Jump to content

OpenVPN подключение отваливается раз в минуту


Recommended Posts

Добрый день, есть OpenVPN сервер на роутере микротик, есть клиент на Keenetic 4G (KN-1210), подключение осуществляется, но раз в минуту выбивает, в логах кинетика видно что клиент дисконектиться и все. 

В консоли  микротика пишет следующее.

14:32:08 echo: ovpn,debug,error,,,,,,,,,l2tp,info,,derning duplicate packet, dropping

При этом паралельно к микротику  подключен комп с клиентом openVPN и там таких проблем нет. Конфиг на кинетике

client
dev tun
proto tcp
remote IP ADDR 1194
resolv-retry infinite
nobind
persist-key
persist-tun
cipher aes-256-cbc
auth sha1
tls-client
remote-cert-tls server
<auth-user-pass>
user
pass
</auth-user-pass>
comp-lzo
verb 1
reneg-sec 0
disable-occ
<ca>
-----BEGIN CERTIFICATE-----

-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----

-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----

-----END ENCRYPTED PRIVATE KEY-----
</key>

Закрытый ключ выгружался с микротика с паролем, но пароль был задан password как указано на сайте кинетика, что если сертификат с паролем, то воспринимается только такой пароль.

 

Link to comment
Share on other sites

Вычленял, вот лог подключения, вроде бы ничего не упустил от начала до конца.

[I] Nov 11 14:23:58 OpenVPN0: OpenVPN 2.4.6 [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [AEAD]
[I] Nov 11 14:23:58 OpenVPN0: library versions: OpenSSL 1.1.1h  22 Sep 2020, LZO 2.10
[W] Nov 11 14:23:58 OpenVPN0: using default password "password" for pkcs file
[I] Nov 11 14:23:58 OpenVPN0: Attempting to establish TCP connection with [AF_INET]VPN SERV:1194 [nonblock]
[I] Nov 11 14:23:59 OpenVPN0: TCP connection established with [AF_INET]VPN SERV:1194
[I] Nov 11 14:23:59 OpenVPN0: TCP_CLIENT link local: (not bound)
[I] Nov 11 14:23:59 OpenVPN0: TCP_CLIENT link remote: [AF_INET]VPN SERV:1194
[I] Nov 11 14:23:59 OpenVPN0: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
[I] Nov 11 14:24:03 OpenVPN0: [ovpn-server] Peer Connection Initiated with [AF_INET]VPN SERV:1194
[I] Nov 11 14:24:03 ndm: Network::Interface::OpenVpn: "OpenVPN0": connecting via ISP (FastEthernet0/Vlan2).
[I] Nov 11 14:24:03 ndm: Network::Interface::OpenVpn: "OpenVPN0": added host route to remote endpoint VPN SERV via VPN CLIENT.
[I] Nov 11 14:24:15 OpenVPN0: TUN/TAP device tun0 opened
[I] Nov 11 14:24:15 OpenVPN0: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
[I] Nov 11 14:24:15 ndm: Network::Interface::Ip: "OpenVPN0": IP address is 172.16.10.187/24.
[I] Nov 11 14:24:15 OpenVPN0: GID set to nobody
[I] Nov 11 14:24:15 OpenVPN0: UID set to nobody
[I] Nov 11 14:24:15 OpenVPN0: Initialization Sequence Completed
[I] Nov 11 14:24:16 ndm: Http::Nginx: loaded SSL certificate for "f214fee853903e5610c69e76.keenetic.io".
[I] Nov 11 14:24:16 ndm: Core::Server: started Session /var/run/ndm.core.socket.
[I] Nov 11 14:24:16 ndm: Core::Session: client disconnected.
[I] Nov 11 14:24:16 ndm: Http::Manager: updated configuration.
[I] Nov 11 14:24:16 ndm: Core::Server: started Session /var/run/ndm.core.socket.
[I] Nov 11 14:24:16 ndm: Core::Session: client disconnected.
[I] Nov 11 14:25:15 OpenVPN0: [ovpn-server] Inactivity timeout (--ping-restart), restarting
[I] Nov 11 14:25:15 OpenVPN0: SIGUSR1[soft,ping-restart] received, process restarting
[I] Nov 11 14:25:15 ndm: Network::Interface::Ip: "OpenVPN0": IP address cleared.
[I] Nov 11 14:25:15 OpenVPN0: SIGINT[hard,init_instance] received, process exiting
[I] Nov 11 14:25:16 ndm: Http::Nginx: loaded SSL certificate for "f214fee853903e5610c69e76.keenetic.io".
[I] Nov 11 14:25:17 ndm: Core::Server: started Session /var/run/ndm.core.socket.
[I] Nov 11 14:25:17 ndm: Core::Session: client disconnected.

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...