Всем привет! Я начинающий админ, не судите строго)) Поступила задача объединить главный офис с филиалом в единую сеть. Решил для этих целей использовать OpenVPN. На фре настроил сервер, клиенты под виндой (пока тестирую локально). Столкнулся с такой проблемой, клиент коннектится к серверу и через минуту отваливается и еще когда происходит коннект рвутся все остальные соединения. Вот конфиги и логи:
Конфиг сервера
dev tun
server 10.1.1.0 255.255.255.0
push "route 192.168.0.0 255.255.240.0"
client-to-client
#tls-server
ca /etc/openvpn/key/ca.crt
cert /etc/openvpn/key/server.crt
key /etc/openvpn/key/server.key
dh /etc/openvpn/key/dh1024.pem
proto tcp
user nobody
port 5000
keepalive 10 120
status /var/log/openvpn-status.log
log /var/log/openvpn.log
verb 4Конфиг клиента
client
dev tun
proto tcp
# IP-адрес и порт сервера OpenVPN)
remote 192.168.13.2 5000
resolv-retry infinite
nobind
persist-key
persist-tun
keepalive 10 120
user nobody
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\client1.crt"
key "C:\\Program Files\\OpenVPN\\config\\client1.key"
лог клиента:
Fri Feb 04 14:13:02 2011 NOTE: --user option is not implemented on Windows
Fri Feb 04 14:13:02 2011 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct 1 2006
Fri Feb 04 14:13:02 2011 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Fri Feb 04 14:13:02 2011 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Fri Feb 04 14:13:02 2011 Attempting to establish TCP connection with 192.168.13.2:5000
Fri Feb 04 14:13:02 2011 TCP connection established with 192.168.13.2:5000
Fri Feb 04 14:13:02 2011 TCPv4_CLIENT link local: [undef]
Fri Feb 04 14:13:02 2011 TCPv4_CLIENT link remote: 192.168.13.2:5000
Fri Feb 04 14:13:03 2011 [FreeBSD] Peer Connection Initiated with 192.168.13.2:5000
Fri Feb 04 14:13:04 2011 TAP-WIN32 device [Подключение по локальной сети 4] opened: \\.\Global\{37EEFA26-42E9-43A0-9DA4-1C1F982C59E5}.tap
Fri Feb 04 14:13:04 2011 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.1.1.6/255.255.255.252 on interface {37EEFA26-42E9-43A0-9DA4-1C1F982C59E5} [DHCP-serv: 10.1.1.5, lease-time: 31536000]
Fri Feb 04 14:13:04 2011 Successful ARP Flush on interface [3] {37EEFA26-42E9-43A0-9DA4-1C1F982C59E5}
Fri Feb 04 14:13:08 2011 Initialization Sequence Completed
Fri Feb 04 14:13:45 2011 write TCPv4_CLIENT: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Feb 04 14:13:45 2011 Connection reset, restarting [-1]
Fri Feb 04 14:13:45 2011 SIGUSR1[soft,connection-reset] received, process restarting
Fri Feb 04 14:13:50 2011 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Fri Feb 04 14:13:50 2011 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Fri Feb 04 14:13:50 2011 Re-using SSL/TLS context
Fri Feb 04 14:13:50 2011 Attempting to establish TCP connection with 192.168.13.2:5000
Fri Feb 04 14:14:11 2011 TCP: connect to 192.168.13.2:5000 failed, will try again in 5 seconds
Fri Feb 04 14:14:37 2011 TCP: connect to 192.168.13.2:5000 failed, will try again in 5 seconds
Вариант для распечатки
