Pomoc Problem z połączeniem serwera jako klienta VPN

Discussion in 'Instalowanie, Bootowanie i Konfiguracja' started by PolakPL2002, Sep 10, 2018.

Loading...
Tags:
  1. PolakPL2002
    Offline

    PolakPL2002 Nowy użytkownik Noobie

    Joined:
    Jun 4, 2015
    Messages:
    8
    Local Time:
    11:17 AM
    Ratings:
    +0 / 0 / -0
    Followers:
    0
    QNAP:
    null
    Synology:
    DS414
    Ethernet:
    1 GbE
    null 1 GbE
    Witam, próbuję podłączyć serwer do VPNa, ale nie udaje się to (Jest komunikat "Połączenie nie powiodło się. Sprawdź ustawienia sieci."). Korzystam z OpenVPN przez plik .ovpn. Jak używam ten sam plik w kliencie w Windowsie to łączy się bez problemów. Co może być przyczyną takiego zachowania?

    Serwer DS414
    DSM najnowszy

    Plik .ovpn:
    Code (Text):
    1. ##############################################
    2. # Sample client-side OpenVPN 2.0 config file #
    3. # for connecting to multi-client server.     #
    4. #                                            #
    5. # This configuration can be used by multiple #
    6. # clients, however each client should have   #
    7. # its own cert and key files.                #
    8. #                                            #
    9. # On Windows, you might want to rename this  #
    10. # file so it has a .ovpn extension           #
    11. ##############################################
    12.  
    13. # Specify that we are a client and that we
    14. # will be pulling certain config file directives
    15. # from the server.
    16. client
    17.  
    18. # Use the same setting as you are using on
    19. # the server.
    20. # On most systems, the VPN will not function
    21. # unless you partially or fully disable
    22. # the firewall for the TUN/TAP interface.
    23. ;dev tap
    24. dev tun
    25.  
    26. # Windows needs the TAP-Win32 adapter name
    27. # from the Network Connections panel
    28. # if you have more than one.  On XP SP2,
    29. # you may need to disable the firewall
    30. # for the TAP adapter.
    31. ;dev-node MyTap
    32.  
    33. # Are we connecting to a TCP or
    34. # UDP server?  Use the same setting as
    35. # on the server.
    36. ;proto tcp
    37. proto udp
    38.  
    39. # The hostname/IP and port of the server.
    40. # You can have multiple remote entries
    41. # to load balance between the servers.
    42. remote *** 1194
    43. ;remote my-server-2 1194
    44.  
    45. # Choose a random host from the remote
    46. # list for load-balancing.  Otherwise
    47. # try hosts in the order specified.
    48. ;remote-random
    49.  
    50. # Keep trying indefinitely to resolve the
    51. # host name of the OpenVPN server.  Very useful
    52. # on machines which are not permanently connected
    53. # to the internet such as laptops.
    54. resolv-retry infinite
    55.  
    56. # Most clients don't need to bind to
    57. # a specific local port number.
    58. nobind
    59.  
    60. # Downgrade privileges after initialization (non-Windows only)
    61. user nobody
    62. group nogroup
    63.  
    64. # Try to preserve some state across restarts.
    65. persist-key
    66. persist-tun
    67.  
    68. # If you are connecting through an
    69. # HTTP proxy to reach the actual OpenVPN
    70. # server, put the proxy server/IP and
    71. # port number here.  See the man page
    72. # if your proxy server requires
    73. # authentication.
    74. ;http-proxy-retry # retry on connection failures
    75. ;http-proxy [proxy server] [proxy port #]
    76.  
    77. # Wireless networks often produce a lot
    78. # of duplicate packets.  Set this flag
    79. # to silence duplicate packet warnings.
    80. ;mute-replay-warnings
    81.  
    82. # SSL/TLS parms.
    83. # See the server config file for more
    84. # description.  It's best to use
    85. # a separate .crt/.key file pair
    86. # for each client.  A single ca
    87. # file can be used for all clients.
    88. #ca ca.crt
    89. #cert client.crt
    90. #key client.key
    91.  
    92. cipher AES-128-CBC
    93. auth SHA256
    94. key-direction 1
    95.  
    96. # script-security 2
    97. # up /etc/openvpn/update-resolv-conf
    98. # down /etc/openvpn/update-resolv-conf
    99.  
    100. # Verify server certificate by checking that the
    101. # certicate has the correct key usage set.
    102. # This is an important precaution to protect against
    103. # a potential attack discussed here:
    104. #  http://openvpn.net/howto.html#mitm
    105. #
    106. # To use this feature, you will need to generate
    107. # your server certificates with the keyUsage set to
    108. #   digitalSignature, keyEncipherment
    109. # and the extendedKeyUsage to
    110. #   serverAuth
    111. # EasyRSA can do this for you.
    112. remote-cert-tls server
    113.  
    114. # If a tls-auth key is used on the server
    115. # then every client must also have the key.
    116. ;tls-auth ta.key 1
    117.  
    118. # Select a cryptographic cipher.
    119. # If the cipher option is used on the server
    120. # then you must also specify it here.
    121. ;cipher x
    122.  
    123. # Enable compression on the VPN link.
    124. # Don't enable this unless it is also
    125. # enabled in the server config file.
    126. comp-lzo
    127.  
    128. # Set log file verbosity.
    129. verb 3
    130.  
    131. # Silence repeating messages
    132. ;mute 20
    133. <ca>
    134. -----BEGIN CERTIFICATE-----
    135. ***
    136. -----END CERTIFICATE-----
    137. </ca>
    138. <cert>
    139. Certificate:
    140.     Data:
    141.         Version: *
    142.         Serial Number: *
    143.     Signature Algorithm: ***
    144.         Issuer: ***
    145.         Validity
    146.             Not Before: Sep 10 18:21:03 2018 GMT
    147.             Not After : Sep  7 18:21:03 2028 GMT
    148.         Subject: ***
    149.         Subject Public Key Info:
    150.             Public Key Algorithm: rsaEncryption
    151.                 Public-Key: (2048 bit)
    152.                 Modulus:
    153.                     ***
    154.                 Exponent: ***
    155.         X509v3 extensions:
    156.             X509v3 Basic Constraints:
    157.                 CA:FALSE
    158.             Netscape Comment:
    159.                 Easy-RSA Generated Certificate
    160.             X509v3 Subject Key Identifier:
    161.                 ***
    162.             X509v3 Authority Key Identifier:
    163.                 keyid:***
    164.                 DirName:***
    165.                 serial:***
    166.  
    167.             X509v3 Extended Key Usage:
    168.                 TLS Web Client Authentication
    169.             X509v3 Key Usage:
    170.                 Digital Signature
    171.             X509v3 Subject Alternative Name:
    172.                 DNS:client_server
    173.     Signature Algorithm: ***
    174. -----BEGIN CERTIFICATE-----
    175. ***
    176. -----END CERTIFICATE-----
    177. </cert>
    178. <key>
    179. -----BEGIN PRIVATE KEY-----
    180. ***
    181. -----END PRIVATE KEY-----
    182. </key>
    183. <tls-auth>
    184. #
    185. # 2048 bit OpenVPN static key
    186. #
    187. -----BEGIN OpenVPN Static key V1-----
    188. ***
    189. -----END OpenVPN Static key V1-----
    190. </tls-auth>
    191.