| | |
| Stránka: 1 z 1
| [ Príspevkov: 2 ] | |
Autor | Správa |
---|
Registrovaný: 07.11.20 Prihlásený: 17.09.23 Príspevky: 28 Témy: 9 | Napísal tady: 06.02.2022 18:19 | |
|
Ahojte Skúšal som rozbehať openVPN na Mikrotiku hAP lite. Mám taký problém že v logu Mikrotiku mi vypisuje duplicate packet, droping. Na fórach čo som našiel to vraj nie je problém a spojenie by malo fungovať ale na openVPN klientovi mi spojenie stále resetuje. Prosím o pomoc. Log openVPN: 2022-02-06 17:45:06 us=156000 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning. 2022-02-06 17:45:06 us=171000 Current Parameter Settings: 2022-02-06 17:45:06 us=171000 config = 'openvpn.ovpn' 2022-02-06 17:45:06 us=171000 mode = 0 2022-02-06 17:45:06 us=171000 show_ciphers = DISABLED 2022-02-06 17:45:06 us=171000 show_digests = DISABLED 2022-02-06 17:45:06 us=171000 show_engines = DISABLED 2022-02-06 17:45:06 us=171000 genkey = DISABLED 2022-02-06 17:45:06 us=171000 genkey_filename = '[UNDEF]' 2022-02-06 17:45:06 us=171000 key_pass_file = '[UNDEF]' 2022-02-06 17:45:06 us=171000 show_tls_ciphers = DISABLED 2022-02-06 17:45:06 us=171000 NOTE: --mute triggered... 2022-02-06 17:45:06 us=171000 290 variation(s) on previous 10 message(s) suppressed by --mute 2022-02-06 17:45:06 us=171000 OpenVPN 2.5.5 Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Dec 15 2021 2022-02-06 17:45:06 us=171000 Windows version 10.0 (Windows 10 or greater) 64bit 2022-02-06 17:45:06 us=171000 library versions: OpenSSL 1.1.1l 24 Aug 2021, LZO 2.10 2022-02-06 17:45:06 us=171000 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340 2022-02-06 17:45:06 us=171000 Need hold release from management interface, waiting... 2022-02-06 17:45:06 us=640000 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340 2022-02-06 17:45:06 us=765000 MANAGEMENT: CMD 'state on' 2022-02-06 17:45:06 us=765000 MANAGEMENT: CMD 'log all on' 2022-02-06 17:45:06 us=812000 MANAGEMENT: CMD 'echo all on' 2022-02-06 17:45:06 us=812000 MANAGEMENT: CMD 'bytecount 5' 2022-02-06 17:45:06 us=812000 MANAGEMENT: CMD 'hold off' 2022-02-06 17:45:06 us=812000 MANAGEMENT: CMD 'hold release' 2022-02-06 17:45:06 us=828000 MANAGEMENT: CMD 'password [...]' 2022-02-06 17:45:06 us=828000 Control Channel MTU parms [ L:1623 D:1210 EF:40 EB:0 ET:0 EL:3 ] 2022-02-06 17:45:06 us=828000 Data Channel MTU parms [ L:1623 D:1450 EF:123 EB:406 ET:0 EL:3 ] 2022-02-06 17:45:06 us=828000 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_CLIENT,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client' 2022-02-06 17:45:06 us=828000 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_SERVER,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server' 2022-02-06 17:45:06 us=828000 TCP/UDP: Preserving recently used remote address: [AF_INET]<verejna ip>:1194 2022-02-06 17:45:06 us=828000 Socket Buffers: R=[65536->65536] S=[65536->65536] 2022-02-06 17:45:06 us=828000 Attempting to establish TCP connection with [AF_INET]<verejna ip>:1194 [nonblock] 2022-02-06 17:45:06 us=828000 MANAGEMENT: >STATE:1644165906,TCP_CONNECT,,,,,, 2022-02-06 17:45:06 us=859000 TCP connection established with [AF_INET]<verejna ip>:1194 2022-02-06 17:45:06 us=859000 TCP_CLIENT link local: (not bound) 2022-02-06 17:45:06 us=859000 TCP_CLIENT link remote: [AF_INET]109.236.116.128:1194 2022-02-06 17:45:06 us=859000 MANAGEMENT: >STATE:1644165906,WAIT,,,,,, 2022-02-06 17:45:06 us=890000 MANAGEMENT: >STATE:1644165906,AUTH,,,,,, 2022-02-06 17:45:06 us=890000 TLS: Initial packet from [AF_INET]<verejna ip>:1194, sid=77f006e1 04472d1d 2022-02-06 17:45:07 us=718000 VERIFY OK: depth=1, CN=CA 2022-02-06 17:45:07 us=718000 VERIFY KU OK 2022-02-06 17:45:07 us=718000 Validating certificate extended key usage 2022-02-06 17:45:07 us=718000 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication 2022-02-06 17:45:07 us=718000 VERIFY EKU OK 2022-02-06 17:45:07 us=718000 VERIFY OK: depth=0, CN=server 2022-02-06 17:45:08 us=343000 Connection reset, restarting [0] 2022-02-06 17:45:08 us=343000 TCP/UDP: Closing socket 2022-02-06 17:45:08 us=343000 SIGUSR1[soft,connection-reset] received, process restarting 2022-02-06 17:45:08 us=343000 MANAGEMENT: >STATE:1644165908,RECONNECTING,connection-reset,,,,, 2022-02-06 17:45:08 us=343000 Restart pause, 5 second(s) 2022-02-06 17:45:13 us=375000 Re-using SSL/TLS context openVPN konfiguračný súbor: client dev tun proto tcp-client remote <verejná ip> port 1194 nobind persist-key persist-tun tls-client remote-cert-tls server ca cert_export_CA.crt cert cert_export_client.crt key cert_export_client.key verb 4 mute 10 cipher AES-256-CBC auth SHA1 auth-user-pass secret auth-nocache
|
|
Registrovaný: 14.12.05 Príspevky: 10616 Témy: 70 Bydlisko: Košice | Napísal KocuR: 19.02.2022 22:40 | |
|
Cize mas klienta na svojom PC a mas klienta na Mikrotiku. Co/kde je server? Ked je podstata to, ze sa chces zvonku pripojit do LAN za Mikrotikom, tak ten Mikrotik logicky musi byt nakonfigurovany ako server. https://systemzone.net/mikrotik-openvpn-configuration-on-tcp-port-443-with-windows-os/
_________________
Site 1:AMD Ryzen 9 7900 + Noctua NH-P1 + Conductonaut; 2x16GB DDR5 6000MHz CL32; ROG Strix B650E-I; ROG Strix RX5700XT (deshroud); Samsung 980 PRO 2TB; Jonsplus i100 + 2x Arctic P14 + 3x Phanteks T30; Corsair SF750; Dell U2718Q; Corsair K70 mk.2 Low Profile + Logi G500s; miniDSP 2x4HD + 2xT-AMP + BMR+1138SMF/Scarlett Solo + ATH-M50x STS LG OLED65CX; Onkyo TX-RZ740; 5.1.2 DIY speaker setup (Dayton ND/Peerless NE25, Dayton UM-10 + Monacor SAM-500D); Xbox SeX; Synology DS418 + 4x4TB WD Red + 2x NF-A9; MikroTik RB4011iGS+5HacQ2HnD-IN + Gigabit Antik Site 2:Ryzen 7 8700G delid + Noctua NH-L12S + Conductonaut; 2x16GB DDR5 6800MHz CL40; Gigabyte B650I AX; 1TB NVMe; Silverstone ML05 + 2x Arctic P8; Seasonic Focus SGX-500; Dell P2417H/LG 49UH661V; Logitech Multimedia Keyboard & G5; Synology DS218play + 2x2TB WD Red; MikroTik hAP AC2 + Antik + IPSec tunnel to Site 1 Mobile:Galaxy S23, Shanling UA1s + Urbanfun Hybrid/Sony WF-1000XM3
|
|
| Stránka: 1 z 1
| [ Príspevkov: 2 ] | |
Podobné témy | Témy | Odpovede | Zobrazenia | Posledný príspevok |
---|
| OpenVpn v Sieťové a internetové programy | 1 | 456 | 07.09.2015 15:44 void | | OpenVPN v Operačné systémy Unix a Linux | 0 | 911 | 11.05.2008 22:36 gabo99 | | openVPN v Sieťové a internetové programy | 0 | 597 | 23.02.2010 14:13 bimbo34 | | OpenVPN - zaklady v Bezpečnosť a firewally | 2 | 848 | 01.02.2015 19:19 void | | OpenVPN - Eset detekuje útoky v Sieťové a internetové programy | 0 | 700 | 16.02.2013 17:51 somtuanon | | Nastavenie OpenVPN / WireGuard serveru v Poskytovatelia internetu | 0 | 321 | 29.03.2022 0:36 janci257 | | Orange 4G Flybox a OpenVPN v Poskytovatelia internetu | 0 | 1389 | 21.01.2022 22:48 fuco | | OpenVPN - clienti sa nevedia spojit medzi sebou v Sieťové a internetové programy | 0 | 722 | 29.11.2008 0:28 Duch | | ASUS Z97-A, ATX, Intel socket 1150 alebo Asus Z170-PRO-GAMING socket 1151 v PC zostavy | 1 | 829 | 12.02.2017 13:07 Toshibak | | P: Cryorig C1 (chladic na Intel socket 2011, 2011-3, 1366, 1150, 1155, 1156, 775 AMD socket AM2, AM3+, FM1, FM2+) v Predám | 1 | 651 | 28.01.2021 12:46 tarezni | | socket v AMD - Advanced Micro Devices | 3 | 748 | 25.07.2008 12:13 prandof | | Socket? v Ostatné | 5 | 657 | 27.12.2009 10:50 Semp | | socket v Intel čipové sady | 7 | 1160 | 06.11.2008 11:33 martinmmm | | Socket v AMD čipové sady | 2 | 790 | 23.06.2009 21:08 Cyrix | | AMD socket v AMD - Advanced Micro Devices | 7 | 801 | 07.11.2007 18:30 Jaro | | AMD Socket v AMD čipové sady | 3 | 247 | 16.10.2012 8:32 EndersoN |
| Nemôžete zakladať nové témy v tomto fóre Nemôžete odpovedať na témy v tomto fóre Nemôžete upravovať svoje príspevky v tomto fóre Nemôžete mazať svoje príspevky v tomto fóre
|
|