Re: Организация OpenVPN каналов...
Добавлено: 21 дек 2022, 11:10
Поменял везде порт...
Вместо 1195 записал дефолтный 1194...
Старт OpenVPN-Сервера на AstraLinux:
Все кошерно!!!
...
Ну а теперь стартуем Клиента...)))
И полезла чушь...
Обрезал сотню одинаковых сообщений, забивающих собой лог!
Но VPN-канал всеж поднялся!!!
Вместо 1195 записал дефолтный 1194...
Старт OpenVPN-Сервера на AstraLinux:
Код: Выделить всё
Wed Dec 21 11:00:25 2022 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019
Wed Dec 21 11:00:25 2022 library versions: OpenSSL 1.1.1k 25 Mar 2021, LZO 2.10
Wed Dec 21 11:00:25 2022 Diffie-Hellman initialized with 2048 bit key
Wed Dec 21 11:00:25 2022 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Dec 21 11:00:25 2022 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Dec 21 11:00:25 2022 TUN/TAP device tun0 opened
Wed Dec 21 11:00:25 2022 TUN/TAP TX queue length set to 100
Wed Dec 21 11:00:25 2022 /sbin/ip link set dev tun0 up mtu 1500
Wed Dec 21 11:00:25 2022 /sbin/ip addr add dev tun0 10.8.0.1/24 broadcast 10.8.0.255
Wed Dec 21 11:00:25 2022 Could not determine IPv4/IPv6 protocol. Using AF_INET
Wed Dec 21 11:00:25 2022 Socket Buffers: R=[212992->212992] S=[212992->212992]
Wed Dec 21 11:00:25 2022 UDPv4 link local (bound): [AF_INET]192.168.50.10:1194
Wed Dec 21 11:00:25 2022 UDPv4 link remote: [AF_UNSPEC]
Wed Dec 21 11:00:25 2022 MULTI: multi_init called, r=256 v=256
Wed Dec 21 11:00:25 2022 IFCONFIG POOL: base=10.8.0.2 size=252, ipv6=0
Wed Dec 21 11:00:25 2022 ifconfig_pool_read(), in='Andrey,10.8.0.2', TODO: IPv6
Wed Dec 21 11:00:25 2022 succeeded -> ifconfig_pool_set()
Wed Dec 21 11:00:25 2022 IFCONFIG POOL LIST
Wed Dec 21 11:00:25 2022 Andrey,10.8.0.2
Wed Dec 21 11:00:25 2022 Initialization Sequence Completed
...
Ну а теперь стартуем Клиента...)))
И полезла чушь...
Код: Выделить всё
Wed Dec 21 11:00:25 2022 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019
Wed Dec 21 11:00:25 2022 library versions: OpenSSL 1.1.1k 25 Mar 2021, LZO 2.10
Wed Dec 21 11:00:25 2022 Diffie-Hellman initialized with 2048 bit key
Wed Dec 21 11:00:25 2022 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Dec 21 11:00:25 2022 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Dec 21 11:00:25 2022 TUN/TAP device tun0 opened
Wed Dec 21 11:00:25 2022 TUN/TAP TX queue length set to 100
Wed Dec 21 11:00:25 2022 /sbin/ip link set dev tun0 up mtu 1500
Wed Dec 21 11:00:25 2022 /sbin/ip addr add dev tun0 10.8.0.1/24 broadcast 10.8.0.255
Wed Dec 21 11:00:25 2022 Could not determine IPv4/IPv6 protocol. Using AF_INET
Wed Dec 21 11:00:25 2022 Socket Buffers: R=[212992->212992] S=[212992->212992]
Wed Dec 21 11:00:25 2022 UDPv4 link local (bound): [AF_INET]192.168.50.10:1194
Wed Dec 21 11:00:25 2022 UDPv4 link remote: [AF_UNSPEC]
Wed Dec 21 11:00:25 2022 MULTI: multi_init called, r=256 v=256
Wed Dec 21 11:00:25 2022 IFCONFIG POOL: base=10.8.0.2 size=252, ipv6=0
Wed Dec 21 11:00:25 2022 ifconfig_pool_read(), in='Andrey,10.8.0.2', TODO: IPv6
Wed Dec 21 11:00:25 2022 succeeded -> ifconfig_pool_set()
Wed Dec 21 11:00:25 2022 IFCONFIG POOL LIST
Wed Dec 21 11:00:25 2022 Andrey,10.8.0.2
Wed Dec 21 11:00:25 2022 Initialization Sequence Completed
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 TLS: Initial packet from [AF_INET]192.168.0.99:50526, sid=22cc2f5a 0cd7165e
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1671609897) Wed Dec 21 11:04:57 2022 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 TLS Error: incoming packet authentication failed from [AF_INET]192.168.0.99:50526
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #2 / time = (1671609897) Wed Dec 21 11:04:57 2022 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 TLS Error: incoming packet authentication failed from [AF_INET]192.168.0.99:50526
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #3 / time = (1671609897) Wed Dec 21 11:04:57 2022 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 TLS Error: incoming packet authentication failed from [AF_INET]192.168.0.99:50526
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #4 / time = (1671609897) Wed Dec 21 11:04:57 2022 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 TLS Error: incoming packet authentication failed from [AF_INET]192.168.0.99:50526
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #5 / time = (1671609897) Wed Dec 21 11:04:57 2022 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 TLS Error: incoming packet authentication failed from [AF_INET]192.168.0.99:50526
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 VERIFY OK: depth=1, CN=Andrey
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 VERIFY OK: depth=0, CN=Andrey
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 peer info: IV_VER=2.5.7
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 peer info: IV_PLAT=win
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 peer info: IV_PROTO=6
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 peer info: IV_NCP=2
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 peer info: IV_LZ4=1
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 peer info: IV_LZ4v2=1
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 peer info: IV_LZO=1
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 peer info: IV_COMP_STUB=1
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 peer info: IV_COMP_STUBv2=1
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 peer info: IV_TCPNL=1
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 peer info: IV_GUI_VER=OpenVPN_GUI_11
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 peer info: IV_SSO=openurl,crtext
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #6 / time = (1671609897) Wed Dec 21 11:04:57 2022 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 TLS Error: incoming packet authentication failed from [AF_INET]192.168.0.99:50526
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #7 / time = (1671609897) Wed Dec 21 11:04:57 2022 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 TLS Error: incoming packet authentication failed from [AF_INET]192.168.0.99:50526
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8 / time = (1671609897) Wed Dec 21 11:04:57 2022 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 TLS Error: incoming packet authentication failed from [AF_INET]192.168.0.99:50526
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #9 / time = (1671609897) Wed Dec 21 11:04:57 2022 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 TLS Error: incoming packet authentication failed from [AF_INET]192.168.0.99:50526
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bit RSA
Wed Dec 21 11:04:59 2022 192.168.0.99:50526 [Andrey] Peer Connection Initiated with [AF_INET]192.168.0.99:50526
Wed Dec 21 11:04:59 2022 Andrey/192.168.0.99:50526 MULTI_sva: pool returned IPv4=10.8.0.2, IPv6=(Not enabled)
Wed Dec 21 11:04:59 2022 Andrey/192.168.0.99:50526 MULTI: Learn: 10.8.0.2 -> Andrey/192.168.0.99:50526
Wed Dec 21 11:04:59 2022 Andrey/192.168.0.99:50526 MULTI: primary virtual IP for Andrey/192.168.0.99:50526: 10.8.0.2
Wed Dec 21 11:04:59 2022 Andrey/192.168.0.99:50526 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #10 / time = (1671609897) Wed Dec 21 11:04:57 2022 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Wed Dec 21 11:04:59 2022 Andrey/192.168.0.99:50526 TLS Error: incoming packet authentication failed from [AF_INET]192.168.0.99:50526
Wed Dec 21 11:05:00 2022 Andrey/192.168.0.99:50526 PUSH: Received control message: 'PUSH_REQUEST'
Wed Dec 21 11:05:00 2022 Andrey/192.168.0.99:50526 SENT CONTROL [Andrey]: 'PUSH_REPLY,route-gateway 10.8.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.8.0.2 255.255.255.0,peer-id 0,cipher AES-256-GCM' (status=1)
Wed Dec 21 11:05:00 2022 Andrey/192.168.0.99:50526 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Wed Dec 21 11:05:00 2022 Andrey/192.168.0.99:50526 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Wed Dec 21 11:05:00 2022 Andrey/192.168.0.99:50526 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #11 / time = (1671609897) Wed Dec 21 11:04:57 2022 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Wed Dec 21 11:05:00 2022 Andrey/192.168.0.99:50526 TLS Error: incoming packet authentication failed from [AF_INET]192.168.0.99:50526
Wed Dec 21 11:05:00 2022 Andrey/192.168.0.99:50526 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #12 / time = (1671609897) Wed Dec 21 11:04:57 2022 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Wed Dec 21 11:05:00 2022 Andrey/192.168.0.99:50526 TLS Error: incoming packet authentication failed from [AF_INET]192.168.0.99:50526
Wed Dec 21 11:05:03 2022 Andrey/192.168.0.99:50526 AEAD Decrypt error: bad packet ID (may be a replay): [ #1 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Wed Dec 21 11:05:03 2022 Andrey/192.168.0.99:50526 AEAD Decrypt error: bad packet ID (may be a replay): [ #2 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Wed Dec 21 11:05:03 2022 Andrey/192.168.0.99:50526 AEAD Decrypt error: bad packet ID (may be a replay): [ #3 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Wed Dec 21 11:05:03 2022 Andrey/192.168.0.99:50526 AEAD Decrypt error: bad packet ID (may be a replay): [ #4 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Wed Dec 21 11:05:03 2022 Andrey/192.168.0.99:50526 AEAD Decrypt error: bad packet ID (may be a replay): [ #5 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
.....
И так далее...(((
Обрезал сотню одинаковых сообщений, забивающих собой лог!
Но VPN-канал всеж поднялся!!!