OpenVPN win10客户端连接几个警告信息解决

2020-05-08 · 技术积累 · VPN openvpn

win10客户端使用openvpn软件连接过程中可能会遇到几个红色警告或错误信息，我也是在使用中有遇到这些问题，网上搜索的方法可以解决掉遇到的问题(不保证所有遇到此问题的都可以通过下面方法解决)，特此搜集记录下来

在连接vpn有问题情况下，确认服务和端口是否正常和允许连接，多观察服务端日志和客户端日志的异常输出信息，大概率是客户端参数问题或者配置不正确，或者是网络方面的问题

1 客户端版本也会造成一些警告提示，因为会有些参数在某个版本中不支持了
2 多百度谷歌搜索异常信息，多动手改调整配置参数
3 对于网友们有连接不上遇到错误的可以在下面留言，大家共同讨论解决，留言报错内容的话：尽量把报错那一行日志往前面多复制点

警告1：WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
或者
No sever certificate verficaton method has been enabled.

# 解决，win客户端修改配置文件注释一个和添加一个（如果没有ns-cert-type server这个参数，那只用添加remote-cert-tls server这个参数）
;ns-cert-type server
remote-cert-tls server

警告2： WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this

# 解决，在客户端配置文件添加参数
auth-nocache

警告3：WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1602', remote='link-mtu 1570'
WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'

# 解决
去掉配置文件tun-mtu相关的参数

警告4：(此错误会导致连上vpn无法上网)： us=967576 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
或 write to TUN/TAP : Unknown error (code=122)

# 解决，在客户端配置文件添加参数
comp-lzo

警告5： ROUTE: route addition failed using CreateIpForwardEntry: ÖÁÉÙÓÐһ¸ֲÎÊ�Õýȷc [status=160 if_index=19]

# 解决，在客户端配置文件添加参数
route-method exe
route-delay 2

警告6：AEAD Decrypt error: bad packet ID (may be a replay): [ #141 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings

# 解决，在客户端配置文件添加参数
mute-replay-warnings

警告7: WARNING: --ping should normally be used with --ping-restart or --ping-exit

# 解决，配置文件中参数修改为下面的
# ping 表示每隔多少秒就ping对端一次
# ping-restart/ping-exit 表示在多少秒后没有收到对端的包就重启或者退出
ping 15
ping-restart 15
或者
ping-exit 15

警告8（和客户端版本有关系）: DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). OpenVPN ignores --cipher for cipher negotiations.

# 解决,配置文件中参数修改为下面的
data-ciphers AES-256-CBC
data-ciphers-fallback AES-256-CBC

警告9（和客户端版本有关系）: WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.

# 解决,不启用压缩，配置文件中参数修改为下面的
comp-lzo no
allow-compression no

错误1: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) TLS Error: TLS handshake failed

# 可能的原因1（来自官网的回答 https://openvpn.net/faq/tls-error-tls-key-negotiation-failed-to-occur-within-60-seconds-check-your-network-connectivity/）
1，服务器网络上的外围防火墙正在过滤传入的 OpenVPN 数据包（默认情况下，OpenVPN 使用 UDP 或 TCP 端口号 1194）。
在 OpenVPN 服务器机器上运行的软件防火墙本身正在过滤端口 1194 上的传入连接。请注意，默认情况下许多操作系统将阻止传入连接，除非另有配置。
2，服务器网络上的 NAT 网关没有 TCP/UDP 1194 端口转发规则到 OpenVPN 服务器机器的内部地址。
3，OpenVPN 客户端配置在其配置文件中没有正确的服务器地址。客户端配置文件中的remote指令  必须指向服务器本身或服务器网络网关的公共 IP 地址。
4，另一个可能的原因是 Windows 防火墙阻止了对 openvpn.exe 二进制文件的访问。您可能需要将其列入白名单（将其添加到“例外”列表），OpenVPN 才能正常工作。

# 可能的原因2
配置文件的问题

特别说明：如果客户端连接不上，报错信息没有给出明显的错误，请在服务端的日志中查看日志，会看到是什么原因导致的！
如果同样配置文件已经在其他电脑连接成功，请对比下配置文件内容，有用户密码的核对下和服务端的是否一致
或者两个人用一套证书都连接上了但是有1个人不能上网的，可能是服务器没有开启同一套证书允许多用户使用

客户端连接不上几个提示例子:

提示1：
MANAGEMENT: >STATE:1679479405,TCP_CONNECT,,,,,,(一直卡这很久)
TCP: connect to [AF_INET]x.x.x.x:1194 failed: Unknown error

提示2：
MANAGEMENT: >STATE:1679479100,WAIT,,,,,,
read UDP: Unknown error (code=10054)

提示3：
UDP link remote: [AF_INET]x.x.x.x:1194
MANAGEMENT: >STATE:1679485965,WAIT,,,,,,

以上几种提示是连不上才出现的（客户端连不到服务端） [ ip地址错误或使用协议错误或服务端拒绝连接 ]

客户端的原因导致：
可能是1、客户端和服务端配置的协议不一致
可能是2、端口或地址不正确

服务端的原因导致：
可能是3、服务端服务未启动
可能是4、防火墙阻止了对应的端口和协议

其他原因导致：
1、客户端参数和服务端参数不一致
2、你的网络运营商给openvpn屏蔽了
3、端口或者协议给封掉了

pptp、l2tp、openvpn 都属于常见类型vpn，如果是服务端是国外的地址，使用中突然连不上了也很正常！

客户端和服务端已经建立连接，但是连接过程中协商出错，也会有waring或error的提示，这种都是配置文件中的参数配置的有些问题，或者是缺少了证书文件导致的
[ 和服务端建立连接，建立连接过程中出现身份信息错误或缺少必要的信息 ]

对于网友在本文章留言中出现的公网ip地址，安全起见，博主会在后台用x.x.x.x代替

Centos7 搭建OpenVPN 基于证书认证
 OpenVPN 基于用户密码方式认证

本文最后更新时间 2023-05-30
文章链接地址：https://me.jinchuang.org/archives/573.html
本文内容未来会持续更新·本站文章除注明[转载|引用|原文]出处外,均为本站原生内容,转载前请注明出处

赞赏博主

留言列表

gtgssss

· 安徽省合肥市 · 2023-05-03

Wed May 03 17:08:34 2023 OpenVPN 2.4.12 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Mar 17 2022
Wed May 03 17:08:34 2023 Windows version 6.2 (Windows 8 or greater) 64bit
Wed May 03 17:08:34 2023 library versions: OpenSSL 1.1.1n  15 Mar 2022, LZO 2.10
Wed May 03 17:08:34 2023 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25349
Wed May 03 17:08:34 2023 Need hold release from management interface, waiting...
Wed May 03 17:08:34 2023 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25349
Wed May 03 17:08:35 2023 MANAGEMENT: CMD 'state on'
Wed May 03 17:08:35 2023 MANAGEMENT: CMD 'log all on'
Wed May 03 17:08:35 2023 MANAGEMENT: CMD 'echo all on'
Wed May 03 17:08:35 2023 MANAGEMENT: CMD 'bytecount 5'
Wed May 03 17:08:35 2023 MANAGEMENT: CMD 'hold off'
Wed May 03 17:08:35 2023 MANAGEMENT: CMD 'hold release'
Wed May 03 17:08:36 2023 MANAGEMENT: CMD 'username "Auth" "orx5ozl6jihy88s5jn3yjiiv"'
Wed May 03 17:08:36 2023 MANAGEMENT: CMD 'password [...]'
Wed May 03 17:08:36 2023 NOTE: --fast-io is disabled since we are running on Windows
Wed May 03 17:08:36 2023 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Wed May 03 17:08:36 2023 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Wed May 03 17:08:36 2023 MANAGEMENT: >STATE:1683104916,RESOLVE,,,,,,
Wed May 03 17:08:36 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1195
Wed May 03 17:08:36 2023 Socket Buffers: R=[65536->524288] S=[65536->524288]
Wed May 03 17:08:36 2023 UDP link local: (not bound)
Wed May 03 17:08:36 2023 UDP link remote: [AF_INET]x.x.x.x:1195
Wed May 03 17:08:36 2023 MANAGEMENT: >STATE:1683104916,WAIT,,,,,,
Wed May 03 17:08:36 2023 MANAGEMENT: >STATE:1683104916,AUTH,,,,,,
Wed May 03 17:08:36 2023 TLS: Initial packet from [AF_INET]x.x.x.x:1195, sid=55825622 5143c695
大佬我一直停在这个地方，然后就是60s失败handshake，请问怎么解决啊

charname

· 安徽省合肥市 · 2023-04-28

Fri Apr 28 12:32:34 2023 SIGUSR1[connection failed(soft),init_instance] received, process restarting
Fri Apr 28 12:32:34 2023 MANAGEMENT: >STATE:1682656354,RECONNECTING,init_instance,,,,,
Fri Apr 28 12:32:34 2023 Restart pause, 5 second(s)
Fri Apr 28 12:32:39 2023 NOTE: --fast-io is disabled since we are running on Windows
Fri Apr 28 12:32:39 2023 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Fri Apr 28 12:32:39 2023 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Fri Apr 28 12:32:39 2023 MANAGEMENT: >STATE:1682656359,RESOLVE,,,,,,
Fri Apr 28 12:32:39 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1443
Fri Apr 28 12:32:39 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
Fri Apr 28 12:32:39 2023 Attempting to establish TCP connection with [AF_INET]x.x.x.x:1443 [nonblock]
Fri Apr 28 12:32:39 2023 MANAGEMENT: >STATE:1682656359,TCP_CONNECT,,,,,,
Fri Apr 28 12:34:11 2023 MANAGEMENT: CMD 'signal SIGHUP'
Fri Apr 28 12:34:12 2023 SIGHUP[hard,init_instance] received, process restarting
Fri Apr 28 12:34:12 2023 MANAGEMENT: >STATE:1682656452,RECONNECTING,init_instance,,,,,
Fri Apr 28 12:34:12 2023 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
Fri Apr 28 12:34:12 2023 OpenVPN 2.5.2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 21 2021
Fri Apr 28 12:34:12 2023 Windows version 10.0 (Windows 10 or greater) 64bit
Fri Apr 28 12:34:12 2023 library versions: OpenSSL 1.1.1k  25 Mar 2021, LZO 2.10
Fri Apr 28 12:34:12 2023 Restart pause, 2 second(s)
Fri Apr 28 12:34:14 2023 NOTE: --fast-io is disabled since we are running on Windows
Fri Apr 28 12:34:14 2023 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Fri Apr 28 12:34:14 2023 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Fri Apr 28 12:34:14 2023 MANAGEMENT: >STATE:1682656454,RESOLVE,,,,,,
Fri Apr 28 12:34:14 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Fri Apr 28 12:34:14 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
Fri Apr 28 12:34:14 2023 Attempting to establish TCP connection with [AF_INET]x.x.x.x:1194 [nonblock]
Fri Apr 28 12:34:14 2023 MANAGEMENT: >STATE:1682656454,TCP_CONNECT,,,,,,
Fri Apr 28 12:36:15 2023 TCP: connect to [AF_INET]x.x.x.x:1194 failed: Unknown error
大佬看看是为什么

小学生 · 安徽省合肥市 · 2023-04-26

大佬您好我现在是这样一个问题我昨天VPN还可以正常连接但是今天确连不上了中间没有断电只是昨天晚上使用Mac连接了一会
现在server端：
# netstat -tunlp | grep 1194
tcp 0 0 192.168.1.40:1194 0.0.0.0:* LISTEN 19105/openvpn
客户端：跟提示1一样
Wed Apr 26 18:28:41 2023 TCP: connect to [AF_INET]x.x.x.x:1194 failed: Unknown error

ddd

· 安徽省合肥市 · 2023-04-11

大佬，请教一下，我的openVPN服务器配置内容

port 1194
proto udp
dev tun

ca /etc/openvpn/dcwhsa/ca.crt
cert /etc/openvpn/dcwhsa/server.crt
key /etc/openvpn/dcwhsa/server.key

dh /etc/openvpn/dh.pem

server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt

push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"

keepalive 10 120
comp-lzo
cipher AES-256-CBC

user nobody
group nobody

persist-key
persist-tun

status openvpn-status.log
verb 3


#tls-auth /etc/openvpn/easy-rsa/ta.key 0
#script-security 2
#auth-user-pass-verify /etc/openvpn/checkpsw.sh via-env

我的客户端配置内容

client
dev tun
proto udp
remote x.x.x.x 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client-dcw.crt
key client-dcw.key
cipher AES-256-CBC
comp-lzo
verb 3

#tls-auth ta.key 1 
#remote-cert-tls server

dhcp-option DNS 208.67.222.222
dhcp-option DNS 208.67.220.220

但是我连接不上openVPN，服务器的日志是这个

Apr 11 15:47:29 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:47:29 2023 x.x.x.x:65202 TLS: Initial packet from [AF_INET]x.x.x.x:65202, sid=81170ca5 945fa009
[root@cloud-rs81b1-9bla ~]# sudo cat /var/log/messages
Apr 11 15:47:29 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:47:29 2023 x.x.x.x:65202 TLS: Initial packet from [AF_INET]x.x.x.x:65202, sid=81170ca5 945fa009
Apr 11 15:47:48 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:47:48 2023 x.x.x.x:50189 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Apr 11 15:47:48 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:47:48 2023 x.x.x.x:50189 TLS Error: TLS handshake failed
Apr 11 15:47:48 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:47:48 2023 x.x.x.x:50189 SIGUSR1[soft,tls-error] received, client-instance restarting
Apr 11 15:48:29 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:48:29 2023 x.x.x.x:65202 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Apr 11 15:48:29 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:48:29 2023 x.x.x.x:65202 TLS Error: TLS handshake failed
Apr 11 15:48:29 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:48:29 2023 x.x.x.x:65202 SIGUSR1[soft,tls-error] received, client-instance restarting
Apr 11 15:48:34 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:48:34 2023 x.x.x.x:59805 TLS: Initial packet from [AF_INET]x.x.x.x:59805, sid=cef72e54 5a894bbe

请问是什么原因呢

J.C · 中国移动 · 2023-04-11

看错误主要错误还是tls 60秒内协商失败，什么原因我也说不好，可能证书不匹配，或者有安全限制的拦截，或者配置问题导致超时，你的配置文件我看了，服务端启动没报错服务能起来就没啥问题，客户端主要看连接有问题时有啥提示，你可以结合下客户端的提示错误做一些修改试试
1. ddd · 安徽省合肥市 · 2023-04-11
  客户端的提示一直在等待服务器响应，然后我在服务器尝试ping了我客户端的公网ip发现ping不通，客户端卡在了这一步
```
Tue Apr 11 17:13:40 2023 OpenVPN 2.4.12 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Mar 17 2022
Tue Apr 11 17:13:40 2023 Windows version 6.1 (Windows 7) 64bit
Tue Apr 11 17:13:40 2023 library versions: OpenSSL 1.1.1n  15 Mar 2022, LZO 2.10
Enter Management Password:
Tue Apr 11 17:13:40 2023 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Tue Apr 11 17:13:40 2023 Need hold release from management interface, waiting...
Tue Apr 11 17:13:40 2023 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Tue Apr 11 17:13:41 2023 MANAGEMENT: CMD 'state on'
Tue Apr 11 17:13:41 2023 MANAGEMENT: CMD 'log all on'
Tue Apr 11 17:13:41 2023 MANAGEMENT: CMD 'echo all on'
Tue Apr 11 17:13:41 2023 MANAGEMENT: CMD 'bytecount 5'
Tue Apr 11 17:13:41 2023 MANAGEMENT: CMD 'hold off'
Tue Apr 11 17:13:41 2023 MANAGEMENT: CMD 'hold release'
Tue Apr 11 17:13:41 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Tue Apr 11 17:13:44 2023 MANAGEMENT: CMD 'password [...]'
Tue Apr 11 17:13:44 2023 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Apr 11 17:13:44 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Tue Apr 11 17:13:44 2023 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Apr 11 17:13:44 2023 UDP link local: (not bound)
Tue Apr 11 17:13:44 2023 UDP link remote: [AF_INET]x.x.x.x:1194
Tue Apr 11 17:13:44 2023 MANAGEMENT: >STATE:1681204424,WAIT,,,,,,，
```
  另一个现象是客户端连接的时候有发送数据大小，但是接收字节为0，所以是不是因为我服务器访问不了我客户端的原因呢？
  1. J.C · 安徽省六安市 · 2023-04-11
    
    你客户端ping服务器只要通就行，你尝试更换下端口再连接试试
    
    ddd · 安徽省合肥市 · 2023-04-11
    
    哇。感谢大佬，试了换了个端口连接上了
    
    J.C · 安徽省六安市 · 2023-04-11
    
    那可能是就是运营商网络对默认的1194端口有封锁
    
    J.C · 中国移动 · 2023-04-12
    
    用博客上方企业微信客服联系我，调试下瞅瞅
    
    ddd · 安徽省合肥市 · 2023-04-12
    
    大佬，无法访问网络的问题解决了，配置一下转发规则就行
    sudo iptables -A FORWARD -i eth0 -o tun0 -j ACCEPT
    sudo iptables -A FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
    sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE，
    但是我连接上了之后过了一会又无法连接了，还是提示tls协商失败，换了个端口又可以了但是连上一会又无法连接了
    
    ddd · 美国AmazonEC2服务器 · 2023-04-12
    
    大佬好，我想请问下，我虽然连接上了，但是我客户端一连接openVPN就无法访问网络了，这个一般是啥原因呢

怎么连不上 · 湖南省长沙市 · 2023-03-21

大佬这个怎么办Tue Mar 21 20:48:32 2023 TCP: connect to [AF_INET]x.x.x.x:1194 failed: Unknown error
1. J.C · 安徽省合肥市 · 2023-03-23
  
  已在文章结尾更新说明原因

buzhidao

· 安徽省合肥市 · 2023-03-17

小白试一下公网地址x.x.x.x
能不能帮我配置一下文件一直连接不上，日志看不懂

ri Mar 17 18:51:31 2023 OpenVPN 2.4.7 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Feb 21 2019
Fri Mar 17 18:51:31 2023 Windows version 6.2 (Windows 8 or greater) 64bit
Fri Mar 17 18:51:31 2023 library versions: OpenSSL 1.1.0j  20 Nov 2018, LZO 2.10
Enter Management Password:
Fri Mar 17 18:51:31 2023 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Fri Mar 17 18:51:31 2023 Need hold release from management interface, waiting...
Fri Mar 17 18:51:31 2023 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Fri Mar 17 18:51:31 2023 MANAGEMENT: CMD 'state on'
Fri Mar 17 18:51:31 2023 MANAGEMENT: CMD 'log all on'
Fri Mar 17 18:51:31 2023 MANAGEMENT: CMD 'echo all on'
Fri Mar 17 18:51:31 2023 MANAGEMENT: CMD 'bytecount 5'
Fri Mar 17 18:51:31 2023 MANAGEMENT: CMD 'hold off'
Fri Mar 17 18:51:31 2023 MANAGEMENT: CMD 'hold release'
Fri Mar 17 18:51:34 2023 MANAGEMENT: CMD 'username "Auth" "1"'
Fri Mar 17 18:51:34 2023 MANAGEMENT: CMD 'password [...]'
Fri Mar 17 18:51:34 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Fri Mar 17 18:51:34 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
Fri Mar 17 18:51:34 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
Fri Mar 17 18:51:34 2023 UDP link local: (not bound)
Fri Mar 17 18:51:34 2023 UDP link remote: [AF_INET]x.x.x.x:53
Fri Mar 17 18:51:34 2023 MANAGEMENT: >STATE:1679050294,WAIT,,,,,,
Fri Mar 17 18:51:35 2023 TLS Error: client->client or server->server connection attempted from [AF_INET]101.43.250.202:53
Fri Mar 17 18:52:34 2023 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Mar 17 18:52:34 2023 TLS Error: TLS handshake failed
Fri Mar 17 18:52:34 2023 SIGUSR1[soft,tls-error] received, process restarting
Fri Mar 17 18:52:34 2023 MANAGEMENT: >STATE:1679050354,RECONNECTING,tls-error,,,,,
Fri Mar 17 18:52:34 2023 Restart pause, 5 second(s)
Fri Mar 17 18:52:40 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Fri Mar 17 18:52:40 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
Fri Mar 17 18:52:40 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
Fri Mar 17 18:52:40 2023 UDP link local: (not bound)
Fri Mar 17 18:52:40 2023 UDP link remote: [AF_INET]x.x.x.x:53
Fri Mar 17 18:52:40 2023 MANAGEMENT: >STATE:1679050360,WAIT,,,,,,
Fri Mar 17 18:52:40 2023 TLS Error: client->client or server->server connection attempted from [AF_INET]101.43.250.202:53
Fri Mar 17 18:53:40 2023 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Mar 17 18:53:40 2023 TLS Error: TLS handshake failed
Fri Mar 17 18:53:40 2023 SIGUSR1[soft,tls-error] received, process restarting
Fri Mar 17 18:53:40 2023 MANAGEMENT: >STATE:1679050420,RECONNECTING,tls-error,,,,,
Fri Mar 17 18:53:40 2023 Restart pause, 5 second(s)
Fri Mar 17 18:53:45 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Fri Mar 17 18:53:45 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
Fri Mar 17 18:53:45 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
Fri Mar 17 18:53:45 2023 UDP link local: (not bound)
Fri Mar 17 18:53:45 2023 UDP link remote: [AF_INET]x.x.x.x:53
Fri Mar 17 18:53:45 2023 MANAGEMENT: >STATE:1679050425,WAIT,,,,,,
Fri Mar 17 18:54:45 2023 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Mar 17 18:54:45 2023 TLS Error: TLS handshake failed
Fri Mar 17 18:54:45 2023 SIGUSR1[soft,tls-error] received, process restarting
Fri Mar 17 18:54:45 2023 MANAGEMENT: >STATE:1679050485,RECONNECTING,tls-error,,,,,
Fri Mar 17 18:54:45 2023 Restart pause, 5 second(s)
Fri Mar 17 18:54:50 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Fri Mar 17 18:54:50 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
Fri Mar 17 18:54:50 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
Fri Mar 17 18:54:50 2023 UDP link local: (not bound)
Fri Mar 17 18:54:50 2023 UDP link remote: [AF_INET]x.x.x.x:53
Fri Mar 17 18:54:50 2023 MANAGEMENT: >STATE:1679050490,WAIT,,,,,,
Fri Mar 17 18:55:50 2023 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Mar 17 18:55:50 2023 TLS Error: TLS handshake failed
Fri Mar 17 18:55:50 2023 SIGUSR1[soft,tls-error] received, process restarting
Fri Mar 17 18:55:50 2023 MANAGEMENT: >STATE:1679050550,RECONNECTING,tls-error,,,,,
Fri Mar 17 18:55:50 2023 Restart pause, 5 second(s)
Fri Mar 17 18:55:55 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Fri Mar 17 18:55:55 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
Fri Mar 17 18:55:55 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
Fri Mar 17 18:55:55 2023 UDP link local: (not bound)
Fri Mar 17 18:55:55 2023 UDP link remote: [AF_INET]x.x.x.x:53
Fri Mar 17 18:55:55 2023 MANAGEMENT: >STATE:1679050555,WAIT,,,,,,
Fri Mar 17 18:55:55 2023 TLS Error: client->client or server->server connection attempted from [AF_INET]101.43.250.202:53
Fri Mar 17 18:56:55 2023 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Mar 17 18:56:55 2023 TLS Error: TLS handshake failed
Fri Mar 17 18:56:55 2023 SIGUSR1[soft,tls-error] received, process restarting
Fri Mar 17 18:56:55 2023 MANAGEMENT: >STATE:1679050615,RECONNECTING,tls-error,,,,,
Fri Mar 17 18:56:55 2023 Restart pause, 10 second(s)
Fri Mar 17 18:57:05 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Fri Mar 17 18:57:05 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
Fri Mar 17 18:57:05 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
Fri Mar 17 18:57:05 2023 UDP link local: (not bound)
Fri Mar 17 18:57:05 2023 UDP link remote: [AF_INET]x.x.x.x:53
Fri Mar 17 18:57:05 2023 MANAGEMENT: >STATE:1679050625,WAIT,,,,,,
Fri Mar 17 18:58:05 2023 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Mar 17 18:58:05 2023 TLS Error: TLS handshake failed
Fri Mar 17 18:58:05 2023 SIGUSR1[soft,tls-error] received, process restarting
Fri Mar 17 18:58:05 2023 MANAGEMENT: >STATE:1679050685,RECONNECTING,tls-error,,,,,
Fri Mar 17 18:58:05 2023 Restart pause, 20 second(s)
Fri Mar 17 18:58:25 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Fri Mar 17 18:58:25 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
Fri Mar 17 18:58:25 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
Fri Mar 17 18:58:25 2023 UDP link local: (not bound)
Fri Mar 17 18:58:25 2023 UDP link remote: [AF_INET]x.x.x.x:53
Fri Mar 17 18:58:25 2023 MANAGEMENT: >STATE:1679050705,WAIT,,,,,,
Fri Mar 17 18:59:25 2023 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Mar 17 18:59:25 2023 TLS Error: TLS handshake failed
Fri Mar 17 18:59:25 2023 SIGUSR1[soft,tls-error] received, process restarting
Fri Mar 17 18:59:25 2023 MANAGEMENT: >STATE:1679050765,RECONNECTING,tls-error,,,,,
Fri Mar 17 18:59:25 2023 Restart pause, 40 second(s)
Fri Mar 17 19:00:05 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Fri Mar 17 19:00:05 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
Fri Mar 17 19:00:05 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
Fri Mar 17 19:00:05 2023 UDP link local: (not bound)
Fri Mar 17 19:00:05 2023 UDP link remote: [AF_INET]x.x.x.x:53
Fri Mar 17 19:00:05 2023 MANAGEMENT: >STATE:1679050805,WAIT,,,,,,
Fri Mar 17 19:00:07 2023 SIGTERM[hard,] received, process exiting
Fri Mar 17 19:00:07 2023 MANAGEMENT: >STATE:1679050807,EXITING,SIGTERM,,,,,

J.C · 安徽省六安市 · 2023-03-18

日志报的错误：tls协商失败，也就是协商协议或证书配置有问题，你用网站上面的企业微信方式联系我给你看下

yvchun

· 安徽省合肥市 · 2023-03-16

大佬，麻烦帮忙看看，我的问题是能在ubuntu上使用服务端，然后再windows上使用客户端连上，但是移到别的电脑想连我在ubuntu上的服务端就一直连不上了。
root@Jotale:/etc/openvpn# openvpn --config client2.ovpn
2023-03-16 05:54:34 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2023-03-16 05:54:34 OpenVPN 2.5.3 mipsel-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2023-03-16 05:54:34 library versions: OpenSSL 1.1.1l 24 Aug 2021, LZO 2.10
2023-03-16 05:54:34 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 05:54:34 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 05:54:34 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
2023-03-16 05:54:34 Socket Buffers: R=[131072->131072] S=[16384->16384]
2023-03-16 05:54:34 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
2023-03-16 05:54:34 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
2023-03-16 05:54:34 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
2023-03-16 05:54:34 SIGUSR1[connection failed(soft),init_instance] received, process restarting
2023-03-16 05:54:34 Restart pause, 5 second(s)

J.C

· 中国移动 · 2023-03-16

你的这个日志，地址是127.0.0.1:1194 是在服务端自己连自己吗？你发个其他机器的连不上的日志，配置文件有一个客户端可以连上，其他的应该没啥问题，有问题或许是出在客户端版本或者参数需要调整下，需要看下日志看看连接过程中哪一步出现错误导致连不上的

yvchun

· 安徽省六安市 · 2023-03-16

是这样的，大佬，我是刚刚学这个，所以我在客户端配置文件中是这样设定的remote 127.0.0.1 1194，也就是说连的自己，主要就是想看看能不能连上，测试一下，然后我在wsl的ubuntu中使用openvpn服务端，在Windows下载一个openvpn然后把客户端配置文件丢进去了，结果就是Windows的客户端能连上这个ubuntu上的服务端。然后现在我想用这个客户端文件让我的一个网关连接上这个wsl的ubuntu中的openvpn的服务端，但是在网关里却显示连接不上了，我就很好奇怪明明同样的客户端配置文件，但是却不能让我的网关连上，这是为什么？下面是全部的日志信息，就是连不上这个127.0.0.1:1194。

2023-03-16 06:41:11 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2023-03-16 06:41:11 OpenVPN 2.5.3 mipsel-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2023-03-16 06:41:11 library versions: OpenSSL 1.1.1l  24 Aug 2021, LZO 2.10
2023-03-16 06:41:11 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 06:41:11 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 06:41:11 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
2023-03-16 06:41:11 Socket Buffers: R=[131072->131072] S=[16384->16384]
2023-03-16 06:41:11 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
2023-03-16 06:41:11 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
2023-03-16 06:41:11 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
2023-03-16 06:41:11 SIGUSR1[connection failed(soft),init_instance] received, process restarting
2023-03-16 06:41:11 Restart pause, 5 second(s)
2023-03-16 06:41:16 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 06:41:16 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 06:41:16 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
2023-03-16 06:41:16 Socket Buffers: R=[131072->131072] S=[16384->16384]
2023-03-16 06:41:16 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
2023-03-16 06:41:16 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
2023-03-16 06:41:16 SIGUSR1[connection failed(soft),init_instance] received, process restarting
2023-03-16 06:41:16 Restart pause, 5 second(s)
2023-03-16 06:41:21 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 06:41:21 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 06:41:21 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
2023-03-16 06:41:21 Socket Buffers: R=[131072->131072] S=[16384->16384]
2023-03-16 06:41:21 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
2023-03-16 06:41:21 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
2023-03-16 06:41:21 SIGUSR1[connection failed(soft),init_instance] received, process restarting
2023-03-16 06:41:21 Restart pause, 5 second(s)
2023-03-16 06:41:26 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 06:41:26 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 06:41:26 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
2023-03-16 06:41:26 Socket Buffers: R=[131072->131072] S=[16384->16384]
2023-03-16 06:41:26 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
2023-03-16 06:41:26 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
2023-03-16 06:41:26 SIGUSR1[connection failed(soft),init_instance] received, process restarting
2023-03-16 06:41:26 Restart pause, 5 second(s)
2023-03-16 06:41:31 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 06:41:31 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 06:41:32 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
2023-03-16 06:41:32 Socket Buffers: R=[131072->131072] S=[16384->16384]
2023-03-16 06:41:32 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
2023-03-16 06:41:32 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
2023-03-16 06:41:32 SIGUSR1[connection failed(soft),init_instance] received, process restarting
2023-03-16 06:41:32 Restart pause, 10 second(s)
2023-03-16 06:41:42 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 06:41:42 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 06:41:42 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
2023-03-16 06:41:42 Socket Buffers: R=[131072->131072] S=[16384->16384]
2023-03-16 06:41:42 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
2023-03-16 06:41:42 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
2023-03-16 06:41:42 SIGUSR1[connection failed(soft),init_instance] received, process restarting
2023-03-16 06:41:42 Restart pause, 20 second(s)
2023-03-16 06:42:02 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 06:42:02 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 06:42:02 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
2023-03-16 06:42:02 Socket Buffers: R=[131072->131072] S=[16384->16384]
2023-03-16 06:42:02 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
2023-03-16 06:42:02 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
2023-03-16 06:42:02 SIGUSR1[connection failed(soft),init_instance] received, process restarting
2023-03-16 06:42:02 Restart pause, 40 second(s)
2023-03-16 06:42:42 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 06:42:42 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 06:42:42 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
2023-03-16 06:42:42 Socket Buffers: R=[131072->131072] S=[16384->16384]
2023-03-16 06:42:42 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
2023-03-16 06:42:42 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
2023-03-16 06:42:42 SIGUSR1[connection failed(soft),init_instance] received, process restarting
2023-03-16 06:42:42 Restart pause, 80 second(s)
2023-03-16 06:44:02 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 06:44:02 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 06:44:02 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
2023-03-16 06:44:02 Socket Buffers: R=[131072->131072] S=[16384->16384]
2023-03-16 06:44:02 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
2023-03-16 06:44:02 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
2023-03-16 06:44:02 SIGUSR1[connection failed(soft),init_instance] received, process restarting
2023-03-16 06:44:02 Restart pause, 160 second(s)
2023-03-16 06:46:42 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 06:46:42 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 06:46:42 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
2023-03-16 06:46:42 Socket Buffers: R=[131072->131072] S=[16384->16384]
2023-03-16 06:46:42 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
2023-03-16 06:46:42 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
2023-03-16 06:46:42 SIGUSR1[connection failed(soft),init_instance] received, process restarting
2023-03-16 06:46:42 Restart pause, 300 second(s)
2023-03-16 06:51:42 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 06:51:42 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-03-16 06:51:42 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
2023-03-16 06:51:42 Socket Buffers: R=[131072->131072] S=[16384->16384]
2023-03-16 06:51:42 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
2023-03-16 06:51:42 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
2023-03-16 06:51:42 SIGUSR1[connection failed(soft),init_instance] received, process restarting
2023-03-16 06:51:42 Restart pause, 300 second(s)
^C2023-03-16 06:51:46 SIGINT[hard,init_instance] received, process exiting

J.C · 安徽省合肥市 · 2023-03-16

你windows客户端和wsl的ubuntu是同一个网络下面的，连127都是可以的(127这个地址只有本机可用)，你让你其他的客户端连的话，这个127地址就要改成你电脑的ip地址
1. yvchun · 安徽省合肥市 · 2023-03-16
  
  好的，大佬，我这就回去试试，谢谢您的帮助！

vpn连不上啊

· 安徽省合肥市 · 2023-02-16

2023-02-16 11:39:04 WARNING: Compression for sending and receiving enabled. Compression has been used in the past to break encryption. Allowing compression allows attacks that break encryption. Using "--allow-compression yes" is strongly discouraged for common usage. See --compress in the manual page for more information 
2023-02-16 11:39:04 us=625000 DEPRECATED OPTION: --cipher set to 'BF-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). OpenVPN ignores --cipher for cipher negotiations. 
2023-02-16 11:39:04 us=625000 Note: '--allow-compression' is not set to 'no', disabling data channel offload.
2023-02-16 11:39:04 us=625000 Current Parameter Settings:
2023-02-16 11:39:04 us=625000   config = 'sd_psvpn_v4.1.ovpn'
2023-02-16 11:39:04 us=625000   mode = 0
2023-02-16 11:39:04 us=625000   show_ciphers = DISABLED
2023-02-16 11:39:04 us=625000   show_digests = DISABLED
2023-02-16 11:39:04 us=625000   show_engines = DISABLED
2023-02-16 11:39:04 us=625000   genkey = DISABLED
2023-02-16 11:39:04 us=625000   genkey_filename = '[UNDEF]'
2023-02-16 11:39:04 us=625000   key_pass_file = '[UNDEF]'
2023-02-16 11:39:04 us=625000   show_tls_ciphers = DISABLED
2023-02-16 11:39:04 us=625000   connect_retry_max = 3
2023-02-16 11:39:04 us=625000 Connection profiles [0]:
2023-02-16 11:39:04 us=625000   proto = tcp4-client
2023-02-16 11:39:04 us=625000   local = '[UNDEF]'
2023-02-16 11:39:04 us=625000   local_port = '[UNDEF]'
2023-02-16 11:39:04 us=625000   remote = 'x.x.x.x'
2023-02-16 11:39:04 us=625000   remote_port = '28080'
2023-02-16 11:39:04 us=625000   remote_float = DISABLED
2023-02-16 11:39:04 us=625000   bind_defined = DISABLED
2023-02-16 11:39:04 us=625000   bind_local = DISABLED
2023-02-16 11:39:04 us=625000   bind_ipv6_only = DISABLED
2023-02-16 11:39:04 us=625000   connect_retry_seconds = 5
2023-02-16 11:39:04 us=625000   connect_timeout = 10
2023-02-16 11:39:04 us=625000   socks_proxy_server = '[UNDEF]'
2023-02-16 11:39:04 us=625000   socks_proxy_port = '[UNDEF]'
2023-02-16 11:39:04 us=625000   tun_mtu = 1500
2023-02-16 11:39:04 us=625000   tun_mtu_defined = ENABLED
2023-02-16 11:39:04 us=625000   link_mtu = 1500
2023-02-16 11:39:04 us=625000   link_mtu_defined = DISABLED
2023-02-16 11:39:04 us=625000   tun_mtu_extra = 0
2023-02-16 11:39:04 us=625000   tun_mtu_extra_defined = DISABLED
2023-02-16 11:39:04 us=625000   tls_mtu = 1250
2023-02-16 11:39:04 us=625000   mtu_discover_type = -1
2023-02-16 11:39:04 us=625000   fragment = 0
2023-02-16 11:39:04 us=625000   mssfix = 1492
2023-02-16 11:39:04 us=625000   mssfix_encap = ENABLED
2023-02-16 11:39:04 us=625000   mssfix_fixed = DISABLED
2023-02-16 11:39:04 us=625000   explicit_exit_notification = 0
2023-02-16 11:39:04 us=625000   tls_auth_file = 'ta.key'
2023-02-16 11:39:04 us=625000   key_direction = 1
2023-02-16 11:39:04 us=625000   tls_crypt_file = '[UNDEF]'
2023-02-16 11:39:04 us=625000   tls_crypt_v2_file = '[UNDEF]'
2023-02-16 11:39:04 us=625000 Connection profiles END
2023-02-16 11:39:04 us=625000   remote_random = DISABLED
2023-02-16 11:39:04 us=625000   ipchange = '[UNDEF]'
2023-02-16 11:39:04 us=625000   dev = 'tun'
2023-02-16 11:39:04 us=625000   dev_type = '[UNDEF]'
2023-02-16 11:39:04 us=625000   dev_node = '[UNDEF]'
2023-02-16 11:39:04 us=625000   tuntap_options.disable_dco = ENABLED
2023-02-16 11:39:04 us=625000   lladdr = '[UNDEF]'
2023-02-16 11:39:04 us=625000   topology = 1
2023-02-16 11:39:04 us=625000   ifconfig_local = '[UNDEF]'
2023-02-16 11:39:04 us=625000   ifconfig_remote_netmask = '[UNDEF]'
2023-02-16 11:39:04 us=625000   ifconfig_noexec = DISABLED
2023-02-16 11:39:04 us=625000   ifconfig_nowarn = DISABLED
2023-02-16 11:39:04 us=625000   ifconfig_ipv6_local = '[UNDEF]'
2023-02-16 11:39:04 us=625000   ifconfig_ipv6_netbits = 0
2023-02-16 11:39:04 us=625000   ifconfig_ipv6_remote = '[UNDEF]'
2023-02-16 11:39:04 us=625000   shaper = 0
2023-02-16 11:39:04 us=625000   mtu_test = 0
2023-02-16 11:39:04 us=625000   mlock = DISABLED
2023-02-16 11:39:04 us=625000   keepalive_ping = 0
2023-02-16 11:39:04 us=625000   keepalive_timeout = 0
2023-02-16 11:39:04 us=625000   inactivity_timeout = 0
2023-02-16 11:39:04 us=625000   session_timeout = 0
2023-02-16 11:39:04 us=625000   inactivity_minimum_bytes = 0
2023-02-16 11:39:04 us=625000   ping_send_timeout = 0
2023-02-16 11:39:04 us=625000   ping_rec_timeout = 0
2023-02-16 11:39:04 us=625000   ping_rec_timeout_action = 0
2023-02-16 11:39:04 us=625000   ping_timer_remote = DISABLED
2023-02-16 11:39:04 us=625000   remap_sigusr1 = 0
2023-02-16 11:39:04 us=625000   persist_tun = DISABLED
2023-02-16 11:39:04 us=625000   persist_local_ip = DISABLED
2023-02-16 11:39:04 us=625000   persist_remote_ip = DISABLED
2023-02-16 11:39:04 us=625000   persist_key = DISABLED
2023-02-16 11:39:04 us=625000   passtos = DISABLED
2023-02-16 11:39:04 us=625000   resolve_retry_seconds = 20
2023-02-16 11:39:04 us=625000   resolve_in_advance = DISABLED
2023-02-16 11:39:04 us=625000   username = '[UNDEF]'
2023-02-16 11:39:04 us=625000   groupname = '[UNDEF]'
2023-02-16 11:39:04 us=625000   chroot_dir = '[UNDEF]'
2023-02-16 11:39:04 us=625000   cd_dir = '[UNDEF]'
2023-02-16 11:39:04 us=625000   writepid = '[UNDEF]'
2023-02-16 11:39:04 us=625000   up_script = '[UNDEF]'
2023-02-16 11:39:04 us=625000   down_script = '[UNDEF]'
2023-02-16 11:39:04 us=625000   down_pre = DISABLED
2023-02-16 11:39:04 us=625000   up_restart = DISABLED
2023-02-16 11:39:04 us=625000   up_delay = DISABLED
2023-02-16 11:39:04 us=625000   daemon = DISABLED
2023-02-16 11:39:04 us=625000   log = ENABLED
2023-02-16 11:39:04 us=625000   suppress_timestamps = DISABLED
2023-02-16 11:39:04 us=625000   machine_readable_output = DISABLED
2023-02-16 11:39:04 us=625000   nice = 0
2023-02-16 11:39:04 us=625000   verbosity = 4
2023-02-16 11:39:04 us=625000   mute = 0
2023-02-16 11:39:04 us=625000   status_file = '[UNDEF]'
2023-02-16 11:39:04 us=625000   status_file_version = 1
2023-02-16 11:39:04 us=625000   status_file_update_freq = 60
2023-02-16 11:39:04 us=625000   occ = ENABLED
2023-02-16 11:39:04 us=625000   rcvbuf = 0
2023-02-16 11:39:04 us=625000   sndbuf = 0
2023-02-16 11:39:04 us=625000   sockflags = 0
2023-02-16 11:39:04 us=625000   fast_io = DISABLED
2023-02-16 11:39:04 us=625000   comp.alg = 1
2023-02-16 11:39:04 us=625000   comp.flags = 6
2023-02-16 11:39:04 us=625000   route_script = '[UNDEF]'
2023-02-16 11:39:04 us=625000   route_default_gateway = '[UNDEF]'
2023-02-16 11:39:04 us=625000   route_default_metric = 0
2023-02-16 11:39:04 us=625000   route_noexec = DISABLED
2023-02-16 11:39:04 us=625000   route_delay = 0
2023-02-16 11:39:04 us=625000   route_delay_window = 30
2023-02-16 11:39:04 us=625000   route_delay_defined = DISABLED
2023-02-16 11:39:04 us=625000   route_nopull = DISABLED
2023-02-16 11:39:04 us=625000   route_gateway_via_dhcp = DISABLED
2023-02-16 11:39:04 us=625000   allow_pull_fqdn = DISABLED
2023-02-16 11:39:04 us=625000   Pull filters:
2023-02-16 11:39:04 us=625000     ignore "route-method"
2023-02-16 11:39:04 us=625000   management_addr = '127.0.0.1'
2023-02-16 11:39:04 us=625000   management_port = '25342'
2023-02-16 11:39:04 us=625000   management_user_pass = 'stdin'
2023-02-16 11:39:04 us=625000   management_log_history_cache = 250
2023-02-16 11:39:04 us=625000   management_echo_buffer_size = 100
2023-02-16 11:39:04 us=625000   management_client_user = '[UNDEF]'
2023-02-16 11:39:04 us=625000   management_client_group = '[UNDEF]'
2023-02-16 11:39:04 us=625000   management_flags = 6
2023-02-16 11:39:04 us=625000   shared_secret_file = '[UNDEF]'
2023-02-16 11:39:04 us=625000   key_direction = 1
2023-02-16 11:39:04 us=625000   ciphername = 'BF-CBC'
2023-02-16 11:39:04 us=625000   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
2023-02-16 11:39:04 us=625000   authname = 'SHA1'
2023-02-16 11:39:04 us=625000   engine = DISABLED
2023-02-16 11:39:04 us=625000   replay = ENABLED
2023-02-16 11:39:04 us=625000   mute_replay_warnings = DISABLED
2023-02-16 11:39:04 us=625000   replay_window = 64
2023-02-16 11:39:04 us=625000   replay_time = 15
2023-02-16 11:39:04 us=625000   packet_id_file = '[UNDEF]'
2023-02-16 11:39:04 us=625000   test_crypto = DISABLED
2023-02-16 11:39:04 us=625000   tls_server = DISABLED
2023-02-16 11:39:04 us=625000   tls_client = ENABLED
2023-02-16 11:39:04 us=625000   ca_file = 'ca.crt'
2023-02-16 11:39:04 us=625000   ca_path = '[UNDEF]'
2023-02-16 11:39:04 us=625000   dh_file = '[UNDEF]'
2023-02-16 11:39:04 us=625000   cert_file = '[UNDEF]'
2023-02-16 11:39:04 us=625000   extra_certs_file = '[UNDEF]'
2023-02-16 11:39:04 us=625000   priv_key_file = '[UNDEF]'
2023-02-16 11:39:04 us=625000   pkcs12_file = '[UNDEF]'
2023-02-16 11:39:04 us=625000   cryptoapi_cert = '[UNDEF]'
2023-02-16 11:39:04 us=625000   cipher_list = '[UNDEF]'
2023-02-16 11:39:04 us=625000   cipher_list_tls13 = '[UNDEF]'
2023-02-16 11:39:04 us=625000   tls_cert_profile = '[UNDEF]'
2023-02-16 11:39:04 us=625000   tls_verify = '[UNDEF]'
2023-02-16 11:39:04 us=625000   tls_export_cert = '[UNDEF]'
2023-02-16 11:39:04 us=625000   verify_x509_type = 0
2023-02-16 11:39:04 us=625000   verify_x509_name = '[UNDEF]'
2023-02-16 11:39:04 us=625000   crl_file = '[UNDEF]'
2023-02-16 11:39:04 us=625000   ns_cert_type = 0
2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 65535
2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
2023-02-16 11:39:04 us=625000   remote_cert_eku = 'TLS Web Server Authentication'
2023-02-16 11:39:04 us=625000   ssl_flags = 192
2023-02-16 11:39:04 us=625000   tls_timeout = 2
2023-02-16 11:39:04 us=625000   renegotiate_bytes = -1
2023-02-16 11:39:04 us=625000   renegotiate_packets = 0
2023-02-16 11:39:04 us=625000   renegotiate_seconds = 3600
2023-02-16 11:39:04 us=625000   handshake_window = 60
2023-02-16 11:39:04 us=625000   transition_window = 3600
2023-02-16 11:39:04 us=625000   single_session = DISABLED
2023-02-16 11:39:04 us=625000   push_peer_info = DISABLED
2023-02-16 11:39:04 us=625000   tls_exit = DISABLED
2023-02-16 11:39:04 us=625000   tls_crypt_v2_metadata = '[UNDEF]'
2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
2023-02-16 11:39:04 us=625000   pkcs11_pin_cache_period = -1
2023-02-16 11:39:04 us=625000   pkcs11_id = '[UNDEF]'
2023-02-16 11:39:04 us=625000   pkcs11_id_management = DISABLED
2023-02-16 11:39:04 us=625000   server_network = 0.0.0.0
2023-02-16 11:39:04 us=625000   server_netmask = 0.0.0.0
2023-02-16 11:39:04 us=625000   server_network_ipv6 = ::
2023-02-16 11:39:04 us=625000   server_netbits_ipv6 = 0
2023-02-16 11:39:04 us=625000   server_bridge_ip = 0.0.0.0
2023-02-16 11:39:04 us=625000   server_bridge_netmask = 0.0.0.0
2023-02-16 11:39:04 us=625000   server_bridge_pool_start = 0.0.0.0
2023-02-16 11:39:04 us=625000   server_bridge_pool_end = 0.0.0.0
2023-02-16 11:39:04 us=625000   ifconfig_pool_defined = DISABLED
2023-02-16 11:39:04 us=625000   ifconfig_pool_start = 0.0.0.0
2023-02-16 11:39:04 us=625000   ifconfig_pool_end = 0.0.0.0
2023-02-16 11:39:04 us=625000   ifconfig_pool_netmask = 0.0.0.0
2023-02-16 11:39:04 us=625000   ifconfig_pool_persist_filename = '[UNDEF]'
2023-02-16 11:39:04 us=625000   ifconfig_pool_persist_refresh_freq = 600
2023-02-16 11:39:04 us=625000   ifconfig_ipv6_pool_defined = DISABLED
2023-02-16 11:39:04 us=625000   ifconfig_ipv6_pool_base = ::
2023-02-16 11:39:04 us=625000   ifconfig_ipv6_pool_netbits = 0
2023-02-16 11:39:04 us=625000   n_bcast_buf = 256
2023-02-16 11:39:04 us=625000   tcp_queue_limit = 64
2023-02-16 11:39:04 us=625000   real_hash_size = 256
2023-02-16 11:39:04 us=625000   virtual_hash_size = 256
2023-02-16 11:39:04 us=625000   client_connect_script = '[UNDEF]'
2023-02-16 11:39:04 us=625000   learn_address_script = '[UNDEF]'
2023-02-16 11:39:04 us=625000   client_disconnect_script = '[UNDEF]'
2023-02-16 11:39:04 us=625000   client_crresponse_script = '[UNDEF]'
2023-02-16 11:39:04 us=625000   client_config_dir = '[UNDEF]'
2023-02-16 11:39:04 us=625000   ccd_exclusive = DISABLED
2023-02-16 11:39:04 us=625000   tmp_dir = 'C:\Users\pansoft\AppData\Local\Temp\'
2023-02-16 11:39:04 us=625000   push_ifconfig_defined = DISABLED
2023-02-16 11:39:04 us=625000   push_ifconfig_local = 0.0.0.0
2023-02-16 11:39:04 us=625000   push_ifconfig_remote_netmask = 0.0.0.0
2023-02-16 11:39:04 us=625000   push_ifconfig_ipv6_defined = DISABLED
2023-02-16 11:39:04 us=625000   push_ifconfig_ipv6_local = ::/0
2023-02-16 11:39:04 us=625000   push_ifconfig_ipv6_remote = ::
2023-02-16 11:39:04 us=625000   enable_c2c = DISABLED
2023-02-16 11:39:04 us=625000   duplicate_cn = DISABLED
2023-02-16 11:39:04 us=625000   cf_max = 0
2023-02-16 11:39:04 us=625000   cf_per = 0
2023-02-16 11:39:04 us=625000   cf_initial_max = 100
2023-02-16 11:39:04 us=625000   cf_initial_per = 10
2023-02-16 11:39:04 us=625000   max_clients = 1024
2023-02-16 11:39:04 us=625000   max_routes_per_client = 256
2023-02-16 11:39:04 us=625000   auth_user_pass_verify_script = '[UNDEF]'
2023-02-16 11:39:04 us=625000   auth_user_pass_verify_script_via_file = DISABLED
2023-02-16 11:39:04 us=625000   auth_token_generate = DISABLED
2023-02-16 11:39:04 us=625000   auth_token_lifetime = 0
2023-02-16 11:39:04 us=625000   auth_token_secret_file = '[UNDEF]'
2023-02-16 11:39:04 us=625000   vlan_tagging = DISABLED
2023-02-16 11:39:04 us=625000   vlan_accept = all
2023-02-16 11:39:04 us=625000   vlan_pvid = 1
2023-02-16 11:39:04 us=625000   client = ENABLED
2023-02-16 11:39:04 us=625000   pull = ENABLED
2023-02-16 11:39:04 us=625000   auth_user_pass_file = 'stdin'
2023-02-16 11:39:04 us=625000   show_net_up = DISABLED
2023-02-16 11:39:04 us=625000   route_method = 3
2023-02-16 11:39:04 us=625000   block_outside_dns = DISABLED
2023-02-16 11:39:04 us=625000   ip_win32_defined = DISABLED
2023-02-16 11:39:04 us=625000   ip_win32_type = 1
2023-02-16 11:39:04 us=625000   dhcp_masq_offset = 0
2023-02-16 11:39:04 us=625000   dhcp_lease_time = 31536000
2023-02-16 11:39:04 us=625000   tap_sleep = 0
2023-02-16 11:39:04 us=625000   dhcp_options = DISABLED
2023-02-16 11:39:04 us=625000   dhcp_renew = DISABLED
2023-02-16 11:39:04 us=625000   dhcp_pre_release = DISABLED
2023-02-16 11:39:04 us=625000   domain = '[UNDEF]'
2023-02-16 11:39:04 us=625000   netbios_scope = '[UNDEF]'
2023-02-16 11:39:04 us=625000   netbios_node_type = 0
2023-02-16 11:39:04 us=625000   disable_nbt = DISABLED
2023-02-16 11:39:04 us=625000 OpenVPN 2.6.0 [git:v2.6.0/b999466418dddb89] Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] [DCO] built on Feb  6 2023
2023-02-16 11:39:04 us=625000 Windows version 10.0 (Windows 10 or greater), amd64 executable
2023-02-16 11:39:04 us=625000 library versions: OpenSSL 3.0.7 1 Nov 2022, LZO 2.10
2023-02-16 11:39:04 us=625000 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25342
2023-02-16 11:39:04 us=625000 Need hold release from management interface, waiting...
2023-02-16 11:39:05 us=125000 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:63674
2023-02-16 11:39:05 us=234000 MANAGEMENT: CMD 'state on'
2023-02-16 11:39:05 us=234000 MANAGEMENT: CMD 'log on all'
2023-02-16 11:39:05 us=500000 MANAGEMENT: CMD 'echo on all'
2023-02-16 11:39:05 us=500000 MANAGEMENT: CMD 'bytecount 5'
2023-02-16 11:39:05 us=500000 MANAGEMENT: CMD 'state'
2023-02-16 11:39:05 us=515000 MANAGEMENT: CMD 'hold off'
2023-02-16 11:39:05 us=515000 MANAGEMENT: CMD 'hold release'
2023-02-16 11:39:07 us=109000 MANAGEMENT: CMD 'username "Auth" "wanghe6186"'
2023-02-16 11:39:07 us=125000 MANAGEMENT: CMD 'password [...]'
2023-02-16 11:39:07 us=125000 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-02-16 11:39:07 us=125000 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-02-16 11:39:07 us=125000 Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ]
2023-02-16 11:39:07 us=125000 Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
2023-02-16 11:39:07 us=125000 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:28080
2023-02-16 11:39:07 us=125000 Socket Buffers: R=[65536->65536] S=[65536->65536]
2023-02-16 11:39:07 us=125000 Attempting to establish TCP connection with [AF_INET]x.x.x.x:28080
2023-02-16 11:39:07 us=125000 MANAGEMENT: >STATE:1676518747,TCP_CONNECT,,,,,,
2023-02-16 11:39:07 us=156000 TCP connection established with [AF_INET]x.x.x.x:28080
2023-02-16 11:39:07 us=156000 TCPv4_CLIENT link local: (not bound)
2023-02-16 11:39:07 us=156000 TCPv4_CLIENT link remote: [AF_INET]x.x.x.x:28080
2023-02-16 11:39:07 us=156000 MANAGEMENT: >STATE:1676518747,WAIT,,,,,,
2023-02-16 11:39:07 us=171000 MANAGEMENT: >STATE:1676518747,AUTH,,,,,,
2023-02-16 11:39:07 us=171000 TLS: Initial packet from [AF_INET]x.x.x.x:28080, sid=b8e9d60e 7e124de4
2023-02-16 11:39:07 us=187000 VERIFY OK: depth=1, CN=Easy-RSA CA
2023-02-16 11:39:07 us=187000 VERIFY KU OK
2023-02-16 11:39:07 us=187000 Validating certificate extended key usage
2023-02-16 11:39:07 us=187000 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2023-02-16 11:39:07 us=187000 VERIFY EKU OK
2023-02-16 11:39:07 us=187000 VERIFY OK: depth=0, CN=server
2023-02-16 11:39:07 us=296000 peer info: IV_VER=2.5.4
2023-02-16 11:39:07 us=296000 peer info: IV_PLAT=linux
2023-02-16 11:39:07 us=296000 peer info: IV_PROTO=2
2023-02-16 11:39:07 us=296000 peer info: IV_CIPHERS=AES-256-GCM:AES-256-CBC:BF-CBC
2023-02-16 11:39:07 us=296000 peer info: IV_LZ4=1
2023-02-16 11:39:07 us=296000 peer info: IV_LZ4v2=1
2023-02-16 11:39:07 us=296000 peer info: IV_LZO=1
2023-02-16 11:39:07 us=296000 peer info: IV_COMP_STUB=1
2023-02-16 11:39:07 us=296000 peer info: IV_COMP_STUBv2=1
2023-02-16 11:39:07 us=296000 peer info: IV_TCPNL=1
2023-02-16 11:39:07 us=296000 peer info: IV_HWADDR=60:2e:20:04:85:fd
2023-02-16 11:39:07 us=296000 peer info: IV_SSL=OpenSSL_1.0.2k-fips__26_Jan_2017
2023-02-16 11:39:07 us=296000 peer info: IV_SSO=openurl,webauth,crtext
2023-02-16 11:39:07 us=296000 peer info: IV_GUI_VER=OpenVPN_GUI_11
2023-02-16 11:39:07 us=296000 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2023-02-16 11:39:07 us=296000 [server] Peer Connection Initiated with [AF_INET]x.x.x.x:28080
2023-02-16 11:39:07 us=296000 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2023-02-16 11:39:07 us=296000 TLS: tls_multi_process: initial untrusted session promoted to trusted
2023-02-16 11:39:08 us=484000 MANAGEMENT: >STATE:1676518748,GET_CONFIG,,,,,,
2023-02-16 11:39:08 us=484000 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2023-02-16 11:39:08 us=500000 AUTH: Received control message: AUTH_FAILED
2023-02-16 11:39:08 us=500000 TCP/UDP: Closing socket
2023-02-16 11:39:08 us=500000 SIGUSR1[soft,auth-failure] received, process restarting
2023-02-16 11:39:08 us=500000 MANAGEMENT: >STATE:1676518748,RECONNECTING,auth-failure,,,,,
2023-02-16 11:39:08 us=500000 Restart pause, 5 second(s)

大佬我就显示错误的凭据，然后连不上为啥呀？求助！！

J.C · 安徽省合肥市 · 2023-02-16

你是证书+用户密码方式吗?
1. 用户密码不匹配
2. 参数两边配的不一样或者某一端不支持参数，导致认证失败
检查下客户端提示的警告，修改下或者服务端参数修改下，或者参考下我的 openvpn搭建文章
1. vpn连不上啊 · 安徽省合肥市 · 2023-02-16
  
  用户密码是正确的可以在别人的电脑上连接，用的是别人相同的配置文件，客户端有个提示警告，我按照您文章的加了个auth-nocache，就没有别的警告了，直接就登陆失败，错误凭证了
  1. J.C · 美国弗吉尼亚州阿什本Amazon数据中心 · 2023-02-16
    
    我用证书+用户密码方式，在故意输错用户名或密码的情况下，复现了和你一样的错误。除此外还真没找到其他原因

留言列表

本文章留言已关闭