Hi,
Kinsa to mga maayo sa openvpn, hinaut makatabang mo.
Am trying to set-up a server-client connection using OpenVPN. Am using DD-WRT router to be the server and a laptop as a client. Maybe makatabng mo unsay sayop sa config file, either sa server or sa client.
Mao ni and log when I tried connection:
Mon Apr 05 14:53:01 2010 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Mon Apr 05 14:53:01 2010 LZO compression initialized
Mon Apr 05 14:53:01 2010 UDPv4 link local: [undef]
Mon Apr 05 14:53:01 2010 UDPv4 link remote: xxx.xxx.xxx.xxx:1194
Mon Apr 05 14:54:01 2010 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mon Apr 05 14:54:01 2010 TLS Error: TLS handshake failed
Mon Apr 05 14:54:01 2010 SIGUSR1[soft,tls-error] received, process restarting
Mao ni akong client config file:
client
dev tap
#dev-node MyTAP #If you renamed your TAP interface or have more than one TAP interface then remove the # at the beginning and change "MyTAP" to its name
proto udp
remote xxx.dyndns.org 1194 #You will need to enter you dyndns account or static IP address here. The number following it is the port you set in the server's config
route 10.10.1.1 255.255.255.0 vpn_gateway 3 #This it the IP address scheme and subnet of your normal network your server is on. Your router would usually be 192.168.1.1
resolv-retry infinite
nobind
persist-key
persist-tun
ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\client1.crt" # Change the next two lines to match the files in the keys directory. This should be be different for each client.
key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\client1.key" # This file should be kept secret
ns-cert-type server
cipher BF-CBC # Blowfish (default) encrytion
comp-lzo
verb 1
Mao sad ni ang server config file:
push "route 10.10.1.0 255.255.255.0"
server 10.10.10.0 255.255.255.0
dev tun0
proto udp
keepalive 10 120
dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem
# Only use crl-verify if you are using the revoke list - otherwise leave it commented out
# crl-verify /tmp/openvpn/ca.crl
# management parameter allows DD-WRT's OpenVPN Status web page to access the server's management port
# port must be 5001 for scripts embedded in firmware to work
management localhost 5001
Salamat daan sa makatabang.
OpenVPN connection error
Originally Posted by aenmelendez
Reply With Quote
Posting Permissions
