Ahojte Skúšal som rozbehať openVPN na Mikrotiku hAP lite. Mám taký problém že v logu Mikrotiku mi vypisuje duplicate packet, droping. Na fórach čo som našiel to vraj nie je problém a spojenie by malo fungovať ale na openVPN klientovi mi spojenie stále resetuje. Prosím o pomoc. Log openVPN: 2022-02-06 17:45:06 us=156000 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning. 2022-02-06 17:45:06 us=171000 Current Parameter Settings: 2022-02-06 17:45:06 us=171000 config = 'openvpn.ovpn' 2022-02-06 17:45:06 us=171000 mode = 0 2022-02-06 17:45:06 us=171000 show_ciphers = DISABLED 2022-02-06 17:45:06 us=171000 show_digests = DISABLED 2022-02-06 17:45:06 us=171000 show_engines = DISABLED 2022-02-06 17:45:06 us=171000 genkey = DISABLED 2022-02-06 17:45:06 us=171000 genkey_filename = '[UNDEF]' 2022-02-06 17:45:06 us=171000 key_pass_file = '[UNDEF]' 2022-02-06 17:45:06 us=171000 show_tls_ciphers = DISABLED 2022-02-06 17:45:06 us=171000 NOTE: --mute triggered... 2022-02-06 17:45:06 us=171000 290 variation(s) on previous 10 message(s) suppressed by --mute 2022-02-06 17:45:06 us=171000 OpenVPN 2.5.5 Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Dec 15 2021 2022-02-06 17:45:06 us=171000 Windows version 10.0 (Windows 10 or greater) 64bit 2022-02-06 17:45:06 us=171000 library versions: OpenSSL 1.1.1l 24 Aug 2021, LZO 2.10 2022-02-06 17:45:06 us=171000 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340 2022-02-06 17:45:06 us=171000 Need hold release from management interface, waiting... 2022-02-06 17:45:06 us=640000 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340 2022-02-06 17:45:06 us=765000 MANAGEMENT: CMD 'state on' 2022-02-06 17:45:06 us=765000 MANAGEMENT: CMD 'log all on' 2022-02-06 17:45:06 us=812000 MANAGEMENT: CMD 'echo all on' 2022-02-06 17:45:06 us=812000 MANAGEMENT: CMD 'bytecount 5' 2022-02-06 17:45:06 us=812000 MANAGEMENT: CMD 'hold off' 2022-02-06 17:45:06 us=812000 MANAGEMENT: CMD 'hold release' 2022-02-06 17:45:06 us=828000 MANAGEMENT: CMD 'password [...]' 2022-02-06 17:45:06 us=828000 Control Channel MTU parms [ L:1623 D:1210 EF:40 EB:0 ET:0 EL:3 ] 2022-02-06 17:45:06 us=828000 Data Channel MTU parms [ L:1623 D:1450 EF:123 EB:406 ET:0 EL:3 ] 2022-02-06 17:45:06 us=828000 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_CLIENT,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client' 2022-02-06 17:45:06 us=828000 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_SERVER,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server' 2022-02-06 17:45:06 us=828000 TCP/UDP: Preserving recently used remote address: [AF_INET]<verejna ip>:1194 2022-02-06 17:45:06 us=828000 Socket Buffers: R=[65536->65536] S=[65536->65536] 2022-02-06 17:45:06 us=828000 Attempting to establish TCP connection with [AF_INET]<verejna ip>:1194 [nonblock] 2022-02-06 17:45:06 us=828000 MANAGEMENT: >STATE:1644165906,TCP_CONNECT,,,,,, 2022-02-06 17:45:06 us=859000 TCP connection established with [AF_INET]<verejna ip>:1194 2022-02-06 17:45:06 us=859000 TCP_CLIENT link local: (not bound) 2022-02-06 17:45:06 us=859000 TCP_CLIENT link remote: [AF_INET]109.236.116.128:1194 2022-02-06 17:45:06 us=859000 MANAGEMENT: >STATE:1644165906,WAIT,,,,,, 2022-02-06 17:45:06 us=890000 MANAGEMENT: >STATE:1644165906,AUTH,,,,,, 2022-02-06 17:45:06 us=890000 TLS: Initial packet from [AF_INET]<verejna ip>:1194, sid=77f006e1 04472d1d 2022-02-06 17:45:07 us=718000 VERIFY OK: depth=1, CN=CA 2022-02-06 17:45:07 us=718000 VERIFY KU OK 2022-02-06 17:45:07 us=718000 Validating certificate extended key usage 2022-02-06 17:45:07 us=718000 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication 2022-02-06 17:45:07 us=718000 VERIFY EKU OK 2022-02-06 17:45:07 us=718000 VERIFY OK: depth=0, CN=server 2022-02-06 17:45:08 us=343000 Connection reset, restarting [0] 2022-02-06 17:45:08 us=343000 TCP/UDP: Closing socket 2022-02-06 17:45:08 us=343000 SIGUSR1[soft,connection-reset] received, process restarting 2022-02-06 17:45:08 us=343000 MANAGEMENT: >STATE:1644165908,RECONNECTING,connection-reset,,,,, 2022-02-06 17:45:08 us=343000 Restart pause, 5 second(s) 2022-02-06 17:45:13 us=375000 Re-using SSL/TLS context openVPN konfiguračný súbor: client dev tun proto tcp-client remote <verejná ip> port 1194 nobind persist-key persist-tun tls-client remote-cert-tls server ca cert_export_CA.crt cert cert_export_client.crt key cert_export_client.key verb 4 mute 10 cipher AES-256-CBC auth SHA1 auth-user-pass secret auth-nocache
|