Гуру подскажите в чем может быть проблема, не могу создать впн подключение из вне, локально подключается нормально. Конфиг сервера
port 13001
proto udp
dev tap0
comp-lzo
tun-mtu 1500
fragment 1300
#mssfix
#server-bridge 192.168.211.62 255.255.255.0 192.168.211.180 192.168.211.189 #Характерно для соеденинения в режиме бриджа.
server 10.8.0.0 255.255.255.0
persist-key
persist-tun
tls-server
tls-auth /etc/openvpn/keys/ta.key 0
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys/dh1024.pem
verb 3
keepalive 10 120
log /var/log/openvpn.log
status /var/log/openvpn-status.logChain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:13001
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
Chain OUTPUT (policy ACCEPT)
target prot opt source destinationТаблица маршрутов
Destination Gateway Genmask Flags Metric Ref Use Iface
default 192.168.3.1 0.0.0.0 UG 0 0 0 eth1
10.8.0.0 * 255.255.255.0 U 0 0 0 tap0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
192.168.3.0 * 255.255.255.0 U 0 0 0 eth1
localnet * 255.255.255.0 U 0 0 0 eth2
eth0 Link encap:Ethernet HWaddr 1c:bd:b9:e6:d7:31
inet addr:192.168.1.61 Bcast:192.168.211.255 Mask:255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:17 Base address:0xd100
eth1 Link encap:Ethernet HWaddr 1c:bd:b9:e6:df:b6
inet addr:192.168.3.61 Bcast:192.168.3.255 Mask:255.255.255.0
inet6 addr: fe80::1ebd:b9ff:fee6:dfb6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:650 errors:0 dropped:0 overruns:0 frame:0
TX packets:724 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:261232 (255.1 KiB) TX bytes:239437 (233.8 KiB)
Interrupt:18 Base address:0xd000
eth2 Link encap:Ethernet HWaddr 50:e5:49:19:b1:96
inet addr:192.168.211.62 Bcast:192.168.211.255 Mask:255.255.255.0
inet6 addr: fe80::52e5:49ff:fe19:b196/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:203560 errors:0 dropped:0 overruns:0 frame:0
TX packets:4151 errors:0 dropped:0 overruns:0 carrier:1
collisions:0 txqueuelen:1000
RX bytes:18046337 (17.2 MiB) TX bytes:1578558 (1.5 MiB)
Interrupt:42
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:4 errors:0 dropped:0 overruns:0 frame:0
TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:350 (350.0 B) TX bytes:350 (350.0 B)
tap0 Link encap:Ethernet HWaddr ea:b2:f4:d8:0d:0c
inet addr:10.8.0.1 Bcast:10.8.0.255 Mask:255.255.255.0
inet6 addr: fe80::e8b2:f4ff:fed8:d0c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:55 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:5458 (5.3 KiB) TX bytes:468 (468.0 B)
Mon Dec 09 15:01:39 2013 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mon Dec 09 15:01:39 2013 TLS Error: TLS handshake failed
Mon Dec 09 15:01:39 2013 SIGUSR1[soft,tls-error] received, process restarting
Mon Dec 09 15:01:41 2013 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Mon Dec 09 15:01:41 2013 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Dec 09 15:01:41 2013 Re-using SSL/TLS context
Mon Dec 09 15:01:41 2013 LZO compression initialized
