Jump to content

Recommended Posts

Posted (edited)

Здравствуйте, есть загвоздка в настройке OpenVPN клиента Keenetic Giga III с PFsense в режиме  [Site to site/peer to peer SSL/TLC]

Клиент:

OpenVPN client в режиме Remote Access подключается:  

dev tun
persist-tun
persist-key
cipher AES-256-CBC
auth SHA1
tls-client
client
resolv-retry infinite
remote domain.com 1196 udp
verify-x509-name "CA-OpenVPN" name
auth-user-pass
remote-cert-tls server

<ca>
-----BEGIN CERTIFICATE-----
>>>>
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
>>>>
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
>>>>
-----END PRIVATE KEY-----
</key>
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
>>>>
-----END OpenVPN Static key V1-----
</tls-auth>
key-direction 1

В режиме [Site to site/peer to peer SSL/TLC] ошибки:

dev tun
persist-tun
persist-key
cipher AES-256-CBC
auth SHA1
tls-client
client
resolv-retry infinite
remote domain.com 1196 udp
verify-x509-name "CA-OpenVPN" name
remote-cert-tls server

<ca>
-----BEGIN CERTIFICATE-----
>>>>
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
>>>>
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
>>>>
-----END PRIVATE KEY-----
</key>
<tls-auth>
#
# 2048 bit OpenVPN static key
#
>>>>
-----END OpenVPN Static key V1-----
</tls-auth>
NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
TLS Error: TLS handshake failed

Подскажите пожалуйста, как добиться работы OpenVPN в режиме [Site to site/peer to peer]?

Чтобы у локальной сети [OpenVPN Server] был доступ в локальную сеть [OpenVPN Client] и наоборот

Спасибо!?

Edited by mic.bummer
  • 6 months later...
Posted

День добрый. Такая же ошибка в режиме [Site to site/peer to peer SSL/TLC]

Добились какого нибудь результата?

  • 3 weeks later...
Posted
В 08.05.2019 в 14:35, Роман Хитров сказал:

День добрый. Такая же ошибка в режиме [Site to site/peer to peer SSL/TLC]

Добились какого нибудь результата?

+ параметр сервера

client-to-client

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

This site uses cookies. By clicking "I accept" or continuing to browse the site, you authorize their use in accordance with the Privacy Policy.