LinuxSir.cn,穿越时空的Linuxsir!

 找回密码
 注册
搜索
热搜: shell linux mysql
查看: 862|回复: 0

openvpn server求救

[复制链接]
发表于 2010-4-8 19:36:49 | 显示全部楼层 |阅读模式
這是現在client登入VPN的情況:
Thu Apr 08 13:49:07 2010 OpenVPN 2.1_rc22 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Nov 20 2009
Thu Apr 08 13:49:07 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Thu Apr 08 13:49:07 2010 LZO compression initialized
Thu Apr 08 13:49:07 2010 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Thu Apr 08 13:49:07 2010 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Thu Apr 08 13:49:07 2010 Local Options hash (VER=V4): '41690919'
Thu Apr 08 13:49:07 2010 Expected Remote Options hash (VER=V4): '530fdded'
Thu Apr 08 13:49:07 2010 Socket Buffers: R=[8192->8192] S=[8192->8192]
Thu Apr 08 13:49:07 2010 UDPv4 link local: [undef]
Thu Apr 08 13:49:07 2010 UDPv4 link remote: xxx.xxx.xxx.xxx:1194
Thu Apr 08 13:49:07 2010 TLS: Initial packet from xxx.xxx.xxx.xxx:1194, sid=994c9c8d b5628bdd
Thu Apr 08 13:49:08 2010 VERIFY OK: depth=1, /C=HK/ST=HK/L=HK/O=HX/CN=HX_CA/emailAddress=support@vpn.com
Thu Apr 08 13:49:08 2010 VERIFY OK: nsCertType=SERVER
Thu Apr 08 13:49:08 2010 VERIFY OK: depth=0, /C=HK/ST=HK/L=HK/O=HX/CN=server/emailAddress=support@vpn.com
Thu Apr 08 13:49:09 2010 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Apr 08 13:49:09 2010 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Apr 08 13:49:09 2010 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Apr 08 13:49:09 2010 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Apr 08 13:49:09 2010 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Apr 08 13:49:09 2010 [server] Peer Connection Initiated with xxx.xxx.xxx.xxx:1194
Thu Apr 08 13:49:11 2010 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Thu Apr 08 13:49:12 2010 PUSH: Received control message: 'PUSH_REPLY,route 192.168.10.0 255.255.255.0,route 192.168.20.0 255.255.255.0,dhcp-option DNS 192.168.10.98,dhcp-option DNS 202.130.97.65,redirect-gateway,route 10.0.0.0 255.255.255.0,ping 10,ping-restart 120,ifconfig 10.0.0.6 10.0.0.5'
Thu Apr 08 13:49:12 2010 OPTIONS IMPORT: timers and/or timeouts modified
Thu Apr 08 13:49:12 2010 OPTIONS IMPORT: --ifconfig/up options modified
Thu Apr 08 13:49:12 2010 OPTIONS IMPORT: route options modified
Thu Apr 08 13:49:12 2010 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Thu Apr 08 13:49:12 2010 ROUTE default_gateway=192.168.1.1
Thu Apr 08 13:49:12 2010 TAP-WIN32 device [掛華蟀諉 3] opened: \\.\Global\{8D0138A4-6813-4FF2-BCCC-A08B7FB55615}.tap
Thu Apr 08 13:49:12 2010 TAP-Win32 Driver Version 9.6
Thu Apr 08 13:49:12 2010 TAP-Win32 MTU=1500
Thu Apr 08 13:49:12 2010 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.0.0.6/255.255.255.252 on interface {8D0138A4-6813-4FF2-BCCC-A08B7FB55615} [DHCP-serv: 10.0.0.5, lease-time: 31536000]
Thu Apr 08 13:49:12 2010 Successful ARP Flush on interface [65541] {8D0138A4-6813-4FF2-BCCC-A08B7FB55615}
Thu Apr 08 13:49:17 2010 TEST ROUTES: 4/4 succeeded len=3 ret=1 a=0 u/d=up
Thu Apr 08 13:49:17 2010 C:\WINDOWS\system32\route.exe ADD 210.5.171.110 MASK 255.255.255.255 192.168.1.1
Thu Apr 08 13:49:17 2010 Route addition via IPAPI succeeded [adaptive]
Thu Apr 08 13:49:17 2010 C:\WINDOWS\system32\route.exe DELETE 0.0.0.0 MASK 0.0.0.0 192.168.1.1
Thu Apr 08 13:49:17 2010 Route deletion via IPAPI succeeded [adaptive]
Thu Apr 08 13:49:17 2010 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 0.0.0.0 10.0.0.5
Thu Apr 08 13:49:17 2010 Route addition via IPAPI succeeded [adaptive]
Thu Apr 08 13:49:17 2010 C:\WINDOWS\system32\route.exe ADD 192.168.10.0 MASK 255.255.255.0 10.0.0.5
Thu Apr 08 13:49:17 2010 Route addition via IPAPI succeeded [adaptive]
Thu Apr 08 13:49:17 2010 C:\WINDOWS\system32\route.exe ADD 192.168.20.0 MASK 255.255.255.0 10.0.0.5
Thu Apr 08 13:49:17 2010 Route addition via IPAPI succeeded [adaptive]
Thu Apr 08 13:49:17 2010 WARNING: potential route subnet conflict between local LAN [10.0.0.4/255.255.255.252] and remote VPN [10.0.0.0/255.255.255.0]
Thu Apr 08 13:49:17 2010 C:\WINDOWS\system32\route.exe ADD 10.0.0.0 MASK 255.255.255.0 10.0.0.5
Thu Apr 08 13:49:17 2010 Route addition via IPAPI succeeded [adaptive]
Thu Apr 08 13:49:17 2010 Initialization Sequence Completed

我現在成功連線, IP派10.0.0.6給我, default gateway是10.0.0.5

而我VPN Server是10.0.0.1. 而client也可以ping到Server的. 但是client出不了internal.
想請教一下我的conf file會不會設定錯了.
而server是接上了router.

openvpn.conf:
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
server 10.0.0.0 255.255.255.0
push "dhcp-option DNS 192.168.10.98"
push "dhcp-option DNS 202.130.97.65"
push "redirect-gateway"
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
user nobody
group users
persist-key
persist-tun
status openvpn-status.log
verb 3
client-to-client
您需要登录后才可以回帖 登录 | 注册

本版积分规则

快速回复 返回顶部 返回列表