D
D
dsslesarev2020-03-15 17:16:42
openvpn
dsslesarev, 2020-03-15 17:16:42

asus problem, not connecting to openvpn server?

Hello! I can't connect, ASUS router to openvpn server on debian, gives such errors, who will say what? How to fix?

server.conf


port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh.pem
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist /var/log/openvpn/ipp.txt
## pass routes clients (networks for example)
## can be sent to all at once, or selectively in ccd /
clientX files " ;push "redirect-gateway def1 bypass-dhcp" ;push "dhcp-option DNS 208.67.222.222" ;push "dhcp-option DNS 208.67.220.220" client-config-dir ccd
##
routing
for
the server , if
needed cipher AES-128-CBC comp-lzo persist-key persist-tun status /var/log/openvpn/openvpn-status.log log /var/log/openvpn/openvpn.log log-append /var/log/openvpn/openvpn .log verb 3 explicit-exit-notify 1 sndbuf 524288 rcvbuf 524288 push "sndbuf 524288" push "rcvbuf 524288" # auth-user-pass-verify /etc/openvpn/verify.sh via-file
client-cert-not-required
username-as-common-name
tmp-dir /tmp
script-security 2


Logs from the server:

TLS: Initial packet from [AF_INET]109.252.239.254:49032, sid=ed5f2180 d28f90cf
TLS error: Unsupported protocol. This typically indicates that client and server have no common TLS version enabled. Thi$
OpenSSL: error:14209102:SSL routines:tls_early_post_process_client_hello:unsupported protocol
TLS_ERROR: BIO read tls_read_plaintext error
TLS Error: TLS object -> incoming plaintext read error
TLS Error: TLS handshake failed
SIGUSR1[soft,tls-error] received, client- instance restarting


Client config:

client
dev tun
proto udp
remote 1194
resolv-retry infinite
nobind
persist-key
persist-tun
auth-nocache
auth-user-pass
remote-cert-tls server
cipher aes-128-cbc
auth SHA1
comp-lzo
tls-client
remote-cert- tls server
key-direction 1

Answer the question

In order to leave comments, you need to log in

1 answer(s)
M
mureevms, 2020-03-15
@mureevms

Директива remote в конфиге клиента указывает на хост, а не на порт. Или хост и порт через пробел.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question