Элтекс

Коллеги, добры день
Выполняю настройки OpenVPN сервера на маршрутизаторе EAR21

Выполнил все настройки по инструкции.
Не устанавливается соединение с сервером OpenVPN.

interface gigabitethernet 1/0/1
description "TO_SW-ISP"
security-zone untrusted
ip address 192.168.7.50/24
exit

security zone-pair VPN untrusted
rule 10
action permit
enable
exit
exit


remote-access openvpn SERVER_OPENVPN
network 10.253.253.0/24
protocol tcp
tunnel ip
route 10.133.251.0/29
encryption algorithm aes256
authentication algorithm sha-256
certificate ca ca.crt
certificate dh dh.pem
certificate server-key server.key
certificate server-crt server.crt
certificate ta ta.key
security-zone VPN
enable
exit

Конфигурация клиента
client
remote 192.168.7.50 1194
proto tcp
dev tun
remote-cert-tls server
ca ca.crt
cert client.crt
key client.key
tls-auth ta.key 1
cipher AES-256-CBC
auth SHA256
verb 3

Лог с клиента

2021-11-25 16:20:04 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2021-11-25 16:20:04 OpenVPN 2.5.4 Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Oct 20 2021
2021-11-25 16:20:04 Windows version 10.0 (Windows 10 or greater) 64bit
2021-11-25 16:20:04 library versions: OpenSSL 1.1.1l 24 Aug 2021, LZO 2.10
2021-11-25 16:20:04 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
2021-11-25 16:20:04 Need hold release from management interface, waiting...
2021-11-25 16:20:04 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
2021-11-25 16:20:04 MANAGEMENT: CMD 'state on'
2021-11-25 16:20:04 MANAGEMENT: CMD 'log all on'
2021-11-25 16:20:04 MANAGEMENT: CMD 'echo all on'
2021-11-25 16:20:04 MANAGEMENT: CMD 'bytecount 5'
2021-11-25 16:20:04 MANAGEMENT: CMD 'hold off'
2021-11-25 16:20:04 MANAGEMENT: CMD 'hold release'
2021-11-25 16:20:04 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
2021-11-25 16:20:04 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
2021-11-25 16:20:04 TCP/UDP: Preserving recently used remote address: [AF_INET]192.168.7.50:1194
2021-11-25 16:20:04 Socket Buffers: R=[65536->65536] S=[65536->65536]
2021-11-25 16:20:04 Attempting to establish TCP connection with [AF_INET]192.168.7.50:1194 [nonblock]
2021-11-25 16:20:04 MANAGEMENT: >STATE:1637846404,TCP_CONNECT,,,,,,
2021-11-25 16:20:04 TCP connection established with [AF_INET]192.168.7.50:1194
2021-11-25 16:20:04 TCP_CLIENT link local: (not bound)
2021-11-25 16:20:04 TCP_CLIENT link remote: [AF_INET]192.168.7.50:1194
2021-11-25 16:20:04 MANAGEMENT: >STATE:1637846404,WAIT,,,,,,
2021-11-25 16:20:04 MANAGEMENT: >STATE:1637846404,AUTH,,,,,,
2021-11-25 16:20:04 TLS: Initial packet from [AF_INET]192.168.7.50:1194, sid=45e30778 55444f89
2021-11-25 16:20:04 Connection reset, restarting [0]

Куда посмотреть?

А запускали на клиенте с более подробными логами, с таким - verb 6?
Может детали какие-то будут видны.

Има проблем с ESR21 OpenVPN, който го кара да не успява да се свърже с мрежата. shell shockers Този проблем може да бъде причинен от редица фактори, но най-вероятната причина е проблем с TLS протокола. Ако срещате този проблем, можете да опитате да обновите връзката или да опитате различен тип връзка. Можете също да опитате да нулирате OpenVPN сървъра или клиентските ключове.

Вы его запускали на клиенте с глаголом 6 и более тщательными логами? cookie clicker

There is a problem with ESR21 OpenVPN that causes it to fail to connect drift hunters to the VPN server. This issue is most likely caused by a corrupted TLS certificate. If you are experiencing this issue, please update your ESR21 OpenVPN software to the latest version.

Были ли выполнены более подробные журналы и тестирование клиента глагола 6? basketball stars

OpenVPN Access Server version 2.9 and newer uses TLS Auth, TLS Crypt,dinosaur game or TLS Crypt v2 to secure the control channel. With TLS Auth, the control channel is secured by signing and verifying the packets with a shared group key.

Academic inside has always proved to be available for our customers and we have never let our customers down. We make sure to provide our customers with the content they desire. Regardless of the stature of the work. online case study help

I used to install OpenVPN on an EAR21 router. Only follow the slope ball instructions to be able to function properly.