Openvpn на TL-WDR4300 с OpenWrt
Форум — Admin
Доброго времени суток всем! Пытаюсь настроить Openvpn, воспользовался информацией из сетей, получилось поднять впн между двумя ПК (через роутер по WiFi), один под Linux-ом (сервер), второй под виндой. Но с такими же настройками сервера в роутере ни чего не получается.
Wed Nov 23 23:15:34 2022 us=789181 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Wed Nov 23 23:15:35 2022 us=187243 Diffie-Hellman initialized with 2048 bit key
Wed Nov 23 23:15:35 2022 us=192759 Control Channel Authentication: using '/etc/openvpn/ta.key' as a OpenVPN static key file
Wed Nov 23 23:15:35 2022 us=193001 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Nov 23 23:15:35 2022 us=193166 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Nov 23 23:15:35 2022 us=193457 TLS-Auth MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Wed Nov 23 23:15:35 2022 us=193702 Socket Buffers: R=[163840->131072] S=[163840->131072]
Wed Nov 23 23:15:35 2022 us=199542 TUN/TAP device tun0 opened
Wed Nov 23 23:15:35 2022 us=199816 TUN/TAP TX queue length set to 100
Wed Nov 23 23:15:35 2022 us=200223 /sbin/ifconfig tun0 172.16.10.1 pointopoint 172.16.10.2 mtu 1500
Wed Nov 23 23:15:35 2022 us=213764 /sbin/route add -net 172.16.10.0 netmask 255.255.255.0 gw 172.16.10.2
Wed Nov 23 23:15:35 2022 us=237475 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Nov 23 23:15:35 2022 us=239049 UDPv4 link local (bound): 192.168.0.1:443
Wed Nov 23 23:15:35 2022 us=239241 UDPv4 link remote: [undef]
Wed Nov 23 23:15:35 2022 us=239379 MULTI: multi_init called, r=256 v=256
Wed Nov 23 23:15:35 2022 us=239845 IFCONFIG POOL: base=172.16.10.4 size=62
Wed Nov 23 23:15:35 2022 us=240072 IFCONFIG POOL LIST
Wed Nov 23 23:15:35 2022 us=240205 client1,172.16.10.4
Wed Nov 23 23:15:35 2022 us=240479 Initialization Sequence Completed
Wed Nov 23 23:15:41 2022 us=820439 MULTI: multi_create_instance called
Wed Nov 23 23:15:41 2022 us=820813 192.168.0.161:55510 Re-using SSL/TLS context
Wed Nov 23 23:15:41 2022 us=821028 192.168.0.161:55510 LZO compression initialized
Wed Nov 23 23:15:41 2022 us=822302 192.168.0.161:55510 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Wed Nov 23 23:15:41 2022 us=822518 192.168.0.161:55510 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Nov 23 23:15:41 2022 us=822875 192.168.0.161:55510 TLS: Initial packet from 192.168.0.161:55510, sid=3af25f0c a2cfd083
Wed Nov 23 23:15:42 2022 us=592019 192.168.0.161:55510 VERIFY OK: depth=1, /CN=Easy-RSA_CA
Wed Nov 23 23:15:42 2022 us=595659 192.168.0.161:55510 VERIFY OK: depth=0, /CN=client1
Wed Nov 23 23:15:43 2022 us=103958 192.168.0.161:55510 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Nov 23 23:15:43 2022 us=104185 192.168.0.161:55510 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Nov 23 23:15:43 2022 us=104661 192.168.0.161:55510 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Nov 23 23:15:43 2022 us=104818 192.168.0.161:55510 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Nov 23 23:15:43 2022 us=107228 192.168.0.161:55510 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Wed Nov 23 23:15:43 2022 us=107520 192.168.0.161:55510 [client1] Peer Connection Initiated with 192.168.0.161:55510
Wed Nov 23 23:15:43 2022 us=108189 client1/192.168.0.161:55510 MULTI: Learn: 172.16.10.6 -> client1/192.168.0.161:55510
Wed Nov 23 23:15:43 2022 us=108359 client1/192.168.0.161:55510 MULTI: primary virtual IP for client1/192.168.0.161:55510: 172.16.10.6
Wed Nov 23 23:15:44 2022 us=218378 client1/192.168.0.161:55510 PUSH: Received control message: 'PUSH_REQUEST'
Wed Nov 23 23:15:44 2022 us=218849 client1/192.168.0.161:55510 SENT CONTROL [client1]: 'PUSH_REPLY,route 172.16.10.1,topology net30,ping
10,ping-restart 120,ifconfig 172.16.10.6 172.16.10.5' (status=1)
Wed Nov 23 23:15:47 2022 us=638307 read UDPv4 [ECONNREFUSED]: Connection refused (code=146)
Wed Nov 23 23:15:49 2022 us=219332 MULTI: multi_create_instance called
Wed Nov 23 23:15:49 2022 us=219651 192.168.0.161:57294 Re-using SSL/TLS context
Wed Nov 23 23:15:49 2022 us=219842 192.168.0.161:57294 LZO compression initialized
Wed Nov 23 23:15:49 2022 us=220718 192.168.0.161:57294 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Wed Nov 23 23:15:49 2022 us=220930 192.168.0.161:57294 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Nov 23 23:15:49 2022 us=221260 192.168.0.161:57294 TLS: Initial packet from 192.168.0.161:57294, sid=83fcc850 1593dd99
Wed Nov 23 23:15:49 2022 us=861874 192.168.0.161:57294 VERIFY OK: depth=1, /CN=Easy-RSA_CA
Wed Nov 23 23:15:49 2022 us=865505 192.168.0.161:57294 VERIFY OK: depth=0, /CN=client1
Wed Nov 23 23:15:50 2022 us=224224 192.168.0.161:57294 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Nov 23 23:15:50 2022 us=224448 192.168.0.161:57294 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Nov 23 23:15:50 2022 us=224922 192.168.0.161:57294 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Nov 23 23:15:50 2022 us=225078 192.168.0.161:57294 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Nov 23 23:15:50 2022 us=227345 192.168.0.161:57294 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Wed Nov 23 23:15:50 2022 us=227636 192.168.0.161:57294 [client1] Peer Connection Initiated with 192.168.0.161:57294
Wed Nov 23 23:15:50 2022 us=229115 MULTI: new connection by client 'client1' will cause previous active sessions by this client to be
dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently
connect.
Wed Nov 23 23:15:50 2022 us=229676 MULTI: Learn: 172.16.10.6 -> client1/192.168.0.161:57294
Wed Nov 23 23:15:50 2022 us=229829 MULTI: primary virtual IP for client1/192.168.0.161:57294: 172.16.10.6
Wed Nov 23 23:15:51 2022 us=398361 client1/192.168.0.161:57294 PUSH: Received control message: 'PUSH_REQUEST'
Wed Nov 23 23:15:51 2022 us=398843 client1/192.168.0.161:57294 SENT CONTROL [client1]: 'PUSH_REPLY,route 172.16.10.1,topology net30,ping
10,ping-restart 120,ifconfig 172.16.10.6 172.16.10.5' (status=1)
Wed Nov 23 23:15:54 2022 us=743743 read UDPv4 [ECONNREFUSED]: Connection refused (code=146)
Wed Nov 23 23:15:56 2022 us=399496 MULTI: multi_create_instance called
Wed Nov 23 23:15:56 2022 us=399824 192.168.0.161:59347 Re-using SSL/TLS context
Wed Nov 23 23:15:56 2022 us=399987 192.168.0.161:59347 LZO compression initialized
Wed Nov 23 23:15:56 2022 us=400616 192.168.0.161:59347 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Wed Nov 23 23:15:56 2022 us=400813 192.168.0.161:59347 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Nov 23 23:15:56 2022 us=401160 192.168.0.161:59347 TLS: Initial packet from 192.168.0.161:59347, sid=c54958de 34557726
Wed Nov 23 23:15:56 2022 us=983706 192.168.0.161:59347 VERIFY OK: depth=1, /CN=Easy-RSA_CA
Wed Nov 23 23:15:56 2022 us=987405 192.168.0.161:59347 VERIFY OK: depth=0, /CN=client1
Wed Nov 23 23:15:57 2022 us=354256 192.168.0.161:59347 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Nov 23 23:15:57 2022 us=354480 192.168.0.161:59347 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Nov 23 23:15:57 2022 us=354952 192.168.0.161:59347 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Nov 23 23:15:57 2022 us=355113 192.168.0.161:59347 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Nov 23 23:15:57 2022 us=357404 192.168.0.161:59347 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Wed Nov 23 23:15:57 2022 us=357698 192.168.0.161:59347 [client1] Peer Connection Initiated with 192.168.0.161:59347
Wed Nov 23 23:15:57 2022 us=359362 MULTI: new connection by client 'client1' will cause previous active sessions by this client to be
dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently
connect.
Wed Nov 23 23:15:57 2022 us=359962 MULTI: Learn: 172.16.10.6 -> client1/192.168.0.161:59347
Wed Nov 23 23:15:57 2022 us=360120 MULTI: primary virtual IP for client1/192.168.0.161:59347: 172.16.10.6
Wed Nov 23 23:15:58 2022 us=598515 client1/192.168.0.161:59347 PUSH: Received control message: 'PUSH_REQUEST'
Wed Nov 23 23:15:58 2022 us=598988 client1/192.168.0.161:59347 SENT CONTROL [client1]: 'PUSH_REPLY,route 172.16.10.1,topology net30,ping
10,ping-restart 120,ifconfig 172.16.10.6 172.16.10.5' (status=1)
Wed Nov 23 23:16:01 2022 us=665533 read UDPv4 [ECONNREFUSED]: Connection refused (code=146)
Wed Nov 23 23:16:03 2022 us=599603 MULTI: multi_create_instance called
Wed Nov 23 23:16:03 2022 us=599928 192.168.0.161:56996 Re-using SSL/TLS context
Wed Nov 23 23:16:03 2022 us=600061 192.168.0.161:56996 LZO compression initialized
Wed Nov 23 23:16:03 2022 us=600644 192.168.0.161:56996 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Wed Nov 23 23:16:03 2022 us=600841 192.168.0.161:56996 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Nov 23 23:16:03 2022 us=601125 192.168.0.161:56996 TLS: Initial packet from 192.168.0.161:56996, sid=575114d2 411a3c1c
Wed Nov 23 23:16:04 2022 us=200644 192.168.0.161:56996 VERIFY OK: depth=1, /CN=Easy-RSA_CA
Wed Nov 23 23:16:04 2022 us=204493 192.168.0.161:56996 VERIFY OK: depth=0, /CN=client1
Wed Nov 23 23:16:04 2022 us=570027 192.168.0.161:56996 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Nov 23 23:16:04 2022 us=570253 192.168.0.161:56996 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Nov 23 23:16:04 2022 us=570725 192.168.0.161:56996 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Nov 23 23:16:04 2022 us=570881 192.168.0.161:56996 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Nov 23 23:16:04 2022 us=573455 192.168.0.161:56996 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Wed Nov 23 23:16:04 2022 us=573749 192.168.0.161:56996 [client1] Peer Connection Initiated with 192.168.0.161:56996
Wed Nov 23 23:16:04 2022 us=575112 MULTI: new connection by client 'client1' will cause previous active sessions by this client to be
dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently
connect.
Wed Nov 23 23:16:04 2022 us=575717 MULTI: Learn: 172.16.10.6 -> client1/192.168.0.161:56996
Wed Nov 23 23:16:04 2022 us=575879 MULTI: primary virtual IP for client1/192.168.0.161:56996: 172.16.10.6
Wed Nov 23 23:16:05 2022 us=808488 client1/192.168.0.161:56996 PUSH: Received control message: 'PUSH_REQUEST'
Wed Nov 23 23:16:05 2022 us=808977 client1/192.168.0.161:56996 SENT CONTROL [client1]: 'PUSH_REPLY,route 172.16.10.1,topology net30,ping
10,ping-restart 120,ifconfig 172.16.10.6 172.16.10.5' (status=1)
Wed Nov 23 23:16:08 2022 us=964458 read UDPv4 [ECONNREFUSED]: Connection refused (code=146)
Wed Nov 23 23:16:10 2022 us=819631 MULTI: multi_create_instance called
Wed Nov 23 23:16:10 2022 us=819964 192.168.0.161:63861 Re-using SSL/TLS context
Wed Nov 23 23:16:10 2022 us=820102 192.168.0.161:63861 LZO compression initialized
Wed Nov 23 23:16:10 2022 us=820703 192.168.0.161:63861 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Wed Nov 23 23:16:10 2022 us=820899 192.168.0.161:63861 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Nov 23 23:16:10 2022 us=821183 192.168.0.161:63861 TLS: Initial packet from 192.168.0.161:63861, sid=878cf19d 1cfcc4d5
Wed Nov 23 23:16:11 2022 us=430799 192.168.0.161:63861 VERIFY OK: depth=1, /CN=Easy-RSA_CA
Wed Nov 23 23:16:11 2022 us=434451 192.168.0.161:63861 VERIFY OK: depth=0, /CN=client1
Wed Nov 23 23:16:11 2022 us=805817 192.168.0.161:63861 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Nov 23 23:16:11 2022 us=806041 192.168.0.161:63861 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Nov 23 23:16:11 2022 us=806541 192.168.0.161:63861 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Nov 23 23:16:11 2022 us=806705 192.168.0.161:63861 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Nov 23 23:16:11 2022 us=809827 192.168.0.161:63861 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Wed Nov 23 23:16:11 2022 us=810122 192.168.0.161:63861 [client1] Peer Connection Initiated with 192.168.0.161:63861
Wed Nov 23 23:16:11 2022 us=811470 MULTI: new connection by client 'client1' will cause previous active sessions by this client to be
dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently
connect.
Wed Nov 23 23:16:11 2022 us=812291 MULTI: Learn: 172.16.10.6 -> client1/192.168.0.161:63861
Wed Nov 23 23:16:11 2022 us=812447 MULTI: primary virtual IP for client1/192.168.0.161:63861: 172.16.10.6
Wed Nov 23 23:16:13 2022 us=8675 client1/192.168.0.161:63861 PUSH: Received control message: 'PUSH_REQUEST'
Wed Nov 23 23:16:13 2022 us=9143 client1/192.168.0.161:63861 SENT CONTROL [client1]: 'PUSH_REPLY,route 172.16.10.1,topology net30,ping
10,ping-restart 120,ifconfig 172.16.10.6 172.16.10.5' (status=1)
Wed Nov 23 23:16:16 2022 us=253513 read UDPv4 [ECONNREFUSED]: Connection refused (code=146)
Wed Nov 23 23:16:20 2022 us=495214 read UDPv4 [ECONNREFUSED]: Connection refused (code=146)
Wed Nov 23 23:16:23 2022 us=19873 MULTI: multi_create_instance called
Wed Nov 23 23:16:23 2022 us=20202 192.168.0.161:64440 Re-using SSL/TLS context
Wed Nov 23 23:16:23 2022 us=20338 192.168.0.161:64440 LZO compression initialized
Wed Nov 23 23:16:23 2022 us=20933 192.168.0.161:64440 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Wed Nov 23 23:16:23 2022 us=21126 192.168.0.161:64440 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Nov 23 23:16:23 2022 us=21414 192.168.0.161:64440 TLS: Initial packet from 192.168.0.161:64440, sid=20b4d622 4196c0af
Wed Nov 23 23:16:23 2022 us=618987 192.168.0.161:64440 VERIFY OK: depth=1, /CN=Easy-RSA_CA
Wed Nov 23 23:16:23 2022 us=622681 192.168.0.161:64440 VERIFY OK: depth=0, /CN=client1
Wed Nov 23 23:16:23 2022 us=982371 192.168.0.161:64440 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Nov 23 23:16:23 2022 us=982595 192.168.0.161:64440 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Nov 23 23:16:23 2022 us=983077 192.168.0.161:64440 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Nov 23 23:16:23 2022 us=983236 192.168.0.161:64440 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Nov 23 23:16:23 2022 us=985499 192.168.0.161:64440 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Wed Nov 23 23:16:23 2022 us=985848 192.168.0.161:64440 [client1] Peer Connection Initiated with 192.168.0.161:64440
Wed Nov 23 23:16:23 2022 us=987311 MULTI: new connection by client 'client1' will cause previous active sessions by this client to be
dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently
connect.
Wed Nov 23 23:16:23 2022 us=987884 MULTI: Learn: 172.16.10.6 -> client1/192.168.0.161:64440
Wed Nov 23 23:16:23 2022 us=988043 MULTI: primary virtual IP for client1/192.168.0.161:64440: 172.16.10.6
Wed Nov 23 23:16:25 2022 us=89599 client1/192.168.0.161:64440 PUSH: Received control message: 'PUSH_REQUEST'
Wed Nov 23 23:16:25 2022 us=90089 client1/192.168.0.161:64440 SENT CONTROL [client1]: 'PUSH_REPLY,route 172.16.10.1,topology net30,ping
10,ping-restart 120,ifconfig 172.16.10.6 172.16.10.5' (status=1)
Wed Nov 23 23:16:28 2022 us=126538 read UDPv4 [ECONNREFUSED]: Connection refused (code=146)
Wed Nov 23 23:16:32 2022 us=147527 read UDPv4 [ECONNREFUSED]: Connection refused (code=146)
Wed Nov 23 23:16:40 2022 us=384498 read UDPv4 [ECONNREFUSED]: Connection refused (code=146)
Wed Nov 23 23:16:41 2022 us=5790 event_wait : Interrupted system call (code=4)
Wed Nov 23 23:16:41 2022 us=19787 TCP/UDP: Closing socket
Wed Nov 23 23:16:41 2022 us=20114 /sbin/route del -net 172.16.10.0 netmask 255.255.255.0
Wed Nov 23 23:16:41 2022 us=25530 Closing TUN/TAP interface
Wed Nov 23 23:16:41 2022 us=25778 /sbin/ifconfig tun0 0.0.0.0
Wed Nov 23 23:16:41 2022 us=58420 SIGTERM[hard,] received, process exiting
И так по кругу, что я не так делаю?