pahud / autoddvpn

Automatically exported from code.google.com/p/autoddvpn
0 stars 0 forks source link

求yegle的openvpn的设置方法 #63

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
在yegle那里买的openvpn,设置上好像跟的autoddvpn 的 openvpn 

http://code.google.com/p/autoddvpn/wiki/OpenVPNJFFS

完全不同

server  ip 和 port都无法确定

现在的log是

root@DD-WRT:~# tail -f /tmp/autoddvpn.log
[INFO#359] 01/Jan/1970:00:00:17 log starts
[INFO#359] 01/Jan/1970:00:00:17 openvpn+jffs mode
[INFO#359] 01/Jan/1970:00:00:17 temporarily set date to 20100729 to fix openvpn 
SSL/TLS issue. see http://goo.gl/bb6a
[INFO#359] 10/Aug/1971:07:29:00 modifying /tmp/openvpncl/route-up.sh
[INFO#359] 10/Aug/1971:07:29:00 /tmp/openvpncl/route-up.sh modified
[INFO#359] 10/Aug/1971:07:29:00 modifying /tmp/openvpncl/route-down.sh
[INFO#359] 10/Aug/1971:07:29:00 /tmp/openvpncl/route-down.sh modified
[INFO#359] 10/Aug/1971:07:29:00 ALL DONE. Let's wait for VPN being connected.

求教学

Original issue reported on code.google.com by jno...@gmail.com on 19 Mar 2011 at 2:10

GoogleCodeExporter commented 9 years ago
參考這份教學

http://code.google.com/p/autoddvpn/wiki/OpenVPNManualStartUP

Original comment by pahud...@gmail.com on 19 Mar 2011 at 2:25

GoogleCodeExporter commented 9 years ago
下载了多个 ovpn 文件,用textmate打开

能找到
<connection>
remote 【ip地址】 【端口号】 udp
</connection>

<ca>
-----BEGIN CERTIFICATE-----
【内容】
-----END CERTIFICATE-----
</ca>

<cert>
-----BEGIN CERTIFICATE-----
【内容】
-----END CERTIFICATE-----
</cert>

<key>
-----BEGIN RSA PRIVATE KEY-----
【内容】
-----END RSA PRIVATE KEY-----
</key>

按照wiki 填写好,应该就ok了。

为何还是

root@DD-WRT:~# tail -f /tmp/autoddvpn.log
[INFO#359] 01/Jan/1970:00:00:17 log starts
[INFO#359] 01/Jan/1970:00:00:17 openvpn+jffs mode
[INFO#359] 01/Jan/1970:00:00:17 temporarily set date to 20100729 to fix openvpn 
SSL/TLS issue. see http://goo.gl/bb6a
[INFO#359] 10/Aug/1971:07:29:00 modifying /tmp/openvpncl/route-up.sh
[INFO#359] 10/Aug/1971:07:29:00 /tmp/openvpncl/route-up.sh modified
[INFO#359] 10/Aug/1971:07:29:00 modifying /tmp/openvpncl/route-down.sh
[INFO#359] 10/Aug/1971:07:29:00 /tmp/openvpncl/route-down.sh modified
[INFO#359] 10/Aug/1971:07:29:00 ALL DONE. Let's wait for VPN being connected.

Original comment by jno...@gmail.com on 19 Mar 2011 at 2:29

GoogleCodeExporter commented 9 years ago
应该是要设置

http://code.google.com/p/autoddvpn/wiki/OpenVPNManualStartUP

这个了?

但是部分内容看不懂

要建立这些文件吗?
ca /jffs/openvpn/ca.crt
cert /jffs/openvpn/client.crt
key /jffs/openvpn/client.key

auth-user-pass /jffs/openvpn/password.txt 

文件内的格式是什么?

Original comment by jno...@gmail.com on 19 Mar 2011 at 2:37

GoogleCodeExporter commented 9 years ago
按照这里

http://code.google.com/p/autoddvpn/wiki/OpenVPNManualStartUP

设置的情况下

http://code.google.com/p/autoddvpn/wiki/OpenVPNJFFS

是否还要按照这里设置?

OpenVPNJFFS的部分要设置哪里?不设置哪里?还是全部设置?

Original comment by jno...@gmail.com on 19 Mar 2011 at 2:40

GoogleCodeExporter commented 9 years ago
yegle的openvpn需要設置ManualStartUp方式 
不需要捨得DDWRT的webUI界面。

pasaword.txt 格式為帳戶一行密碼一行

請從 /tmp/openvpn.log 來判讀openvpn是否連上。

Original comment by pahud...@gmail.com on 19 Mar 2011 at 2:47

GoogleCodeExporter commented 9 years ago
建立了

ca /jffs/openvpn/ca.crt
cert /jffs/openvpn/client.crt
key /jffs/openvpn/client.key

auth-user-pass /jffs/openvpn/password.txt 

4个文件

root@DD-WRT:~# killall openvpn
root@DD-WRT:~# openvpn --config /jffs/openvpn/openvpn.conf --verb 5

之后没有output

/tmp/openvpn.log的结果是

root@DD-WRT:~# tail -f /tmp/openvpn.log
Sat Mar 19 23:06:11 2011 us=906922 SIGUSR1[soft,ping-restart] received, process 
restarting
Sat Mar 19 23:06:11 2011 us=907220 Restart pause, 2 second(s)
Sat Mar 19 23:06:13 2011 us=915002 Re-using SSL/TLS context
Sat Mar 19 23:06:13 2011 us=915436 LZO compression initialized
Sat Mar 19 23:06:13 2011 us=917549 Control Channel MTU parms [ L:1542 D:138 
EF:38 EB:0 ET:0 EL:0 ]
Sat Mar 19 23:06:13 2011 us=918180 Socket Buffers: R=[109568->131072] 
S=[109568->131072]
Sat Mar 19 23:06:13 2011 us=918620 Data Channel MTU parms [ L:1542 D:1450 EF:42 
EB:135 ET:0 EL:0 AF:3/1 ]
Sat Mar 19 23:06:13 2011 us=918934 UDPv4 link local (bound): [undef]:1194
Sat Mar 19 23:06:13 2011 us=919331 UDPv4 link remote: 【ip】:【端口】
WWWWWSat Mar 19 23:07:13 2011 us=115055 [UNDEF] Inactivity timeout 
(--ping-restart), restarting
Sat Mar 19 23:07:13 2011 us=116489 TCP/UDP: Closing socket
Sat Mar 19 23:07:13 2011 us=116848 SIGUSR1[soft,ping-restart] received, process 
restarting
Sat Mar 19 23:07:13 2011 us=117146 Restart pause, 2 second(s)
Sat Mar 19 23:07:15 2011 us=125006 Re-using SSL/TLS context
Sat Mar 19 23:07:15 2011 us=125438 LZO compression initialized
Sat Mar 19 23:07:15 2011 us=127407 Control Channel MTU parms [ L:1542 D:138 
EF:38 EB:0 ET:0 EL:0 ]
Sat Mar 19 23:07:15 2011 us=128034 Socket Buffers: R=[109568->131072] 
S=[109568->131072]
Sat Mar 19 23:07:15 2011 us=128474 Data Channel MTU parms [ L:1542 D:1450 EF:42 
EB:135 ET:0 EL:0 AF:3/1 ]
Sat Mar 19 23:07:15 2011 us=128789 UDPv4 link local (bound): [undef]:1194
Sat Mar 19 23:07:15 2011 us=129330 UDPv4 link remote: 【ip】:【端口】
WWWWWSat Mar 19 23:08:15 2011 us=205052 [UNDEF] Inactivity timeout 
(--ping-restart), restarting
Sat Mar 19 23:08:15 2011 us=206489 TCP/UDP: Closing socket
Sat Mar 19 23:08:15 2011 us=206847 SIGUSR1[soft,ping-restart] received, process 
restarting
Sat Mar 19 23:08:15 2011 us=207145 Restart pause, 2 second(s)
Sat Mar 19 23:08:17 2011 us=215006 Re-using SSL/TLS context
Sat Mar 19 23:08:17 2011 us=215441 LZO compression initialized
Sat Mar 19 23:08:17 2011 us=217408 Control Channel MTU parms [ L:1542 D:138 
EF:38 EB:0 ET:0 EL:0 ]
Sat Mar 19 23:08:17 2011 us=218032 Socket Buffers: R=[109568->131072] 
S=[109568->131072]
Sat Mar 19 23:08:17 2011 us=218472 Data Channel MTU parms [ L:1542 D:1450 EF:42 
EB:135 ET:0 EL:0 AF:3/1 ]
Sat Mar 19 23:08:17 2011 us=218785 UDPv4 link local (bound): [undef]:1194
Sat Mar 19 23:08:17 2011 us=219180 UDPv4 link remote: 【ip】:【端口】
WWWWW

还没有重启路由器,这是不是配置失败了?

Original comment by jno...@gmail.com on 19 Mar 2011 at 3:12

GoogleCodeExporter commented 9 years ago
remote <server1_ip_address> 443 udp

remote <server2_ip_address> 53 tcp

只修改了这两行。

是否还需要修改某行?

Original comment by jno...@gmail.com on 19 Mar 2011 at 3:24

GoogleCodeExporter commented 9 years ago
我這邊沒有yegle的帳號,煩請咨詢yegle協助你設置,謝謝

Original comment by pahud...@gmail.com on 19 Mar 2011 at 3:29

GoogleCodeExporter commented 9 years ago
搞定了。

ca /jffs/openvpn/ca.crt
cert /jffs/openvpn/client.crt
key /jffs/openvpn/client.key

被这段误导了

不需要建立3个文件

把

<ca>
-----BEGIN CERTIFICATE-----
【内容】
-----END CERTIFICATE-----
</ca>

<cert>
-----BEGIN CERTIFICATE-----
【内容】
-----END CERTIFICATE-----
</cert>

<key>
-----BEGIN RSA PRIVATE KEY-----
【内容】
-----END RSA PRIVATE KEY-----
</key>

copy到conf最后即可。而yegle的那个是有 4个 
key,我一开始只建立了3个key文件,所以不对了

4个都copy就ok了。

多谢

这个issue可以close了

Original comment by jno...@gmail.com on 20 Mar 2011 at 1:32

GoogleCodeExporter commented 9 years ago

Original comment by pahud...@gmail.com on 21 Mar 2011 at 6:18