openvpn перестал работать

0

1

Доброго времени суток. Помогите разобраться. Перестал работать openvpn, ни с чего (клиент не может присоединиться). Ничего не трогал на сервере. Просто перестало коннектиться.

Лог openvpn пуст.

Вот конфиг клиента:

client
dev tun
proto tcp
remote x.x.x.x 1194 # – Your server IP and OpenVPN Port
nobind
persist-key
persist-tun
ca ca.crt
auth-user-pass
comp-lzo
reneg-sec 0
verb 6

Вот конфиг сервера:

local x.x.x.x
port 1194
proto tcp
dev tun0
ca ca.crt
cert server.crt
key server.key  # This file should be kept secret
dh dh2048.pem
server 10.8.0.0 255.255.255.0
push "route 10.8.0.0 255.255.255.0"
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 10 120
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
log openvpn.log
verb 6
tcp-queue-limit 256
status /etc/openvpn/openvpn-status.log
plugin /etc/openvpn/radiusplugin.so /etc/openvpn/radiusplugin.cnf # Uncomment this line if you are using FreeRADIUS
client-cert-not-required

Вот лог клиента:

Sat Jul 25 18:44:03 2015 us=189689 Current Parameter Settings:
Sat Jul 25 18:44:03 2015 us=189689   config = 'opvpnpav.ovpn'
Sat Jul 25 18:44:03 2015 us=189689   mode = 0
Sat Jul 25 18:44:03 2015 us=189689   show_ciphers = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   show_digests = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   show_engines = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   genkey = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   key_pass_file = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   show_tls_ciphers = DISABLED
Sat Jul 25 18:44:03 2015 us=189689 Connection profiles [default]:
Sat Jul 25 18:44:03 2015 us=189689   proto = tcp-client
Sat Jul 25 18:44:03 2015 us=189689   local = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   local_port = 0
Sat Jul 25 18:44:03 2015 us=189689   remote = 'x.x.x.x'
Sat Jul 25 18:44:03 2015 us=189689   remote_port = 1194
Sat Jul 25 18:44:03 2015 us=189689   remote_float = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   bind_defined = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   bind_local = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   connect_retry_seconds = 5
Sat Jul 25 18:44:03 2015 us=189689   connect_timeout = 10
Sat Jul 25 18:44:03 2015 us=189689   connect_retry_max = 0
Sat Jul 25 18:44:03 2015 us=189689   socks_proxy_server = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   socks_proxy_port = 0
Sat Jul 25 18:44:03 2015 us=189689   socks_proxy_retry = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   tun_mtu = 1500
Sat Jul 25 18:44:03 2015 us=189689   tun_mtu_defined = ENABLED
Sat Jul 25 18:44:03 2015 us=189689   link_mtu = 1500
Sat Jul 25 18:44:03 2015 us=189689   link_mtu_defined = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   tun_mtu_extra = 0
Sat Jul 25 18:44:03 2015 us=189689   tun_mtu_extra_defined = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   mtu_discover_type = -1
Sat Jul 25 18:44:03 2015 us=189689   fragment = 0
Sat Jul 25 18:44:03 2015 us=189689   mssfix = 1450
Sat Jul 25 18:44:03 2015 us=189689   explicit_exit_notification = 0
Sat Jul 25 18:44:03 2015 us=189689 Connection profiles END
Sat Jul 25 18:44:03 2015 us=189689   remote_random = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   ipchange = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   dev = 'tun'
Sat Jul 25 18:44:03 2015 us=189689   dev_type = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   dev_node = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   lladdr = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   topology = 1
Sat Jul 25 18:44:03 2015 us=189689   tun_ipv6 = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   ifconfig_local = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   ifconfig_remote_netmask = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   ifconfig_noexec = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   ifconfig_nowarn = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   ifconfig_ipv6_local = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   ifconfig_ipv6_netbits = 0
Sat Jul 25 18:44:03 2015 us=189689   ifconfig_ipv6_remote = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   shaper = 0
Sat Jul 25 18:44:03 2015 us=189689   mtu_test = 0
Sat Jul 25 18:44:03 2015 us=189689   mlock = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   keepalive_ping = 0
Sat Jul 25 18:44:03 2015 us=189689   keepalive_timeout = 0
Sat Jul 25 18:44:03 2015 us=189689   inactivity_timeout = 0
Sat Jul 25 18:44:03 2015 us=189689   ping_send_timeout = 0
Sat Jul 25 18:44:03 2015 us=189689   ping_rec_timeout = 0
Sat Jul 25 18:44:03 2015 us=189689   ping_rec_timeout_action = 0
Sat Jul 25 18:44:03 2015 us=189689   ping_timer_remote = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   remap_sigusr1 = 0
Sat Jul 25 18:44:03 2015 us=189689   persist_tun = ENABLED
Sat Jul 25 18:44:03 2015 us=189689   persist_local_ip = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   persist_remote_ip = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   persist_key = ENABLED
Sat Jul 25 18:44:03 2015 us=189689   passtos = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   resolve_retry_seconds = 1000000000
Sat Jul 25 18:44:03 2015 us=189689   username = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   groupname = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   chroot_dir = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   cd_dir = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   writepid = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   up_script = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   down_script = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   down_pre = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   up_restart = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   up_delay = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   daemon = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   inetd = 0
Sat Jul 25 18:44:03 2015 us=189689   log = ENABLED
Sat Jul 25 18:44:03 2015 us=189689   suppress_timestamps = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   nice = 0
Sat Jul 25 18:44:03 2015 us=189689   verbosity = 6
Sat Jul 25 18:44:03 2015 us=189689   mute = 0
Sat Jul 25 18:44:03 2015 us=189689   status_file = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   status_file_version = 1
Sat Jul 25 18:44:03 2015 us=189689   status_file_update_freq = 60
Sat Jul 25 18:44:03 2015 us=189689   occ = ENABLED
Sat Jul 25 18:44:03 2015 us=189689   rcvbuf = 0
Sat Jul 25 18:44:03 2015 us=189689   sndbuf = 0
Sat Jul 25 18:44:03 2015 us=189689   sockflags = 0
Sat Jul 25 18:44:03 2015 us=189689   fast_io = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   lzo = 7
Sat Jul 25 18:44:03 2015 us=189689   route_script = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   route_default_gateway = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   route_default_metric = 0
Sat Jul 25 18:44:03 2015 us=189689   route_noexec = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   route_delay = 5
Sat Jul 25 18:44:03 2015 us=189689   route_delay_window = 30
Sat Jul 25 18:44:03 2015 us=189689   route_delay_defined = ENABLED
Sat Jul 25 18:44:03 2015 us=189689   route_nopull = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   route_gateway_via_dhcp = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   max_routes = 100
Sat Jul 25 18:44:03 2015 us=189689   allow_pull_fqdn = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   management_addr = '127.0.0.1'
Sat Jul 25 18:44:03 2015 us=189689   management_port = 25340
Sat Jul 25 18:44:03 2015 us=189689   management_user_pass = 'stdin'
Sat Jul 25 18:44:03 2015 us=189689   management_log_history_cache = 250
Sat Jul 25 18:44:03 2015 us=189689   management_echo_buffer_size = 100
Sat Jul 25 18:44:03 2015 us=189689   management_write_peer_info_file = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   management_client_user = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   management_client_group = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   management_flags = 6
Sat Jul 25 18:44:03 2015 us=189689   shared_secret_file = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   key_direction = 0
Sat Jul 25 18:44:03 2015 us=189689   ciphername_defined = ENABLED
Sat Jul 25 18:44:03 2015 us=189689   ciphername = 'BF-CBC'
Sat Jul 25 18:44:03 2015 us=189689   authname_defined = ENABLED
Sat Jul 25 18:44:03 2015 us=189689   authname = 'SHA1'
Sat Jul 25 18:44:03 2015 us=189689   prng_hash = 'SHA1'
Sat Jul 25 18:44:03 2015 us=189689   prng_nonce_secret_len = 16
Sat Jul 25 18:44:03 2015 us=189689   keysize = 0
Sat Jul 25 18:44:03 2015 us=189689   engine = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   replay = ENABLED
Sat Jul 25 18:44:03 2015 us=189689   mute_replay_warnings = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   replay_window = 64
Sat Jul 25 18:44:03 2015 us=189689   replay_time = 15
Sat Jul 25 18:44:03 2015 us=189689   packet_id_file = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   use_iv = ENABLED
Sat Jul 25 18:44:03 2015 us=189689   test_crypto = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   tls_server = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   tls_client = ENABLED
Sat Jul 25 18:44:03 2015 us=189689   key_method = 2
Sat Jul 25 18:44:03 2015 us=189689   ca_file = 'ca.crt'
Sat Jul 25 18:44:03 2015 us=189689   ca_path = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   dh_file = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   cert_file = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   priv_key_file = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   pkcs12_file = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   cryptoapi_cert = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   cipher_list = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   tls_verify = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   tls_export_cert = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   verify_x509_type = 0
Sat Jul 25 18:44:03 2015 us=189689   verify_x509_name = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   crl_file = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   ns_cert_type = 0
Sat Jul 25 18:44:03 2015 us=189689   remote_cert_ku[i] = 0
Sat Jul 25 18:44:03 2015 us=189689   remote_cert_ku[i] = 0
Sat Jul 25 18:44:03 2015 us=189689   remote_cert_ku[i] = 0
Sat Jul 25 18:44:03 2015 us=189689   remote_cert_ku[i] = 0
Sat Jul 25 18:44:03 2015 us=189689   remote_cert_ku[i] = 0
Sat Jul 25 18:44:03 2015 us=189689   remote_cert_ku[i] = 0
Sat Jul 25 18:44:03 2015 us=189689   remote_cert_ku[i] = 0
Sat Jul 25 18:44:03 2015 us=189689   remote_cert_ku[i] = 0
Sat Jul 25 18:44:03 2015 us=189689   remote_cert_ku[i] = 0
Sat Jul 25 18:44:03 2015 us=189689   remote_cert_ku[i] = 0
Sat Jul 25 18:44:03 2015 us=189689   remote_cert_ku[i] = 0
Sat Jul 25 18:44:03 2015 us=189689   remote_cert_ku[i] = 0
Sat Jul 25 18:44:03 2015 us=189689   remote_cert_ku[i] = 0
Sat Jul 25 18:44:03 2015 us=189689   remote_cert_ku[i] = 0
Sat Jul 25 18:44:03 2015 us=189689   remote_cert_ku[i] = 0
Sat Jul 25 18:44:03 2015 us=189689   remote_cert_ku[i] = 0
Sat Jul 25 18:44:03 2015 us=189689   remote_cert_eku = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   ssl_flags = 0
Sat Jul 25 18:44:03 2015 us=189689   tls_timeout = 2
Sat Jul 25 18:44:03 2015 us=189689   renegotiate_bytes = 0
Sat Jul 25 18:44:03 2015 us=189689   renegotiate_packets = 0
Sat Jul 25 18:44:03 2015 us=189689   renegotiate_seconds = 0
Sat Jul 25 18:44:03 2015 us=189689   handshake_window = 60
Sat Jul 25 18:44:03 2015 us=189689   transition_window = 3600
Sat Jul 25 18:44:03 2015 us=189689   single_session = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   push_peer_info = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   tls_exit = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   tls_auth_file = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_protected_authentication = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_protected_authentication = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_protected_authentication = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_protected_authentication = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_protected_authentication = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_protected_authentication = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_protected_authentication = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_protected_authentication = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_protected_authentication = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_protected_authentication = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_protected_authentication = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_protected_authentication = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_protected_authentication = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_protected_authentication = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_protected_authentication = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_protected_authentication = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_private_mode = 00000000
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_private_mode = 00000000
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_private_mode = 00000000
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_private_mode = 00000000
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_private_mode = 00000000
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_private_mode = 00000000
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_private_mode = 00000000
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_private_mode = 00000000
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_private_mode = 00000000
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_private_mode = 00000000
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_private_mode = 00000000
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_private_mode = 00000000
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_private_mode = 00000000
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_private_mode = 00000000
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_private_mode = 00000000
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_private_mode = 00000000
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_cert_private = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_cert_private = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_cert_private = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_cert_private = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_cert_private = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_cert_private = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_cert_private = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_cert_private = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_cert_private = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_cert_private = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_cert_private = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_cert_private = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_cert_private = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_cert_private = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_cert_private = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_cert_private = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_pin_cache_period = -1
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_id = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   pkcs11_id_management = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   server_network = 0.0.0.0
Sat Jul 25 18:44:03 2015 us=189689   server_netmask = 0.0.0.0
Sat Jul 25 18:44:03 2015 us=189689   server_network_ipv6 = ::
Sat Jul 25 18:44:03 2015 us=189689   server_netbits_ipv6 = 0
Sat Jul 25 18:44:03 2015 us=189689   server_bridge_ip = 0.0.0.0
Sat Jul 25 18:44:03 2015 us=189689   server_bridge_netmask = 0.0.0.0
Sat Jul 25 18:44:03 2015 us=189689   server_bridge_pool_start = 0.0.0.0
Sat Jul 25 18:44:03 2015 us=189689   server_bridge_pool_end = 0.0.0.0
Sat Jul 25 18:44:03 2015 us=189689   ifconfig_pool_defined = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   ifconfig_pool_start = 0.0.0.0
Sat Jul 25 18:44:03 2015 us=189689   ifconfig_pool_end = 0.0.0.0
Sat Jul 25 18:44:03 2015 us=189689   ifconfig_pool_netmask = 0.0.0.0
Sat Jul 25 18:44:03 2015 us=189689   ifconfig_pool_persist_filename = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   ifconfig_pool_persist_refresh_freq = 600
Sat Jul 25 18:44:03 2015 us=189689   ifconfig_ipv6_pool_defined = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   ifconfig_ipv6_pool_base = ::
Sat Jul 25 18:44:03 2015 us=189689   ifconfig_ipv6_pool_netbits = 0
Sat Jul 25 18:44:03 2015 us=189689   n_bcast_buf = 256
Sat Jul 25 18:44:03 2015 us=189689   tcp_queue_limit = 64
Sat Jul 25 18:44:03 2015 us=189689   real_hash_size = 256
Sat Jul 25 18:44:03 2015 us=189689   virtual_hash_size = 256
Sat Jul 25 18:44:03 2015 us=189689   client_connect_script = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   learn_address_script = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   client_disconnect_script = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   client_config_dir = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   ccd_exclusive = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   tmp_dir = 'C:\Users\morgoth\AppData\Local\Temp\'
Sat Jul 25 18:44:03 2015 us=189689   push_ifconfig_defined = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   push_ifconfig_local = 0.0.0.0
Sat Jul 25 18:44:03 2015 us=189689   push_ifconfig_remote_netmask = 0.0.0.0
Sat Jul 25 18:44:03 2015 us=189689   push_ifconfig_ipv6_defined = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   push_ifconfig_ipv6_local = ::/0
Sat Jul 25 18:44:03 2015 us=189689   push_ifconfig_ipv6_remote = ::
Sat Jul 25 18:44:03 2015 us=189689   enable_c2c = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   duplicate_cn = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   cf_max = 0
Sat Jul 25 18:44:03 2015 us=189689   cf_per = 0
Sat Jul 25 18:44:03 2015 us=189689   max_clients = 1024
Sat Jul 25 18:44:03 2015 us=189689   max_routes_per_client = 256
Sat Jul 25 18:44:03 2015 us=189689   auth_user_pass_verify_script = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   auth_user_pass_verify_script_via_file = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   client = ENABLED
Sat Jul 25 18:44:03 2015 us=189689   pull = ENABLED
Sat Jul 25 18:44:03 2015 us=189689   auth_user_pass_file = 'stdin'
Sat Jul 25 18:44:03 2015 us=189689   show_net_up = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   route_method = 0
Sat Jul 25 18:44:03 2015 us=189689   ip_win32_defined = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   ip_win32_type = 3
Sat Jul 25 18:44:03 2015 us=189689   dhcp_masq_offset = 0
Sat Jul 25 18:44:03 2015 us=189689   dhcp_lease_time = 31536000
Sat Jul 25 18:44:03 2015 us=189689   tap_sleep = 0
Sat Jul 25 18:44:03 2015 us=189689   dhcp_options = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   dhcp_renew = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   dhcp_pre_release = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   dhcp_release = DISABLED
Sat Jul 25 18:44:03 2015 us=189689   domain = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   netbios_scope = '[UNDEF]'
Sat Jul 25 18:44:03 2015 us=189689   netbios_node_type = 0
Sat Jul 25 18:44:03 2015 us=189689   disable_nbt = DISABLED
Sat Jul 25 18:44:03 2015 us=189689 OpenVPN 2.3.7 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Jul  9 2015
Sat Jul 25 18:44:03 2015 us=189689 library versions: OpenSSL 1.0.1p 9 Jul 2015, LZO 2.08
Enter Management Password:
Sat Jul 25 18:44:03 2015 us=189689 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Sat Jul 25 18:44:03 2015 us=189689 Need hold release from management interface, waiting...
Sat Jul 25 18:44:03 2015 us=845939 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Sat Jul 25 18:44:03 2015 us=970939 MANAGEMENT: CMD 'state on'
Sat Jul 25 18:44:03 2015 us=986564 MANAGEMENT: CMD 'log all on'
Sat Jul 25 18:44:04 2015 us=533439 MANAGEMENT: CMD 'hold off'
Sat Jul 25 18:44:04 2015 us=564689 MANAGEMENT: CMD 'hold release'
Sat Jul 25 18:44:07 2015 us=595939 MANAGEMENT: CMD 'username "Auth" "user2"'
Sat Jul 25 18:44:07 2015 us=627189 MANAGEMENT: CMD 'password [...]'
Sat Jul 25 18:44:07 2015 us=627189 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Sat Jul 25 18:44:07 2015 us=814689 LZO compression initialized
Sat Jul 25 18:44:07 2015 us=814689 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:3 ]
Sat Jul 25 18:44:07 2015 us=814689 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sat Jul 25 18:44:07 2015 us=814689 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:143 ET:0 EL:3 AF:3/1 ]
Sat Jul 25 18:44:07 2015 us=814689 Local Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Sat Jul 25 18:44:07 2015 us=814689 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Sat Jul 25 18:44:07 2015 us=814689 Local Options hash (VER=V4): '69109d17'
Sat Jul 25 18:44:07 2015 us=814689 Expected Remote Options hash (VER=V4): 'c0103fa8'
Sat Jul 25 18:44:07 2015 us=814689 Attempting to establish TCP connection with [AF_INET]x.x.x.x:1194 [nonblock]
Sat Jul 25 18:44:07 2015 us=814689 MANAGEMENT: >STATE:1437839047,TCP_CONNECT,,,
Sat Jul 25 18:44:08 2015 us=830314 TCP connection established with [AF_INET]x.x.x.x:1194
Sat Jul 25 18:44:08 2015 us=830314 TCPv4_CLIENT link local: [undef]
Sat Jul 25 18:44:08 2015 us=830314 TCPv4_CLIENT link remote: [AF_INET]x.x.x.x:1194
Sat Jul 25 18:44:08 2015 us=830314 MANAGEMENT: >STATE:1437839048,WAIT,,,
Sat Jul 25 18:44:08 2015 us=830314 TCPv4_CLIENT WRITE [14] to [AF_INET]x.x.x.x:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
Sat Jul 25 18:44:11 2015 us=17814 TCPv4_CLIENT WRITE [14] to [AF_INET]x.x.x.x:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
Sat Jul 25 18:44:15 2015 us=392814 TCPv4_CLIENT WRITE [14] to [AF_INET]x.x.x.x:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
Sat Jul 25 18:44:23 2015 us=549064 TCPv4_CLIENT WRITE [14] to [AF_INET]x.x.x.x:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
Sat Jul 25 18:44:39 2015 us=877189 TCPv4_CLIENT WRITE [14] to [AF_INET]x.x.x.x:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
Sat Jul 25 18:45:08 2015 us=392814 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Jul 25 18:45:08 2015 us=392814 TLS Error: TLS handshake failed
Sat Jul 25 18:45:08 2015 us=392814 Fatal TLS error (check_tls_errors_co), restarting
Sat Jul 25 18:45:08 2015 us=392814 TCP/UDP: Closing socket
Sat Jul 25 18:45:08 2015 us=392814 SIGUSR1[soft,tls-error] received, process restarting
Sat Jul 25 18:45:08 2015 us=392814 MANAGEMENT: >STATE:1437839108,RECONNECTING,tls-error,,
Sat Jul 25 18:45:08 2015 us=392814 Restart pause, 5 second(s)

Пробовал подключиться с разных клиентов (windows), т.е. проблема не в клиенте. Пробовал очистить iptables на сервере. У Клиента ca.crt точно совпедает с серверным, md5 мерил. В чём может быть затык?

Ссылка

←	Debian Server: LVM + RAID1

Не могу добавить windows шару на хост proxmox

→

клиенту доступен серверный порт 1194?

snaf ★★★★★
(25.07.15 19:06:13 MSK)

Ответ на: комментарий от snaf 25.07.15 19:06:13 MSK

tcping с клиента показывает, что порт открыт

Piter_prbg
(25.07.15 19:27:31 MSK) автор топика

Ответ на: комментарий от Piter_prbg 25.07.15 19:27:31 MSK

доступен, но не прослушивается? доступен, но не проброшен на гейтвее?

x0r ★★★★★
(25.07.15 19:38:24 MSK)

Ответ на: комментарий от x0r 25.07.15 19:38:24 MSK

Провайдер не блокирует никакие порты, порт на сервере прослушивается, netstat -ln показывает мне что он LISTEN

Piter_prbg
(25.07.15 19:45:39 MSK) автор топика

Ответ на: комментарий от x0r 25.07.15 19:38:24 MSK

не думаю что в блокировке порта дело. Строчка из лога на клиенте TCP connection established говорит что коннект есть, видимо там дальше что-то не того

Piter_prbg
(25.07.15 19:48:39 MSK) автор топика

Ссылка

Ответ на: комментарий от Piter_prbg 25.07.15 19:45:39 MSK

И все-таки

Лог openvpn пуст.

О чем это может говорить? Скорее о том что к нам и не ходили. Если есть сомнения в настройках, просто запустите tcpdump на момент соединения клиента, почти уверен что пакеты от него не прилетят.

anc ★★★★★
(27.07.15 02:08:25 MSK)

А срок годности сертификатов ca.crt или server.crt не мог закончиться?

static ★★
(27.07.15 02:43:12 MSK)

Ссылка

Ответ на: комментарий от anc 27.07.15 02:08:25 MSK

anc, там, видимо, прав не хватало, потому и пуст.

static, проверял, сроки нормальные.

В общем, было решено по совокупности прочего - переустановить ось, после переустановки попробую сделать всё ещё раз. отпишусь потом по логам.

Piter_prbg
(02.08.15 17:20:08 MSK) автор топика

Ответ на: комментарий от Piter_prbg 02.08.15 17:20:08 MSK

там, видимо, прав не хватало, потому и пуст.

Если бы не хватало прав, то он бы и не создался. Все-таки на tcpdump посмотрите.

anc ★★★★★
(02.08.15 23:04:36 MSK)

Ссылка

Ответ на: комментарий от Piter_prbg 02.08.15 17:20:08 MSK

Да и еще вопрос, почему именно tcp ? udp не пробовали? Это я так, уж совсем бредовую идею подкидываю на тему mtu.

anc ★★★★★
(02.08.15 23:18:49 MSK)

Ответ на: комментарий от anc 02.08.15 23:18:49 MSK

спасибо, попробовал, udp не помогло.
видимо, что-то провайдер хитрит. Я сделал копипапст конфигов на два других сервера, и там всё работает.
А в гугле тоже пишут, что это кто-то пакеты хавает на пути от клиента к серверу.

Piter_prbg
(12.08.15 10:20:47 MSK) автор топика

Ответ на: комментарий от Piter_prbg 12.08.15 10:20:47 MSK

Если

видимо, что-то провайдер хитрит.

попробуй порт поменять.

anc ★★★★★
(12.08.15 16:05:12 MSK)

Ссылка

Ответ на: комментарий от Piter_prbg 12.08.15 10:20:47 MSK

видимо, что-то провайдер хитрит

Если так, то попробуй повесить сервак на 443й порт и на tcp :)

static ★★
(13.08.15 03:50:26 MSK)

Ссылка

Вы не можете добавлять комментарии в эту тему. Тема перемещена в архив.

←	Debian Server: LVM + RAID1

Admin

Не могу добавить windows шару на хост proxmox

→

Похожие темы