在Ubuntu上设置openvpn

我有一个webmin运行openvpn与我生成我的客户端密钥和服务器密钥。 在Windows端，我用windows openvpn客户端连接到vpn。 但是，连接保持失败：

login服务器：

Thu Jan 17 11:08:55 2013 OpenVPN 2.2.1 i686-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Mar 30 2012 Thu Jan 17 11:08:55 2013 WARNING: using --duplicate-cn and --client-config-dir together is probably not what you want Thu Jan 17 11:08:55 2013 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet. Thu Jan 17 11:08:55 2013 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Thu Jan 17 11:08:55 2013 WARNING: file 'keys/test/check.key' is group or others accessible Thu Jan 17 11:08:55 2013 TLS-Auth MTU parms [ L:1541 D:140 EF:40 EB:0 ET:0 EL:0 ] Thu Jan 17 11:08:55 2013 WARNING: potential conflict between --local address [192.168.1.100] and --ifconfig address pair [192.168.1.1, 192.168.1.2] -- this is a warning only that is triggered when local/remote addresses exist within the same /24 subnet as --ifconfig endpoints. (silence this warning with --ifconfig-nowarn) Thu Jan 17 11:08:55 2013 WARNING: potential TUN/TAP adapter subnet conflict between local LAN [192.168.1.0/255.255.255.0] and remote VPN [192.168.1.1/255.255.255.255] Thu Jan 17 11:08:55 2013 TUN/TAP device tun0 opened Thu Jan 17 11:08:55 2013 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Thu Jan 17 11:08:55 2013 /sbin/ifconfig tun0 192.168.1.1 pointopoint 192.168.1.2 mtu 1500 Thu Jan 17 11:08:55 2013 WARNING: potential route subnet conflict between local LAN [192.168.1.0/255.255.255.0] and remote VPN [192.168.1.0/255.255.255.0] Thu Jan 17 11:08:55 2013 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:135 ET:0 EL:0 AF:3/1 ] Thu Jan 17 11:08:55 2013 GID set to nogroup Thu Jan 17 11:08:55 2013 UID set to nobody Thu Jan 17 11:08:55 2013 Listening for incoming TCP connection on [AF_INET]192.168.1.100:1194 Thu Jan 17 11:08:55 2013 TCPv4_SERVER link local (bound): [AF_INET]192.168.1.100:1194 Thu Jan 17 11:08:55 2013 TCPv4_SERVER link remote: [undef] Thu Jan 17 11:08:55 2013 Initialization Sequence Completed 

Openvpn客户端日志：

 hu Jan 17 11:03:57 2013 OpenVPN 2.3.0 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Jan 8 2013 Enter Management Password: Thu Jan 17 11:03:57 2013 MANAGEMENT: Socket bind failed on local address [AF_INET]127.0.0.1:25340: Address already in use (WSAEADDRINUSE) Thu Jan 17 11:03:57 2013 Exiting due to fatal error 

我究竟做错了什么？

• 在Open VPN Server上设置Telnetpipe理的问题
• 由于Ubuntu中的选项错误，OpenVPN无法启动
• 将stream量从VPN路由到不同的networking设备
• OpenVPN端口转发模拟一个静态IP
• 创build一个网关服务器通过VPN传递所有客户端

服务器configuration文件：

 port 1194 proto tcp-server dev tun0 ca keys/test/ca.crt cert keys/test/check.crt key keys/test/check.key dh keys/test/dh2048.pem server 192.168.1.0 255.255.255.0 crl-verify keys/test/crl.pem cipher BF-CFB user nobody group nogroup status servers/VPn1/logs/openvpn-status.log log-append servers/VPn1/logs/openvpn.log verb 2 mute 20 max-clients 100 local 192.168.1.100 keepalive 10 120 client-config-dir /etc/openvpn/servers/VPn1/ccd client-to-client duplicate-cn comp-lzo persist-key persist-tun ccd-exclusive 

客户端configuration：

 client proto udp dev tun ca ca.crt dh dh2048.pem cert client1.crt key client1.key remote 192.168.1.100 1194 tls-auth ta.key 1 cipher BF-CFB verb 2 mute 20 keepalive 10 120 comp-lzo persist-key persist-tun float resolv-retry infinite nobind route 192.168.1.0 255.255.255.0 

 Thu Jan 17 11:08:55 2013 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.