Jump to content

Настройте expressVPN на Keenetic Extra (KN-1711)


Recommended Posts

Всем привет,
Извините, но я использую Google Translate для этого сообщения, так как не говорю по-русски.
Сейчас я нахожусь в России и пытаюсь настроить expressVPN в своем Keenetic Extra (KN-1711).
Кажется, что конфигурация работает около 60 секунд, а затем падает.
Это текущие конфигурации (Я заменил URL-адрес сервера и данные для входа на «x»):

dev tun
fast-io
persist-key
persist-tun
nobind
remote xxxxxxxxxxxxx.expressnetw.com 1195
remote-random
pull
comp-lzo no
tls-client
verify-x509-name Server name-prefix
ns-cert-type server
key-direction 1
route-method exe
route-delay 2
tun-mtu 1500
fragment 1300
mssfix 1200
verb 3
cipher AES-256-GCM
auth SHA512
sndbuf 524288
rcvbuf 524288
#auth info hidden
<auth-user-pass>
xxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxx
</auth-user-pass>
<cert>
-----BEGIN CERTIFICATE-----
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN RSA PRIVATE KEY-----
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END RSA PRIVATE KEY-----
</key>
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END OpenVPN Static key V1-----
</tls-auth>
<ca>
-----BEGIN CERTIFICATE-----
xxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END CERTIFICATE-----
</ca>

А это лог роутера:

[I] Jan  5 14:15:23 OpenVPN0: OpenVPN 2.6.0 [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
[I] Jan  5 14:15:23 OpenVPN0: library versions: OpenSSL 3.0.10 1 Aug 2023, LZO 2.10
[W] Jan  5 14:15:23 OpenVPN0: WARNING: --ns-cert-type is DEPRECATED.  Use --remote-cert-tls instead.
[I] Jan  5 14:15:23 OpenVPN0: Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
[I] Jan  5 14:15:23 OpenVPN0: Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
[I] Jan  5 14:15:23 OpenVPN0: Socket Buffers: R=[155648->1048576] S=[155648->1048576]
[I] Jan  5 14:15:23 OpenVPN0: UDPv4 link local: (not bound)
[I] Jan  5 14:15:23 OpenVPN0: UDPv4 link remote: [AF_INET]213.21.226.22:1195
[I] Jan  5 14:15:23 OpenVPN0: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
[I] Jan  5 14:15:23 OpenVPN0: TLS: Initial packet from [AF_INET]213.21.226.22:1195, sid=d93b9fe1 463a01de
[I] Jan  5 14:15:24 OpenVPN0: VERIFY SCRIPT OK: depth=1, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=ExpressVPN CA, emailAddress=support@expressvpn.com
[I] Jan  5 14:15:24 OpenVPN0: VERIFY OK: depth=1, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=ExpressVPN CA, emailAddress=support@expressvpn.com
[I] Jan  5 14:15:24 OpenVPN0: VERIFY OK: nsCertType=SERVER
[I] Jan  5 14:15:24 OpenVPN0: VERIFY X509NAME OK: C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server-11010-0a, emailAddress=support@expressvpn.com
[I] Jan  5 14:15:24 OpenVPN0: VERIFY SCRIPT OK: depth=0, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server-11010-0a, emailAddress=support@expressvpn.com
[I] Jan  5 14:15:24 OpenVPN0: VERIFY OK: depth=0, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server-11010-0a, emailAddress=support@expressvpn.com
[I] Jan  5 14:15:24 OpenVPN0: Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
[I] Jan  5 14:15:24 OpenVPN0: [Server-11010-0a] Peer Connection Initiated with [AF_INET]213.21.226.22:1195
[I] Jan  5 14:15:24 ndm: Network::Interface::EndpointTracker: "OpenVPN0": added a host route to 213.21.226.22 via 10.110.152.129 (FastEthernet0/Vlan2).
[I] Jan  5 14:15:24 OpenVPN0: TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
[I] Jan  5 14:15:24 OpenVPN0: TLS: tls_multi_process: initial untrusted session promoted to trusted
[I] Jan  5 14:15:24 OpenVPN0: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.88.0.1,comp-lzo no,route 10.88.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.88.0.114 10.88.0.113,peer-id 30,cipher AES-256-GCM'
[I] Jan  5 14:15:24 OpenVPN0: OPTIONS IMPORT: timers and/or timeouts modified
[I] Jan  5 14:15:24 OpenVPN0: OPTIONS IMPORT: compression parms modified
[I] Jan  5 14:15:24 OpenVPN0: OPTIONS IMPORT: --ifconfig/up options modified
[I] Jan  5 14:15:24 OpenVPN0: OPTIONS IMPORT: route options modified
[I] Jan  5 14:15:24 OpenVPN0: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
[I] Jan  5 14:15:24 OpenVPN0: OPTIONS IMPORT: peer-id set
[I] Jan  5 14:15:24 OpenVPN0: OPTIONS IMPORT: data channel crypto options modified
[I] Jan  5 14:15:24 OpenVPN0: net_route_v4_best_gw query: dst 0.0.0.0
[I] Jan  5 14:15:24 OpenVPN0: net_route_v4_best_gw result: via 10.110.152.129 dev eth2.2
[I] Jan  5 14:15:24 OpenVPN0: TUN/TAP device tun0 opened
[I] Jan  5 14:15:24 OpenVPN0: net_iface_mtu_set: mtu 1500 for tun0
[I] Jan  5 14:15:24 ndm: Network::Interface::Base: "OpenVPN0": "openvpn" changed "link" layer state "pending" to "running".
[I] Jan  5 14:15:24 ndm: Network::Interface::Base: "OpenVPN0": "ip" changed "ipv4" layer state "disabled" to "running".
[I] Jan  5 14:15:24 ndm: Network::Interface::Ip: "OpenVPN0": IP address is 10.88.0.114/32.
[I] Jan  5 14:15:24 ndm: OpenVpn::FeedbackHandler: "OpenVPN0": TUN peer address is 10.88.0.113.
[I] Jan  5 14:15:24 ndm: OpenVpn::Routing4: "OpenVPN0": added host route to peer 10.88.0.113 via 10.88.0.114.
[I] Jan  5 14:15:24 OpenVPN0: /tmp/openvpn/OpenVPN0/openvpn-up tun0 1500 0 10.88.0.114 10.88.0.113 init
[I] Jan  5 14:15:25 OpenVPN0: Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
[I] Jan  5 14:15:25 OpenVPN0: Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
[I] Jan  5 14:15:25 ndm: Http::Nginx: loaded SSL certificate for "00312948f1bf6f14505c120c.keenetic.io".
[I] Jan  5 14:15:25 ndm: Core::Server: started Session /var/run/ndm.core.socket.
[I] Jan  5 14:15:25 ndm: Core::Session: client disconnected.
[I] Jan  5 14:15:26 ndm: Http::Manager: updated configuration.
[I] Jan  5 14:15:26 ndm: Core::Server: started Session /var/run/ndm.core.socket.
[I] Jan  5 14:15:26 ndm: Core::Session: client disconnected.
[I] Jan  5 14:15:27 OpenVPN0: net_route_v4_add: 0.0.0.0/1 via 10.88.0.113 dev [NULL] table 0 metric -1
[I] Jan  5 14:15:27 OpenVPN0: net_route_v4_add: 128.0.0.0/1 via 10.88.0.113 dev [NULL] table 0 metric -1
[I] Jan  5 14:15:27 ndm: Network::Interface::Ip: "OpenVPN0": interface "OpenVPN0" is global, priority 57429.
[I] Jan  5 14:15:27 ndm: Network::Interface::Ip: "OpenVPN0": adding default route via OpenVPN0 (10.88.0.114).
[I] Jan  5 14:15:27 OpenVPN0: net_route_v4_add: 10.88.0.1/32 via 10.88.0.113 dev [NULL] table 0 metric -1
[I] Jan  5 14:15:27 ndm: OpenVpn::Routing4: "OpenVPN0": install accepted route to 10.88.0.1/255.255.255.255 via 10.88.0.114.
[I] Jan  5 14:15:27 ndm: Network::InterfaceFlusher: flushed IPv4 FastEthernet0/Vlan2 conntrack and route cache.
[I] Jan  5 14:15:27 ndm: Network::InternetChecker: Internet access lost (status: 0x0000).
[I] Jan  5 14:15:27 ndm: Dns::InterfaceSpecific: adding name server 10.88.0.1.
[I] Jan  5 14:15:27 ndm: Dns::InterfaceSpecific: "OpenVPN0": adding a host route to name server 10.88.0.1 (via 10.88.0.113).
[I] Jan  5 14:15:27 ndm: Dns::InterfaceSpecific: "OpenVPN0": host route for name server 10.88.0.1 added.
[I] Jan  5 14:15:27 ndm: Dns::InterfaceSpecific: "OpenVPN0": name server 10.88.0.1 added, domain (default).
[I] Jan  5 14:15:27 OpenVPN0: UID set to nobody
[I] Jan  5 14:15:27 OpenVPN0: GID set to nobody
[I] Jan  5 14:15:27 OpenVPN0: Capabilities retained: CAP_NET_ADMIN
[I] Jan  5 14:15:27 OpenVPN0: Initialization Sequence Completed
[I] Jan  5 14:15:29 upnp: shutting down MiniUPnPd
[I] Jan  5 14:15:29 ndm: Core::Session: client disconnected.
[I] Jan  5 14:15:29 upnp: shutting down MiniUPnPd
[I] Jan  5 14:15:29 ndm: Core::Session: client disconnected.
[I] Jan  5 14:15:31 ndm: Core::Server: started Session /var/run/ndm.core.socket.
[I] Jan  5 14:15:31 upnp: HTTP listening on port 1900
[I] Jan  5 14:15:31 upnp: Listening for NAT-PMP/PCP traffic on port 5351
[I] Jan  5 14:15:31 ndm: Core::Server: started Session /var/run/ndm.core.socket.
[I] Jan  5 14:15:31 upnp: HTTP listening on port 1900
[I] Jan  5 14:15:31 upnp: Listening for NAT-PMP/PCP traffic on port 5351
[I] Jan  5 14:16:24 OpenVPN0: [Server-11010-0a] Inactivity timeout (--ping-restart), restarting
[I] Jan  5 14:16:24 OpenVPN0: net_route_v4_del: 10.88.0.1/32 via 10.88.0.113 dev [NULL] table 0 metric -1
[I] Jan  5 14:16:24 ndm: Network::RoutingTable: deleted route: 10.88.0.1/32 via 10.88.0.113 (OpenVPN0).
[I] Jan  5 14:16:24 ndm: OpenVpn::Routing4: "OpenVPN0": remove installed accepted route to 10.88.0.1/255.255.255.255 via 10.88.0.114.
[I] Jan  5 14:16:24 OpenVPN0: net_route_v4_del: 0.0.0.0/1 via 10.88.0.113 dev [NULL] table 0 metric -1
[I] Jan  5 14:16:24 ndm: Network::Interface::Ip: "OpenVPN0": removing default route via OpenVPN0.
[I] Jan  5 14:16:24 OpenVPN0: net_route_v4_del: 128.0.0.0/1 via 10.88.0.113 dev [NULL] table 0 metric -1
[I] Jan  5 14:16:24 OpenVPN0: /tmp/openvpn/OpenVPN0/openvpn-down tun0 1500 0 10.88.0.114 10.88.0.113 init
[I] Jan  5 14:16:24 ndm: Network::InterfaceFlusher: flushed IPv4 OpenVPN0 conntrack and route cache.
[I] Jan  5 14:16:24 ndm: Network::InternetChecker: Internet access detected.
[I] Jan  5 14:16:24 ndm: Network::Interface::Base: "OpenVPN0": "openvpn" changed "link" layer state "running" to "pending".
[I] Jan  5 14:16:24 OpenVPN0: Closing TUN/TAP interface
[I] Jan  5 14:16:24 ndm: Network::Interface::Ip: "OpenVPN0": IP address cleared.
[I] Jan  5 14:16:24 OpenVPN0: SIGTERM[soft,ping-restart] received, process exiting

После этого он пытается переподключиться снова, и снова, и снова... есть идеи? Спасибо

 

Edited by Simone87
Link to comment
Share on other sites

  • Simone87 changed the title to Настройте expressVPN на Keenetic Extra (KN-1711)

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...