Пробовал настроить неполучилось нигде ненашел солюшн
на сервере (Линух)
local 192.168.1.1
port 1194
proto tcp
dev tun
tls-server
ca /etc/openvpn/server/keys/ca.crt
cert /etc/openvpn/server/keys/server.crt
key /etc/openvpn/server/keys/server.key
dh /etc/openvpn/server/keys/dh1024.pem
tls-auth /etc/openvpn/server/ta.key 0
server 10.0.0.1 255.255.255.0
push "dchp-option DNS 10.0.0.33"
keepalive 10 120
comp-lzo
max-clients 5
ifconfig-pool-persist ipp.txt
push "route 192.168.1.0 255.255.255.0"
persist-key
persist-tun
status /var/log/openvpn-status.log
log /var/log/openvpn.log
verb 3на клиенте (мастдай)
client
dev tun
proto tcp
remote 192.168.1.1 1194
resolv-retry infinite
nobind
tls-client
persist-key
persist-tun
ca "C:\\Documents\ and\ Settings\\user\\openvpn\\ca.crt"
cert "C:\\Documents\ and\ Settings\\user\\openvpn\\kadmin.crt"
key "C:\\Documents\ and\ Settings\\user\\openvpn\\kadmin.key"
tls-auth "C:\\Documents\ and\ Settings\\user\\openvpn\\ta.key" 1
comp-lzo
verb 3
Ключевые файлы одинаковые из одного источника сa.crt ta.key (одни и теже что на сервер то и на клиенте). В логе пишет:
(Линух)
Wed Feb 21 16:08:35 2007 OpenVPN 2.0.6 i686-pc-linux-gnu [SSL] [LZO] [EPOLL] built on Feb 21 2007
Wed Feb 21 16:08:35 2007 Diffie-Hellman initialized with 1024 bit key
Wed Feb 21 16:08:35 2007 Control Channel Authentication: using '/etc/openvpn/server/ta.key' as a OpenVPN static key file
Wed Feb 21 16:08:35 2007 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Feb 21 16:08:35 2007 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Feb 21 16:08:35 2007 TLS-Auth MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
Wed Feb 21 16:08:35 2007 TUN/TAP device tun0 opened
Wed Feb 21 16:08:35 2007 /sbin/ifconfig tun0 10.0.10.1 pointopoint 10.0.10.2 mtu 1500
Wed Feb 21 16:08:35 2007 /sbin/route add -net 10.0.10.0 netmask 255.255.255.0 gw 10.0.10.2
Wed Feb 21 16:08:35 2007 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Feb 21 16:08:35 2007 Listening for incoming TCP connection on 192.168.1.106:1194
Wed Feb 21 16:08:35 2007 TCPv4_SERVER link local (bound): 192.168.1.106:1194
Wed Feb 21 16:08:35 2007 TCPv4_SERVER link remote: [undef]
Wed Feb 21 16:08:35 2007 MULTI: multi_init called, r=256 v=256
Wed Feb 21 16:08:35 2007 IFCONFIG POOL: base=10.0.10.4 size=62
Wed Feb 21 16:08:35 2007 IFCONFIG POOL LIST
Wed Feb 21 16:08:35 2007 MULTI: TCP INIT maxclients=100 maxevents=104
Wed Feb 21 16:08:35 2007 Initialization Sequence Completed
Wed Feb 21 16:08:46 2007 MULTI: multi_create_instance called
Wed Feb 21 16:08:46 2007 Re-using SSL/TLS context
Wed Feb 21 16:08:46 2007 LZO compression initialized
Wed Feb 21 16:08:46 2007 Control Channel MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
Wed Feb 21 16:08:46 2007 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Feb 21 16:08:46 2007 Local Options hash (VER=V4): 'a642654b'
Wed Feb 21 16:08:46 2007 Expected Remote Options hash (VER=V4): '0bdd0804'
Wed Feb 21 16:08:46 2007 TCP connection established with 192.168.1.69:2978
Wed Feb 21 16:08:46 2007 TCPv4_SERVER link local: [undef]
Wed Feb 21 16:08:46 2007 TCPv4_SERVER link remote: 192.168.1.69:2978
Wed Feb 21 16:08:46 2007 192.168.1.69:2978 TLS: Initial packet from 192.168.1.69:2978, sid=8abde009 d6189f90
Wed Feb 21 16:08:46 2007 192.168.1.69:2978 Connection reset, restarting [-1]
Wed Feb 21 16:08:46 2007 192.168.1.69:2978 SIGUSR1[soft,connection-reset] received, client-instance restarting
Wed Feb 21 16:08:46 2007 TCP/UDP: Closing socket
Wed Feb 21 16:08:55 2007 MULTI: multi_create_instance called
Wed Feb 21 16:08:55 2007 Re-using SSL/TLS context
Wed Feb 21 16:08:55 2007 LZO compression initialized
Wed Feb 21 16:08:55 2007 Control Channel MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
Wed Feb 21 16:08:55 2007 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Feb 21 16:08:55 2007 Local Options hash (VER=V4): 'a642654b'
Wed Feb 21 16:08:55 2007 Expected Remote Options hash (VER=V4): '0bdd0804'
Wed Feb 21 16:08:55 2007 TCP connection established with 192.168.1.69:2989
Wed Feb 21 16:08:55 2007 TCPv4_SERVER link local: [undef]
Wed Feb 21 16:08:55 2007 TCPv4_SERVER link remote: 192.168.1.69:2989
Wed Feb 21 16:08:55 2007 192.168.1.69:2989 Connection reset, restarting [-1]
Wed Feb 21 16:08:55 2007 192.168.1.69:2989 SIGUSR1[soft,connection-reset] received, client-instance restarting
Wed Feb 21 16:08:55 2007 TCP/UDP: Closing socket
(мастдай)
Wed Feb 21 16:01:06 2007 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct 1 2006
Wed Feb 21 16:01:06 2007 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and
earlier used 5000 as the default port.
Wed Feb 21 16:01:06 2007 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Wed Feb 21 16:01:13 2007 Control Channel Authentication: using 'C:\Documents and Settings\user\openvpn\ta.key' as a OpenVPN static key file
Wed Feb 21 16:01:13 2007 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Feb 21 16:01:13 2007 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Feb 21 16:01:13 2007 LZO compression initialized
Wed Feb 21 16:01:13 2007 Control Channel MTU parms [ L:1544 D:168 EF:68 EB:0 ET:0 EL:0 ]
Wed Feb 21 16:01:13 2007 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Feb 21 16:01:13 2007 Local Options hash (VER=V4): 'ee93268d'
Wed Feb 21 16:01:13 2007 Expected Remote Options hash (VER=V4): 'bd577cd1'
Wed Feb 21 16:01:13 2007 Attempting to establish TCP connection with 192.168.1.1:1194
Wed Feb 21 16:01:13 2007 TCP connection established with 192.168.1.1:1194
Wed Feb 21 16:01:13 2007 TCPv4_CLIENT link local: [undef]
Wed Feb 21 16:01:13 2007 TCPv4_CLIENT link remote: 192.168.1.1:1194
Wed Feb 21 16:01:13 2007 TLS: Initial packet from 192.168.1.1:1194, sid=161a4866 f4355c98
Wed Feb 21 16:01:13 2007 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: /C=COM/ST=COM/L=City/O=COMPANY/CN=COMPANY_CA/emailAdd
ress=email
Wed Feb 21 16:01:13 2007 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Wed Feb 21 16:01:13 2007 TLS Error: TLS object -> incoming plaintext read error
Wed Feb 21 16:01:13 2007 TLS Error: TLS handshake failed
Wed Feb 21 16:01:13 2007 Fatal TLS error (check_tls_errors_co), restarting
Wed Feb 21 16:01:13 2007 TCP/UDP: Closing socket
Wed Feb 21 16:01:13 2007 SIGUSR1[soft,tls-error] received, process restarting
Wed Feb 21 16:01:13 2007 Restart pause, 5 second(s)
Wed Feb 21 16:01:18 2007 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and
earlier used 5000 as the default port.
Wed Feb 21 16:01:18 2007 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Wed Feb 21 16:01:18 2007 Re-using SSL/TLS context
Wed Feb 21 16:01:18 2007 LZO compression initialized
Wed Feb 21 16:01:18 2007 Control Channel MTU parms [ L:1544 D:168 EF:68 EB:0 ET:0 EL:0 ]
Wed Feb 21 16:01:18 2007 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Feb 21 16:01:18 2007 Local Options hash (VER=V4): 'ee93268d'
Wed Feb 21 16:01:18 2007 Expected Remote Options hash (VER=V4): 'bd577cd1'
Wed Feb 21 16:01:18 2007 Attempting to establish TCP connection with 192.168.1.1:1194
Wed Feb 21 16:01:18 2007 TCP/UDP: Closing socket