树莓派作为vpn服务器的问题

目前是小白 70cm2021-07-054133 次点击
今天打算使用树莓派作为VPN服务器,但是连接vpn时总是显示TSL shakehand failed. 我是在树莓派上安装的pivpn,端口1194,使用的noip.com的ddns解析服务,VPN客户端下载的openvpn. 日志信息如下:
021-07-05 17:41:21 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2021-07-05 17:41:21 OpenVPN 2.5.3 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Jun 17 2021
2021-07-05 17:41:21 Windows version 10.0 (Windows 10 or greater) 64bit
2021-07-05 17:41:21 library versions: OpenSSL 1.1.1k 25 Mar 2021, LZO 2.10
Enter Management Password:
2021-07-05 17:41:21 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
2021-07-05 17:41:21 Need hold release from management interface, waiting...
2021-07-05 17:41:22 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
2021-07-05 17:41:22 MANAGEMENT: CMD 'state on'
2021-07-05 17:41:22 MANAGEMENT: CMD 'log all on'
2021-07-05 17:41:22 MANAGEMENT: CMD 'echo all on'
2021-07-05 17:41:22 MANAGEMENT: CMD 'bytecount 5'
2021-07-05 17:41:22 MANAGEMENT: CMD 'hold off'
2021-07-05 17:41:22 MANAGEMENT: CMD 'hold release'
2021-07-05 17:41:22 MANAGEMENT: CMD 'password [...]'
2021-07-05 17:41:22 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
2021-07-05 17:41:22 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
2021-07-05 17:41:22 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
2021-07-05 17:41:22 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
2021-07-05 17:41:22 MANAGEMENT: >STATE:1625499682,RESOLVE,,,,,,
2021-07-05 17:41:22 TCP/UDP: Preserving recently used remote address: [AF_INET]XXXX:1194
2021-07-05 17:41:22 Socket Buffers: R=[65536->65536] S=[65536->65536]
2021-07-05 17:41:22 UDP link local: (not bound)
2021-07-05 17:41:22 UDP link remote: [AF_INET]XXXX:1194
2021-07-05 17:41:22 MANAGEMENT: >STATE:1625499682,WAIT,,,,,,
2021-07-05 17:42:22 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2021-07-05 17:42:22 TLS Error: TLS handshake failed
路由器的端口转发使用的UDP协议你,设置的也应该没有问题
收藏 ♥ 感谢
Spoony 小组长 2021-07-06 
遇到这种问题我一般会换一个vpn软件试试
比如 Cisco IPSec VPN
apt-get install strongswan strongswan-plugin-xauth-generic
目前是小白 70cm 2021-10-07  ♥ 1
嗯现在发现是路由器的问题,我的华为LTE router已经在二级网关之后了,所以不能获得真正的公网IP

登录注册 后可回复。