C:\Program Files\OpenVPN\sample-config\client.ovpnをC:\Program Files\OpenVPN\configにコピーし、設定変更。
DDNSでdebian.mydns.jpを取得しているとする。
client.ovpnを編集。
# The hostname/IP and port of the server. # You can have multiple remote entries # to load balance between the servers. remote debian.mydns.jp 1194 ;remote my-server-2 1194
クライアント名はClientWin。C:\Program Files\OpenVPN\configに、OpenVPNサーバからコピーしたca.crt, ClientWin.crt, ClientWin.keyを置く。
# SSL/TLS parms. # See the server config file for more # description. It's best to use # a separate .crt/.key file pair # for each client. A single ca # file can be used for all clients. ca ca.crt cert ClientWin.crt key ClientWin.key
設定終了。
スタートメニュー > すべてのプログラム > OpenVPN > OpenVPN GUIを起動。右下のトレイにアイコンが出る。右クリックでConnectを選択。
Wed Jan 16 20:43:10 2008 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct 1 2006 Wed Jan 16 20:43:10 2008 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Wed Jan 16 20:43:10 2008 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Wed Jan 16 20:43:16 2008 LZO compression initialized Wed Jan 16 20:43:16 2008 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] Wed Jan 16 20:43:18 2008 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Wed Jan 16 20:43:18 2008 Local Options hash (VER=V4): '41690919' Wed Jan 16 20:43:18 2008 Expected Remote Options hash (VER=V4): '530fdded' Wed Jan 16 20:43:18 2008 UDPv4 link local: [undef] Wed Jan 16 20:43:18 2008 UDPv4 link remote: 211.***.***.***:1194 Wed Jan 16 20:44:17 2008 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Wed Jan 16 20:44:17 2008 TLS Error: TLS handshake failed Wed Jan 16 20:44:17 2008 TCP/UDP: Closing socket Wed Jan 16 20:44:17 2008 SIGUSR1[soft,tls-error] received, process restarting Wed Jan 16 20:44:17 2008 Restart pause, 2 second(s) Wed Jan 16 20:44:19 2008 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Wed Jan 16 20:44:19 2008 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Wed Jan 16 20:44:19 2008 Re-using SSL/TLS context Wed Jan 16 20:44:19 2008 LZO compression initialized Wed Jan 16 20:44:19 2008 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] Wed Jan 16 20:44:19 2008 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Wed Jan 16 20:44:19 2008 Local Options hash (VER=V4): '41690919' Wed Jan 16 20:44:19 2008 Expected Remote Options hash (VER=V4): '530fdded' Wed Jan 16 20:44:19 2008 UDPv4 link local: [undef] Wed Jan 16 20:44:19 2008 UDPv4 link remote: 211.***.***.***:1194 Wed Jan 16 20:45:15 2008 TCP/UDP: Closing socket Wed Jan 16 20:45:15 2008 SIGTERM[hard,] received, process exiting
?
繋がらない。
ルータのfirewallも設定したのになぁ。
あれ?ログにポート1194宛パケットの廃棄ログが。
しまった!TCPを開ける設定にしていた。UDPを開けないと!