 2006 openvpn 2.1_beta7 Win32-MinGW [SSL] [LZO2] built on Nov 12 2005 Tue May 30 03:46:03 2006 Control Channel Authentication: using 'tls-auth.key' as a openvpn static key file Tue May 30 03:46:03 2006 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue May 30 03:46:03 2006 Incoming Control Channel Authentication...