JJota
(usa Solaris)
Enviado em 13/08/2015 - 21:52h
Boa noite pessoal,
Estou tentando fazer funcionar o meu CentOS 6 como servidor de OpenVPN com clientes Windows 7.
Minha rede estática do servidor CentOS6 é 186.202.x.x
O Cliente windows está na internet então funciona com Ip dinamico.
O erro que estou pegando no client é este:
Thu Aug 13 21:39:58 2015 OpenVPN 2.3.8 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Aug 4 2015
Thu Aug 13 21:39:58 2015 library versions: OpenSSL 1.0.1p 9 Jul 2015, LZO 2.08
Enter Management Password:
Thu Aug 13 21:39:58 2015 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Thu Aug 13 21:39:58 2015 Need hold release from management interface, waiting...
Thu Aug 13 21:39:58 2015 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Thu Aug 13 21:39:58 2015 MANAGEMENT: CMD 'state on'
Thu Aug 13 21:39:58 2015 MANAGEMENT: CMD 'log all on'
Thu Aug 13 21:39:58 2015 MANAGEMENT: CMD 'hold off'
Thu Aug 13 21:39:58 2015 MANAGEMENT: CMD 'hold release'
Thu Aug 13 21:39:58 2015 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Thu Aug 13 21:39:58 2015 Socket Buffers: R=[8192->8192] S=[8192->8192]
Thu Aug 13 21:39:58 2015 UDPv4 link local: [undef]
Thu Aug 13 21:39:58 2015 UDPv4 link remote: [AF_INET]186.202.177.139:1194
Thu Aug 13 21:39:58 2015 MANAGEMENT: >STATE:1439512798,WAIT,,,
Thu Aug 13 21:40:58 2015 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Aug 13 21:40:58 2015 TLS Error: TLS handshake failed
Thu Aug 13 21:40:58 2015 SIGUSR1[soft,tls-error] received, process restarting
Thu Aug 13 21:40:58 2015 MANAGEMENT: >STATE:1439512858,RECONNECTING,tls-error,,
Thu Aug 13 21:40:58 2015 Restart pause, 2 second(s)
Thu Aug 13 21:41:00 2015 WARNING: No server certificate verification method has been enabled. See
http://openvpn.net/howto.html#mitm for more info.
Thu Aug 13 21:41:00 2015 Socket Buffers: R=[8192->8192] S=[8192->8192]
Thu Aug 13 21:41:00 2015 UDPv4 link local: [undef]
Thu Aug 13 21:41:00 2015 UDPv4 link remote: [AF_INET]186.202.177.139:1194
Thu Aug 13 21:41:00 2015 MANAGEMENT: >STATE:1439512860,WAIT,,,
Thu Aug 13 21:41:56 2015 SIGTERM[hard,] received, process exiting
Thu Aug 13 21:41:56 2015 MANAGEMENT: >STATE:1439512916,EXITING,SIGTERM,,
Minha configuração client é esta:
client
dev tun
proto udp
remote 186.202.x.x 1194
resolv-retry infinite
nobind
persist-key
persist-tun
comp-lzo
verb 3
ca ca.crt
cert client.crt
key client.key
Os certificados foram retirados do server e colocados na pasta correta: C:\Program Files\OpenVPN\config
A configuração no server é esta:
[root@localhost openvpn]# ifconfig -a
eth0 Link encap:Ethernet HWaddr 2E:C5:20:DE:B2:59
inet addr:186.202.x.x Bcast:186.202.179.255 Mask:255.255.252.0
inet6 addr: fe80::2cc5:20ff:fede:b259/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:659722945 errors:0 dropped:0 overruns:0 frame:0
TX packets:9393851 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:31585654438 (29.4 GiB) TX bytes:1766193383 (1.6 GiB)
Interrupt:66
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:5535530 errors:0 dropped:0 overruns:0 frame:0
TX packets:5535530 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:4978960770 (4.6 GiB) TX bytes:4978960770 (4.6 GiB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
arquivo server.conf
;local a.b.c.d
port 1194
;proto tcp
proto udp
;dev tap
dev tun
;dev-node MyTap
ca ca.crt
cert server.crt
dh dh2048.pem
;topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
;server-bridge
;push "route 192.168.10.0 255.255.255.0"
;push "route 192.168.20.0 255.255.255.0"
;client-config-dir ccd
;route 192.168.40.128 255.255.255.248
;client-config-dir ccd
;route 10.9.0.0 255.255.255.252
;learn-address ./script
push "redirect-gateway def1 bypass-dhcp"
;push "dhcp-option DNS 208.67.222.222"
;push "dhcp-option DNS 208.67.220.220"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
;client-to-client
;duplicate-cn
keepalive 10 120
comp-lzo
;max-clients 100
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
;log openvpn.log
;log-append openvpn.log
verb 3
;mute 20
Alguem consegue ajudar??? Ja pegaram este erro???
O firewall do linux esta desativado e tenho um apache funcionando perfeitamente neste servidor com mysql... conecto OK na rede sem problemas...
Obrigado!!!