【求助】freebsd 6.1下安裝的openvpn2.0.9,windows 客戶端撥補上
伺服器: freebsd 6.1 , openvpn2.0.9,安裝好了啟動沒有報錯,伺服器是單網卡,地址是192.168.0.7,
server.conf中的地址配置如下:192.168.10.0 255.255.255.0
客戶端:windows xp sp2.防火牆通通關掉了。
在連接的時候連不上,日誌如下:
Fri Jul 06 09:07:38 2007 us=122008 Current Parameter Settings:
Fri Jul 06 09:07:38 2007 us=122106 config = 'client.ovpn'
Fri Jul 06 09:07:38 2007 us=122124 mode = 0
Fri Jul 06 09:07:38 2007 us=122141 show_ciphers = DISABLED
Fri Jul 06 09:07:38 2007 us=122157 show_digests = DISABLED
Fri Jul 06 09:07:38 2007 us=122174 show_engines = DISABLED
Fri Jul 06 09:07:38 2007 us=122190 genkey = DISABLED
Fri Jul 06 09:07:38 2007 us=122207 key_pass_file = ''
Fri Jul 06 09:07:38 2007 us=122225 show_tls_ciphers = DISABLED
Fri Jul 06 09:07:38 2007 us=122242 proto = 2
Fri Jul 06 09:07:38 2007 us=122257 local = ''
Fri Jul 06 09:07:38 2007 us=122276 remote_list = {'192.168.0.7', 1194}
Fri Jul 06 09:07:38 2007 us=122294 remote_random = DISABLED
Fri Jul 06 09:07:38 2007 us=122668 local_port = 1194
Fri Jul 06 09:07:38 2007 us=122689 remote_port = 1194
Fri Jul 06 09:07:38 2007 us=122706 remote_float = DISABLED
Fri Jul 06 09:07:38 2007 us=122724 ipchange = ''
Fri Jul 06 09:07:38 2007 us=122741 bind_local = DISABLED
Fri Jul 06 09:07:38 2007 us=122757 dev = 'tun'
Fri Jul 06 09:07:38 2007 us=122773 dev_type = ''
Fri Jul 06 09:07:38 2007 us=122790 dev_node = ''
Fri Jul 06 09:07:38 2007 us=122807 tun_ipv6 = DISABLED
Fri Jul 06 09:07:38 2007 us=122823 ifconfig_local = ''
Fri Jul 06 09:07:38 2007 us=122841 ifconfig_remote_netmask = ''
Fri Jul 06 09:07:38 2007 us=122858 ifconfig_noexec = DISABLED
Fri Jul 06 09:07:38 2007 us=122875 ifconfig_nowarn = DISABLED
Fri Jul 06 09:07:38 2007 us=122890 shaper = 0
Fri Jul 06 09:07:38 2007 us=122906 tun_mtu = 1500
Fri Jul 06 09:07:38 2007 us=122923 tun_mtu_defined = ENABLED
Fri Jul 06 09:07:38 2007 us=122940 link_mtu = 1500
Fri Jul 06 09:07:38 2007 us=122957 link_mtu_defined = DISABLED
Fri Jul 06 09:07:38 2007 us=122974 tun_mtu_extra = 0
Fri Jul 06 09:07:38 2007 us=122991 tun_mtu_extra_defined = DISABLED
Fri Jul 06 09:07:38 2007 us=123008 fragment = 0
Fri Jul 06 09:07:38 2007 us=123025 mtu_discover_type = -1
Fri Jul 06 09:07:38 2007 us=123042 mtu_test = 0
Fri Jul 06 09:07:38 2007 us=123058 mlock = DISABLED
Fri Jul 06 09:07:38 2007 us=123075 keepalive_ping = 0
Fri Jul 06 09:07:38 2007 us=123091 keepalive_timeout = 0
Fri Jul 06 09:07:38 2007 us=123108 inactivity_timeout = 0
Fri Jul 06 09:07:38 2007 us=123124 ping_send_timeout = 0
Fri Jul 06 09:07:38 2007 us=123141 ping_rec_timeout = 0
Fri Jul 06 09:07:38 2007 us=123159 ping_rec_timeout_action = 0
Fri Jul 06 09:07:38 2007 us=123176 ping_timer_remote = DISABLED
Fri Jul 06 09:07:38 2007 us=123193 remap_sigusr1 = 0
Fri Jul 06 09:07:38 2007 us=123210 explicit_exit_notification = 0
Fri Jul 06 09:07:38 2007 us=123227 persist_tun = ENABLED
Fri Jul 06 09:07:38 2007 us=123263 persist_local_ip = DISABLED
Fri Jul 06 09:07:38 2007 us=123291 persist_remote_ip = DISABLED
Fri Jul 06 09:07:38 2007 us=123308 persist_key = ENABLED
Fri Jul 06 09:07:38 2007 us=123326 mssfix = 1450
Fri Jul 06 09:07:38 2007 us=123344 resolve_retry_seconds = 1000000000
Fri Jul 06 09:07:38 2007 us=123361 connect_retry_seconds = 5
Fri Jul 06 09:07:38 2007 us=123377 username = ''
Fri Jul 06 09:07:38 2007 us=123394 groupname = ''
Fri Jul 06 09:07:38 2007 us=123411 chroot_dir = ''
Fri Jul 06 09:07:38 2007 us=123428 cd_dir = ''
Fri Jul 06 09:07:38 2007 us=123444 writepid = ''
Fri Jul 06 09:07:38 2007 us=123461 up_script = ''
Fri Jul 06 09:07:38 2007 us=123477 down_script = ''
Fri Jul 06 09:07:38 2007 us=123494 down_pre = DISABLED
Fri Jul 06 09:07:38 2007 us=123511 up_restart = DISABLED
Fri Jul 06 09:07:38 2007 us=123527 up_delay = DISABLED
Fri Jul 06 09:07:38 2007 us=123544 daemon = DISABLED
Fri Jul 06 09:07:38 2007 us=123561 inetd = 0
Fri Jul 06 09:07:38 2007 us=123578 log = DISABLED
Fri Jul 06 09:07:38 2007 us=123596 suppress_timestamps = DISABLED
Fri Jul 06 09:07:38 2007 us=123613 nice = 0
Fri Jul 06 09:07:38 2007 us=123630 verbosity = 5
Fri Jul 06 09:07:38 2007 us=251397 mute = 0
Fri Jul 06 09:07:38 2007 us=251438 gremlin = 0
Fri Jul 06 09:07:38 2007 us=251455 status_file = ''
Fri Jul 06 09:07:38 2007 us=251473 status_file_version = 1
Fri Jul 06 09:07:38 2007 us=251489 status_file_update_freq = 60
Fri Jul 06 09:07:38 2007 us=251505 occ = ENABLED
Fri Jul 06 09:07:38 2007 us=251520 rcvbuf = 0
Fri Jul 06 09:07:38 2007 us=251535 sndbuf = 0
Fri Jul 06 09:07:38 2007 us=251555 socks_proxy_server = ''
Fri Jul 06 09:07:38 2007 us=251589 socks_proxy_port = 0
Fri Jul 06 09:07:38 2007 us=251606 socks_proxy_retry = DISABLED
Fri Jul 06 09:07:38 2007 us=251623 fast_io = DISABLED
Fri Jul 06 09:07:38 2007 us=251640 comp_lzo = ENABLED
Fri Jul 06 09:07:38 2007 us=251657 comp_lzo_adaptive = ENABLED
Fri Jul 06 09:07:38 2007 us=251674 route_script = ''
Fri Jul 06 09:07:38 2007 us=251691 route_default_gateway = ''
Fri Jul 06 09:07:38 2007 us=251709 route_noexec = DISABLED
Fri Jul 06 09:07:38 2007 us=300765 route_delay = 0
Fri Jul 06 09:07:38 2007 us=300800 route_delay_window = 30
Fri Jul 06 09:07:38 2007 us=300818 route_delay_defined = ENABLED
Fri Jul 06 09:07:38 2007 us=300835 management_addr = ''
Fri Jul 06 09:07:38 2007 us=300853 management_port = 0
Fri Jul 06 09:07:38 2007 us=300870 management_user_pass = ''
Fri Jul 06 09:07:38 2007 us=300888 management_log_history_cache = 250
Fri Jul 06 09:07:38 2007 us=300907 management_echo_buffer_size = 100
Fri Jul 06 09:07:38 2007 us=300924 management_query_passwords = DISABLED
Fri Jul 06 09:07:38 2007 us=300943 management_hold = DISABLED
Fri Jul 06 09:07:38 2007 us=300961 shared_secret_file = ''
Fri Jul 06 09:07:38 2007 us=300979 key_direction = 0
Fri Jul 06 09:07:38 2007 us=300995 ciphername_defined = ENABLED
Fri Jul 06 09:07:38 2007 us=301024 ciphername = 'BF-CBC'
Fri Jul 06 09:07:38 2007 us=301041 authname_defined = ENABLED
Fri Jul 06 09:07:38 2007 us=301058 authname = 'SHA1'
Fri Jul 06 09:07:38 2007 us=371355 keysize = 0
Fri Jul 06 09:07:38 2007 us=371390 engine = DISABLED
Fri Jul 06 09:07:38 2007 us=371406 replay = ENABLED
Fri Jul 06 09:07:38 2007 us=371423 mute_replay_warnings = DISABLED
Fri Jul 06 09:07:38 2007 us=371439 replay_window = 0
Fri Jul 06 09:07:38 2007 us=371457 replay_time = 0
Fri Jul 06 09:07:38 2007 us=371475 packet_id_file = ''
Fri Jul 06 09:07:38 2007 us=371492 use_iv = ENABLED
Fri Jul 06 09:07:38 2007 us=371508 test_crypto = DISABLED
Fri Jul 06 09:07:38 2007 us=371525 tls_server = DISABLED
Fri Jul 06 09:07:38 2007 us=371542 tls_client = ENABLED
Fri Jul 06 09:07:38 2007 us=371558 key_method = 2
Fri Jul 06 09:07:38 2007 us=371575 ca_file = 'ca.crt'
Fri Jul 06 09:07:38 2007 us=371592 dh_file = ''
Fri Jul 06 09:07:38 2007 us=371608 cert_file = 'xuzhendong.crt'
Fri Jul 06 09:07:38 2007 us=371626 priv_key_file = 'xuzhendong.key'
Fri Jul 06 09:07:38 2007 us=371642 pkcs12_file = ''
Fri Jul 06 09:07:38 2007 us=434780 cryptoapi_cert = ''
Fri Jul 06 09:07:38 2007 us=435147 cipher_list = ''
Fri Jul 06 09:07:38 2007 us=435168 tls_verify = ''
Fri Jul 06 09:07:38 2007 us=435185 tls_remote = ''
Fri Jul 06 09:07:38 2007 us=435201 crl_file = ''
Fri Jul 06 09:07:38 2007 us=435218 ns_cert_type = 0
Fri Jul 06 09:07:38 2007 us=435234 tls_timeout = 2
Fri Jul 06 09:07:38 2007 us=435250 renegotiate_bytes = 0
Fri Jul 06 09:07:38 2007 us=435267 renegotiate_packets = 0
Fri Jul 06 09:07:38 2007 us=435284 renegotiate_seconds = 3600
Fri Jul 06 09:07:38 2007 us=435301 handshake_window = 60
Fri Jul 06 09:07:38 2007 us=435318 transition_window = 3600
Fri Jul 06 09:07:38 2007 us=435334 single_session = DISABLED
Fri Jul 06 09:07:38 2007 us=435350 tls_exit = DISABLED
Fri Jul 06 09:07:38 2007 us=435367 tls_auth_file = ''
Fri Jul 06 09:07:38 2007 us=435411 server_network = 0.0.0.0
Fri Jul 06 09:07:38 2007 us=499296 server_netmask = 0.0.0.0
Fri Jul 06 09:07:38 2007 us=499334 server_bridge_ip = 0.0.0.0
Fri Jul 06 09:07:38 2007 us=499353 server_bridge_netmask = 0.0.0.0
Fri Jul 06 09:07:38 2007 us=499372 server_bridge_pool_start = 0.0.0.0
Fri Jul 06 09:07:38 2007 us=499391 server_bridge_pool_end = 0.0.0.0
Fri Jul 06 09:07:38 2007 us=499408 ifconfig_pool_defined = DISABLED
Fri Jul 06 09:07:38 2007 us=499427 ifconfig_pool_start = 0.0.0.0
Fri Jul 06 09:07:38 2007 us=499446 ifconfig_pool_end = 0.0.0.0
Fri Jul 06 09:07:38 2007 us=499465 ifconfig_pool_netmask = 0.0.0.0
Fri Jul 06 09:07:38 2007 us=499486 ifconfig_pool_persist_filename = ''
Fri Jul 06 09:07:38 2007 us=499505 ifconfig_pool_persist_refresh_freq = 600
Fri Jul 06 09:07:38 2007 us=499522 ifconfig_pool_linear = DISABLED
Fri Jul 06 09:07:38 2007 us=499540 n_bcast_buf = 256
Fri Jul 06 09:07:38 2007 us=499557 tcp_queue_limit = 64
Fri Jul 06 09:07:38 2007 us=499574 real_hash_size = 256
Fri Jul 06 09:07:38 2007 us=556649 virtual_hash_size = 256
Fri Jul 06 09:07:38 2007 us=556684 client_connect_script = ''
Fri Jul 06 09:07:38 2007 us=556704 learn_address_script = ''
Fri Jul 06 09:07:38 2007 us=556722 client_disconnect_script = ''
Fri Jul 06 09:07:38 2007 us=556739 client_config_dir = ''
Fri Jul 06 09:07:38 2007 us=556755 ccd_exclusive = DISABLED
Fri Jul 06 09:07:38 2007 us=556772 tmp_dir = ''
Fri Jul 06 09:07:38 2007 us=556790 push_ifconfig_defined = DISABLED
Fri Jul 06 09:07:38 2007 us=556811 push_ifconfig_local = 0.0.0.0
Fri Jul 06 09:07:38 2007 us=556830 push_ifconfig_remote_netmask = 0.0.0.0
Fri Jul 06 09:07:38 2007 us=556848 enable_c2c = DISABLED
Fri Jul 06 09:07:38 2007 us=556876 duplicate_cn = DISABLED
Fri Jul 06 09:07:38 2007 us=556893 cf_max = 0
Fri Jul 06 09:07:38 2007 us=556910 cf_per = 0
Fri Jul 06 09:07:38 2007 us=556927 max_clients = 1024
Fri Jul 06 09:07:38 2007 us=609838 max_routes_per_client = 256
Fri Jul 06 09:07:38 2007 us=609874 client_cert_not_required = DISABLED
Fri Jul 06 09:07:38 2007 us=609893 username_as_common_name = DISABLED
Fri Jul 06 09:07:38 2007 us=609913 auth_user_pass_verify_script = ''
Fri Jul 06 09:07:38 2007 us=609933 auth_user_pass_verify_script_via_file = DISABLED
Fri Jul 06 09:07:38 2007 us=609950 client = ENABLED
Fri Jul 06 09:07:38 2007 us=609966 pull = ENABLED
Fri Jul 06 09:07:38 2007 us=609983 auth_user_pass_file = ''
Fri Jul 06 09:07:38 2007 us=610006 show_net_up = DISABLED
Fri Jul 06 09:07:38 2007 us=610023 route_method = 0
Fri Jul 06 09:07:38 2007 us=610039 ip_win32_defined = DISABLED
Fri Jul 06 09:07:38 2007 us=610056 ip_win32_type = 3
Fri Jul 06 09:07:38 2007 us=610073 dhcp_masq_offset = 0
Fri Jul 06 09:07:38 2007 us=610090 dhcp_lease_time = 31536000
Fri Jul 06 09:07:38 2007 us=610107 tap_sleep = 0
Fri Jul 06 09:07:38 2007 us=676896 dhcp_options = DISABLED
Fri Jul 06 09:07:38 2007 us=676931 dhcp_renew = DISABLED
Fri Jul 06 09:07:38 2007 us=676948 dhcp_pre_release = DISABLED
Fri Jul 06 09:07:38 2007 us=676965 dhcp_release = DISABLED
Fri Jul 06 09:07:38 2007 us=677120 domain = ''
Fri Jul 06 09:07:38 2007 us=677138 netbios_scope = ''
Fri Jul 06 09:07:38 2007 us=677155 netbios_node_type = 0
Fri Jul 06 09:07:38 2007 us=677171 disable_nbt = DISABLED
Fri Jul 06 09:07:38 2007 us=677208 OpenVPN 2.0.9 Win32-MinGW built on Oct 1 2006
Fri Jul 06 09:07:38 2007 us=677418 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Fri Jul 06 09:07:38 2007 us=677443 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Fri Jul 06 09:07:38 2007 us=678352 Cannot load certificate file xuzhendong.crt: error:0906D06C:PEM routines:PEM_read_bio:no start line: error:140AD009:SSL routines:SSL_CTX_use_certificate_file:PEM lib
Fri Jul 06 09:07:38 2007 us=733973 Exiting
怎麼會說No server certificate verification method has been enabled,這個是什麼意思啊?
《解決方案》
xuzhendong.crt:有問題。
重新分發你的證書
日誌里說的很清楚的啊
《解決方案》
一看就是證書有問題,