|
沙发
楼主 |
发表于 2018-7-3 11:19:05
|
只看该作者
本帖最后由 coolglay 于 2018-7-3 11:25 编辑
把配置快件改成.ovpn后,终于可以连接了,但出错,日志如下
Tue Jul 03 11:16:59 2018 OpenVPN 2.4.6 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 26 2018
Tue Jul 03 11:16:59 2018 Windows version 6.1 (Windows 7) 64bit
Tue Jul 03 11:16:59 2018 library versions: OpenSSL 1.1.0h 27 Mar 2018, LZO 2.10
Enter Management Password:
Tue Jul 03 11:16:59 2018 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Tue Jul 03 11:16:59 2018 Need hold release from management interface, waiting...
Tue Jul 03 11:17:00 2018 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Tue Jul 03 11:17:00 2018 MANAGEMENT: CMD 'state on'
Tue Jul 03 11:17:00 2018 MANAGEMENT: CMD 'log all on'
Tue Jul 03 11:17:00 2018 MANAGEMENT: CMD 'echo all on'
Tue Jul 03 11:17:00 2018 MANAGEMENT: CMD 'bytecount 5'
Tue Jul 03 11:17:00 2018 MANAGEMENT: CMD 'hold off'
Tue Jul 03 11:17:00 2018 MANAGEMENT: CMD 'hold release'
Tue Jul 03 11:17:12 2018 MANAGEMENT: CMD 'username "Auth" "rex"'
Tue Jul 03 11:17:12 2018 MANAGEMENT: CMD 'password [...]'
Tue Jul 03 11:17:12 2018 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue Jul 03 11:17:12 2018 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1400)
Tue Jul 03 11:17:12 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]139.216.183.69:1194
Tue Jul 03 11:17:12 2018 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Jul 03 11:17:12 2018 UDP link local: (not bound)
Tue Jul 03 11:17:12 2018 UDP link remote: [AF_INET]139.226.173.59:1194
Tue Jul 03 11:17:12 2018 MANAGEMENT: >STATE:1530587832,WAIT,,,,,,
Tue Jul 03 11:17:12 2018 MANAGEMENT: >STATE:1530587832,AUTH,,,,,,
Tue Jul 03 11:17:12 2018 TLS: Initial packet from [AF_INET]139.226.173.59:1194, sid=c7f08ec3 9dc805bf
Tue Jul 03 11:17:12 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Jul 03 11:17:13 2018 VERIFY OK: depth=1, C=CN, O=iKuai, CN=iKuai Device CA
Tue Jul 03 11:17:13 2018 VERIFY OK: depth=0, C=CN, O=iKuai, CN=iKuai OpenVPN Server
Tue Jul 03 11:17:13 2018 Control Channel: TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Tue Jul 03 11:17:13 2018 [iKuai OpenVPN Server] Peer Connection Initiated with [AF_INET]139.226.173.59:1194
Tue Jul 03 11:17:14 2018 MANAGEMENT: >STATE:1530587834,GET_CONFIG,,,,,,
Tue Jul 03 11:17:14 2018 SENT CONTROL [iKuai OpenVPN Server]: 'PUSH_REQUEST' (status=1)
Tue Jul 03 11:17:14 2018 PUSH: Received control message: 'PUSH_REPLY,route 10.7.0.0 255.255.0.0,route 10.7.7.0 255.255.255.0,topology net30,ping 10,ping-restart 60,ifconfig 10.7.7.50 10.7.7.1'
Tue Jul 03 11:17:14 2018 OPTIONS IMPORT: timers and/or timeouts modified
Tue Jul 03 11:17:14 2018 OPTIONS IMPORT: --ifconfig/up options modified
Tue Jul 03 11:17:14 2018 OPTIONS IMPORT: route options modified
Tue Jul 03 11:17:14 2018 Outgoing Data Channel: Cipher 'BF-CBC' initialized with 128 bit key
Tue Jul 03 11:17:14 2018 WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Tue Jul 03 11:17:14 2018 Outgoing Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Jul 03 11:17:14 2018 Incoming Data Channel: Cipher 'BF-CBC' initialized with 128 bit key
Tue Jul 03 11:17:14 2018 WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Tue Jul 03 11:17:14 2018 Incoming Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Jul 03 11:17:14 2018 WARNING: cipher with small block size in use, reducing reneg-bytes to 64MB to mitigate SWEET32 attacks.
Tue Jul 03 11:17:14 2018 MANAGEMENT: Client disconnected
Tue Jul 03 11:17:14 2018 There is a problem in your selection of --ifconfig endpoints [local=10.7.7.50, remote=10.7.7.1]. The local and remote VPN endpoints must exist within the same 255.255.255.252 subnet. This is a limitation of --dev tun when used with the TAP-WIN32 driver. Try 'openvpn --show-valid-subnets' option for more info.
Tue Jul 03 11:17:14 2018 Exiting due to fatal error
|
|