Citace od: radek_drOvšem to je problém všech dister, bohužel tvůrci se domnívají, že vědí nejlépe, co uživatel potřebuje, jenže opak je pravdou.Holt bolševici.
tail -f /var/log/openvpn/openvpn.log
Thu Jan 20 10:53:33 2022 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 28 2021
Thu Jan 20 10:53:33 2022 library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10
Thu Jan 20 10:53:33 2022 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jan 20 10:53:33 2022 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jan 20 10:53:33 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]90.64.250.169:1194
Thu Jan 20 10:53:33 2022 Socket Buffers: R=[212992->212992] S=[212992->212992]
Thu Jan 20 10:53:33 2022 UDP link local: (not bound)
Thu Jan 20 10:53:33 2022 UDP link remote: [AF_INET]90.64.250.169:1194
Thu Jan 20 10:53:33 2022 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Thu Jan 20 10:54:33 2022 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Jan 20 10:54:33 2022 TLS Error: TLS handshake failed
Thu Jan 20 10:54:33 2022 SIGUSR1[soft,tls-error] received, process restarting
Thu Jan 20 10:54:33 2022 Restart pause, 5 second(s)
Thu Jan 20 10:54:38 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]90.64.250.169:1194
Thu Jan 20 10:54:38 2022 Socket Buffers: R=[212992->212992] S=[212992->212992]
Thu Jan 20 10:54:38 2022 UDP link local: (not bound)
Thu Jan 20 10:54:38 2022 UDP link remote: [AF_INET]90.64.250.169:1194
client
dev tun
proto udp
remote 90.64.250.169 1194
route-nopull
pull-filter ignore "dhcp-option DNS"
resolv-retry infinite
;route 10.8.0.0 255.255.255.0
nobind
user nobody
group nogroup
persist-key
persist-tun
redirect-gateway
ca /etc/openvpn/client/ca.crt
cert /etc/openvpn/client/mikilap.crt
key /etc/openvpn/client/mikilap.key
remote-cert-tls server
tls-auth ta.key 1
cipher AES-256-CBC
status /var/log/openvpn/openvpn-status.log
log /var/log/openvpn/openvpn.log
log-append /var/log/openvpn/openvpn.log
verb 3
tail -f /var/log/openvpn/openvpn.log
Wed Jan 19 23:44:41 2022 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 28 2021
Wed Jan 19 23:44:41 2022 library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10
Wed Jan 19 23:44:41 2022 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Jan 19 23:44:41 2022 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Jan 19 23:44:41 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]90.64.250.169:1194
Wed Jan 19 23:44:41 2022 Socket Buffers: R=[212992->212992] S=[212992->212992]
Wed Jan 19 23:44:41 2022 UDP link local: (not bound)
Wed Jan 19 23:44:41 2022 UDP link remote: [AF_INET]90.64.250.169:1194
Wed Jan 19 23:44:41 2022 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
/etc/openvpn/server# tail /var/log/openvpn/openvpn.log
UDPv4 link local (bound): [AF_INET][undef]:1194
UDPv4 link remote: [AF_UNSPEC]
GID set to nogroup
UID set to nobody
MULTI: multi_init called, r=256 v=256
IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Initialization Sequence Completed
TLS Error: cannot locate HMAC in incoming packet from [AF_INET]192.168.1.1:52308
TLS Error: cannot locate HMAC in incoming packet from [AF_INET]192.168.1.1:52308
TLS Error: cannot locate HMAC in incoming packet from [AF_INET]192.168.1.1:52308
root@debianeee:/etc/openvpn/server# systemctl status openvpn-server@server
● openvpn-server@server.service - OpenVPN service for server
Loaded: loaded (/lib/systemd/system/openvpn-server@.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2022-01-19 23:30:48 CET; 41s ago
Docs: man:openvpn(8)
https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
https://community.openvpn.net/openvpn/wiki/HOWTO
Main PID: 22388 (openvpn)
Status: "Initialization Sequence Completed"
Tasks: 1 (limit: 2304)
Memory: 872.0K
CGroup: /system.slice/system-openvpn\x2dserver.slice/openvpn-server@server.service
└─22388 /usr/sbin/openvpn --status /run/openvpn-server/status-server.log --status-version 2 --suppress-timestamps --config server.conf
jan 19 23:30:48 debianeee systemd[1]: Starting OpenVPN service for server...
jan 19 23:30:48 debianeee systemd[1]: Started OpenVPN service for server.