OpenVPN win10客户端连接几个警告信息解决
· 技术积累 · VPN openvpn

win10客户端使用openvpn软件连接过程中可能会遇到几个红色 警告或错误信息,我也是在使用中有遇到这些问题,网上搜索的方法可以解决掉遇到的问题(不保证所有遇到此问题的都可以通过下面方法解决),特此搜集记录下来

在连接vpn有问题情况下,确认服务和端口是否正常和允许连接,多观察 服务端日志客户端日志 的异常输出信息,大概率是客户端参数问题或者配置不正确,或者是网络方面的问题

1 客户端版本也会造成一些警告提示,因为会有些参数在某个版本中不支持了
2 遇到多百度谷歌搜索相关信息,多动手改调整配置参数
3 确保配置文件的参数名正确,文件路径或格式正确
4 有时候或许是网络问题导致连不上,可以换换其他网络试试

警告1:WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
或者
No sever certificate verficaton method has been enabled.

# 解决,win客户端修改配置文件注释一个和添加一个(如果没有ns-cert-type server这个参数,那只用添加remote-cert-tls server这个参数)
;ns-cert-type server
remote-cert-tls server

警告2: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this

# 解决,在客户端配置文件添加参数
auth-nocache

警告3:WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1602', remote='link-mtu 1570'
WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'

# 解决
去掉配置文件tun-mtu相关的参数

警告4:(此错误会导致连上vpn无法上网): us=967576 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
或 write to TUN/TAP : Unknown error (code=122)

# 解决,在客户端配置文件添加参数
comp-lzo

警告5: ROUTE: route addition failed using CreateIpForwardEntry: ÖÁÉÙÓÐһ¸ֲÎÊ�Õýȷc [status=160 if_index=19]

# 解决,在客户端配置文件添加参数
route-method exe
route-delay 2

警告6:AEAD Decrypt error: bad packet ID (may be a replay): [ #141 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings

# 解决,在客户端配置文件添加参数
mute-replay-warnings

警告7: WARNING: --ping should normally be used with --ping-restart or --ping-exit

# 解决,配置文件中参数修改为下面的
# ping 表示每隔多少秒就ping对端一次
# ping-restart/ping-exit 表示在多少秒后没有收到对端的包就重启或者退出
ping 15
ping-restart 15
或者
ping-exit 15

警告8(和客户端版本有关系): DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). OpenVPN ignores --cipher for cipher negotiations.

# 解决,配置文件中参数修改为下面的
data-ciphers AES-256-CBC
data-ciphers-fallback AES-256-CBC

警告9(和客户端版本有关系): WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.

# 解决,不启用压缩,配置文件中参数修改为下面的
comp-lzo no
allow-compression no

错误1: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) TLS Error: TLS handshake failed

# 可能的原因1(来自官网的回答 https://openvpn.net/faq/tls-error-tls-key-negotiation-failed-to-occur-within-60-seconds-check-your-network-connectivity/)
1,服务器网络上的外围防火墙正在过滤传入的 OpenVPN 数据包(默认情况下,OpenVPN 使用 UDP 或 TCP 端口号 1194)。
在 OpenVPN 服务器机器上运行的软件防火墙本身正在过滤端口 1194 上的传入连接。请注意,默认情况下许多操作系统将阻止传入连接,除非另有配置。
2,服务器网络上的 NAT 网关没有 TCP/UDP 1194 端口转发规则到 OpenVPN 服务器机器的内部地址。
3,OpenVPN 客户端配置在其配置文件中没有正确的服务器地址。客户端配置文件中的remote指令  必须指向服务器本身或服务器网络网关的公共 IP 地址。
4,另一个可能的原因是 Windows 防火墙阻止了对 openvpn.exe 二进制文件的访问。您可能需要将其列入白名单(将其添加到“例外”列表),OpenVPN 才能正常工作。

# 可能的原因2
大概率是网络不通的原因,比如请求被拦截了(防火墙,安全组,运营商等),地址被屏蔽了(国外的ip地址)

特别说明:如果客户端连接不上,报错信息没有给出明显的错误,请在服务端的日志中查看日志,会看到是什么原因导致的!
如果同样配置文件已经在其他电脑连接成功,请对比下配置文件内容,有用户密码的核对下和服务端的是否一致
或者两个人用一套证书都连接上了但是有1个人不能上网的,可能是服务器没有开启同一套证书允许多用户使用

客户端连接不上几个提示例子:

提示1:
MANAGEMENT: >STATE:1679479405,TCP_CONNECT,,,,,,(一直卡这很久)
TCP: connect to [AF_INET]x.x.x.x:1194 failed: Unknown error

提示2:
MANAGEMENT: >STATE:1679479100,WAIT,,,,,,
read UDP: Unknown error (code=10054)

提示3:
UDP link remote: [AF_INET]x.x.x.x:1194
MANAGEMENT: >STATE:1679485965,WAIT,,,,,,

以上几种提示是连不上才出现的(客户端连不到服务端) [ ip地址错误 或 使用协议错误 或 服务端被国内屏蔽了 ]

客户端的原因导致:
可能是1、客户端和服务端配置的协议不一致
可能是2、端口 或 地址 不正确

服务端的原因导致:
可能是3、服务端服务未启动
可能是4、防火墙阻止了对应的端口和协议
可能是5、地址被运营商封掉,墙掉了

其他原因导致:
服务端的ip被给封掉了

因为pptp、l2tp、openvpn 都属于常见类型vpn,如果是服务端ip是国外的地址,使用中突然连不上了也很正常!被墙了呗

对于网友在本文章留言中出现的公网ip地址,安全起见,显示的评论ip用x.x.x.x代替

Centos7 搭建OpenVPN 基于证书认证
OpenVPN 基于用户密码方式认证


本文最后更新时间 2023-12-14
文章链接地址:
https://me.jinchuang.org/archives/573.html
本站文章除注明[转载|引用],均为本站原创内容,转载前请注明出处

留言列表

  1. gtgssss
    gtgssss Windows 10 Microsoft Edge · 中国安徽省合肥市联通 ·
    Wed May 03 17:08:34 2023 OpenVPN 2.4.12 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Mar 17 2022
    Wed May 03 17:08:34 2023 Windows version 6.2 (Windows 8 or greater) 64bit
    Wed May 03 17:08:34 2023 library versions: OpenSSL 1.1.1n  15 Mar 2022, LZO 2.10
    Wed May 03 17:08:34 2023 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25349
    Wed May 03 17:08:34 2023 Need hold release from management interface, waiting...
    Wed May 03 17:08:34 2023 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25349
    Wed May 03 17:08:35 2023 MANAGEMENT: CMD 'state on'
    Wed May 03 17:08:35 2023 MANAGEMENT: CMD 'log all on'
    Wed May 03 17:08:35 2023 MANAGEMENT: CMD 'echo all on'
    Wed May 03 17:08:35 2023 MANAGEMENT: CMD 'bytecount 5'
    Wed May 03 17:08:35 2023 MANAGEMENT: CMD 'hold off'
    Wed May 03 17:08:35 2023 MANAGEMENT: CMD 'hold release'
    Wed May 03 17:08:36 2023 MANAGEMENT: CMD 'username "Auth" "orx5ozl6jihy88s5jn3yjiiv"'
    Wed May 03 17:08:36 2023 MANAGEMENT: CMD 'password [...]'
    Wed May 03 17:08:36 2023 NOTE: --fast-io is disabled since we are running on Windows
    Wed May 03 17:08:36 2023 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
    Wed May 03 17:08:36 2023 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
    Wed May 03 17:08:36 2023 MANAGEMENT: >STATE:1683104916,RESOLVE,,,,,,
    Wed May 03 17:08:36 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1195
    Wed May 03 17:08:36 2023 Socket Buffers: R=[65536->524288] S=[65536->524288]
    Wed May 03 17:08:36 2023 UDP link local: (not bound)
    Wed May 03 17:08:36 2023 UDP link remote: [AF_INET]x.x.x.x:1195
    Wed May 03 17:08:36 2023 MANAGEMENT: >STATE:1683104916,WAIT,,,,,,
    Wed May 03 17:08:36 2023 MANAGEMENT: >STATE:1683104916,AUTH,,,,,,
    Wed May 03 17:08:36 2023 TLS: Initial packet from [AF_INET]x.x.x.x:1195, sid=55825622 5143c695
    大佬我一直停在这个地方,然后就是60s失败handshake,请问怎么解决啊
    
  2. charname
    charname Windows 10 Microsoft Edge · 中国安徽省合肥市联通 ·
    Fri Apr 28 12:32:34 2023 SIGUSR1[connection failed(soft),init_instance] received, process restarting
    Fri Apr 28 12:32:34 2023 MANAGEMENT: >STATE:1682656354,RECONNECTING,init_instance,,,,,
    Fri Apr 28 12:32:34 2023 Restart pause, 5 second(s)
    Fri Apr 28 12:32:39 2023 NOTE: --fast-io is disabled since we are running on Windows
    Fri Apr 28 12:32:39 2023 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
    Fri Apr 28 12:32:39 2023 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
    Fri Apr 28 12:32:39 2023 MANAGEMENT: >STATE:1682656359,RESOLVE,,,,,,
    Fri Apr 28 12:32:39 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1443
    Fri Apr 28 12:32:39 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Fri Apr 28 12:32:39 2023 Attempting to establish TCP connection with [AF_INET]x.x.x.x:1443 [nonblock]
    Fri Apr 28 12:32:39 2023 MANAGEMENT: >STATE:1682656359,TCP_CONNECT,,,,,,
    Fri Apr 28 12:34:11 2023 MANAGEMENT: CMD 'signal SIGHUP'
    Fri Apr 28 12:34:12 2023 SIGHUP[hard,init_instance] received, process restarting
    Fri Apr 28 12:34:12 2023 MANAGEMENT: >STATE:1682656452,RECONNECTING,init_instance,,,,,
    Fri Apr 28 12:34:12 2023 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
    Fri Apr 28 12:34:12 2023 OpenVPN 2.5.2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 21 2021
    Fri Apr 28 12:34:12 2023 Windows version 10.0 (Windows 10 or greater) 64bit
    Fri Apr 28 12:34:12 2023 library versions: OpenSSL 1.1.1k  25 Mar 2021, LZO 2.10
    Fri Apr 28 12:34:12 2023 Restart pause, 2 second(s)
    Fri Apr 28 12:34:14 2023 NOTE: --fast-io is disabled since we are running on Windows
    Fri Apr 28 12:34:14 2023 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
    Fri Apr 28 12:34:14 2023 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
    Fri Apr 28 12:34:14 2023 MANAGEMENT: >STATE:1682656454,RESOLVE,,,,,,
    Fri Apr 28 12:34:14 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
    Fri Apr 28 12:34:14 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Fri Apr 28 12:34:14 2023 Attempting to establish TCP connection with [AF_INET]x.x.x.x:1194 [nonblock]
    Fri Apr 28 12:34:14 2023 MANAGEMENT: >STATE:1682656454,TCP_CONNECT,,,,,,
    Fri Apr 28 12:36:15 2023 TCP: connect to [AF_INET]x.x.x.x:1194 failed: Unknown error
    大佬看看是为什么
    
  3. 小学生
    小学生 Windows 10 Google Chrome · 中国安徽省合肥市联通 ·

    大佬您好 我现在是这样一个问题 我昨天VPN还可以正常连接 但是今天确连不上了 中间没有断电 只是昨天晚上使用Mac连接了一会
    现在server端:
    # netstat -tunlp | grep 1194
    tcp 0 0 192.168.1.40:1194 0.0.0.0:* LISTEN 19105/openvpn
    客户端:跟提示1一样
    Wed Apr 26 18:28:41 2023 TCP: connect to [AF_INET]x.x.x.x:1194 failed: Unknown error

  4. ddd
    ddd Windows 10 Google Chrome · 中国安徽省合肥市联通 ·

    大佬,请教一下,我的openVPN服务器配置内容

    port 1194
    proto udp
    dev tun
    
    ca /etc/openvpn/dcwhsa/ca.crt
    cert /etc/openvpn/dcwhsa/server.crt
    key /etc/openvpn/dcwhsa/server.key
    
    dh /etc/openvpn/dh.pem
    
    server 10.8.0.0 255.255.255.0
    ifconfig-pool-persist ipp.txt
    
    push "redirect-gateway def1 bypass-dhcp"
    push "dhcp-option DNS 208.67.222.222"
    push "dhcp-option DNS 208.67.220.220"
    
    keepalive 10 120
    comp-lzo
    cipher AES-256-CBC
    
    user nobody
    group nobody
    
    persist-key
    persist-tun
    
    status openvpn-status.log
    verb 3
    
    
    #tls-auth /etc/openvpn/easy-rsa/ta.key 0
    #script-security 2
    #auth-user-pass-verify /etc/openvpn/checkpsw.sh via-env
    

    我的客户端配置内容

    client
    dev tun
    proto udp
    remote x.x.x.x 1194
    resolv-retry infinite
    nobind
    persist-key
    persist-tun
    ca ca.crt
    cert client-dcw.crt
    key client-dcw.key
    cipher AES-256-CBC
    comp-lzo
    verb 3
    
    #tls-auth ta.key 1 
    #remote-cert-tls server
    
    dhcp-option DNS 208.67.222.222
    dhcp-option DNS 208.67.220.220
    

    但是我连接不上openVPN,服务器的日志是这个

    Apr 11 15:47:29 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:47:29 2023 x.x.x.x:65202 TLS: Initial packet from [AF_INET]x.x.x.x:65202, sid=81170ca5 945fa009
    [root@cloud-rs81b1-9bla ~]# sudo cat /var/log/messages
    Apr 11 15:47:29 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:47:29 2023 x.x.x.x:65202 TLS: Initial packet from [AF_INET]x.x.x.x:65202, sid=81170ca5 945fa009
    Apr 11 15:47:48 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:47:48 2023 x.x.x.x:50189 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Apr 11 15:47:48 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:47:48 2023 x.x.x.x:50189 TLS Error: TLS handshake failed
    Apr 11 15:47:48 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:47:48 2023 x.x.x.x:50189 SIGUSR1[soft,tls-error] received, client-instance restarting
    Apr 11 15:48:29 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:48:29 2023 x.x.x.x:65202 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Apr 11 15:48:29 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:48:29 2023 x.x.x.x:65202 TLS Error: TLS handshake failed
    Apr 11 15:48:29 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:48:29 2023 x.x.x.x:65202 SIGUSR1[soft,tls-error] received, client-instance restarting
    Apr 11 15:48:34 cloud-rs81b1-9bla openvpn: Tue Apr 11 15:48:34 2023 x.x.x.x:59805 TLS: Initial packet from [AF_INET]x.x.x.x:59805, sid=cef72e54 5a894bbe
    

    请问是什么原因呢

    1. J.C
      J.C Windows 10 Google Chrome · 中国移动 ·

      看错误主要错误还是tls 60秒内协商失败,什么原因我也说不好,可能证书不匹配,或者有安全限制的拦截,或者配置问题导致超时,你的配置文件我看了,服务端启动没报错服务能起来就没啥问题,客户端主要看连接有问题时有啥提示,你可以结合下客户端的提示错误做一些修改试试

      1. ddd
        ddd Windows 10 Google Chrome · 中国安徽省合肥市联通 ·

        客户端的提示一直 在等待服务器响应,然后我在服务器尝试ping了我客户端的公网ip发现ping不通,客户端卡在了这一步

        Tue Apr 11 17:13:40 2023 OpenVPN 2.4.12 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Mar 17 2022
        Tue Apr 11 17:13:40 2023 Windows version 6.1 (Windows 7) 64bit
        Tue Apr 11 17:13:40 2023 library versions: OpenSSL 1.1.1n  15 Mar 2022, LZO 2.10
        Enter Management Password:
        Tue Apr 11 17:13:40 2023 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
        Tue Apr 11 17:13:40 2023 Need hold release from management interface, waiting...
        Tue Apr 11 17:13:40 2023 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
        Tue Apr 11 17:13:41 2023 MANAGEMENT: CMD 'state on'
        Tue Apr 11 17:13:41 2023 MANAGEMENT: CMD 'log all on'
        Tue Apr 11 17:13:41 2023 MANAGEMENT: CMD 'echo all on'
        Tue Apr 11 17:13:41 2023 MANAGEMENT: CMD 'bytecount 5'
        Tue Apr 11 17:13:41 2023 MANAGEMENT: CMD 'hold off'
        Tue Apr 11 17:13:41 2023 MANAGEMENT: CMD 'hold release'
        Tue Apr 11 17:13:41 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
        Tue Apr 11 17:13:44 2023 MANAGEMENT: CMD 'password [...]'
        Tue Apr 11 17:13:44 2023 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
        Tue Apr 11 17:13:44 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
        Tue Apr 11 17:13:44 2023 Socket Buffers: R=[8192->8192] S=[8192->8192]
        Tue Apr 11 17:13:44 2023 UDP link local: (not bound)
        Tue Apr 11 17:13:44 2023 UDP link remote: [AF_INET]x.x.x.x:1194
        Tue Apr 11 17:13:44 2023 MANAGEMENT: >STATE:1681204424,WAIT,,,,,,,
        

        另一个现象是客户端连接的时候有发送数据大小,但是接收字节为0,所以是不是因为我服务器访问不了我客户端的原因呢?

        1. J.C
          J.C Windows 10 Google Chrome · 中国安徽省六安市电信 ·

          你客户端ping服务器只要通就行,你尝试更换下端口再连接试试

          1. ddd
            ddd Windows 10 Google Chrome · 中国安徽省合肥市联通 ·

            哇。感谢大佬,试了换了个端口连接上了

            1. J.C
              J.C Windows 10 Google Chrome · 中国安徽省六安市电信 ·

              那可能是就是运营商网络对默认的1194端口有封锁

              1. J.C
                J.C Windows 10 Google Chrome · 中国移动 ·

                用博客上方企业微信客服联系我,调试下瞅瞅

              2. ddd
                ddd Windows 10 Google Chrome · 中国安徽省合肥市联通 ·

                大佬,无法访问网络的问题解决了,配置一下转发规则就行
                sudo iptables -A FORWARD -i eth0 -o tun0 -j ACCEPT
                sudo iptables -A FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
                sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE,
                但是我连接上了之后过了一会又无法连接了,还是提示tls协商失败,换了个端口又可以了但是连上一会又无法连接了

              3. ddd
                ddd Windows 10 Google Chrome · 美国Amazon EC2服务器 ·

                大佬好,我想请问下,我虽然连接上了,但是我客户端一连接openVPN就无法访问网络了,这个一般是啥原因呢

  5. 怎么连不上
    怎么连不上 Windows 10 Google Chrome · 中国湖南省联通 ·

    大佬 这个怎么办Tue Mar 21 20:48:32 2023 TCP: connect to [AF_INET]x.x.x.x:1194 failed: Unknown error

    1. J.C
      J.C Windows 10 Google Chrome · 中国安徽省合肥市联通 ·

      已在文章结尾更新说明原因

  6. buzhidao
    buzhidao Windows 10 Microsoft Edge · 中国安徽省合肥市联通 ·

    小白试一下公网地址x.x.x.x
    能不能帮我配置一下文件一直连接不上,日志看不懂

    ri Mar 17 18:51:31 2023 OpenVPN 2.4.7 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Feb 21 2019
    Fri Mar 17 18:51:31 2023 Windows version 6.2 (Windows 8 or greater) 64bit
    Fri Mar 17 18:51:31 2023 library versions: OpenSSL 1.1.0j  20 Nov 2018, LZO 2.10
    Enter Management Password:
    Fri Mar 17 18:51:31 2023 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
    Fri Mar 17 18:51:31 2023 Need hold release from management interface, waiting...
    Fri Mar 17 18:51:31 2023 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
    Fri Mar 17 18:51:31 2023 MANAGEMENT: CMD 'state on'
    Fri Mar 17 18:51:31 2023 MANAGEMENT: CMD 'log all on'
    Fri Mar 17 18:51:31 2023 MANAGEMENT: CMD 'echo all on'
    Fri Mar 17 18:51:31 2023 MANAGEMENT: CMD 'bytecount 5'
    Fri Mar 17 18:51:31 2023 MANAGEMENT: CMD 'hold off'
    Fri Mar 17 18:51:31 2023 MANAGEMENT: CMD 'hold release'
    Fri Mar 17 18:51:34 2023 MANAGEMENT: CMD 'username "Auth" "1"'
    Fri Mar 17 18:51:34 2023 MANAGEMENT: CMD 'password [...]'
    Fri Mar 17 18:51:34 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
    Fri Mar 17 18:51:34 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:51:34 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Fri Mar 17 18:51:34 2023 UDP link local: (not bound)
    Fri Mar 17 18:51:34 2023 UDP link remote: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:51:34 2023 MANAGEMENT: >STATE:1679050294,WAIT,,,,,,
    Fri Mar 17 18:51:35 2023 TLS Error: client->client or server->server connection attempted from [AF_INET]101.43.250.202:53
    Fri Mar 17 18:52:34 2023 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Fri Mar 17 18:52:34 2023 TLS Error: TLS handshake failed
    Fri Mar 17 18:52:34 2023 SIGUSR1[soft,tls-error] received, process restarting
    Fri Mar 17 18:52:34 2023 MANAGEMENT: >STATE:1679050354,RECONNECTING,tls-error,,,,,
    Fri Mar 17 18:52:34 2023 Restart pause, 5 second(s)
    Fri Mar 17 18:52:40 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
    Fri Mar 17 18:52:40 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:52:40 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Fri Mar 17 18:52:40 2023 UDP link local: (not bound)
    Fri Mar 17 18:52:40 2023 UDP link remote: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:52:40 2023 MANAGEMENT: >STATE:1679050360,WAIT,,,,,,
    Fri Mar 17 18:52:40 2023 TLS Error: client->client or server->server connection attempted from [AF_INET]101.43.250.202:53
    Fri Mar 17 18:53:40 2023 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Fri Mar 17 18:53:40 2023 TLS Error: TLS handshake failed
    Fri Mar 17 18:53:40 2023 SIGUSR1[soft,tls-error] received, process restarting
    Fri Mar 17 18:53:40 2023 MANAGEMENT: >STATE:1679050420,RECONNECTING,tls-error,,,,,
    Fri Mar 17 18:53:40 2023 Restart pause, 5 second(s)
    Fri Mar 17 18:53:45 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
    Fri Mar 17 18:53:45 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:53:45 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Fri Mar 17 18:53:45 2023 UDP link local: (not bound)
    Fri Mar 17 18:53:45 2023 UDP link remote: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:53:45 2023 MANAGEMENT: >STATE:1679050425,WAIT,,,,,,
    Fri Mar 17 18:54:45 2023 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Fri Mar 17 18:54:45 2023 TLS Error: TLS handshake failed
    Fri Mar 17 18:54:45 2023 SIGUSR1[soft,tls-error] received, process restarting
    Fri Mar 17 18:54:45 2023 MANAGEMENT: >STATE:1679050485,RECONNECTING,tls-error,,,,,
    Fri Mar 17 18:54:45 2023 Restart pause, 5 second(s)
    Fri Mar 17 18:54:50 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
    Fri Mar 17 18:54:50 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:54:50 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Fri Mar 17 18:54:50 2023 UDP link local: (not bound)
    Fri Mar 17 18:54:50 2023 UDP link remote: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:54:50 2023 MANAGEMENT: >STATE:1679050490,WAIT,,,,,,
    Fri Mar 17 18:55:50 2023 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Fri Mar 17 18:55:50 2023 TLS Error: TLS handshake failed
    Fri Mar 17 18:55:50 2023 SIGUSR1[soft,tls-error] received, process restarting
    Fri Mar 17 18:55:50 2023 MANAGEMENT: >STATE:1679050550,RECONNECTING,tls-error,,,,,
    Fri Mar 17 18:55:50 2023 Restart pause, 5 second(s)
    Fri Mar 17 18:55:55 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
    Fri Mar 17 18:55:55 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:55:55 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Fri Mar 17 18:55:55 2023 UDP link local: (not bound)
    Fri Mar 17 18:55:55 2023 UDP link remote: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:55:55 2023 MANAGEMENT: >STATE:1679050555,WAIT,,,,,,
    Fri Mar 17 18:55:55 2023 TLS Error: client->client or server->server connection attempted from [AF_INET]101.43.250.202:53
    Fri Mar 17 18:56:55 2023 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Fri Mar 17 18:56:55 2023 TLS Error: TLS handshake failed
    Fri Mar 17 18:56:55 2023 SIGUSR1[soft,tls-error] received, process restarting
    Fri Mar 17 18:56:55 2023 MANAGEMENT: >STATE:1679050615,RECONNECTING,tls-error,,,,,
    Fri Mar 17 18:56:55 2023 Restart pause, 10 second(s)
    Fri Mar 17 18:57:05 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
    Fri Mar 17 18:57:05 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:57:05 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Fri Mar 17 18:57:05 2023 UDP link local: (not bound)
    Fri Mar 17 18:57:05 2023 UDP link remote: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:57:05 2023 MANAGEMENT: >STATE:1679050625,WAIT,,,,,,
    Fri Mar 17 18:58:05 2023 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Fri Mar 17 18:58:05 2023 TLS Error: TLS handshake failed
    Fri Mar 17 18:58:05 2023 SIGUSR1[soft,tls-error] received, process restarting
    Fri Mar 17 18:58:05 2023 MANAGEMENT: >STATE:1679050685,RECONNECTING,tls-error,,,,,
    Fri Mar 17 18:58:05 2023 Restart pause, 20 second(s)
    Fri Mar 17 18:58:25 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
    Fri Mar 17 18:58:25 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:58:25 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Fri Mar 17 18:58:25 2023 UDP link local: (not bound)
    Fri Mar 17 18:58:25 2023 UDP link remote: [AF_INET]x.x.x.x:53
    Fri Mar 17 18:58:25 2023 MANAGEMENT: >STATE:1679050705,WAIT,,,,,,
    Fri Mar 17 18:59:25 2023 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Fri Mar 17 18:59:25 2023 TLS Error: TLS handshake failed
    Fri Mar 17 18:59:25 2023 SIGUSR1[soft,tls-error] received, process restarting
    Fri Mar 17 18:59:25 2023 MANAGEMENT: >STATE:1679050765,RECONNECTING,tls-error,,,,,
    Fri Mar 17 18:59:25 2023 Restart pause, 40 second(s)
    Fri Mar 17 19:00:05 2023 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
    Fri Mar 17 19:00:05 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:53
    Fri Mar 17 19:00:05 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Fri Mar 17 19:00:05 2023 UDP link local: (not bound)
    Fri Mar 17 19:00:05 2023 UDP link remote: [AF_INET]x.x.x.x:53
    Fri Mar 17 19:00:05 2023 MANAGEMENT: >STATE:1679050805,WAIT,,,,,,
    Fri Mar 17 19:00:07 2023 SIGTERM[hard,] received, process exiting
    Fri Mar 17 19:00:07 2023 MANAGEMENT: >STATE:1679050807,EXITING,SIGTERM,,,,,
    
    
    1. J.C
      J.C Windows 10 Google Chrome · 中国安徽省六安市电信 ·

      日志报的错误:tls协商失败,也就是协商协议或证书配置有问题,你用网站上面的企业微信方式联系我给你看下

  7. yvchun
    yvchun Windows 10 Google Chrome · 中国安徽省合肥市联通 ·

    大佬,麻烦帮忙看看,我的问题是能在ubuntu上使用服务端,然后再windows上使用客户端连上,但是移到别的电脑想连我在ubuntu上的服务端就一直连不上了。
    root@Jotale:/etc/openvpn# openvpn --config client2.ovpn
    2023-03-16 05:54:34 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
    2023-03-16 05:54:34 OpenVPN 2.5.3 mipsel-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
    2023-03-16 05:54:34 library versions: OpenSSL 1.1.1l 24 Aug 2021, LZO 2.10
    2023-03-16 05:54:34 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    2023-03-16 05:54:34 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    2023-03-16 05:54:34 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
    2023-03-16 05:54:34 Socket Buffers: R=[131072->131072] S=[16384->16384]
    2023-03-16 05:54:34 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
    2023-03-16 05:54:34 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
    2023-03-16 05:54:34 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
    2023-03-16 05:54:34 SIGUSR1[connection failed(soft),init_instance] received, process restarting
    2023-03-16 05:54:34 Restart pause, 5 second(s)

    1. J.C
      J.C Windows 10 Google Chrome · 中国移动 ·

      你的这个日志,地址是127.0.0.1:1194 是在服务端自己连自己吗?你发个其他机器的连不上的日志,配置文件有一个客户端可以连上,其他的应该没啥问题,有问题或许是出在客户端版本或者参数需要调整下,需要看下日志看看连接过程中哪一步出现错误导致连不上的

      1. yvchun
        yvchun Windows 10 Google Chrome · 中国安徽省六安市电信 ·

        是这样的,大佬,我是刚刚学这个,所以我在客户端配置文件中是这样设定的remote 127.0.0.1 1194,也就是说连的自己,主要就是想看看能不能连上,测试一下,然后我在wsl的ubuntu中使用openvpn服务端,在Windows下载一个openvpn然后把客户端配置文件丢进去了,结果就是Windows的客户端能连上这个ubuntu上的服务端。然后现在我想用这个客户端文件让我的一个网关连接上这个wsl的ubuntu中的openvpn的服务端,但是在网关里却显示连接不上了,我就很好奇怪明明同样的客户端配置文件,但是却不能让我的网关连上,这是为什么?下面是全部的日志信息,就是连不上这个127.0.0.1:1194。

        2023-03-16 06:41:11 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
        2023-03-16 06:41:11 OpenVPN 2.5.3 mipsel-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
        2023-03-16 06:41:11 library versions: OpenSSL 1.1.1l  24 Aug 2021, LZO 2.10
        2023-03-16 06:41:11 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:11 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:11 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
        2023-03-16 06:41:11 Socket Buffers: R=[131072->131072] S=[16384->16384]
        2023-03-16 06:41:11 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
        2023-03-16 06:41:11 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
        2023-03-16 06:41:11 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
        2023-03-16 06:41:11 SIGUSR1[connection failed(soft),init_instance] received, process restarting
        2023-03-16 06:41:11 Restart pause, 5 second(s)
        2023-03-16 06:41:16 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:16 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:16 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
        2023-03-16 06:41:16 Socket Buffers: R=[131072->131072] S=[16384->16384]
        2023-03-16 06:41:16 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
        2023-03-16 06:41:16 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
        2023-03-16 06:41:16 SIGUSR1[connection failed(soft),init_instance] received, process restarting
        2023-03-16 06:41:16 Restart pause, 5 second(s)
        2023-03-16 06:41:21 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:21 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:21 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
        2023-03-16 06:41:21 Socket Buffers: R=[131072->131072] S=[16384->16384]
        2023-03-16 06:41:21 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
        2023-03-16 06:41:21 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
        2023-03-16 06:41:21 SIGUSR1[connection failed(soft),init_instance] received, process restarting
        2023-03-16 06:41:21 Restart pause, 5 second(s)
        2023-03-16 06:41:26 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:26 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:26 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
        2023-03-16 06:41:26 Socket Buffers: R=[131072->131072] S=[16384->16384]
        2023-03-16 06:41:26 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
        2023-03-16 06:41:26 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
        2023-03-16 06:41:26 SIGUSR1[connection failed(soft),init_instance] received, process restarting
        2023-03-16 06:41:26 Restart pause, 5 second(s)
        2023-03-16 06:41:31 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:31 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:32 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
        2023-03-16 06:41:32 Socket Buffers: R=[131072->131072] S=[16384->16384]
        2023-03-16 06:41:32 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
        2023-03-16 06:41:32 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
        2023-03-16 06:41:32 SIGUSR1[connection failed(soft),init_instance] received, process restarting
        2023-03-16 06:41:32 Restart pause, 10 second(s)
        2023-03-16 06:41:42 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:42 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:41:42 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
        2023-03-16 06:41:42 Socket Buffers: R=[131072->131072] S=[16384->16384]
        2023-03-16 06:41:42 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
        2023-03-16 06:41:42 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
        2023-03-16 06:41:42 SIGUSR1[connection failed(soft),init_instance] received, process restarting
        2023-03-16 06:41:42 Restart pause, 20 second(s)
        2023-03-16 06:42:02 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:42:02 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:42:02 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
        2023-03-16 06:42:02 Socket Buffers: R=[131072->131072] S=[16384->16384]
        2023-03-16 06:42:02 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
        2023-03-16 06:42:02 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
        2023-03-16 06:42:02 SIGUSR1[connection failed(soft),init_instance] received, process restarting
        2023-03-16 06:42:02 Restart pause, 40 second(s)
        2023-03-16 06:42:42 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:42:42 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:42:42 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
        2023-03-16 06:42:42 Socket Buffers: R=[131072->131072] S=[16384->16384]
        2023-03-16 06:42:42 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
        2023-03-16 06:42:42 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
        2023-03-16 06:42:42 SIGUSR1[connection failed(soft),init_instance] received, process restarting
        2023-03-16 06:42:42 Restart pause, 80 second(s)
        2023-03-16 06:44:02 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:44:02 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:44:02 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
        2023-03-16 06:44:02 Socket Buffers: R=[131072->131072] S=[16384->16384]
        2023-03-16 06:44:02 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
        2023-03-16 06:44:02 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
        2023-03-16 06:44:02 SIGUSR1[connection failed(soft),init_instance] received, process restarting
        2023-03-16 06:44:02 Restart pause, 160 second(s)
        2023-03-16 06:46:42 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:46:42 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:46:42 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
        2023-03-16 06:46:42 Socket Buffers: R=[131072->131072] S=[16384->16384]
        2023-03-16 06:46:42 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
        2023-03-16 06:46:42 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
        2023-03-16 06:46:42 SIGUSR1[connection failed(soft),init_instance] received, process restarting
        2023-03-16 06:46:42 Restart pause, 300 second(s)
        2023-03-16 06:51:42 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:51:42 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
        2023-03-16 06:51:42 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
        2023-03-16 06:51:42 Socket Buffers: R=[131072->131072] S=[16384->16384]
        2023-03-16 06:51:42 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
        2023-03-16 06:51:42 TCP: connect to [AF_INET]127.0.0.1:1194 failed: Connection refused
        2023-03-16 06:51:42 SIGUSR1[connection failed(soft),init_instance] received, process restarting
        2023-03-16 06:51:42 Restart pause, 300 second(s)
        ^C2023-03-16 06:51:46 SIGINT[hard,init_instance] received, process exiting
        
        1. J.C
          J.C Windows 10 Google Chrome · 中国安徽省合肥市联通 ·

          你windows客户端和wsl的ubuntu是同一个网络下面的,连127都是可以的(127这个地址只有本机可用),你让你其他的客户端连的话,这个127地址就要改成你电脑的ip地址

          1. yvchun
            yvchun Windows 10 Google Chrome · 中国安徽省合肥市联通 ·

            好的,大佬,我这就回去试试,谢谢您的帮助!

  8. vpn连不上啊
    vpn连不上啊 Windows 10 Google Chrome · 中国安徽省合肥市联通 ·
    2023-02-16 11:39:04 WARNING: Compression for sending and receiving enabled. Compression has been used in the past to break encryption. Allowing compression allows attacks that break encryption. Using "--allow-compression yes" is strongly discouraged for common usage. See --compress in the manual page for more information 
    2023-02-16 11:39:04 us=625000 DEPRECATED OPTION: --cipher set to 'BF-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). OpenVPN ignores --cipher for cipher negotiations. 
    2023-02-16 11:39:04 us=625000 Note: '--allow-compression' is not set to 'no', disabling data channel offload.
    2023-02-16 11:39:04 us=625000 Current Parameter Settings:
    2023-02-16 11:39:04 us=625000   config = 'sd_psvpn_v4.1.ovpn'
    2023-02-16 11:39:04 us=625000   mode = 0
    2023-02-16 11:39:04 us=625000   show_ciphers = DISABLED
    2023-02-16 11:39:04 us=625000   show_digests = DISABLED
    2023-02-16 11:39:04 us=625000   show_engines = DISABLED
    2023-02-16 11:39:04 us=625000   genkey = DISABLED
    2023-02-16 11:39:04 us=625000   genkey_filename = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   key_pass_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   show_tls_ciphers = DISABLED
    2023-02-16 11:39:04 us=625000   connect_retry_max = 3
    2023-02-16 11:39:04 us=625000 Connection profiles [0]:
    2023-02-16 11:39:04 us=625000   proto = tcp4-client
    2023-02-16 11:39:04 us=625000   local = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   local_port = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   remote = 'x.x.x.x'
    2023-02-16 11:39:04 us=625000   remote_port = '28080'
    2023-02-16 11:39:04 us=625000   remote_float = DISABLED
    2023-02-16 11:39:04 us=625000   bind_defined = DISABLED
    2023-02-16 11:39:04 us=625000   bind_local = DISABLED
    2023-02-16 11:39:04 us=625000   bind_ipv6_only = DISABLED
    2023-02-16 11:39:04 us=625000   connect_retry_seconds = 5
    2023-02-16 11:39:04 us=625000   connect_timeout = 10
    2023-02-16 11:39:04 us=625000   socks_proxy_server = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   socks_proxy_port = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   tun_mtu = 1500
    2023-02-16 11:39:04 us=625000   tun_mtu_defined = ENABLED
    2023-02-16 11:39:04 us=625000   link_mtu = 1500
    2023-02-16 11:39:04 us=625000   link_mtu_defined = DISABLED
    2023-02-16 11:39:04 us=625000   tun_mtu_extra = 0
    2023-02-16 11:39:04 us=625000   tun_mtu_extra_defined = DISABLED
    2023-02-16 11:39:04 us=625000   tls_mtu = 1250
    2023-02-16 11:39:04 us=625000   mtu_discover_type = -1
    2023-02-16 11:39:04 us=625000   fragment = 0
    2023-02-16 11:39:04 us=625000   mssfix = 1492
    2023-02-16 11:39:04 us=625000   mssfix_encap = ENABLED
    2023-02-16 11:39:04 us=625000   mssfix_fixed = DISABLED
    2023-02-16 11:39:04 us=625000   explicit_exit_notification = 0
    2023-02-16 11:39:04 us=625000   tls_auth_file = 'ta.key'
    2023-02-16 11:39:04 us=625000   key_direction = 1
    2023-02-16 11:39:04 us=625000   tls_crypt_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   tls_crypt_v2_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000 Connection profiles END
    2023-02-16 11:39:04 us=625000   remote_random = DISABLED
    2023-02-16 11:39:04 us=625000   ipchange = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   dev = 'tun'
    2023-02-16 11:39:04 us=625000   dev_type = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   dev_node = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   tuntap_options.disable_dco = ENABLED
    2023-02-16 11:39:04 us=625000   lladdr = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   topology = 1
    2023-02-16 11:39:04 us=625000   ifconfig_local = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   ifconfig_remote_netmask = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   ifconfig_noexec = DISABLED
    2023-02-16 11:39:04 us=625000   ifconfig_nowarn = DISABLED
    2023-02-16 11:39:04 us=625000   ifconfig_ipv6_local = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   ifconfig_ipv6_netbits = 0
    2023-02-16 11:39:04 us=625000   ifconfig_ipv6_remote = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   shaper = 0
    2023-02-16 11:39:04 us=625000   mtu_test = 0
    2023-02-16 11:39:04 us=625000   mlock = DISABLED
    2023-02-16 11:39:04 us=625000   keepalive_ping = 0
    2023-02-16 11:39:04 us=625000   keepalive_timeout = 0
    2023-02-16 11:39:04 us=625000   inactivity_timeout = 0
    2023-02-16 11:39:04 us=625000   session_timeout = 0
    2023-02-16 11:39:04 us=625000   inactivity_minimum_bytes = 0
    2023-02-16 11:39:04 us=625000   ping_send_timeout = 0
    2023-02-16 11:39:04 us=625000   ping_rec_timeout = 0
    2023-02-16 11:39:04 us=625000   ping_rec_timeout_action = 0
    2023-02-16 11:39:04 us=625000   ping_timer_remote = DISABLED
    2023-02-16 11:39:04 us=625000   remap_sigusr1 = 0
    2023-02-16 11:39:04 us=625000   persist_tun = DISABLED
    2023-02-16 11:39:04 us=625000   persist_local_ip = DISABLED
    2023-02-16 11:39:04 us=625000   persist_remote_ip = DISABLED
    2023-02-16 11:39:04 us=625000   persist_key = DISABLED
    2023-02-16 11:39:04 us=625000   passtos = DISABLED
    2023-02-16 11:39:04 us=625000   resolve_retry_seconds = 20
    2023-02-16 11:39:04 us=625000   resolve_in_advance = DISABLED
    2023-02-16 11:39:04 us=625000   username = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   groupname = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   chroot_dir = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   cd_dir = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   writepid = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   up_script = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   down_script = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   down_pre = DISABLED
    2023-02-16 11:39:04 us=625000   up_restart = DISABLED
    2023-02-16 11:39:04 us=625000   up_delay = DISABLED
    2023-02-16 11:39:04 us=625000   daemon = DISABLED
    2023-02-16 11:39:04 us=625000   log = ENABLED
    2023-02-16 11:39:04 us=625000   suppress_timestamps = DISABLED
    2023-02-16 11:39:04 us=625000   machine_readable_output = DISABLED
    2023-02-16 11:39:04 us=625000   nice = 0
    2023-02-16 11:39:04 us=625000   verbosity = 4
    2023-02-16 11:39:04 us=625000   mute = 0
    2023-02-16 11:39:04 us=625000   status_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   status_file_version = 1
    2023-02-16 11:39:04 us=625000   status_file_update_freq = 60
    2023-02-16 11:39:04 us=625000   occ = ENABLED
    2023-02-16 11:39:04 us=625000   rcvbuf = 0
    2023-02-16 11:39:04 us=625000   sndbuf = 0
    2023-02-16 11:39:04 us=625000   sockflags = 0
    2023-02-16 11:39:04 us=625000   fast_io = DISABLED
    2023-02-16 11:39:04 us=625000   comp.alg = 1
    2023-02-16 11:39:04 us=625000   comp.flags = 6
    2023-02-16 11:39:04 us=625000   route_script = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   route_default_gateway = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   route_default_metric = 0
    2023-02-16 11:39:04 us=625000   route_noexec = DISABLED
    2023-02-16 11:39:04 us=625000   route_delay = 0
    2023-02-16 11:39:04 us=625000   route_delay_window = 30
    2023-02-16 11:39:04 us=625000   route_delay_defined = DISABLED
    2023-02-16 11:39:04 us=625000   route_nopull = DISABLED
    2023-02-16 11:39:04 us=625000   route_gateway_via_dhcp = DISABLED
    2023-02-16 11:39:04 us=625000   allow_pull_fqdn = DISABLED
    2023-02-16 11:39:04 us=625000   Pull filters:
    2023-02-16 11:39:04 us=625000     ignore "route-method"
    2023-02-16 11:39:04 us=625000   management_addr = '127.0.0.1'
    2023-02-16 11:39:04 us=625000   management_port = '25342'
    2023-02-16 11:39:04 us=625000   management_user_pass = 'stdin'
    2023-02-16 11:39:04 us=625000   management_log_history_cache = 250
    2023-02-16 11:39:04 us=625000   management_echo_buffer_size = 100
    2023-02-16 11:39:04 us=625000   management_client_user = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   management_client_group = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   management_flags = 6
    2023-02-16 11:39:04 us=625000   shared_secret_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   key_direction = 1
    2023-02-16 11:39:04 us=625000   ciphername = 'BF-CBC'
    2023-02-16 11:39:04 us=625000   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
    2023-02-16 11:39:04 us=625000   authname = 'SHA1'
    2023-02-16 11:39:04 us=625000   engine = DISABLED
    2023-02-16 11:39:04 us=625000   replay = ENABLED
    2023-02-16 11:39:04 us=625000   mute_replay_warnings = DISABLED
    2023-02-16 11:39:04 us=625000   replay_window = 64
    2023-02-16 11:39:04 us=625000   replay_time = 15
    2023-02-16 11:39:04 us=625000   packet_id_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   test_crypto = DISABLED
    2023-02-16 11:39:04 us=625000   tls_server = DISABLED
    2023-02-16 11:39:04 us=625000   tls_client = ENABLED
    2023-02-16 11:39:04 us=625000   ca_file = 'ca.crt'
    2023-02-16 11:39:04 us=625000   ca_path = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   dh_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   cert_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   extra_certs_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   priv_key_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   pkcs12_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   cryptoapi_cert = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   cipher_list = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   cipher_list_tls13 = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   tls_cert_profile = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   tls_verify = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   tls_export_cert = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   verify_x509_type = 0
    2023-02-16 11:39:04 us=625000   verify_x509_name = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   crl_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   ns_cert_type = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 65535
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_ku[i] = 0
    2023-02-16 11:39:04 us=625000   remote_cert_eku = 'TLS Web Server Authentication'
    2023-02-16 11:39:04 us=625000   ssl_flags = 192
    2023-02-16 11:39:04 us=625000   tls_timeout = 2
    2023-02-16 11:39:04 us=625000   renegotiate_bytes = -1
    2023-02-16 11:39:04 us=625000   renegotiate_packets = 0
    2023-02-16 11:39:04 us=625000   renegotiate_seconds = 3600
    2023-02-16 11:39:04 us=625000   handshake_window = 60
    2023-02-16 11:39:04 us=625000   transition_window = 3600
    2023-02-16 11:39:04 us=625000   single_session = DISABLED
    2023-02-16 11:39:04 us=625000   push_peer_info = DISABLED
    2023-02-16 11:39:04 us=625000   tls_exit = DISABLED
    2023-02-16 11:39:04 us=625000   tls_crypt_v2_metadata = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_protected_authentication = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_private_mode = 00000000
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_cert_private = DISABLED
    2023-02-16 11:39:04 us=625000   pkcs11_pin_cache_period = -1
    2023-02-16 11:39:04 us=625000   pkcs11_id = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   pkcs11_id_management = DISABLED
    2023-02-16 11:39:04 us=625000   server_network = 0.0.0.0
    2023-02-16 11:39:04 us=625000   server_netmask = 0.0.0.0
    2023-02-16 11:39:04 us=625000   server_network_ipv6 = ::
    2023-02-16 11:39:04 us=625000   server_netbits_ipv6 = 0
    2023-02-16 11:39:04 us=625000   server_bridge_ip = 0.0.0.0
    2023-02-16 11:39:04 us=625000   server_bridge_netmask = 0.0.0.0
    2023-02-16 11:39:04 us=625000   server_bridge_pool_start = 0.0.0.0
    2023-02-16 11:39:04 us=625000   server_bridge_pool_end = 0.0.0.0
    2023-02-16 11:39:04 us=625000   ifconfig_pool_defined = DISABLED
    2023-02-16 11:39:04 us=625000   ifconfig_pool_start = 0.0.0.0
    2023-02-16 11:39:04 us=625000   ifconfig_pool_end = 0.0.0.0
    2023-02-16 11:39:04 us=625000   ifconfig_pool_netmask = 0.0.0.0
    2023-02-16 11:39:04 us=625000   ifconfig_pool_persist_filename = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   ifconfig_pool_persist_refresh_freq = 600
    2023-02-16 11:39:04 us=625000   ifconfig_ipv6_pool_defined = DISABLED
    2023-02-16 11:39:04 us=625000   ifconfig_ipv6_pool_base = ::
    2023-02-16 11:39:04 us=625000   ifconfig_ipv6_pool_netbits = 0
    2023-02-16 11:39:04 us=625000   n_bcast_buf = 256
    2023-02-16 11:39:04 us=625000   tcp_queue_limit = 64
    2023-02-16 11:39:04 us=625000   real_hash_size = 256
    2023-02-16 11:39:04 us=625000   virtual_hash_size = 256
    2023-02-16 11:39:04 us=625000   client_connect_script = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   learn_address_script = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   client_disconnect_script = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   client_crresponse_script = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   client_config_dir = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   ccd_exclusive = DISABLED
    2023-02-16 11:39:04 us=625000   tmp_dir = 'C:\Users\pansoft\AppData\Local\Temp\'
    2023-02-16 11:39:04 us=625000   push_ifconfig_defined = DISABLED
    2023-02-16 11:39:04 us=625000   push_ifconfig_local = 0.0.0.0
    2023-02-16 11:39:04 us=625000   push_ifconfig_remote_netmask = 0.0.0.0
    2023-02-16 11:39:04 us=625000   push_ifconfig_ipv6_defined = DISABLED
    2023-02-16 11:39:04 us=625000   push_ifconfig_ipv6_local = ::/0
    2023-02-16 11:39:04 us=625000   push_ifconfig_ipv6_remote = ::
    2023-02-16 11:39:04 us=625000   enable_c2c = DISABLED
    2023-02-16 11:39:04 us=625000   duplicate_cn = DISABLED
    2023-02-16 11:39:04 us=625000   cf_max = 0
    2023-02-16 11:39:04 us=625000   cf_per = 0
    2023-02-16 11:39:04 us=625000   cf_initial_max = 100
    2023-02-16 11:39:04 us=625000   cf_initial_per = 10
    2023-02-16 11:39:04 us=625000   max_clients = 1024
    2023-02-16 11:39:04 us=625000   max_routes_per_client = 256
    2023-02-16 11:39:04 us=625000   auth_user_pass_verify_script = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   auth_user_pass_verify_script_via_file = DISABLED
    2023-02-16 11:39:04 us=625000   auth_token_generate = DISABLED
    2023-02-16 11:39:04 us=625000   auth_token_lifetime = 0
    2023-02-16 11:39:04 us=625000   auth_token_secret_file = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   vlan_tagging = DISABLED
    2023-02-16 11:39:04 us=625000   vlan_accept = all
    2023-02-16 11:39:04 us=625000   vlan_pvid = 1
    2023-02-16 11:39:04 us=625000   client = ENABLED
    2023-02-16 11:39:04 us=625000   pull = ENABLED
    2023-02-16 11:39:04 us=625000   auth_user_pass_file = 'stdin'
    2023-02-16 11:39:04 us=625000   show_net_up = DISABLED
    2023-02-16 11:39:04 us=625000   route_method = 3
    2023-02-16 11:39:04 us=625000   block_outside_dns = DISABLED
    2023-02-16 11:39:04 us=625000   ip_win32_defined = DISABLED
    2023-02-16 11:39:04 us=625000   ip_win32_type = 1
    2023-02-16 11:39:04 us=625000   dhcp_masq_offset = 0
    2023-02-16 11:39:04 us=625000   dhcp_lease_time = 31536000
    2023-02-16 11:39:04 us=625000   tap_sleep = 0
    2023-02-16 11:39:04 us=625000   dhcp_options = DISABLED
    2023-02-16 11:39:04 us=625000   dhcp_renew = DISABLED
    2023-02-16 11:39:04 us=625000   dhcp_pre_release = DISABLED
    2023-02-16 11:39:04 us=625000   domain = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   netbios_scope = '[UNDEF]'
    2023-02-16 11:39:04 us=625000   netbios_node_type = 0
    2023-02-16 11:39:04 us=625000   disable_nbt = DISABLED
    2023-02-16 11:39:04 us=625000 OpenVPN 2.6.0 [git:v2.6.0/b999466418dddb89] Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] [DCO] built on Feb  6 2023
    2023-02-16 11:39:04 us=625000 Windows version 10.0 (Windows 10 or greater), amd64 executable
    2023-02-16 11:39:04 us=625000 library versions: OpenSSL 3.0.7 1 Nov 2022, LZO 2.10
    2023-02-16 11:39:04 us=625000 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25342
    2023-02-16 11:39:04 us=625000 Need hold release from management interface, waiting...
    2023-02-16 11:39:05 us=125000 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:63674
    2023-02-16 11:39:05 us=234000 MANAGEMENT: CMD 'state on'
    2023-02-16 11:39:05 us=234000 MANAGEMENT: CMD 'log on all'
    2023-02-16 11:39:05 us=500000 MANAGEMENT: CMD 'echo on all'
    2023-02-16 11:39:05 us=500000 MANAGEMENT: CMD 'bytecount 5'
    2023-02-16 11:39:05 us=500000 MANAGEMENT: CMD 'state'
    2023-02-16 11:39:05 us=515000 MANAGEMENT: CMD 'hold off'
    2023-02-16 11:39:05 us=515000 MANAGEMENT: CMD 'hold release'
    2023-02-16 11:39:07 us=109000 MANAGEMENT: CMD 'username "Auth" "wanghe6186"'
    2023-02-16 11:39:07 us=125000 MANAGEMENT: CMD 'password [...]'
    2023-02-16 11:39:07 us=125000 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    2023-02-16 11:39:07 us=125000 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    2023-02-16 11:39:07 us=125000 Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ]
    2023-02-16 11:39:07 us=125000 Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
    2023-02-16 11:39:07 us=125000 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:28080
    2023-02-16 11:39:07 us=125000 Socket Buffers: R=[65536->65536] S=[65536->65536]
    2023-02-16 11:39:07 us=125000 Attempting to establish TCP connection with [AF_INET]x.x.x.x:28080
    2023-02-16 11:39:07 us=125000 MANAGEMENT: >STATE:1676518747,TCP_CONNECT,,,,,,
    2023-02-16 11:39:07 us=156000 TCP connection established with [AF_INET]x.x.x.x:28080
    2023-02-16 11:39:07 us=156000 TCPv4_CLIENT link local: (not bound)
    2023-02-16 11:39:07 us=156000 TCPv4_CLIENT link remote: [AF_INET]x.x.x.x:28080
    2023-02-16 11:39:07 us=156000 MANAGEMENT: >STATE:1676518747,WAIT,,,,,,
    2023-02-16 11:39:07 us=171000 MANAGEMENT: >STATE:1676518747,AUTH,,,,,,
    2023-02-16 11:39:07 us=171000 TLS: Initial packet from [AF_INET]x.x.x.x:28080, sid=b8e9d60e 7e124de4
    2023-02-16 11:39:07 us=187000 VERIFY OK: depth=1, CN=Easy-RSA CA
    2023-02-16 11:39:07 us=187000 VERIFY KU OK
    2023-02-16 11:39:07 us=187000 Validating certificate extended key usage
    2023-02-16 11:39:07 us=187000 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
    2023-02-16 11:39:07 us=187000 VERIFY EKU OK
    2023-02-16 11:39:07 us=187000 VERIFY OK: depth=0, CN=server
    2023-02-16 11:39:07 us=296000 peer info: IV_VER=2.5.4
    2023-02-16 11:39:07 us=296000 peer info: IV_PLAT=linux
    2023-02-16 11:39:07 us=296000 peer info: IV_PROTO=2
    2023-02-16 11:39:07 us=296000 peer info: IV_CIPHERS=AES-256-GCM:AES-256-CBC:BF-CBC
    2023-02-16 11:39:07 us=296000 peer info: IV_LZ4=1
    2023-02-16 11:39:07 us=296000 peer info: IV_LZ4v2=1
    2023-02-16 11:39:07 us=296000 peer info: IV_LZO=1
    2023-02-16 11:39:07 us=296000 peer info: IV_COMP_STUB=1
    2023-02-16 11:39:07 us=296000 peer info: IV_COMP_STUBv2=1
    2023-02-16 11:39:07 us=296000 peer info: IV_TCPNL=1
    2023-02-16 11:39:07 us=296000 peer info: IV_HWADDR=60:2e:20:04:85:fd
    2023-02-16 11:39:07 us=296000 peer info: IV_SSL=OpenSSL_1.0.2k-fips__26_Jan_2017
    2023-02-16 11:39:07 us=296000 peer info: IV_SSO=openurl,webauth,crtext
    2023-02-16 11:39:07 us=296000 peer info: IV_GUI_VER=OpenVPN_GUI_11
    2023-02-16 11:39:07 us=296000 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
    2023-02-16 11:39:07 us=296000 [server] Peer Connection Initiated with [AF_INET]x.x.x.x:28080
    2023-02-16 11:39:07 us=296000 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
    2023-02-16 11:39:07 us=296000 TLS: tls_multi_process: initial untrusted session promoted to trusted
    2023-02-16 11:39:08 us=484000 MANAGEMENT: >STATE:1676518748,GET_CONFIG,,,,,,
    2023-02-16 11:39:08 us=484000 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
    2023-02-16 11:39:08 us=500000 AUTH: Received control message: AUTH_FAILED
    2023-02-16 11:39:08 us=500000 TCP/UDP: Closing socket
    2023-02-16 11:39:08 us=500000 SIGUSR1[soft,auth-failure] received, process restarting
    2023-02-16 11:39:08 us=500000 MANAGEMENT: >STATE:1676518748,RECONNECTING,auth-failure,,,,,
    2023-02-16 11:39:08 us=500000 Restart pause, 5 second(s)
    

    大佬我就显示错误的凭据,然后连不上为啥呀?求助!!

    1. J.C
      J.C Windows 10 Google Chrome · 中国安徽省合肥市联通 ·

      你是证书+用户密码方式吗?
      1. 用户密码不匹配
      2. 参数两边配的不一样或者某一端不支持参数,导致认证失败
      检查下客户端提示的警告,修改下或者服务端参数修改下,或者参考下我的 openvpn搭建文章

      1. vpn连不上啊
        vpn连不上啊 Windows 10 Google Chrome · 中国安徽省合肥市联通 ·

        用户密码是正确的可以在别人的电脑上连接,用的是别人相同的配置文件,客户端有个提示警告,我按照您文章的加了个auth-nocache,就没有别的警告了,直接就登陆失败,错误凭证了

        1. J.C
          J.C Windows 10 Google Chrome · 美国弗吉尼亚州阿什本Amazon ·

          我用证书+用户密码方式,在故意输错用户名或密码的情况下,复现了和你一样的错误。除此外还真没找到其他原因

留言已关闭