OpenVPN在Windows上有效,在Linux VPS上失败

问题描述 投票:0回答:1

我需要配置一个在Windows上成功运行的OpenVPN连接,但是在DigitalOcean的Linux Ubuntu 16.04上尝试它之后,它失败,并显示以下输出:

Tue Oct  1 13:33:13 2019 us=273565 Current Parameter Settings:
Tue Oct  1 13:33:13 2019 us=273892   config = 'VPN.ovpn'
Tue Oct  1 13:33:13 2019 us=274158   mode = 0
Tue Oct  1 13:33:13 2019 us=274423   persist_config = DISABLED
Tue Oct  1 13:33:13 2019 us=274670   persist_mode = 1
Tue Oct  1 13:33:13 2019 us=274847   show_ciphers = DISABLED
Tue Oct  1 13:33:13 2019 us=275017   show_digests = DISABLED
Tue Oct  1 13:33:13 2019 us=275178   show_engines = DISABLED
Tue Oct  1 13:33:13 2019 us=275352   genkey = DISABLED
Tue Oct  1 13:33:13 2019 us=275513   key_pass_file = '/etc/openvpn/psk.pass'
Tue Oct  1 13:33:13 2019 us=275688 NOTE: --mute triggered...
Tue Oct  1 13:33:13 2019 us=275855 267 variation(s) on previous 10 message(s) suppressed by --mute
Tue Oct  1 13:33:13 2019 us=276058 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jan  9 2019
Tue Oct  1 13:33:13 2019 us=276260 library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08
Tue Oct  1 13:33:13 2019 us=276483 WARNING: file '/etc/openvpn/auth.txt' is group or others accessible
Tue Oct  1 13:33:13 2019 us=280348 WARNING: file '/etc/openvpn/cert_export_Cliente.key' is group or others accessible
Tue Oct  1 13:33:13 2019 us=280690 Control Channel MTU parms [ L:1559 D:1210 EF:40 EB:0 ET:0 EL:3 ]
Tue Oct  1 13:33:13 2019 us=280905 Socket Buffers: R=[87380->87380] S=[16384->16384]
Tue Oct  1 13:33:13 2019 us=281991 Data Channel MTU parms [ L:1559 D:1450 EF:59 EB:12 ET:0 EL:3 ]
Tue Oct  1 13:33:13 2019 us=282182 Local Options String: 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_CLIENT,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Tue Oct  1 13:33:13 2019 us=282375 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_SERVER,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Tue Oct  1 13:33:13 2019 us=282573 Local Options hash (VER=V4): 'dfa3fe29'
Tue Oct  1 13:33:13 2019 us=282748 Expected Remote Options hash (VER=V4): '3e5d5b9b'
Tue Oct  1 13:33:13 2019 us=282929 Attempting to establish TCP connection with [AF_INET]xxx.xxx.xxx.xxx:yyyy [nonblock]
Tue Oct  1 13:33:14 2019 us=283319 TCP connection established with [AF_INET]xxx.xxx.xxx.xxx:yyyy
Tue Oct  1 13:33:14 2019 us=283727 TCPv4_CLIENT link local: [undef]
Tue Oct  1 13:33:14 2019 us=283966 TCPv4_CLIENT link remote: [AF_INET]xxx.xxx.xxx.xxx:yyyy
Tue Oct  1 13:33:14 2019 us=284370 TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:yyyy, sid=0b902ea0 7f60a7fd
Tue Oct  1 13:33:15 2019 us=680440 VERIFY OK: depth=1, CN=XXXXXX
Tue Oct  1 13:33:15 2019 us=681045 Validating certificate key usage
Tue Oct  1 13:33:15 2019 us=681337 ++ Certificate has key usage  00b6, expects 00a0
Tue Oct  1 13:33:15 2019 us=681559 ++ Certificate has key usage  00b6, expects 0088
Tue Oct  1 13:33:15 2019 us=681796 VERIFY KU ERROR
Tue Oct  1 13:33:15 2019 us=682061 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
Tue Oct  1 13:33:15 2019 us=682256 TLS Error: TLS object -> incoming plaintext read error
Tue Oct  1 13:33:15 2019 us=682469 TLS Error: TLS handshake failed
Tue Oct  1 13:33:15 2019 us=682702 Fatal TLS error (check_tls_errors_co), restarting
Tue Oct  1 13:33:15 2019 us=682894 TCP/UDP: Closing socket
Tue Oct  1 13:33:15 2019 us=683149 SIGUSR1[soft,tls-error] received, process restarting
Tue Oct  1 13:33:15 2019 us=683327 Restart pause, 5 second(s)
^CTue Oct  1 13:33:17 2019 us=514911 SIGINT[hard,init_instance] received, process exiting

VPN提供商说VPN是为Windows配置的,而不是为Linux配置的,但我并不完全相信这是正确的。有没有办法连接到VPN?

这是我的.ovpn文件:

client
dev tun
proto tcp-client
remote vpn.xxxxxxxx.com.yyy
port YYYY
nobind
persist-key
persist-tun
tls-client
remote-cert-tls server
askpass /etc/openvpn/psk.pass
ca /etc/openvpn/cert_export_SERVER.crt
cert /etc/openvpn/cert_export_CLIENT.crt
key /etc/openvpn/cert_export_CLIENTE.key
verb 4
mute 10
cipher AES-256-CBC
auth SHA1
auth-user-pass /etc/openvpn/auth.txt
auth-nocache
route 10.0.0.0 255.0.0.0 192.168.15.254
openvpn
1个回答
0
投票

升级到Ubuntu 18.04,现在可以连接。

© www.soinside.com 2019 - 2024. All rights reserved.