luo 于 2009-05-29 16:59(15 年以前) 发表:
按楼主的配置,winxp连接openvpn一直提示‘connecting to client has failed’,下面是客户端的日志。楼主帮我看看
Fri May 29 15:03:43 2009 OpenVPN 2.0.5 Win32-MinGW [SSL] [LZO] built on Nov 2 2005
Fri May 29 15:03:43 2009 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Fri May 29 15:03:43 2009 LZO compression initialized
Fri May 29 15:03:43 2009 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Fri May 29 15:03:43 2009 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Fri May 29 15:03:43 2009 Local Options hash (VER=V4): '69109d17'
Fri May 29 15:03:43 2009 Expected Remote Options hash (VER=V4): 'c0103fa8'
Fri May 29 15:03:43 2009 Attempting to establish TCP connection with 192.168.1.222:1194
Fri May 29 15:03:43 2009 TCP connection established with 192.168.1.222:1194
Fri May 29 15:03:43 2009 TCPv4_CLIENT link local: [undef]
Fri May 29 15:03:43 2009 TCPv4_CLIENT link remote: 192.168.1.222:1194
Fri May 29 15:03:43 2009 TLS: Initial packet from 192.168.1.222:1194, sid=9e2dc9b0 29a67f10
Fri May 29 15:03:43 2009 VERIFY OK: depth=1, /C=CN/ST=GD/L=SZ/O=kemei/OU=kemei/CN=server/emailAddress=system-one@163.com
Fri May 29 15:03:43 2009 VERIFY OK: nsCertType=SERVER
Fri May 29 15:03:43 2009 VERIFY OK: depth=0, /C=CN/ST=GD/O=kemei/OU=kemei/CN=server/emailAddress=system-one@163.com
Fri May 29 15:03:43 2009 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri May 29 15:03:43 2009 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri May 29 15:03:43 2009 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri May 29 15:03:43 2009 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri May 29 15:03:43 2009 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Fri May 29 15:03:43 2009 [server] Peer Connection Initiated with 192.168.1.222:1194
Fri May 29 15:03:45 2009 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Fri May 29 15:03:45 2009 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 10.8.0.1,route 10.8.0.0 255.255.255.0,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Fri May 29 15:03:45 2009 OPTIONS IMPORT: timers and/or timeouts modified
Fri May 29 15:03:45 2009 OPTIONS IMPORT: --ifconfig/up options modified
Fri May 29 15:03:45 2009 OPTIONS IMPORT: route options modified
Fri May 29 15:03:45 2009 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri May 29 15:03:45 2009 There are no TAP-Win32 adapters on this system. You should be able to create a TAP-Win32 adapter by going to Start -> All Programs -> OpenVPN -> Add a new TAP-Win32 virtual ethernet adapter.
Fri May 29 15:03:45 2009 Exiting
XiaoHui 回复于 2009-05-30 00:05:
>> Fri May 29 15:03:45 2009 There are no TAP-Win32 adapters on this system. You should be able to create a TAP-Win32 adapter by going to Start -> All Programs -> OpenVPN -> Add a new TAP-Win32 virtual ethernet adapter
看这句LOG, 貌似是你 TAP 的驱动没装上?
luo 于 2009-06-05 17:27(15 年以前) 发表:
客户端连入服务端后。可以ping通服务端的lan wan tun ip,,但是连接服务端的lan同一交换下的电脑,有的可以连通,有的不行,,就比如127 77 5 212 这些IP都可以连通,其它IP又不能联通,不知道是什么原因,是因为路由的原因吗?获取的掩码是255.255.255.252,而且拔入后访问共享,比如访问77这台的默认共享c$,不需要提示输入用户和密码,直接就可以打开共享了,这我觉得有安全问题,这问xiaohui这是什么原因,怎么解决呀。
XiaoHui 回复于 2009-06-05 18:06:
我装 VPN 只是为了穿墙,这种情况我不知道,没折腾过。不好意思。:)