Задать вопрос
@DVoropaev
Ставлю + к карме на хабре за ответы на вопросы

Почему не могу подключиться к openvpn?

Файл ./client.conf:

client
dev tap
dev-type tap
persist-tun
persist-key
proto tcp-client
cipher BF-CBC
auth SHA512
remote vpn1.<адрес скрыт>.ru
port 8217
ca /home//.cert/217/ca.crt
tls-auth /home//.cert/217/ta.key 1
tls-client
comp-lzo yes
key /home//.cert/217/.key
cert /home//.cert/217/.crt



sudo openvpn --config ./client.conf --askpass ./passw
Tue Sep  5 18:42:52 2017 OpenVPN 2.3.14 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Dec  7 2016
Tue Sep  5 18:42:52 2017 library versions: OpenSSL 1.0.2j-fips  26 Sep 2016, LZO 2.08
Tue Sep  5 18:42:52 2017 WARNING: file './passw' is group or others accessible
Tue Sep  5 18:42:52 2017 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Tue Sep  5 18:42:52 2017 WARNING: file '/home/<username>/.cert/217/<username>.key' is group or others accessible
Tue Sep  5 18:42:52 2017 WARNING: file '/home/<username>/.cert/217/ta.key' is group or others accessible
Tue Sep  5 18:42:52 2017 Control Channel Authentication: using '/home/<username>/.cert/217/ta.key' as a OpenVPN static key file
Tue Sep  5 18:42:52 2017 Attempting to establish TCP connection with [AF_INET]<ip скрыт>:8217 [nonblock]
Tue Sep  5 18:42:53 2017 TCP connection established with [AF_INET]<ip скрыт>:8217
Tue Sep  5 18:42:53 2017 TCPv4_CLIENT link local: [undef]
Tue Sep  5 18:42:53 2017 TCPv4_CLIENT link remote: [AF_INET]<ip скрыт>:8217
Tue Sep  5 18:42:54 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Tue Sep  5 18:42:54 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Tue Sep  5 18:42:54 2017 [<сервер скрыт>] Peer Connection Initiated with [AF_INET]<ip скрыт>:8217
Tue Sep  5 18:42:56 2017 TUN/TAP device tap1 opened
Tue Sep  5 18:42:56 2017 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Tue Sep  5 18:42:56 2017 /usr/sbin/ip link set dev tap1 up mtu 1500
Tue Sep  5 18:42:56 2017 /usr/sbin/ip addr add dev tap1 <ip скрыт>/27 broadcast <ip скрыт>
RTNETLINK answers: File exists
Tue Sep  5 18:42:56 2017 ERROR: Linux route add command failed: external program exited with error status: 2
Tue Sep  5 18:42:56 2017 Initialization Sequence Completed
Tue Sep  5 18:43:00 2017 Connection reset, restarting [0]
Tue Sep  5 18:43:00 2017 SIGUSR1[soft,connection-reset] received, process restarting
Tue Sep  5 18:43:05 2017 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Tue Sep  5 18:43:05 2017 Attempting to establish TCP connection with [AF_INET]<ip скрыт>:8217 [nonblock]
Tue Sep  5 18:43:06 2017 TCP connection established with [AF_INET]<ip скрыт>:8217
Tue Sep  5 18:43:06 2017 TCPv4_CLIENT link local: [undef]
Tue Sep  5 18:43:06 2017 TCPv4_CLIENT link remote: [AF_INET]<ip скрыт>:8217
Tue Sep  5 18:43:07 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Tue Sep  5 18:43:07 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Tue Sep  5 18:43:07 2017 [<сервер скрыт>] Peer Connection Initiated with [AF_INET]<ip скрыт>:8217
Tue Sep  5 18:43:09 2017 Preserving previous TUN/TAP instance: tap1
Tue Sep  5 18:43:09 2017 Initialization Sequence Completed
Tue Sep  5 18:43:14 2017 Connection reset, restarting [0]
  • Вопрос задан
  • 2660 просмотров
Подписаться 1 Оценить Комментировать
Пригласить эксперта
Ответы на вопрос 1
sashkets
@sashkets
Прекратил отвечать после 24.02.2022
помоему дело в этом
ERROR: Linux route add command failed: external program exited with error status: 2


клиент опенвпн добавляет маршруты в таблицу маршрутизации на что требуются права админа.
Ответ написан
Ваш ответ на вопрос

Войдите, чтобы написать ответ

Похожие вопросы