OpenVPN win10客户端连接几个警告信息解决
· 技术积累 · VPN openvpn · Awking

win10客户端使用openvpn软件连接过程中可能会遇到几个红色 警告或错误信息,我也是在使用中有遇到这些问题,网上搜索的方法可以解决掉遇到的问题(不保证所有遇到此问题的都可以通过下面方法解决),特此搜集记录下来

在连接vpn有问题情况下,确认服务和端口是否正常和允许连接,多观察 服务端日志客户端日志 的异常输出信息,大概率是客户端参数问题或者配置不正确,或者是网络方面的问题

1 客户端版本也会造成一些警告提示,因为会有些参数在某个版本中不支持了
2 遇到多百度谷歌搜索相关信息,多动手改调整配置参数
3 确保配置文件的参数名正确,文件路径或格式正确
4 有时候或许是网络问题导致连不上,可以换换其他网络试试

警告1:WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
或者
No sever certificate verficaton method has been enabled.

# 解决,win客户端修改配置文件注释一个和添加一个(如果没有ns-cert-type server这个参数,那只用添加remote-cert-tls server这个参数)
;ns-cert-type server
remote-cert-tls server

警告2: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this

# 解决,在客户端配置文件添加参数
auth-nocache

警告3:WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1602', remote='link-mtu 1570'
WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'

# 解决
去掉配置文件tun-mtu相关的参数

警告4:(此错误会导致连上vpn无法上网): us=967576 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
或 write to TUN/TAP : Unknown error (code=122)

# 解决,在客户端配置文件添加参数
comp-lzo

警告5: ROUTE: route addition failed using CreateIpForwardEntry: ÖÁÉÙÓÐһ¸ֲÎÊ�Õýȷc [status=160 if_index=19]

# 解决,在客户端配置文件添加参数
route-method exe
route-delay 2

警告6:AEAD Decrypt error: bad packet ID (may be a replay): [ #141 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings

# 解决,在客户端配置文件添加参数
mute-replay-warnings

警告7: WARNING: --ping should normally be used with --ping-restart or --ping-exit

# 解决,配置文件中参数修改为下面的
# ping 表示每隔多少秒就ping对端一次
# ping-restart/ping-exit 表示在多少秒后没有收到对端的包就重启或者退出
ping 15
ping-restart 15
或者
ping-exit 15

警告8(和客户端版本有关系): DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). OpenVPN ignores --cipher for cipher negotiations.

# 解决,配置文件中参数修改为下面的
data-ciphers AES-256-CBC
data-ciphers-fallback AES-256-CBC

警告9(和客户端版本有关系): WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.

# 解决,不启用压缩,配置文件中参数修改为下面的
comp-lzo no
allow-compression no

错误1: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) TLS Error: TLS handshake failed

# 可能的原因1(来自官网的回答 https://openvpn.net/faq/tls-error-tls-key-negotiation-failed-to-occur-within-60-seconds-check-your-network-connectivity/)
1,服务器网络上的外围防火墙正在过滤传入的 OpenVPN 数据包(默认情况下,OpenVPN 使用 UDP 或 TCP 端口号 1194)。
在 OpenVPN 服务器机器上运行的软件防火墙本身正在过滤端口 1194 上的传入连接。请注意,默认情况下许多操作系统将阻止传入连接,除非另有配置。
2,服务器网络上的 NAT 网关没有 TCP/UDP 1194 端口转发规则到 OpenVPN 服务器机器的内部地址。
3,OpenVPN 客户端配置在其配置文件中没有正确的服务器地址。客户端配置文件中的remote指令  必须指向服务器本身或服务器网络网关的公共 IP 地址。
4,另一个可能的原因是 Windows 防火墙阻止了对 openvpn.exe 二进制文件的访问。您可能需要将其列入白名单(将其添加到“例外”列表),OpenVPN 才能正常工作。

# 可能的原因2
大概率是网络不通的原因,比如请求被拦截了(防火墙,安全组,运营商等),地址被屏蔽了(国外的ip地址)

特别说明:如果客户端连接不上,报错信息没有给出明显的错误,请在服务端的日志中查看日志,会看到是什么原因导致的!
如果同样配置文件已经在其他电脑连接成功,请对比下配置文件内容,有用户密码的核对下和服务端的是否一致
或者两个人用一套证书都连接上了但是有1个人不能上网的,可能是服务器没有开启同一套证书允许多用户使用

客户端连接不上几个提示例子:

提示1:
MANAGEMENT: >STATE:1679479405,TCP_CONNECT,,,,,,(一直卡这很久)
TCP: connect to [AF_INET]x.x.x.x:1194 failed: Unknown error

提示2:
MANAGEMENT: >STATE:1679479100,WAIT,,,,,,
read UDP: Unknown error (code=10054)

提示3:
UDP link remote: [AF_INET]x.x.x.x:1194
MANAGEMENT: >STATE:1679485965,WAIT,,,,,,

以上几种提示是连不上才出现的(客户端连不到服务端) [ ip地址错误 或 使用协议错误 或 服务端被国内屏蔽了 ]

客户端的原因导致:
可能是1、客户端和服务端配置的协议不一致
可能是2、端口 或 地址 不正确

服务端的原因导致:
可能是3、服务端服务未启动
可能是4、防火墙阻止了对应的端口和协议
可能是5、地址被运营商封掉,墙掉了

其他原因导致:
服务端的ip被给封掉了

因为pptp、l2tp、openvpn 都属于常见类型vpn,如果是服务端ip是国外的地址,使用中突然连不上了也很正常!被墙了呗

对于网友在本文章留言中出现的公网ip地址,安全起见,显示的评论ip用x.x.x.x代替

Centos7 搭建OpenVPN 基于证书认证
OpenVPN 基于用户密码方式认证


本文最后更新时间 2024-04-10
文章链接地址:
https://me.jinchuang.org/archives/573.html
本站文章除注明[转载|引用],均为本站原创内容,转载前请注明出处
Server 2008 R2 安装配置 L2TP/IPsec VPN (使用预共享密钥)
OpenVPN 基于用户密码方式认证
Centos7 搭建OpenVPN 基于证书认证
Centos7 搭建PPTP-VPN 服务

Typecho替换默认Gravatar头像地址

OpenVPN 基于用户密码方式认证

留言列表

  1. gtgssss
    Windows 10 Microsoft Edge
    中国安徽省合肥市联通
    Wed May 03 17:08:34 2023 OpenVPN 2.4.12 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Mar 17 2022
    Wed May 03 17:08:34 2023 Windows version 6.2 (Windows 8 or greater) 64bit
    Wed May 03 17:08:34 2023 library versions: OpenSSL 1.1.1n  15 Mar 2022, LZO 2.10
    Wed May 03 17:08:34 2023 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25349
    Wed May 03 17:08:34 2023 Need hold release from management interface, waiting...
    Wed May 03 17:08:34 2023 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25349
    Wed May 03 17:08:35 2023 MANAGEMENT: CMD 'state on'
    Wed May 03 17:08:35 2023 MANAGEMENT: CMD 'log all on'
    Wed May 03 17:08:35 2023 MANAGEMENT: CMD 'echo all on'
    Wed May 03 17:08:35 2023 MANAGEMENT: CMD 'bytecount 5'
    Wed May 03 17:08:35 2023 MANAGEMENT: CMD 'hold off'
    Wed May 03 17:08:35 2023 MANAGEMENT: CMD 'hold release'
    Wed May 03 17:08:36 2023 MANAGEMENT: CMD 'username "Auth" "orx5ozl6jihy88s5jn3yjiiv"'
    Wed May 03 17:08:36 2023 MANAGEMENT: CMD 'password [...]'
    Wed May 03 17:08:36 2023 NOTE: --fast-io is disabled since we are running on Windows
    Wed May 03 17:08:36 2023 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
    Wed May 03 17:08:36 2023 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
    Wed May 03 17:08:36 2023 MANAGEMENT: >STATE:1683104916,RESOLVE,,,,,,
    Wed May 03 17:08:36 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1195
    Wed May 03 17:08:36 2023 Socket Buffers: R=[65536->524288] S=[65536->524288]
    Wed May 03 17:08:36 2023 UDP link local: (not bound)
    Wed May 03 17:08:36 2023 UDP link remote: [AF_INET]x.x.x.x:1195
    Wed May 03 17:08:36 2023 MANAGEMENT: >STATE:1683104916,WAIT,,,,,,
    Wed May 03 17:08:36 2023 MANAGEMENT: >STATE:1683104916,AUTH,,,,,,
    Wed May 03 17:08:36 2023 TLS: Initial packet from [AF_INET]x.x.x.x:1195, sid=55825622 5143c695
    大佬我一直停在这个地方,然后就是60s失败handshake,请问怎么解决啊
    
  2. charname
    Windows 10 Microsoft Edge
    中国安徽省合肥市联通
    Fri Apr 28 12:32:34 2023 SIGUSR1[connection failed(soft),init_instance] received, process restarting
    Fri Apr 28 12:32:34 2023 MANAGEMENT: >STATE:1682656354,RECONNECTING,init_instance,,,,,
    Fri Apr 28 12:32:34 2023 Restart pause, 5 second(s)
    Fri Apr 28 12:32:39 2023 NOTE: --fast-io is disabled since we are running on Windows
    Fri Apr 28 12:32:39 2023 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
    Fri Apr 28 12:32:39 2023 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
    Fri Apr 28 12:32:39 2023 MANAGEMENT: >STATE:1682656359,RESOLVE,,,,,,
    Fri Apr 28 12:32:39 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1443
    Fri Apr 28 12:32:39 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Fri Apr 28 12:32:39 2023 Attempting to establish TCP connection with [AF_INET]x.x.x.x:1443 [nonblock]
    Fri Apr 28 12:32:39 2023 MANAGEMENT: >STATE:1682656359,TCP_CONNECT,,,,,,
    Fri Apr 28 12:34:11 2023 MANAGEMENT: CMD 'signal SIGHUP'
    Fri Apr 28 12:34:12 2023 SIGHUP[hard,init_instance] received, process restarting
    Fri Apr 28 12:34:12 2023 MANAGEMENT: >STATE:1682656452,RECONNECTING,init_instance,,,,,
    Fri Apr 28 12:34:12 2023 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
    Fri Apr 28 12:34:12 2023 OpenVPN 2.5.2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 21 2021
    Fri Apr 28 12:34:12 2023 Windows version 10.0 (Windows 10 or greater) 64bit
    Fri Apr 28 12:34:12 2023 library versions: OpenSSL 1.1.1k  25 Mar 2021, LZO 2.10
    Fri Apr 28 12:34:12 2023 Restart pause, 2 second(s)
    Fri Apr 28 12:34:14 2023 NOTE: --fast-io is disabled since we are running on Windows
    Fri Apr 28 12:34:14 2023 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
    Fri Apr 28 12:34:14 2023 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
    Fri Apr 28 12:34:14 2023 MANAGEMENT: >STATE:1682656454,RESOLVE,,,,,,
    Fri Apr 28 12:34:14 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
    Fri Apr 28 12:34:14 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Fri Apr 28 12:34:14 2023 Attempting to establish TCP connection with [AF_INET]x.x.x.x:1194 [nonblock]
    Fri Apr 28 12:34:14 2023 MANAGEMENT: >STATE:1682656454,TCP_CONNECT,,,,,,
    Fri Apr 28 12:36:15 2023 TCP: connect to [AF_INET]x.x.x.x:1194 failed: Unknown error
    大佬看看是为什么
    
  3. 小学生
    Windows 10 Google Chrome
    中国安徽省合肥市联通

    大佬您好 我现在是这样一个问题 我昨天VPN还可以正常连接 但是今天确连不上了 中间没有断电 只是昨天晚上使用Mac连接了一会
    现在server端:
    # netstat -tunlp | grep 1194
    tcp 0 0 192.168.1.40:1194 0.0.0.0:* LISTEN 19105/openvpn
    客户端:跟提示1一样
    Wed Apr 26 18:28:41 2023 TCP: connect to [AF_INET]x.x.x.x:1194 failed: Unknown error

  4. ddd
    ddd
    Windows 10 Google Chrome
    中国安徽省合肥市联通

    大佬,请教一下,我的openVPN服务器配置内容

    port 1194
    proto udp
    dev tun
    
    ca /etc/openvpn/dcwhsa/ca.crt
    cert /etc/openvpn/dcwhsa/server.crt
    key /etc/openvpn/dcwhsa/server.key
    
    dh /etc/openvpn/dh.pem
    
    server 10.8.0.0 255.255.255.0
    ifconfig-pool-persist ipp.txt
    
    push "redirect-gateway def1 bypass-dhcp"
    push "dhcp-option DNS 208.67.222.222"
    push "dhcp-option DNS 208.67.220.220"
    
    keepalive 10 120
    comp-lzo
    cipher AES-256-CBC
    
    user nobody
    group nobody
    
    persist-key
    persist-tun
    
    status openvpn-status.log
    verb 3
    
    
    #tls-auth /etc/openvpn/easy-rsa/ta.key 0
    #script-security 2
    #auth-user-pass-verify /etc/openvpn/checkpsw.sh via-env
    

    我的客户端配置内容

    client
    dev tun
    proto udp
    remote x.x.x.x 1194
    resolv-retry infinite
    nobind
    persist-key
    persist-tun
    ca ca.crt
    cert client-dcw.crt
    key client-dcw.key
    cipher AES-256-CBC
    comp-lzo
    verb 3
    
    #tls-auth ta.key 1 
    #remote-cert-tls server
    
    dhcp-option DNS 208.67.222.222
    dhcp-option DNS 208.67.220.220
    

    但是我连接不上openVPN,服务器的日志是这个

    Apr 11 15:47:29 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:47:29 2023 x.x.x.x:65202 TLS: Initial packet from [AF_INET]x.x.x.x:65202, sid=81170ca5 945fa009
    [root@cloud-rs81b1-9bla ~]# sudo cat /var/log/messages
    Apr 11 15:47:29 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:47:29 2023 x.x.x.x:65202 TLS: Initial packet from [AF_INET]x.x.x.x:65202, sid=81170ca5 945fa009
    Apr 11 15:47:48 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:47:48 2023 x.x.x.x:50189 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Apr 11 15:47:48 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:47:48 2023 x.x.x.x:50189 TLS Error: TLS handshake failed
    Apr 11 15:47:48 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:47:48 2023 x.x.x.x:50189 SIGUSR1[soft,tls-error] received, client-instance restarting
    Apr 11 15:48:29 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:48:29 2023 x.x.x.x:65202 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Apr 11 15:48:29 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:48:29 2023 x.x.x.x:65202 TLS Error: TLS handshake failed
    Apr 11 15:48:29 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:48:29 2023 x.x.x.x:65202 SIGUSR1[soft,tls-error] received, client-instance restarting
    Apr 11 15:48:34 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:48:34 2023 x.x.x.x:59805 TLS: Initial packet from [AF_INET]x.x.x.x:59805, sid=cef72e54 5a894bbe
    

    请问是什么原因呢

    1. Awking
      Windows 10 Google Chrome
      中国移动

      看错误主要错误还是tls 60秒内协商失败,什么原因我也说不好,可能证书不匹配,或者有安全限制的拦截,或者配置问题导致超时,你的配置文件我看了,服务端启动没报错服务能起来就没啥问题,客户端主要看连接有问题时有啥提示,你可以结合下客户端的提示错误做一些修改试试

      1. ddd
        ddd
        Windows 10 Google Chrome
        中国安徽省合肥市联通

        客户端的提示一直 在等待服务器响应,然后我在服务器尝试ping了我客户端的公网ip发现ping不通,客户端卡在了这一步

        Tue Apr 11 17:13:40 2023 OpenVPN 2.4.12 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Mar 17 2022
        Tue Apr 11 17:13:40 2023 Windows version 6.1 (Windows 7) 64bit
        Tue Apr 11 17:13:40 2023 library versions: OpenSSL 1.1.1n  15 Mar 2022, LZO 2.10
        Enter Management Password:
        Tue Apr 11 17:13:40 2023 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
        Tue Apr 11 17:13:40 2023 Need hold release from management interface, waiting...
        Tue Apr 11 17:13:40 2023 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
        Tue Apr 11 17:13:41 2023 MANAGEMENT: CMD 'state on'
        Tue Apr 11 17:13:41 2023 MANAGEMENT: CMD 'log all on'
        Tue Apr 11 17:13:41 2023 MANAGEMENT: CMD 'echo all on'
        Tue Apr 11 17:13:41 2023 MANAGEMENT: CMD 'bytecount 5'
        Tue Apr 11 17:13:41 2023 MANAGEMENT: CMD 'hold off'
        Tue Apr 11 17:13:41 2023 MANAGEMENT: CMD 'hold release'
        Tue Apr 11 17:13:41 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
        Tue Apr 11 17:13:44 2023 MANAGEMENT: CMD 'password [...]'
        Tue Apr 11 17:13:44 2023 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
        Tue Apr 11 17:13:44 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
        Tue Apr 11 17:13:44 2023 Socket Buffers: R=[8192->8192] S=[8192->8192]
        Tue Apr 11 17:13:44 2023 UDP link local: (not bound)
        Tue Apr 11 17:13:44 2023 UDP link remote: [AF_INET]x.x.x.x:1194
        Tue Apr 11 17:13:44 2023 MANAGEMENT: >STATE:1681204424,WAIT,,,,,,,
        

        另一个现象是客户端连接的时候有发送数据大小,但是接收字节为0,所以是不是因为我服务器访问不了我客户端的原因呢?

        1. Awking
          Windows 10 Google Chrome
          中国安徽省六安市电信

          你客户端ping服务器只要通就行,你尝试更换下端口再连接试试

          1. ddd
            ddd
            Windows 10 Google Chrome
            中国安徽省合肥市联通

            哇。感谢大佬,试了换了个端口连接上了

            1. Awking
              Windows 10 Google Chrome
              中国安徽省六安市电信

              那可能是就是运营商网络对默认的1194端口有封锁

              1. Awking
                Windows 10 Google Chrome
                中国移动

                用博客上方企业微信客服联系我,调试下瞅瞅

              2. ddd
                ddd
                Windows 10 Google Chrome
                中国安徽省合肥市联通

                大佬,无法访问网络的问题解决了,配置一下转发规则就行
                sudo iptables -A FORWARD -i eth0 -o tun0 -j ACCEPT
                sudo iptables -A FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
                sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE,
                但是我连接上了之后过了一会又无法连接了,还是提示tls协商失败,换了个端口又可以了但是连上一会又无法连接了

              3. ddd
                ddd
                Windows 10 Google Chrome
                美国Amazon EC2服务器

                大佬好,我想请问下,我虽然连接上了,但是我客户端一连接openVPN就无法访问网络了,这个一般是啥原因呢

  5. 怎么连不上
    Windows 10 Google Chrome
    中国湖南省联通

    大佬 这个怎么办Tue Mar 21 20:48:32 2023 TCP: connect to [AF_INET]x.x.x.x:1194 failed: Unknown error

    1. Awking
      Windows 10 Google Chrome
      中国安徽省合肥市联通

      已在文章结尾更新说明原因

  6. buzhidao
    Windows 10 Microsoft Edge
    中国安徽省合肥市联通

    小白试一下公网地址x.x.x.x
    能不能帮我配置一下文件一直连接不上,日志看不懂

    ri Mar 17 18:51:31 2023 OpenVPN 2.4.7 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Feb 21 2019
    Fri Mar 17 18:51:31 2023 Windows version 6.2 (Windows 8 or greater) 64bit
    Fri Mar 17 18:51:31 2023 library versions: OpenSSL 1.1.0j  20 Nov 2018, LZO 2.10
    Enter Management Password:
    Fri Mar 17 18:51:31 2023 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
    Fri Mar 17 18:51:31 2023 Need hold release from management interface, waiting...
    Fri Mar 17 18:51:31 2023 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
    Fri Mar 17 18:51:31 2023 MANAGEMENT: CMD 'state on'
    Fri Mar 17 18:51:31 2023 MANAGEMENT: CMD 'log all on'
    Fri Mar 17 18:51:31 2023 MANAGEMENT: CMD 'echo all on'
    Fri Mar 17 18:51:31 2023 MANAGEMENT: CMD 'bytecount 5'
    Fri Mar 17 18:51:31 2023 MANAGEMENT: CMD 'hold off'
    Fri Mar 17 18:51:31 2023 MANAGEMENT: CMD 'hold release'
    Fri Mar 17 18:51:34 2023 MANAGEMENT: CMD 'username "Auth" "1"'
    Fri Mar 17 18:51:34 2023 MANAGEMENT: CMD 'password [...]'
    Fri Mar 17 18:51:34 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
    Fri Mar 17 18:51:34 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:51:34 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Fri Mar 17 18:51:34 2023 UDP link local: (not bound)
    Fri Mar 17 18:51:34 2023 UDP link remote: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:51:34 2023 MANAGEMENT: >STATE:1679050294,WAIT,,,,,,
    Fri Mar 17 18:51:35 2023 TLS Error: client->client or server->server connection attempted from [AF_INET]101.43.250.202:53
    Fri Mar 17 18:52:34 2023 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Fri Mar 17 18:52:34 2023 TLS Error: TLS handshake failed
    Fri Mar 17 18:52:34 2023 SIGUSR1[soft,tls-error] received, process restarting
    Fri Mar 17 18:52:34 2023 MANAGEMENT: >STATE:1679050354,RECONNECTING,tls-error,,,,,
    Fri Mar 17 18:52:34 2023 Restart pause, 5 second(s)
    Fri Mar 17 18:52:40 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
    Fri Mar 17 18:52:40 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:52:40 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Fri Mar 17 18:52:40 2023 UDP link local: (not bound)
    Fri Mar 17 18:52:40 2023 UDP link remote: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:52:40 2023 MANAGEMENT: >STATE:1679050360,WAIT,,,,,,
    Fri Mar 17 18:52:40 2023 TLS Error: client->client or server->server connection attempted from [AF_INET]101.43.250.202:53
    Fri Mar 17 18:53:40 2023 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Fri Mar 17 18:53:40 2023 TLS Error: TLS handshake failed
    Fri Mar 17 18:53:40 2023 SIGUSR1[soft,tls-error] received, process restarting
    Fri Mar 17 18:53:40 2023 MANAGEMENT: >STATE:1679050420,RECONNECTING,tls-error,,,,,
    Fri Mar 17 18:53:40 2023 Restart pause, 5 second(s)
    Fri Mar 17 18:53:45 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
    Fri Mar 17 18:53:45 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:53:45 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Fri Mar 17 18:53:45 2023 UDP link local: (not bound)
    Fri Mar 17 18:53:45 2023 UDP link remote: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:53:45 2023 MANAGEMENT: >STATE:1679050425,WAIT,,,,,,
    Fri Mar 17 18:54:45 2023 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Fri Mar 17 18:54:45 2023 TLS Error: TLS handshake failed
    Fri Mar 17 18:54:45 2023 SIGUSR1[soft,tls-error] received, process restarting
    Fri Mar 17 18:54:45 2023 MANAGEMENT: >STATE:1679050485,RECONNECTING,tls-error,,,,,
    Fri Mar 17 18:54:45 2023 Restart pause, 5 second(s)
    Fri Mar 17 18:54:50 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
    Fri Mar 17 18:54:50 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:54:50 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Fri Mar 17 18:54:50 2023 UDP link local: (not bound)
    Fri Mar 17 18:54:50 2023 UDP link remote: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:54:50 2023 MANAGEMENT: >STATE:1679050490,WAIT,,,,,,
    Fri Mar 17 18:55:50 2023 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Fri Mar 17 18:55:50 2023 TLS Error: TLS handshake failed
    Fri Mar 17 18:55:50 2023 SIGUSR1[soft,tls-error] received, process restarting
    Fri Mar 17 18:55:50 2023 MANAGEMENT: >STATE:1679050550,RECONNECTING,tls-error,,,,,
    Fri Mar 17 18:55:50 2023 Restart pause, 5 second(s)
    Fri Mar 17 18:55:55 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
    Fri Mar 17 18:55:55 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:55:55 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Fri Mar 17 18:55:55 2023 UDP link local: (not bound)
    Fri Mar 17 18:55:55 2023 UDP link remote: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:55:55 2023 MANAGEMENT: >STATE:1679050555,WAIT,,,,,,
    Fri Mar 17 18:55:55 2023 TLS Error: client->client or server->server connection attempted from [AF_INET]101.43.250.202:53
    Fri Mar 17 18:56:55 2023 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Fri Mar 17 18:56:55 2023 TLS Error: TLS handshake failed
    Fri Mar 17 18:56:55 2023 SIGUSR1[soft,tls-error] received, process restarting
    Fri Mar 17 18:56:55 2023 MANAGEMENT: >STATE:1679050615,RECONNECTING,tls-error,,,,,
    Fri Mar 17 18:56:55 2023 Restart pause, 10 second(s)
    Fri Mar 17 18:57:05 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
    Fri Mar 17 18:57:05 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:57:05 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Fri Mar 17 18:57:05 2023 UDP link local: (not bound)
    Fri Mar 17 18:57:05 2023 UDP link remote: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:57:05 2023 MANAGEMENT: >STATE:1679050625,WAIT,,,,,,
    Fri Mar 17 18:58:05 2023 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Fri Mar 17 18:58:05 2023 TLS Error: TLS handshake failed
    Fri Mar 17 18:58:05 2023 SIGUSR1[soft,tls-error] received, process restarting
    Fri Mar 17 18:58:05 2023 MANAGEMENT: >STATE:1679050685,RECONNECTING,tls-error,,,,,
    Fri Mar 17 18:58:05 2023 Restart pause, 20 second(s)
    Fri Mar 17 18:58:25 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
    Fri Mar 17 18:58:25 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:58:25 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Fri Mar 17 18:58:25 2023 UDP link local: (not bound)
    Fri Mar 17 18:58:25 2023 UDP link remote: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:58:25 2023 MANAGEMENT: >STATE:1679050705,WAIT,,,,,,
    Fri Mar 17 18:59:25 2023 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Fri Mar 17 18:59:25 2023 TLS Error: TLS handshake failed
    Fri Mar 17 18:59:25 2023 SIGUSR1[soft,tls-error] received, process restarting
    Fri Mar 17 18:59:25 2023 MANAGEMENT: >STATE:1679050765,RECONNECTING,tls-error,,,,,
    Fri Mar 17 18:59:25 2023 Restart pause, 40 second(s)
    Fri Mar 17 19:00:05 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
    Fri Mar 17 19:00:05 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
    Fri Mar 17 19:00:05 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Fri Mar 17 19:00:05 2023 UDP link local: (not bound)
    Fri Mar 17 19:00:05 2023 UDP link remote: [AF_INET]x.x.x.x:53
    Fri Mar 17 19:00:05 2023 MANAGEMENT: >STATE:1679050805,WAIT,,,,,,
    Fri Mar 17 19:00:07 2023 SIGTERM[hard,] received, process exiting
    Fri Mar 17 19:00:07 2023 MANAGEMENT: >STATE:1679050807,EXITING,SIGTERM,,,,,
    
    
    1. Awking
      Windows 10 Google Chrome
      中国安徽省六安市电信

      日志报的错误:tls协商失败,也就是协商协议或证书配置有问题,你用网站上面的企业微信方式联系我给你看下

  7. yvchun
    Windows 10 Google Chrome
    中国安徽省合肥市联通

    大佬,麻烦帮忙看看,我的问题是能在ubuntu上使用服务端,然后再windows上使用客户端连上,但是移到别的电脑想连我在ubuntu上的服务端就一直连不上了。
    root@Jotale:/etc/openvpn# openvpn --config client2.ovpn
    2023-03-16 05:54:34 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
    2023-03-16 05:54:34 OpenVPN 2.5.3 mipsel-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
    2023-03-16 05:54:34 library versions: OpenSSL 1.1.1l 24 Aug 2021, LZO 2.10
    2023-03-16 05:54:34 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    2023-03-16 05:54:34 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    2023-03-16 05:54:34 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
    2023-03-16 05:54:34 Socket Buffers: R=[131072->131072] S=[16384->16384]
    2023-03-16 05:54:34 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
    2023-03-16 05:54:34 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
    2023-03-16 05:54:34 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
    2023-03-16 05:54:34 SIGUSR1[connection failed(soft),init_instance] received, process restarting
    2023-03-16 05:54:34 Restart pause, 5 second(s)

    1. Awking
      Windows 10 Google Chrome
      中国移动

      你的这个日志,地址是127.0.0.1:1194 是在服务端自己连自己吗?你发个其他机器的连不上的日志,配置文件有一个客户端可以连上,其他的应该没啥问题,有问题或许是出在客户端版本或者参数需要调整下,需要看下日志看看连接过程中哪一步出现错误导致连不上的

      1. yvchun
        Windows 10 Google Chrome
        中国安徽省六安市电信

        是这样的,大佬,我是刚刚学这个,所以我在客户端配置文件中是这样设定的remote 127.0.0.1 1194,也就是说连的自己,主要就是想看看能不能连上,测试一下,然后我在wsl的ubuntu中使用openvpn服务端,在Windows下载一个openvpn然后把客户端配置文件丢进去了,结果就是Windows的客户端能连上这个ubuntu上的服务端。然后现在我想用这个客户端文件让我的一个网关连接上这个wsl的ubuntu中的openvpn的服务端,但是在网关里却显示连接不上了,我就很好奇怪明明同样的客户端配置文件,但是却不能让我的网关连上,这是为什么?下面是全部的日志信息,就是连不上这个127.0.0.1:1194。

        2023-03-16 06:41:11 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
        2023-03-16 06:41:11 OpenVPN 2.5.3 mipsel-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
        2023-03-16 06:41:11 library versions: OpenSSL 1.1.1l  24 Aug 2021, LZO 2.10
        2023-03-16 06:41:11 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:11 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:11 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
        2023-03-16 06:41:11 Socket Buffers: R=[131072->131072] S=[16384->16384]
        2023-03-16 06:41:11 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
        2023-03-16 06:41:11 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
        2023-03-16 06:41:11 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
        2023-03-16 06:41:11 SIGUSR1[connection failed(soft),init_instance] received, process restarting
        2023-03-16 06:41:11 Restart pause, 5 second(s)
        2023-03-16 06:41:16 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:16 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:16 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
        2023-03-16 06:41:16 Socket Buffers: R=[131072->131072] S=[16384->16384]
        2023-03-16 06:41:16 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
        2023-03-16 06:41:16 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
        2023-03-16 06:41:16 SIGUSR1[connection failed(soft),init_instance] received, process restarting
        2023-03-16 06:41:16 Restart pause, 5 second(s)
        2023-03-16 06:41:21 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:21 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:21 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
        2023-03-16 06:41:21 Socket Buffers: R=[131072->131072] S=[16384->16384]
        2023-03-16 06:41:21 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
        2023-03-16 06:41:21 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
        2023-03-16 06:41:21 SIGUSR1[connection failed(soft),init_instance] received, process restarting
        2023-03-16 06:41:21 Restart pause, 5 second(s)
        2023-03-16 06:41:26 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:26 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:26 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
        2023-03-16 06:41:26 Socket Buffers: R=[131072->131072] S=[16384->16384]
        2023-03-16 06:41:26 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
        2023-03-16 06:41:26 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
        2023-03-16 06:41:26 SIGUSR1[connection failed(soft),init_instance] received, process restarting
        2023-03-16 06:41:26 Restart pause, 5 second(s)
        2023-03-16 06:41:31 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:31 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:32 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
        2023-03-16 06:41:32 Socket Buffers: R=[131072->131072] S=[16384->16384]
        2023-03-16 06:41:32 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
        2023-03-16 06:41:32 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
        2023-03-16 06:41:32 SIGUSR1[connection failed(soft),init_instance] received, process restarting
        2023-03-16 06:41:32 Restart pause, 10 second(s)
        2023-03-16 06:41:42 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:42 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:42 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
        2023-03-16 06:41:42 Socket Buffers: R=[131072->131072] S=[16384->16384]
        2023-03-16 06:41:42 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
        2023-03-16 06:41:42 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
        2023-03-16 06:41:42 SIGUSR1[connection failed(soft),init_instance] received, process restarting
        2023-03-16 06:41:42 Restart pause, 20 second(s)
        2023-03-16 06:42:02 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:42:02 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:42:02 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
        2023-03-16 06:42:02 Socket Buffers: R=[131072->131072] S=[16384->16384]
        2023-03-16 06:42:02 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
        2023-03-16 06:42:02 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
        2023-03-16 06:42:02 SIGUSR1[connection failed(soft),init_instance] received, process restarting
        2023-03-16 06:42:02 Restart pause, 40 second(s)
        2023-03-16 06:42:42 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:42:42 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:42:42 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
        2023-03-16 06:42:42 Socket Buffers: R=[131072->131072] S=[16384->16384]
        2023-03-16 06:42:42 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
        2023-03-16 06:42:42 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
        2023-03-16 06:42:42 SIGUSR1[connection failed(soft),init_instance] received, process restarting
        2023-03-16 06:42:42 Restart pause, 80 second(s)
        2023-03-16 06:44:02 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:44:02 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:44:02 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
        2023-03-16 06:44:02 Socket Buffers: R=[131072->131072] S=[16384->16384]
        2023-03-16 06:44:02 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
        2023-03-16 06:44:02 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
        2023-03-16 06:44:02 SIGUSR1[connection failed(soft),init_instance] received, process restarting
        2023-03-16 06:44:02 Restart pause, 160 second(s)
        2023-03-16 06:46:42 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:46:42 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:46:42 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
        2023-03-16 06:46:42 Socket Buffers: R=[131072->131072] S=[16384->16384]
        2023-03-16 06:46:42 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
        2023-03-16 06:46:42 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
        2023-03-16 06:46:42 SIGUSR1[connection failed(soft),init_instance] received, process restarting
        2023-03-16 06:46:42 Restart pause, 300 second(s)
        2023-03-16 06:51:42 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:51:42 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:51:42 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
        2023-03-16 06:51:42 Socket Buffers: R=[131072->131072] S=[16384->16384]
        2023-03-16 06:51:42 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
        2023-03-16 06:51:42 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
        2023-03-16 06:51:42 SIGUSR1[connection failed(soft),init_instance] received, process restarting
        2023-03-16 06:51:42 Restart pause, 300 second(s)
        ^C2023-03-16 06:51:46 SIGINT[hard,init_instance] received, process exiting
        
        1. Awking
          Windows 10 Google Chrome
          中国安徽省合肥市联通

          你windows客户端和wsl的ubuntu是同一个网络下面的,连127都是可以的(127这个地址只有本机可用),你让你其他的客户端连的话,这个127地址就要改成你电脑的ip地址

          1. yvchun
            Windows 10 Google Chrome
            中国安徽省合肥市联通

            好的,大佬,我这就回去试试,谢谢您的帮助!

  8. vpn连不上啊
    Windows 10 Google Chrome
    中国安徽省合肥市联通
    2023-02-16 11:39:04 WARNING: Compression for sending and receiving enabled. Compression has been used in the past to break encryption. Allowing compression allows attacks that break encryption. Using "--allow-compression yes" is strongly discouraged for common usage. See --compress in the manual page for more information 
    2023-02-16 11:39:04 us=625000 DEPRECATED OPTION: --cipher set to 'BF-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). OpenVPN ignores --cipher for cipher negotiations. 
    2023-02-16 11:39:04 us=625000 Note: '--allow-compression' is not set to 'no', disabling data channel offload.
    2023-02-16 11:39:04 us=625000 Current Parameter Settings:
    2023-02-16 11:39:04 us=625000   config = 'sd_psvpn_v4.1.ovpn'
    2023-02-16 11:39:04 us=625000   mode = 0
    2023-02-16 11:39:04 us=625000   show_ciphers = DISABLED
    2023-02-16 11:39:04 us=625000   show_digests = DISABLED
    2023-02-16 11:39:04 us=625000   show_engines = DISABLED
    2023-02-16 11:39:04 us=625000   genkey = DISABLED
    2023-02-16 11:39:04 us=625000   genkey_filename = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   key_pass_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   show_tls_ciphers = DISABLED
    2023-02-16 11:39:04 us=625000   connect_retry_max = 3
    2023-02-16 11:39:04 us=625000 Connection profiles [0]:
    2023-02-16 11:39:04 us=625000   proto = tcp4-client
    2023-02-16 11:39:04 us=625000   local = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   local_port = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   remote = 'x.x.x.x'
    2023-02-16 11:39:04 us=625000   remote_port = '28080'
    2023-02-16 11:39:04 us=625000   remote_float = DISABLED
    2023-02-16 11:39:04 us=625000   bind_defined = DISABLED
    2023-02-16 11:39:04 us=625000   bind_local = DISABLED
    2023-02-16 11:39:04 us=625000   bind_ipv6_only = DISABLED
    2023-02-16 11:39:04 us=625000   connect_retry_seconds = 5
    2023-02-16 11:39:04 us=625000   connect_timeout = 10
    2023-02-16 11:39:04 us=625000   socks_proxy_server = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   socks_proxy_port = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   tun_mtu = 1500
    2023-02-16 11:39:04 us=625000   tun_mtu_defined = ENABLED
    2023-02-16 11:39:04 us=625000   link_mtu = 1500
    2023-02-16 11:39:04 us=625000   link_mtu_defined = DISABLED
    2023-02-16 11:39:04 us=625000   tun_mtu_extra = 0
    2023-02-16 11:39:04 us=625000   tun_mtu_extra_defined = DISABLED
    2023-02-16 11:39:04 us=625000   tls_mtu = 1250
    2023-02-16 11:39:04 us=625000   mtu_discover_type = -1
    2023-02-16 11:39:04 us=625000   fragment = 0
    2023-02-16 11:39:04 us=625000   mssfix = 1492
    2023-02-16 11:39:04 us=625000   mssfix_encap = ENABLED
    2023-02-16 11:39:04 us=625000   mssfix_fixed = DISABLED
    2023-02-16 11:39:04 us=625000   explicit_exit_notification = 0
    2023-02-16 11:39:04 us=625000   tls_auth_file = 'ta.key'
    2023-02-16 11:39:04 us=625000   key_direction = 1
    2023-02-16 11:39:04 us=625000   tls_crypt_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   tls_crypt_v2_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000 Connection profiles END
    2023-02-16 11:39:04 us=625000   remote_random = DISABLED
    2023-02-16 11:39:04 us=625000   ipchange = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   dev = 'tun'
    2023-02-16 11:39:04 us=625000   dev_type = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   dev_node = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   tuntap_options.disable_dco = ENABLED
    2023-02-16 11:39:04 us=625000   lladdr = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   topology = 1
    2023-02-16 11:39:04 us=625000   ifconfig_local = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   ifconfig_remote_netmask = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   ifconfig_noexec = DISABLED
    2023-02-16 11:39:04 us=625000   ifconfig_nowarn = DISABLED
    2023-02-16 11:39:04 us=625000   ifconfig_ipv6_local = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   ifconfig_ipv6_netbits = 0
    2023-02-16 11:39:04 us=625000   ifconfig_ipv6_remote = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   shaper = 0
    2023-02-16 11:39:04 us=625000   mtu_test = 0
    2023-02-16 11:39:04 us=625000   mlock = DISABLED
    2023-02-16 11:39:04 us=625000   keepalive_ping = 0
    2023-02-16 11:39:04 us=625000   keepalive_timeout = 0
    2023-02-16 11:39:04 us=625000   inactivity_timeout = 0
    2023-02-16 11:39:04 us=625000   session_timeout = 0
    2023-02-16 11:39:04 us=625000   inactivity_minimum_bytes = 0
    2023-02-16 11:39:04 us=625000   ping_send_timeout = 0
    2023-02-16 11:39:04 us=625000   ping_rec_timeout = 0
    2023-02-16 11:39:04 us=625000   ping_rec_timeout_action = 0
    2023-02-16 11:39:04 us=625000   ping_timer_remote = DISABLED
    2023-02-16 11:39:04 us=625000   remap_sigusr1 = 0
    2023-02-16 11:39:04 us=625000   persist_tun = DISABLED
    2023-02-16 11:39:04 us=625000   persist_local_ip = DISABLED
    2023-02-16 11:39:04 us=625000   persist_remote_ip = DISABLED
    2023-02-16 11:39:04 us=625000   persist_key = DISABLED
    2023-02-16 11:39:04 us=625000   passtos = DISABLED
    2023-02-16 11:39:04 us=625000   resolve_retry_seconds = 20
    2023-02-16 11:39:04 us=625000   resolve_in_advance = DISABLED
    2023-02-16 11:39:04 us=625000   username = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   groupname = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   chroot_dir = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   cd_dir = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   writepid = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   up_script = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   down_script = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   down_pre = DISABLED
    2023-02-16 11:39:04 us=625000   up_restart = DISABLED
    2023-02-16 11:39:04 us=625000   up_delay = DISABLED
    2023-02-16 11:39:04 us=625000   daemon = DISABLED
    2023-02-16 11:39:04 us=625000   log = ENABLED
    2023-02-16 11:39:04 us=625000   suppress_timestamps = DISABLED
    2023-02-16 11:39:04 us=625000   machine_readable_output = DISABLED
    2023-02-16 11:39:04 us=625000   nice = 0
    2023-02-16 11:39:04 us=625000   verbosity = 4
    2023-02-16 11:39:04 us=625000   mute = 0
    2023-02-16 11:39:04 us=625000   status_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   status_file_version = 1
    2023-02-16 11:39:04 us=625000   status_file_update_freq = 60
    2023-02-16 11:39:04 us=625000   occ = ENABLED
    2023-02-16 11:39:04 us=625000   rcvbuf = 0
    2023-02-16 11:39:04 us=625000   sndbuf = 0
    2023-02-16 11:39:04 us=625000   sockflags = 0
    2023-02-16 11:39:04 us=625000   fast_io = DISABLED
    2023-02-16 11:39:04 us=625000   comp.alg = 1
    2023-02-16 11:39:04 us=625000   comp.flags = 6
    2023-02-16 11:39:04 us=625000   route_script = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   route_default_gateway = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   route_default_metric = 0
    2023-02-16 11:39:04 us=625000   route_noexec = DISABLED
    2023-02-16 11:39:04 us=625000   route_delay = 0
    2023-02-16 11:39:04 us=625000   route_delay_window = 30
    2023-02-16 11:39:04 us=625000   route_delay_defined = DISABLED
    2023-02-16 11:39:04 us=625000   route_nopull = DISABLED
    2023-02-16 11:39:04 us=625000   route_gateway_via_dhcp = DISABLED
    2023-02-16 11:39:04 us=625000   allow_pull_fqdn = DISABLED
    2023-02-16 11:39:04 us=625000   Pull filters:
    2023-02-16 11:39:04 us=625000     ignore "route-method"
    2023-02-16 11:39:04 us=625000   management_addr = '127.0.0.1'
    2023-02-16 11:39:04 us=625000   management_port = '25342'
    2023-02-16 11:39:04 us=625000   management_user_pass = 'stdin'
    2023-02-16 11:39:04 us=625000   management_log_history_cache = 250
    2023-02-16 11:39:04 us=625000   management_echo_buffer_size = 100
    2023-02-16 11:39:04 us=625000   management_client_user = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   management_client_group = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   management_flags = 6
    2023-02-16 11:39:04 us=625000   shared_secret_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   key_direction = 1
    2023-02-16 11:39:04 us=625000   ciphername = 'BF-CBC'
    2023-02-16 11:39:04 us=625000   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
    2023-02-16 11:39:04 us=625000   authname = 'SHA1'
    2023-02-16 11:39:04 us=625000   engine = DISABLED
    2023-02-16 11:39:04 us=625000   replay = ENABLED
    2023-02-16 11:39:04 us=625000   mute_replay_warnings = DISABLED
    2023-02-16 11:39:04 us=625000   replay_window = 64
    2023-02-16 11:39:04 us=625000   replay_time = 15
    2023-02-16 11:39:04 us=625000   packet_id_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   test_crypto = DISABLED
    2023-02-16 11:39:04 us=625000   tls_server = DISABLED
    2023-02-16 11:39:04 us=625000   tls_client = ENABLED
    2023-02-16 11:39:04 us=625000   ca_file = 'ca.crt'
    2023-02-16 11:39:04 us=625000   ca_path = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   dh_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   cert_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   extra_certs_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   priv_key_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   pkcs12_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   cryptoapi_cert = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   cipher_list = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   cipher_list_tls13 = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   tls_cert_profile = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   tls_verify = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   tls_export_cert = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   verify_x509_type = 0
    2023-02-16 11:39:04 us=625000   verify_x509_name = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   crl_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   ns_cert_type = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 65535
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_eku = 'TLS Web Server Authentication'
    2023-02-16 11:39:04 us=625000   ssl_flags = 192
    2023-02-16 11:39:04 us=625000   tls_timeout = 2
    2023-02-16 11:39:04 us=625000   renegotiate_bytes = -1
    2023-02-16 11:39:04 us=625000   renegotiate_packets = 0
    2023-02-16 11:39:04 us=625000   renegotiate_seconds = 3600
    2023-02-16 11:39:04 us=625000   handshake_window = 60
    2023-02-16 11:39:04 us=625000   transition_window = 3600
    2023-02-16 11:39:04 us=625000   single_session = DISABLED
    2023-02-16 11:39:04 us=625000   push_peer_info = DISABLED
    2023-02-16 11:39:04 us=625000   tls_exit = DISABLED
    2023-02-16 11:39:04 us=625000   tls_crypt_v2_metadata = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_pin_cache_period = -1
    2023-02-16 11:39:04 us=625000   pkcs11_id = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   pkcs11_id_management = DISABLED
    2023-02-16 11:39:04 us=625000   server_network = 0.0.0.0
    2023-02-16 11:39:04 us=625000   server_netmask = 0.0.0.0
    2023-02-16 11:39:04 us=625000   server_network_ipv6 = ::
    2023-02-16 11:39:04 us=625000   server_netbits_ipv6 = 0
    2023-02-16 11:39:04 us=625000   server_bridge_ip = 0.0.0.0
    2023-02-16 11:39:04 us=625000   server_bridge_netmask = 0.0.0.0
    2023-02-16 11:39:04 us=625000   server_bridge_pool_start = 0.0.0.0
    2023-02-16 11:39:04 us=625000   server_bridge_pool_end = 0.0.0.0
    2023-02-16 11:39:04 us=625000   ifconfig_pool_defined = DISABLED
    2023-02-16 11:39:04 us=625000   ifconfig_pool_start = 0.0.0.0
    2023-02-16 11:39:04 us=625000   ifconfig_pool_end = 0.0.0.0
    2023-02-16 11:39:04 us=625000   ifconfig_pool_netmask = 0.0.0.0
    2023-02-16 11:39:04 us=625000   ifconfig_pool_persist_filename = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   ifconfig_pool_persist_refresh_freq = 600
    2023-02-16 11:39:04 us=625000   ifconfig_ipv6_pool_defined = DISABLED
    2023-02-16 11:39:04 us=625000   ifconfig_ipv6_pool_base = ::
    2023-02-16 11:39:04 us=625000   ifconfig_ipv6_pool_netbits = 0
    2023-02-16 11:39:04 us=625000   n_bcast_buf = 256
    2023-02-16 11:39:04 us=625000   tcp_queue_limit = 64
    2023-02-16 11:39:04 us=625000   real_hash_size = 256
    2023-02-16 11:39:04 us=625000   virtual_hash_size = 256
    2023-02-16 11:39:04 us=625000   client_connect_script = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   learn_address_script = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   client_disconnect_script = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   client_crresponse_script = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   client_config_dir = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   ccd_exclusive = DISABLED
    2023-02-16 11:39:04 us=625000   tmp_dir = 'C:\Users\pansoft\AppData\Local\Temp\'
    2023-02-16 11:39:04 us=625000   push_ifconfig_defined = DISABLED
    2023-02-16 11:39:04 us=625000   push_ifconfig_local = 0.0.0.0
    2023-02-16 11:39:04 us=625000   push_ifconfig_remote_netmask = 0.0.0.0
    2023-02-16 11:39:04 us=625000   push_ifconfig_ipv6_defined = DISABLED
    2023-02-16 11:39:04 us=625000   push_ifconfig_ipv6_local = ::/0
    2023-02-16 11:39:04 us=625000   push_ifconfig_ipv6_remote = ::
    2023-02-16 11:39:04 us=625000   enable_c2c = DISABLED
    2023-02-16 11:39:04 us=625000   duplicate_cn = DISABLED
    2023-02-16 11:39:04 us=625000   cf_max = 0
    2023-02-16 11:39:04 us=625000   cf_per = 0
    2023-02-16 11:39:04 us=625000   cf_initial_max = 100
    2023-02-16 11:39:04 us=625000   cf_initial_per = 10
    2023-02-16 11:39:04 us=625000   max_clients = 1024
    2023-02-16 11:39:04 us=625000   max_routes_per_client = 256
    2023-02-16 11:39:04 us=625000   auth_user_pass_verify_script = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   auth_user_pass_verify_script_via_file = DISABLED
    2023-02-16 11:39:04 us=625000   auth_token_generate = DISABLED
    2023-02-16 11:39:04 us=625000   auth_token_lifetime = 0
    2023-02-16 11:39:04 us=625000   auth_token_secret_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   vlan_tagging = DISABLED
    2023-02-16 11:39:04 us=625000   vlan_accept = all
    2023-02-16 11:39:04 us=625000   vlan_pvid = 1
    2023-02-16 11:39:04 us=625000   client = ENABLED
    2023-02-16 11:39:04 us=625000   pull = ENABLED
    2023-02-16 11:39:04 us=625000   auth_user_pass_file = 'stdin'
    2023-02-16 11:39:04 us=625000   show_net_up = DISABLED
    2023-02-16 11:39:04 us=625000   route_method = 3
    2023-02-16 11:39:04 us=625000   block_outside_dns = DISABLED
    2023-02-16 11:39:04 us=625000   ip_win32_defined = DISABLED
    2023-02-16 11:39:04 us=625000   ip_win32_type = 1
    2023-02-16 11:39:04 us=625000   dhcp_masq_offset = 0
    2023-02-16 11:39:04 us=625000   dhcp_lease_time = 31536000
    2023-02-16 11:39:04 us=625000   tap_sleep = 0
    2023-02-16 11:39:04 us=625000   dhcp_options = DISABLED
    2023-02-16 11:39:04 us=625000   dhcp_renew = DISABLED
    2023-02-16 11:39:04 us=625000   dhcp_pre_release = DISABLED
    2023-02-16 11:39:04 us=625000   domain = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   netbios_scope = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   netbios_node_type = 0
    2023-02-16 11:39:04 us=625000   disable_nbt = DISABLED
    2023-02-16 11:39:04 us=625000 OpenVPN 2.6.0 [git:v2.6.0/b999466418dddb89] Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] [DCO] built on Feb  6 2023
    2023-02-16 11:39:04 us=625000 Windows version 10.0 (Windows 10 or greater), amd64 executable
    2023-02-16 11:39:04 us=625000 library versions: OpenSSL 3.0.7 1 Nov 2022, LZO 2.10
    2023-02-16 11:39:04 us=625000 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25342
    2023-02-16 11:39:04 us=625000 Need hold release from management interface, waiting...
    2023-02-16 11:39:05 us=125000 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:63674
    2023-02-16 11:39:05 us=234000 MANAGEMENT: CMD 'state on'
    2023-02-16 11:39:05 us=234000 MANAGEMENT: CMD 'log on all'
    2023-02-16 11:39:05 us=500000 MANAGEMENT: CMD 'echo on all'
    2023-02-16 11:39:05 us=500000 MANAGEMENT: CMD 'bytecount 5'
    2023-02-16 11:39:05 us=500000 MANAGEMENT: CMD 'state'
    2023-02-16 11:39:05 us=515000 MANAGEMENT: CMD 'hold off'
    2023-02-16 11:39:05 us=515000 MANAGEMENT: CMD 'hold release'
    2023-02-16 11:39:07 us=109000 MANAGEMENT: CMD 'username "Auth" "wanghe6186"'
    2023-02-16 11:39:07 us=125000 MANAGEMENT: CMD 'password [...]'
    2023-02-16 11:39:07 us=125000 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    2023-02-16 11:39:07 us=125000 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    2023-02-16 11:39:07 us=125000 Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ]
    2023-02-16 11:39:07 us=125000 Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
    2023-02-16 11:39:07 us=125000 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:28080
    2023-02-16 11:39:07 us=125000 Socket Buffers: R=[65536->65536] S=[65536->65536]
    2023-02-16 11:39:07 us=125000 Attempting to establish TCP connection with [AF_INET]x.x.x.x:28080
    2023-02-16 11:39:07 us=125000 MANAGEMENT: >STATE:1676518747,TCP_CONNECT,,,,,,
    2023-02-16 11:39:07 us=156000 TCP connection established with [AF_INET]x.x.x.x:28080
    2023-02-16 11:39:07 us=156000 TCPv4_CLIENT link local: (not bound)
    2023-02-16 11:39:07 us=156000 TCPv4_CLIENT link remote: [AF_INET]x.x.x.x:28080
    2023-02-16 11:39:07 us=156000 MANAGEMENT: >STATE:1676518747,WAIT,,,,,,
    2023-02-16 11:39:07 us=171000 MANAGEMENT: >STATE:1676518747,AUTH,,,,,,
    2023-02-16 11:39:07 us=171000 TLS: Initial packet from [AF_INET]x.x.x.x:28080, sid=b8e9d60e 7e124de4
    2023-02-16 11:39:07 us=187000 VERIFY OK: depth=1, CN=Easy-RSA CA
    2023-02-16 11:39:07 us=187000 VERIFY KU OK
    2023-02-16 11:39:07 us=187000 Validating certificate extended key usage
    2023-02-16 11:39:07 us=187000 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
    2023-02-16 11:39:07 us=187000 VERIFY EKU OK
    2023-02-16 11:39:07 us=187000 VERIFY OK: depth=0, CN=server
    2023-02-16 11:39:07 us=296000 peer info: IV_VER=2.5.4
    2023-02-16 11:39:07 us=296000 peer info: IV_PLAT=linux
    2023-02-16 11:39:07 us=296000 peer info: IV_PROTO=2
    2023-02-16 11:39:07 us=296000 peer info: IV_CIPHERS=AES-256-GCM:AES-256-CBC:BF-CBC
    2023-02-16 11:39:07 us=296000 peer info: IV_LZ4=1
    2023-02-16 11:39:07 us=296000 peer info: IV_LZ4v2=1
    2023-02-16 11:39:07 us=296000 peer info: IV_LZO=1
    2023-02-16 11:39:07 us=296000 peer info: IV_COMP_STUB=1
    2023-02-16 11:39:07 us=296000 peer info: IV_COMP_STUBv2=1
    2023-02-16 11:39:07 us=296000 peer info: IV_TCPNL=1
    2023-02-16 11:39:07 us=296000 peer info: IV_HWADDR=60:2e:20:04:85:fd
    2023-02-16 11:39:07 us=296000 peer info: IV_SSL=OpenSSL_1.0.2k-fips__26_Jan_2017
    2023-02-16 11:39:07 us=296000 peer info: IV_SSO=openurl,webauth,crtext
    2023-02-16 11:39:07 us=296000 peer info: IV_GUI_VER=OpenVPN_GUI_11
    2023-02-16 11:39:07 us=296000 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
    2023-02-16 11:39:07 us=296000 [server] Peer Connection Initiated with [AF_INET]x.x.x.x:28080
    2023-02-16 11:39:07 us=296000 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
    2023-02-16 11:39:07 us=296000 TLS: tls_multi_process: initial untrusted session promoted to trusted
    2023-02-16 11:39:08 us=484000 MANAGEMENT: >STATE:1676518748,GET_CONFIG,,,,,,
    2023-02-16 11:39:08 us=484000 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
    2023-02-16 11:39:08 us=500000 AUTH: Received control message: AUTH_FAILED
    2023-02-16 11:39:08 us=500000 TCP/UDP: Closing socket
    2023-02-16 11:39:08 us=500000 SIGUSR1[soft,auth-failure] received, process restarting
    2023-02-16 11:39:08 us=500000 MANAGEMENT: >STATE:1676518748,RECONNECTING,auth-failure,,,,,
    2023-02-16 11:39:08 us=500000 Restart pause, 5 second(s)
    

    大佬我就显示错误的凭据,然后连不上为啥呀?求助!!

    1. Awking
      Windows 10 Google Chrome
      中国安徽省合肥市联通

      你是证书+用户密码方式吗?
      1. 用户密码不匹配
      2. 参数两边配的不一样或者某一端不支持参数,导致认证失败
      检查下客户端提示的警告,修改下或者服务端参数修改下,或者参考下我的 openvpn搭建文章

      1. vpn连不上啊
        Windows 10 Google Chrome
        中国安徽省合肥市联通

        用户密码是正确的可以在别人的电脑上连接,用的是别人相同的配置文件,客户端有个提示警告,我按照您文章的加了个auth-nocache,就没有别的警告了,直接就登陆失败,错误凭证了

        1. Awking
          Windows 10 Google Chrome
          美国弗吉尼亚州阿什本Amazon

          我用证书+用户密码方式,在故意输错用户名或密码的情况下,复现了和你一样的错误。除此外还真没找到其他原因

留言已关闭