OpenVPN - [59] :: В помощь системному администратору

люди подскажите где ошибка

Sun May 20 18:33:32 2012 OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2] [PKCS11] built on Dec 15 2011
Sun May 20 18:33:32 2012 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sun May 20 18:33:32 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sun May 20 18:33:33 2012 LZO compression initialized
Sun May 20 18:33:33 2012 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sun May 20 18:33:33 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sun May 20 18:33:33 2012 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Sun May 20 18:33:33 2012 Local Options hash (VER=V4): '41690919'
Sun May 20 18:33:33 2012 Expected Remote Options hash (VER=V4): '530fdded'
Sun May 20 18:33:33 2012 UDPv4 link local: [undef]
Sun May 20 18:33:33 2012 UDPv4 link remote: xxxxxxxxxxx:1194
Sun May 20 18:33:35 2012 TLS: Initial packet from xxxxxxxxx:1194, sid=54eceae1 7d06de00
Sun May 20 18:33:36 2012 VERIFY OK: depth=1, /C=RU/ST=RU/L=Izhevsk/O=ITS/CN=ITS_CA/emailAddress=
Sun May 20 18:33:36 2012 VERIFY OK: depth=0, /C=RU/ST=RU/L=Izhevsk/O=ITS/CN=server/emailAddress=
Sun May 20 18:33:36 2012 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sun May 20 18:33:36 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun May 20 18:33:36 2012 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sun May 20 18:33:36 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun May 20 18:33:36 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sun May 20 18:33:36 2012 [server] Peer Connection Initiated with xxxxxxxxxx:1194
Sun May 20 18:33:39 2012 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Sun May 20 18:33:39 2012 PUSH: Received control message: 'PUSH_REPLY,route 10.18.0.0 255.255.0.0,route 10.10.10.0 255.255.255.0,topology net30,ping 10,ping-restart 120,route 10.18.0.0 255.255.0.0,route 192.168.3.0 255.255.255.0,ifconfig 10.10.10.6 10.10.10.5'
Sun May 20 18:33:39 2012 OPTIONS IMPORT: timers and/or timeouts modified
Sun May 20 18:33:39 2012 OPTIONS IMPORT: --ifconfig/up options modified
Sun May 20 18:33:39 2012 OPTIONS IMPORT: route options modified
Sun May 20 18:33:39 2012 ROUTE default_gateway=46.147.161.2
Sun May 20 18:33:39 2012 TAP-WIN32 device [Подключение по локальной сети 2] opened: \\.\Global\{2627E4BF-1FE1-4E52-90A9-8322917CCC08}.tap
Sun May 20 18:33:39 2012 TAP-Win32 Driver Version 9.9
Sun May 20 18:33:39 2012 TAP-Win32 MTU=1500
Sun May 20 18:33:39 2012 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.10.10.6/255.255.255.252 on interface {2627E4BF-1FE1-4E52-90A9-8322917CCC08} [DHCP-serv: 10.10.10.5, lease-time: 31536000]
Sun May 20 18:33:39 2012 Successful ARP Flush on interface [15] {2627E4BF-1FE1-4E52-90A9-8322917CCC08}
Sun May 20 18:33:44 2012 TEST ROUTES: 4/4 succeeded len=4 ret=1 a=0 u/d=up
Sun May 20 18:33:44 2012 C:\WINDOWS\system32\route.exe ADD 10.18.0.0 MASK 255.255.0.0 10.10.10.5
Sun May 20 18:33:45 2012 ROUTE: route addition failed using CreateIpForwardEntry: Неверны один или несколько аргументов. [status=160 if_index=15]
Sun May 20 18:33:45 2012 Route addition via IPAPI failed [adaptive]
Sun May 20 18:33:45 2012 Route addition fallback to route.exe
ЋЉ
Sun May 20 18:33:46 2012 C:\WINDOWS\system32\route.exe ADD 10.10.10.0 MASK 255.255.255.0 10.10.10.5
Sun May 20 18:33:47 2012 ROUTE: route addition failed using CreateIpForwardEntry: Неверны один или несколько аргументов. [status=160 if_index=15]
Sun May 20 18:33:47 2012 Route addition via IPAPI failed [adaptive]
Sun May 20 18:33:47 2012 Route addition fallback to route.exe

и сам конфиг
cat server.conf
port 1194
proto udp
tls-server
dev tun # используем тип тунеля для интерента ,tap для eternet
ca ca.crt # наши сертификаты
cert server.crt
key server.key
dh dh1024.pem
server 10.10.10.0 255.255.255.0 # собственно наша виртуальная сеть
ifconfig-pool-persist ipp.txt
keepalive 10 120 # пинг каждые 10 сек для поддержания канала связи
comp-lzo # сжатие трафика
max-clients 10 # указываем максимальное кол-во клиентов
persist-key
persist-tun
status openvpn-status.log
log /var/log/openvpn.log
verb 3 # уровень болтливости записей в логи
#local 10.18.112.209 # ип на котором будет слушать порт openvpn сервер
push "route 10.18.0.0 255.255.0.0"
client-to-client
client-config-dir /etc/openvpn/ccd
#route 192.168.3.0 255.255.255.0
#route 192.168.2.0 255.255.255.0

Модерирует : lynx, Crash_Master, dg, emx, ShriEkeR
Версия для печати • Подписаться • Добавить в закладки
Страницы: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138