ITNoob15
28-09-2018, 20:05
Добрый день, столкнулся с проблемой с впн соединением на моем ноутбуке с ос Windows 10, проблема началась примерно 3 недели назад, до этого все было замечательно
Дело в том, что мой ноутбук перестал видеть основной шлюз, который должен выдаваться автоматически подключении к VPN сети через OpenVPN клиент, однако к самой сети подключается и получает IP адрес
Данная проблема исчезает если подключаться через Linux, однако соединение нужно на Винде.
Конфиг клиента, конфиг сервера скинуть не могу так как не имею доступа к нему
client
dev tun
proto udp
remote 193.25.39.50 2222
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
ca ca.crt
cert l.crt
key l.key
comp-lzo
#pull dhcp-options
;route-nopull
;redirect-gateway def1
;route 10.33.21.0 255.255.255.0
;route 192.168.33.0 255.255.255.0
;up /etc/openvpn/update-resolv-conf
;down /etc/openvpn/update-resolv-conf
Fri Sep 28 19:01:35 2018 NOTE: --user option is not implemented on Windows
Fri Sep 28 19:01:35 2018 NOTE: --group option is not implemented on Windows
Fri Sep 28 19:01:35 2018 OpenVPN 2.3.18 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Oct 26 2017
Fri Sep 28 19:01:35 2018 Windows version 6.2 (Windows 8 or greater) 64bit
Fri Sep 28 19:01:35 2018 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10
Enter Management Password:
Fri Sep 28 19:01:36 2018 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Fri Sep 28 19:01:36 2018 UDPv4 link local: [undef]
Fri Sep 28 19:01:36 2018 UDPv4 link remote: [AF_INET]193.25.39.50:2222
Fri Sep 28 19:01:36 2018 WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Fri Sep 28 19:01:36 2018 WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Fri Sep 28 19:01:36 2018 [openvpnGate] Peer Connection Initiated with [AF_INET]193.25.39.50:2222
Fri Sep 28 19:01:39 2018 Options error: --dhcp-option: unknown option type 'DOMAIN-SEARCH' or missing parameter
Fri Sep 28 19:01:39 2018 Options error: --dhcp-option: unknown option type 'DOMAIN-ROUTE' or missing parameter
Fri Sep 28 19:01:39 2018 Options error: --dhcp-option: unknown option type 'DNSSEC' or missing parameter
Fri Sep 28 19:01:39 2018 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Fri Sep 28 19:01:39 2018 open_tun, tt->ipv6=0
Fri Sep 28 19:01:39 2018 TAP-WIN32 device [tap0] opened: \\.\Global\{5BBF4FEF-B215-4534-ADD6-9F09241BF4DF}.tap
Fri Sep 28 19:01:40 2018 NETSH: C:\WINDOWS\system32\netsh.exe interface ip set address tap0 dhcp
Fri Sep 28 19:01:40 2018 Notified TAP-Windows driver to set a DHCP IP/netmask of 192.168.34.6/255.255.255.252 on interface {5BBF4FEF-B215-4534-ADD6-9F09241BF4DF} [DHCP-serv: 192.168.34.5, lease-time: 31536000]
Fri Sep 28 19:01:40 2018 Successful ARP Flush on interface [6] {5BBF4FEF-B215-4534-ADD6-9F09241BF4DF}
Fri Sep 28 19:01:45 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Sep 28 19:01:45 2018 Initialization Sequence Completed
Дело в том, что мой ноутбук перестал видеть основной шлюз, который должен выдаваться автоматически подключении к VPN сети через OpenVPN клиент, однако к самой сети подключается и получает IP адрес
Данная проблема исчезает если подключаться через Linux, однако соединение нужно на Винде.
Конфиг клиента, конфиг сервера скинуть не могу так как не имею доступа к нему
client
dev tun
proto udp
remote 193.25.39.50 2222
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
ca ca.crt
cert l.crt
key l.key
comp-lzo
#pull dhcp-options
;route-nopull
;redirect-gateway def1
;route 10.33.21.0 255.255.255.0
;route 192.168.33.0 255.255.255.0
;up /etc/openvpn/update-resolv-conf
;down /etc/openvpn/update-resolv-conf
Fri Sep 28 19:01:35 2018 NOTE: --user option is not implemented on Windows
Fri Sep 28 19:01:35 2018 NOTE: --group option is not implemented on Windows
Fri Sep 28 19:01:35 2018 OpenVPN 2.3.18 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Oct 26 2017
Fri Sep 28 19:01:35 2018 Windows version 6.2 (Windows 8 or greater) 64bit
Fri Sep 28 19:01:35 2018 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10
Enter Management Password:
Fri Sep 28 19:01:36 2018 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Fri Sep 28 19:01:36 2018 UDPv4 link local: [undef]
Fri Sep 28 19:01:36 2018 UDPv4 link remote: [AF_INET]193.25.39.50:2222
Fri Sep 28 19:01:36 2018 WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Fri Sep 28 19:01:36 2018 WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Fri Sep 28 19:01:36 2018 [openvpnGate] Peer Connection Initiated with [AF_INET]193.25.39.50:2222
Fri Sep 28 19:01:39 2018 Options error: --dhcp-option: unknown option type 'DOMAIN-SEARCH' or missing parameter
Fri Sep 28 19:01:39 2018 Options error: --dhcp-option: unknown option type 'DOMAIN-ROUTE' or missing parameter
Fri Sep 28 19:01:39 2018 Options error: --dhcp-option: unknown option type 'DNSSEC' or missing parameter
Fri Sep 28 19:01:39 2018 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Fri Sep 28 19:01:39 2018 open_tun, tt->ipv6=0
Fri Sep 28 19:01:39 2018 TAP-WIN32 device [tap0] opened: \\.\Global\{5BBF4FEF-B215-4534-ADD6-9F09241BF4DF}.tap
Fri Sep 28 19:01:40 2018 NETSH: C:\WINDOWS\system32\netsh.exe interface ip set address tap0 dhcp
Fri Sep 28 19:01:40 2018 Notified TAP-Windows driver to set a DHCP IP/netmask of 192.168.34.6/255.255.255.252 on interface {5BBF4FEF-B215-4534-ADD6-9F09241BF4DF} [DHCP-serv: 192.168.34.5, lease-time: 31536000]
Fri Sep 28 19:01:40 2018 Successful ARP Flush on interface [6] {5BBF4FEF-B215-4534-ADD6-9F09241BF4DF}
Fri Sep 28 19:01:45 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Sep 28 19:01:45 2018 Initialization Sequence Completed