ubuntu下的OPEN VPN服务器(三)
ubuntu下的OPEN VPN服务器(三)
5、Windows XP Client端
下載並安裝openvpn-gui
http://openvpn.se/files/install_packages/openvpn-2.0.2-gui-1.0.3-install.exe
取得伺服器的
client.conf
ca.crt
kiko.crt
kiko.key
給client kiko使用
將client.conf適度修改指向
ca.crt
kiko.crt
kiko.key
的正確位置,然後更改檔名為
client.ovpn放置在
d:\tool\openvpn\
文件夹名字中最好不要有空格,我最先是放置在
C:\Program Files\OpenVPN\config
下的,结果老是报错说找不到这些文件。就改到d盘去了。
client.ovpn文件如下:
#client.ovpn
client
dev tap
#proto udp
proto tcp
# change this to your server's address
remote 192.168.50.253 1194
resolv-retry infinite
nobind
persist-key
persist-tun
# Point the key and crt files to
# the ones for this user
tls-client
ca D:\\tool\\openvpn\\ca.crt
cert D:\\tool\\openvpn\\kiko.crt
key D:\\tool\\openvpn\\kiko.key
#ensure that we are talking to a server
ns-cert-type server
#confirm we are talking to the correct server
#tls-auth ta.key 1
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
cipher AES-128-CBC
# Enable compression on the VPN link.
comp-lzo
#fragment large packets
# I found I needed this for some games but it is
# not required
#fragment 1400
# enable user/pass authentication
# auth-user-pass
连接时,服务器报错如下:
Thu Aug 21 14:17:23 2008 192.168.50.103:1755 TLS Error: Auth Username/Password was not provided by peer
Thu Aug 21 14:17:23 2008 192.168.50.103:1755 TLS Error: TLS handshake failed
Thu Aug 21 14:17:23 2008 192.168.50.103:1755 Fatal TLS error (check_tls_errors_co), restarting
Thu Aug 21 14:17:23 2008 192.168.50.103:1755 SIGUSR1[soft,tls-error] received, client-instance restarting
这个错误的解决办法如下:
1、修改服务器端配置
server.conf如下
tls-auth /etc/openvpn/2.0/ta.key 0
2、修改客户端配置
client.conf如下
tls-auth D:\\tool\\openvpn\\ta.key 1
auth-user-pass
当然要把这个ta.key从服务器上下载过来咯。
3、登陆时输入用户名
kiko 密码 就可以登陆了
