我最近安装了openVPN,并使用我的client1.ovpn文件进行configuration:
client dev tun proto udp remote 10.8.0.1 1194 resolv-retry infinite nobind user nobody group nogroup persist-key persist-tun key-direction 1 cipher AES-128-CBC auth SHA256 comp-lzo verb 3 script-security 2 up /etc/openvpn/update-resolv-conf down /etc/openvpn/update-resolv-conf 我的server.conf文件:
port 1194 proto udp dev tun ca ca.crt cert server.crt key server.key dh dh2048.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 208.67.222.222" push "dhcp-option DNS 208.67.220.220" keepalive 10 120 tls-auth ta.key 0 # This file is secret key-direction 0 cipher AES-128-CBC # AES auth SHA256 comp-lzo user nobody group nogroup persist-key persist-tun status openvpn-status.log verb 3
当我做命令
sudo openvpn --config client1.ovpn
我在terminal出现这个错误:
Sat Aug 12 21:57:10 2017 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017 Sat Aug 12 21:57:10 2017 library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08 Sat Aug 12 21:57:10 2017 Control Channel Authentication: tls-auth using INLINE static key file Sat Aug 12 21:57:10 2017 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication Sat Aug 12 21:57:10 2017 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication Sat Aug 12 21:57:10 2017 Socket Buffers: R=[212992->212992] S=[212992- >212992] Sat Aug 12 21:57:10 2017 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay Sat Aug 12 21:57:10 2017 UDPv4 link local: [undef] Sat Aug 12 21:57:10 2017 UDPv4 link remote: [AF_INET]10.8.0.1:1194 Sat Aug 12 21:57:10 2017 TLS: Initial packet from [AF_INET]10.8.0.1:1194, sid=640d1419 b8d9a3ee Sat Aug 12 21:57:10 2017 VERIFY OK: depth=1, C=US, ST=CA, L=Los Angeles, O=Fort-Funston, OU=Community, CN=Fort-Funston CA, name=Server, [email protected] Sat Aug 12 21:57:10 2017 Validating certificate key usage Sat Aug 12 21:57:10 2017 ++ Certificate has key usage 00a0, expects 00a0 Sat Aug 12 21:57:10 2017 VERIFY KU OK Sat Aug 12 21:57:10 2017 Validating certificate extended key usage Sat Aug 12 21:57:10 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication Sat Aug 12 21:57:10 2017 VERIFY EKU OK Sat Aug 12 21:57:10 2017 VERIFY OK: depth=0, C=US, ST=CA, L=Los Angeles, O=Fort-Funston, OU=Community, CN=Ryan, name=Server, [email protected] Sat Aug 12 21:57:10 2017 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key Sat Aug 12 21:57:10 2017 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication Sat Aug 12 21:57:10 2017 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key Sat Aug 12 21:57:10 2017 Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication Sat Aug 12 21:57:10 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA Sat Aug 12 21:57:10 2017 [Ryan] Peer Connection Initiated with [AF_INET]10.8.0.1:1194 Sat Aug 12 21:57:12 2017 SENT CONTROL [Ryan]: 'PUSH_REQUEST' (status=1) Sat Aug 12 21:57:12 2017 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: timers and/or timeouts modified Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: --ifconfig/up options modified Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: route options modified Sat Aug 12 21:57:12 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp- option options modified Sat Aug 12 21:57:12 2017 WARNING: potential conflict between --remote address [10.8.0.1] and --ifconfig address pair [10.8.0.6, 10.8.0.5] -- this is a warning only that is triggered when local/remote addresses exist within the same /24 subnet as --ifconfig endpoints. (silence this warning with --ifconfig-nowarn) Sat Aug 12 21:57:12 2017 ROUTE_GATEWAY 10.15.65.1/255.255.255.0 IFACE=wlp1s0 HWADDR=d0:57:7b:09:c7:c0 Sat Aug 12 21:57:12 2017 TUN/TAP device tun1 opened Sat Aug 12 21:57:12 2017 TUN/TAP TX queue length set to 100 Sat Aug 12 21:57:12 2017 do_ifconfig, tt->ipv6=0, tt- >did_ifconfig_ipv6_setup=0 Sat Aug 12 21:57:12 2017 /sbin/ip link set dev tun1 up mtu 1500 Sat Aug 12 21:57:12 2017 /sbin/ip addr add dev tun1 local 10.8.0.6 peer 10.8.0.5 Sat Aug 12 21:57:12 2017 /sbin/ip route add 10.8.0.1/32 via 10.15.65.1 RTNETLINK answers: File exists Sat Aug 12 21:57:12 2017 ERROR: Linux route add command failed: external program exited with error status: 2 Sat Aug 12 21:57:12 2017 /sbin/ip route add 0.0.0.0/1 via 10.8.0.5 Sat Aug 12 21:57:12 2017 /sbin/ip route add 128.0.0.0/1 via 10.8.0.5 Sat Aug 12 21:57:12 2017 /sbin/ip route add 10.8.0.1/32 via 10.8.0.5 RTNETLINK answers: File exists Sat Aug 12 21:57:12 2017 ERROR: Linux route add command failed: external program exited with error status: 2 Sat Aug 12 21:57:12 2017 GID set to nogroup Sat Aug 12 21:57:12 2017 UID set to nobody Sat Aug 12 21:57:12 2017 Initialization Sequence Completed
在terminal中使用openvpn时,我也无法连接到互联网。 直到我能够再次连接到互联网之前,我才打crtl + c。
ctrl + c后,我也得到这些错误:
^CSat Aug 12 21:57:56 2017 event_wait : Interrupted system call (code=4) Sat Aug 12 21:57:56 2017 /sbin/ip route del 10.8.0.1/32 RTNETLINK answers: Operation not permitted Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed: external program exited with error status: 2 Sat Aug 12 21:57:56 2017 /sbin/ip route del 0.0.0.0/1 RTNETLINK answers: Operation not permitted Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed: external program exited with error status: 2 Sat Aug 12 21:57:56 2017 /sbin/ip route del 128.0.0.0/1 RTNETLINK answers: Operation not permitted Sat Aug 12 21:57:56 2017 ERROR: Linux route delete command failed: external program exited with error status: 2 Sat Aug 12 21:57:56 2017 Closing TUN/TAP interface Sat Aug 12 21:57:56 2017 /sbin/ip addr del dev tun1 local 10.8.0.6 peer 10.8.0.5 RTNETLINK answers: Operation not permitted Sat Aug 12 21:57:56 2017 Linux ip addr del failed: external program exited with error status: 2 Sat Aug 12 21:57:56 2017 SIGINT[hard,] received, process exiting
我一直试图find这个问题的答案很多,谷歌已经没有运气。
什么导致这个错误“错误:Linux路由添加命令失败:外部程序退出错误状态:2”
以及什么使我无法连接到互联网使用时。 谢谢。