freeradius+openvpn, openvpn服務無法啟動
freeradius在測試模式下沒有問題,但openvpn服務始終無法啟動。
麻煩給指導下是什麼問題。
openvpn的server.conf
local 92.207.132.60
port 1194
proto tcp
dev tun
key /etc/openvpn/keys/server.key
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
dh /etc/openvpn/keys/dh1024.pem
server 192.168.10.0 255.255.255.0
client-to-client
keepalive 10 120
push "route 192.168.0.0 255.255.255.0"
comp-lzo
max-clients 20
persist-key
persist-tun
status openvpn-status.log
log openvpn.log
tls-auth /etc/openvpn/keys/ta.key 0
verb 4
plugin /etc/openvpn/radiusplugin.so /etc/openvpn/radiusplugin.conf
client-cert-not-required
username-as-common-name
duplicate-cn
重啟openvpn服務報錯:
# service openvpn restart
Shutting down openvpn: [ OK ]
Starting openvpn:
openvpn日誌的內容:
Thu Feb 25 09:16:32 2010 OpenVPN 2.1_rc15 i686-pc-linux-gnu built on Feb 24 2010
Thu Feb 25 09:16:32 2010 MANAGEMENT: TCP Socket listening on 127.0.0.1:7505
Thu Feb 25 09:16:32 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
RADIUS-PLUGIN: Configfile name: /etc/openvpn/radiusplugin.conf .
Thu Feb 25 09:16:32 2010 PLUGIN_INIT: POST /etc/openvpn/radiusplugin.so ' ' intercepted=PLUGIN_AUTH_USER_PASS_VERIFY|PLUGIN_CLIENT_CONNECT|PLUGIN_CLIENT_DISCONNECT
Thu Feb 25 09:16:32 2010 Diffie-Hellman initialized with 1024 bit key
Thu Feb 25 09:16:32 2010 WARNING: POTENTIALLY DANGEROUS OPTION --client-cert-not-required may accept clients which do not present a certificate
Thu Feb 25 09:16:32 2010 Control Channel Authentication: using '/etc/openvpn/keys/ta.key' as a OpenVPN static key file
Thu Feb 25 09:16:32 2010 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Feb 25 09:16:32 2010 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Feb 25 09:16:32 2010 TLS-Auth MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Thu Feb 25 09:16:32 2010 ROUTE default_gateway=92.207.132.1
Thu Feb 25 09:16:32 2010 TUN/TAP device tun0 opened
Thu Feb 25 09:16:32 2010 TUN/TAP TX queue length set to 100
Thu Feb 25 09:16:32 2010 /sbin/ifconfig tun0 192.168.10.1 pointopoint 192.168.10.2 mtu 1500
Thu Feb 25 09:16:32 2010 /sbin/route add -net 192.168.10.0 netmask 255.255.255.0 gw 192.168.10.2
Thu Feb 25 09:16:32 2010 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Thu Feb 25 09:16:32 2010 GID set to nogroup
Thu Feb 25 09:16:32 2010 UID set to nobody
Thu Feb 25 09:16:32 2010 Socket Buffers: R= S=
Thu Feb 25 09:16:32 2010 UDPv4 link local (bound): :1194
Thu Feb 25 09:16:32 2010 UDPv4 link remote:
Thu Feb 25 09:16:32 2010 MULTI: multi_init called, r=256 v=256
Thu Feb 25 09:16:32 2010 IFCONFIG POOL: base=192.168.10.4 size=62
Thu Feb 25 09:16:32 2010 Initialization Sequence Completed
Thu Feb 25 09:34:13 2010 event_wait : Interrupted system call (code=4)
Thu Feb 25 09:34:13 2010 TCP/UDP: Closing socket
Thu Feb 25 09:34:13 2010 /sbin/route del -net 192.168.10.0 netmask 255.255.255.0
SIOCDELRT: Operation not permitted
Thu Feb 25 09:34:13 2010 ERROR: Linux route delete command failed: external program exited with error status: 7
Thu Feb 25 09:34:13 2010 Closing TUN/TAP interface
Thu Feb 25 09:34:13 2010 /sbin/ifconfig tun0 0.0.0.0
SIOCSIFADDR: Permission denied
SIOCSIFFLAGS: Permission denied
Thu Feb 25 09:34:13 2010 Linux ip addr del failed: external program exited with error status: 255
SIOCSIFFLAGS: Permission denied
Thu Feb 25 09:34:13 2010 Linux ip addr del failed: external program exited with error status: 255
Thu Feb 25 09:34:13 2010 PLUGIN_CLOSE: /etc/openvpn/radiusplugin.so
RADIUS-PLUGIN: BACKGROUND AUTH: EXIT
RADIUS-PLUGIN: BACKGROUND ACCT: EXIT
Thu Feb 25 09:34:13 2010 SIGTERM received, process exiting
《解決方案》
回復 1# volcanosh Thu Feb 25 09:34:13 2010 /sbin/route del -net 192.168.10.0 netmask 255.255.255.0
SIOCDELRT: Operation not permitted
Thu Feb 25 09:34:13 2010 ERROR: Linux route delete command failed: external program exited with error status: 7
Thu Feb 25 09:34:13 2010 Closing TUN/TAP interface
Thu Feb 25 09:34:13 2010 /sbin/ifconfig tun0 0.0.0.0
SIOCSIFADDR: Permission denied
SIOCSIFFLAGS: Permission denied
Thu Feb 25 09:34:13 2010 Linux ip addr del failed: external program exited with error status: 255
SIOCSIFFLAGS: Permission denied
Thu Feb 25 09:34:13 2010 Linux ip addr del failed: external program exited with error status: 255
Thu Feb 25 09:34:13 2010 PLUGIN_CLOSE: /etc/openvpn/radiusplugin.so
RADIUS-PLUGIN: BACKGROUND AUTH: EXIT
RADIUS-PLUGIN: BACKGROUND ACCT: EXIT
Thu Feb 25 09:34:13 2010 SIGTERM received, process exiting路由分配不下去
《解決方案》
要在哪邊改?
《解決方案》
配置
