歡迎您光臨本站 註冊首頁

【求助】freebsd 6.1下安裝的openvpn2.0.9,windows 客戶端撥補上

伺服器: freebsd 6.1 , openvpn2.0.9,安裝好了啟動沒有報錯,伺服器是單網卡,地址是192.168.0.7,
             server.conf中的地址配置如下:192.168.10.0 255.255.255.0
客戶端:windows xp sp2.防火牆通通關掉了。
在連接的時候連不上,日誌如下:
                Fri Jul 06 09:07:38 2007 us=122008 Current Parameter Settings:
Fri Jul 06 09:07:38 2007 us=122106   config = 'client.ovpn'
Fri Jul 06 09:07:38 2007 us=122124   mode = 0
Fri Jul 06 09:07:38 2007 us=122141   show_ciphers = DISABLED
Fri Jul 06 09:07:38 2007 us=122157   show_digests = DISABLED
Fri Jul 06 09:07:38 2007 us=122174   show_engines = DISABLED
Fri Jul 06 09:07:38 2007 us=122190   genkey = DISABLED
Fri Jul 06 09:07:38 2007 us=122207   key_pass_file = ''
Fri Jul 06 09:07:38 2007 us=122225   show_tls_ciphers = DISABLED
Fri Jul 06 09:07:38 2007 us=122242   proto = 2
Fri Jul 06 09:07:38 2007 us=122257   local = ''
Fri Jul 06 09:07:38 2007 us=122276   remote_list = {'192.168.0.7', 1194}
Fri Jul 06 09:07:38 2007 us=122294   remote_random = DISABLED
Fri Jul 06 09:07:38 2007 us=122668   local_port = 1194
Fri Jul 06 09:07:38 2007 us=122689   remote_port = 1194
Fri Jul 06 09:07:38 2007 us=122706   remote_float = DISABLED
Fri Jul 06 09:07:38 2007 us=122724   ipchange = ''
Fri Jul 06 09:07:38 2007 us=122741   bind_local = DISABLED
Fri Jul 06 09:07:38 2007 us=122757   dev = 'tun'
Fri Jul 06 09:07:38 2007 us=122773   dev_type = ''
Fri Jul 06 09:07:38 2007 us=122790   dev_node = ''
Fri Jul 06 09:07:38 2007 us=122807   tun_ipv6 = DISABLED
Fri Jul 06 09:07:38 2007 us=122823   ifconfig_local = ''
Fri Jul 06 09:07:38 2007 us=122841   ifconfig_remote_netmask = ''
Fri Jul 06 09:07:38 2007 us=122858   ifconfig_noexec = DISABLED
Fri Jul 06 09:07:38 2007 us=122875   ifconfig_nowarn = DISABLED
Fri Jul 06 09:07:38 2007 us=122890   shaper = 0
Fri Jul 06 09:07:38 2007 us=122906   tun_mtu = 1500
Fri Jul 06 09:07:38 2007 us=122923   tun_mtu_defined = ENABLED
Fri Jul 06 09:07:38 2007 us=122940   link_mtu = 1500
Fri Jul 06 09:07:38 2007 us=122957   link_mtu_defined = DISABLED
Fri Jul 06 09:07:38 2007 us=122974   tun_mtu_extra = 0
Fri Jul 06 09:07:38 2007 us=122991   tun_mtu_extra_defined = DISABLED
Fri Jul 06 09:07:38 2007 us=123008   fragment = 0
Fri Jul 06 09:07:38 2007 us=123025   mtu_discover_type = -1
Fri Jul 06 09:07:38 2007 us=123042   mtu_test = 0
Fri Jul 06 09:07:38 2007 us=123058   mlock = DISABLED
Fri Jul 06 09:07:38 2007 us=123075   keepalive_ping = 0
Fri Jul 06 09:07:38 2007 us=123091   keepalive_timeout = 0
Fri Jul 06 09:07:38 2007 us=123108   inactivity_timeout = 0
Fri Jul 06 09:07:38 2007 us=123124   ping_send_timeout = 0
Fri Jul 06 09:07:38 2007 us=123141   ping_rec_timeout = 0
Fri Jul 06 09:07:38 2007 us=123159   ping_rec_timeout_action = 0
Fri Jul 06 09:07:38 2007 us=123176   ping_timer_remote = DISABLED
Fri Jul 06 09:07:38 2007 us=123193   remap_sigusr1 = 0
Fri Jul 06 09:07:38 2007 us=123210   explicit_exit_notification = 0
Fri Jul 06 09:07:38 2007 us=123227   persist_tun = ENABLED
Fri Jul 06 09:07:38 2007 us=123263   persist_local_ip = DISABLED
Fri Jul 06 09:07:38 2007 us=123291   persist_remote_ip = DISABLED
Fri Jul 06 09:07:38 2007 us=123308   persist_key = ENABLED
Fri Jul 06 09:07:38 2007 us=123326   mssfix = 1450
Fri Jul 06 09:07:38 2007 us=123344   resolve_retry_seconds = 1000000000
Fri Jul 06 09:07:38 2007 us=123361   connect_retry_seconds = 5
Fri Jul 06 09:07:38 2007 us=123377   username = ''
Fri Jul 06 09:07:38 2007 us=123394   groupname = ''
Fri Jul 06 09:07:38 2007 us=123411   chroot_dir = ''
Fri Jul 06 09:07:38 2007 us=123428   cd_dir = ''
Fri Jul 06 09:07:38 2007 us=123444   writepid = ''
Fri Jul 06 09:07:38 2007 us=123461   up_script = ''
Fri Jul 06 09:07:38 2007 us=123477   down_script = ''
Fri Jul 06 09:07:38 2007 us=123494   down_pre = DISABLED
Fri Jul 06 09:07:38 2007 us=123511   up_restart = DISABLED
Fri Jul 06 09:07:38 2007 us=123527   up_delay = DISABLED
Fri Jul 06 09:07:38 2007 us=123544   daemon = DISABLED
Fri Jul 06 09:07:38 2007 us=123561   inetd = 0
Fri Jul 06 09:07:38 2007 us=123578   log = DISABLED
Fri Jul 06 09:07:38 2007 us=123596   suppress_timestamps = DISABLED
Fri Jul 06 09:07:38 2007 us=123613   nice = 0
Fri Jul 06 09:07:38 2007 us=123630   verbosity = 5
Fri Jul 06 09:07:38 2007 us=251397   mute = 0
Fri Jul 06 09:07:38 2007 us=251438   gremlin = 0
Fri Jul 06 09:07:38 2007 us=251455   status_file = ''
Fri Jul 06 09:07:38 2007 us=251473   status_file_version = 1
Fri Jul 06 09:07:38 2007 us=251489   status_file_update_freq = 60
Fri Jul 06 09:07:38 2007 us=251505   occ = ENABLED
Fri Jul 06 09:07:38 2007 us=251520   rcvbuf = 0
Fri Jul 06 09:07:38 2007 us=251535   sndbuf = 0
Fri Jul 06 09:07:38 2007 us=251555   socks_proxy_server = ''
Fri Jul 06 09:07:38 2007 us=251589   socks_proxy_port = 0
Fri Jul 06 09:07:38 2007 us=251606   socks_proxy_retry = DISABLED
Fri Jul 06 09:07:38 2007 us=251623   fast_io = DISABLED
Fri Jul 06 09:07:38 2007 us=251640   comp_lzo = ENABLED
Fri Jul 06 09:07:38 2007 us=251657   comp_lzo_adaptive = ENABLED
Fri Jul 06 09:07:38 2007 us=251674   route_script = ''
Fri Jul 06 09:07:38 2007 us=251691   route_default_gateway = ''
Fri Jul 06 09:07:38 2007 us=251709   route_noexec = DISABLED
Fri Jul 06 09:07:38 2007 us=300765   route_delay = 0
Fri Jul 06 09:07:38 2007 us=300800   route_delay_window = 30
Fri Jul 06 09:07:38 2007 us=300818   route_delay_defined = ENABLED
Fri Jul 06 09:07:38 2007 us=300835   management_addr = ''
Fri Jul 06 09:07:38 2007 us=300853   management_port = 0
Fri Jul 06 09:07:38 2007 us=300870   management_user_pass = ''
Fri Jul 06 09:07:38 2007 us=300888   management_log_history_cache = 250
Fri Jul 06 09:07:38 2007 us=300907   management_echo_buffer_size = 100
Fri Jul 06 09:07:38 2007 us=300924   management_query_passwords = DISABLED
Fri Jul 06 09:07:38 2007 us=300943   management_hold = DISABLED
Fri Jul 06 09:07:38 2007 us=300961   shared_secret_file = ''
Fri Jul 06 09:07:38 2007 us=300979   key_direction = 0
Fri Jul 06 09:07:38 2007 us=300995   ciphername_defined = ENABLED
Fri Jul 06 09:07:38 2007 us=301024   ciphername = 'BF-CBC'
Fri Jul 06 09:07:38 2007 us=301041   authname_defined = ENABLED
Fri Jul 06 09:07:38 2007 us=301058   authname = 'SHA1'
Fri Jul 06 09:07:38 2007 us=371355   keysize = 0
Fri Jul 06 09:07:38 2007 us=371390   engine = DISABLED
Fri Jul 06 09:07:38 2007 us=371406   replay = ENABLED
Fri Jul 06 09:07:38 2007 us=371423   mute_replay_warnings = DISABLED
Fri Jul 06 09:07:38 2007 us=371439   replay_window = 0
Fri Jul 06 09:07:38 2007 us=371457   replay_time = 0
Fri Jul 06 09:07:38 2007 us=371475   packet_id_file = ''
Fri Jul 06 09:07:38 2007 us=371492   use_iv = ENABLED
Fri Jul 06 09:07:38 2007 us=371508   test_crypto = DISABLED
Fri Jul 06 09:07:38 2007 us=371525   tls_server = DISABLED
Fri Jul 06 09:07:38 2007 us=371542   tls_client = ENABLED
Fri Jul 06 09:07:38 2007 us=371558   key_method = 2
Fri Jul 06 09:07:38 2007 us=371575   ca_file = 'ca.crt'
Fri Jul 06 09:07:38 2007 us=371592   dh_file = ''
Fri Jul 06 09:07:38 2007 us=371608   cert_file = 'xuzhendong.crt'
Fri Jul 06 09:07:38 2007 us=371626   priv_key_file = 'xuzhendong.key'
Fri Jul 06 09:07:38 2007 us=371642   pkcs12_file = ''
Fri Jul 06 09:07:38 2007 us=434780   cryptoapi_cert = ''
Fri Jul 06 09:07:38 2007 us=435147   cipher_list = ''
Fri Jul 06 09:07:38 2007 us=435168   tls_verify = ''
Fri Jul 06 09:07:38 2007 us=435185   tls_remote = ''
Fri Jul 06 09:07:38 2007 us=435201   crl_file = ''
Fri Jul 06 09:07:38 2007 us=435218   ns_cert_type = 0
Fri Jul 06 09:07:38 2007 us=435234   tls_timeout = 2
Fri Jul 06 09:07:38 2007 us=435250   renegotiate_bytes = 0
Fri Jul 06 09:07:38 2007 us=435267   renegotiate_packets = 0
Fri Jul 06 09:07:38 2007 us=435284   renegotiate_seconds = 3600
Fri Jul 06 09:07:38 2007 us=435301   handshake_window = 60
Fri Jul 06 09:07:38 2007 us=435318   transition_window = 3600
Fri Jul 06 09:07:38 2007 us=435334   single_session = DISABLED
Fri Jul 06 09:07:38 2007 us=435350   tls_exit = DISABLED
Fri Jul 06 09:07:38 2007 us=435367   tls_auth_file = ''
Fri Jul 06 09:07:38 2007 us=435411   server_network = 0.0.0.0
Fri Jul 06 09:07:38 2007 us=499296   server_netmask = 0.0.0.0
Fri Jul 06 09:07:38 2007 us=499334   server_bridge_ip = 0.0.0.0
Fri Jul 06 09:07:38 2007 us=499353   server_bridge_netmask = 0.0.0.0
Fri Jul 06 09:07:38 2007 us=499372   server_bridge_pool_start = 0.0.0.0
Fri Jul 06 09:07:38 2007 us=499391   server_bridge_pool_end = 0.0.0.0
Fri Jul 06 09:07:38 2007 us=499408   ifconfig_pool_defined = DISABLED
Fri Jul 06 09:07:38 2007 us=499427   ifconfig_pool_start = 0.0.0.0
Fri Jul 06 09:07:38 2007 us=499446   ifconfig_pool_end = 0.0.0.0
Fri Jul 06 09:07:38 2007 us=499465   ifconfig_pool_netmask = 0.0.0.0
Fri Jul 06 09:07:38 2007 us=499486   ifconfig_pool_persist_filename = ''
Fri Jul 06 09:07:38 2007 us=499505   ifconfig_pool_persist_refresh_freq = 600
Fri Jul 06 09:07:38 2007 us=499522   ifconfig_pool_linear = DISABLED
Fri Jul 06 09:07:38 2007 us=499540   n_bcast_buf = 256
Fri Jul 06 09:07:38 2007 us=499557   tcp_queue_limit = 64
Fri Jul 06 09:07:38 2007 us=499574   real_hash_size = 256
Fri Jul 06 09:07:38 2007 us=556649   virtual_hash_size = 256
Fri Jul 06 09:07:38 2007 us=556684   client_connect_script = ''
Fri Jul 06 09:07:38 2007 us=556704   learn_address_script = ''
Fri Jul 06 09:07:38 2007 us=556722   client_disconnect_script = ''
Fri Jul 06 09:07:38 2007 us=556739   client_config_dir = ''
Fri Jul 06 09:07:38 2007 us=556755   ccd_exclusive = DISABLED
Fri Jul 06 09:07:38 2007 us=556772   tmp_dir = ''
Fri Jul 06 09:07:38 2007 us=556790   push_ifconfig_defined = DISABLED
Fri Jul 06 09:07:38 2007 us=556811   push_ifconfig_local = 0.0.0.0
Fri Jul 06 09:07:38 2007 us=556830   push_ifconfig_remote_netmask = 0.0.0.0
Fri Jul 06 09:07:38 2007 us=556848   enable_c2c = DISABLED
Fri Jul 06 09:07:38 2007 us=556876   duplicate_cn = DISABLED
Fri Jul 06 09:07:38 2007 us=556893   cf_max = 0
Fri Jul 06 09:07:38 2007 us=556910   cf_per = 0
Fri Jul 06 09:07:38 2007 us=556927   max_clients = 1024
Fri Jul 06 09:07:38 2007 us=609838   max_routes_per_client = 256
Fri Jul 06 09:07:38 2007 us=609874   client_cert_not_required = DISABLED
Fri Jul 06 09:07:38 2007 us=609893   username_as_common_name = DISABLED
Fri Jul 06 09:07:38 2007 us=609913   auth_user_pass_verify_script = ''
Fri Jul 06 09:07:38 2007 us=609933   auth_user_pass_verify_script_via_file = DISABLED
Fri Jul 06 09:07:38 2007 us=609950   client = ENABLED
Fri Jul 06 09:07:38 2007 us=609966   pull = ENABLED
Fri Jul 06 09:07:38 2007 us=609983   auth_user_pass_file = ''
Fri Jul 06 09:07:38 2007 us=610006   show_net_up = DISABLED
Fri Jul 06 09:07:38 2007 us=610023   route_method = 0
Fri Jul 06 09:07:38 2007 us=610039   ip_win32_defined = DISABLED
Fri Jul 06 09:07:38 2007 us=610056   ip_win32_type = 3
Fri Jul 06 09:07:38 2007 us=610073   dhcp_masq_offset = 0
Fri Jul 06 09:07:38 2007 us=610090   dhcp_lease_time = 31536000
Fri Jul 06 09:07:38 2007 us=610107   tap_sleep = 0
Fri Jul 06 09:07:38 2007 us=676896   dhcp_options = DISABLED
Fri Jul 06 09:07:38 2007 us=676931   dhcp_renew = DISABLED
Fri Jul 06 09:07:38 2007 us=676948   dhcp_pre_release = DISABLED
Fri Jul 06 09:07:38 2007 us=676965   dhcp_release = DISABLED
Fri Jul 06 09:07:38 2007 us=677120   domain = ''
Fri Jul 06 09:07:38 2007 us=677138   netbios_scope = ''
Fri Jul 06 09:07:38 2007 us=677155   netbios_node_type = 0
Fri Jul 06 09:07:38 2007 us=677171   disable_nbt = DISABLED
Fri Jul 06 09:07:38 2007 us=677208 OpenVPN 2.0.9 Win32-MinGW built on Oct  1 2006
Fri Jul 06 09:07:38 2007 us=677418 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Fri Jul 06 09:07:38 2007 us=677443 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Fri Jul 06 09:07:38 2007 us=678352 Cannot load certificate file xuzhendong.crt: error:0906D06C:PEM routines:PEM_read_bio:no start line: error:140AD009:SSL routines:SSL_CTX_use_certificate_file:PEM lib
Fri Jul 06 09:07:38 2007 us=733973 Exiting


怎麼會說No server certificate verification method has been enabled,這個是什麼意思啊?
《解決方案》

xuzhendong.crt:有問題。

重新分發你的證書
日誌里說的很清楚的啊
《解決方案》

一看就是證書有問題,

[火星人 ] 【求助】freebsd 6.1下安裝的openvpn2.0.9,windows 客戶端撥補上已經有628次圍觀

http://coctec.com/docs/service/show-post-37681.html