youwei5683 最近的时间轴更新
youwei5683

youwei5683

V2EX 第 263072 号会员,加入于 2017-10-27 23:34:10 +08:00
youwei5683 最近回复了
2017-12-06 11:48:10 +08:00
回复了 halczy 创建的主题 分享创造 尝试优化了一下 AnyConnect(ocserv)的配置, 欢迎大家测试.
又有新的错误了。
Connected as 172.16.100.18 + 2001:470:f04c:88f1:675b:b057:db9c:7052/64, using SSL
Established DTLS connection (using GnuTLS). Ciphersuite (DTLS1.2)-(PSK)-(AES-256-GCM).
Script '/lib/netifd/vpnc-script' returned error 1
Script '/lib/netifd/vpnc-script' returned error 1
Failed to write incoming packet: I/O error
^CSend BYE packet: Aborted by caller
Script '/lib/netifd/vpnc-script' returned error 1
User cancelled (SIGINT); exiting.
2017-12-05 14:04:14 +08:00
回复了 halczy 创建的主题 分享创造 尝试优化了一下 AnyConnect(ocserv)的配置, 欢迎大家测试.
@halczy 您好,我用 openwrt 的 openconnect 连接您的和我的服务器都报以下错误,请问应该如何排查。
root@DingYongbin-Route:/# openconnect any.omicronplus.com
POST https://any.omicronplus.com/
Connected to 23.228.222.142:443
SSL negotiation with any.omicronplus.com
Connected to HTTPS on any.omicronplus.com
XML POST enabled
Please enter your username.
Username:v2ex
POST https://any.omicronplus.com/auth
Please enter your password.
Password:
POST https://any.omicronplus.com/auth
Got CONNECT response: HTTP/1.1 200 CONNECTED
CSTP connected. DPD 600, Keepalive 32400
Connected as 172.16.100.183 + 2001:470:f256:b3a0:4a76:850f:c975:5b29/128, using SSL
SSL read error: Success.; reconnecting.
SSL negotiation with any.omicronplus.com
Connected to HTTPS on any.omicronplus.com
Got CONNECT response: HTTP/1.1 200 CONNECTED
Reconnect gave different Legacy IP address (172.16.100.204 != 172.16.100.183)
sleep 10s, remaining timeout 300s
SSL negotiation with any.omicronplus.com
Connected to HTTPS on any.omicronplus.com
Got CONNECT response: HTTP/1.1 200 CONNECTED
Reconnect gave different Legacy IP address (172.16.100.196 != 172.16.100.204)
sleep 20s, remaining timeout 290s
SSL negotiation with any.omicronplus.com
Connected to HTTPS on any.omicronplus.com
Got CONNECT response: HTTP/1.1 200 CONNECTED
Reconnect gave different Legacy IP address (172.16.100.71 != 172.16.100.196)
2017-11-20 14:20:30 +08:00
回复了 halczy 创建的主题 分享创造 尝试优化了一下 AnyConnect(ocserv)的配置, 欢迎大家测试.
@halczy
你好我在 openwrt 下链接您的服务器 报以下错误能帮忙看看么
root@LEDE-X64:~# openconnect 103.85.187.19
POST https://103.85.187.19/
Connected to 103.85.187.19:443
SSL negotiation with 103.85.187.19
Server certificate verify failed: certificate does not match hostname

Certificate from VPN server "103.85.187.19" failed verification.
Reason: certificate does not match hostname
To trust this server in future, perhaps add this to your command line:
--servercert sha256:eb429408d30af27935eb1887948af02346a8820ec305d0b3ea04dd4304ba95dd
Enter 'yes' to accept, 'no' to abort; anything else to view: yes
Connected to HTTPS on 103.85.187.19
XML POST enabled
Please enter your username.
Username:v2ex
POST https://103.85.187.19/auth
Please enter your password.
Password:
POST https://103.85.187.19/auth
Got CONNECT response: HTTP/1.1 200 CONNECTED
CSTP connected. DPD 60, Keepalive 32400
Connected as 172.16.100.107 + 2001:470:f04c:e3a9:9746:1706:b3ee:6f71/64, using SSL
Established DTLS connection (using GnuTLS). Ciphersuite (DTLS1.2)-(PSK)-(AES-256-GCM).
Script '/lib/netifd/vpnc-script' returned error 1
Script '/lib/netifd/vpnc-script' returned error 1
Failed to write incoming packet: I/O error
2017-11-02 11:52:21 +08:00
回复了 halczy 创建的主题 分享创造 尝试优化了一下 AnyConnect(ocserv)的配置, 欢迎大家测试.
@halczy 这是我的配置文件 大神看看哪里需要调整一下
auth = "certificate"
# TCP and UDP port number
tcp-port = 443
#udp-port = 443
run-as-user = nobody
run-as-group = daemon
socket-file = /var/run/ocserv-socket
server-cert = /etc/ocserv/server-cert.pem
server-key = /etc/ocserv/server-key.pem
ca-cert = /etc/ocserv/ca-cert.pem
isolate-workers = true
max-clients = 60
max-same-clients = 0
keepalive = 32400
dpd = 1
mobile-dpd = 90
try-mtu-discovery = true
cert-user-oid = 2.5.4.3
tls-priorities = "NORMAL:%SERVER_PRECEDENCE:%COMPAT:-VERS-SSL3.0"
auth-timeout = 180
min-reauth-time = 300
max-ban-score = 50
ban-reset-time = 300
cookie-timeout = 86400
persistent-cookies = true
deny-roaming = false
rekey-time = 172800
rekey-method = ssl
use-occtl = true
pid-file = /var/run/ocserv.pid
device = vpns
predictable-ips = false
default-domain = example.com
ipv4-network = 192.168.1.0
ipv4-netmask = 255.255.255.0
dns = 8.8.8.8
ping-leases = false
mtu = 1420
output-buffer = 10
route =default
2017-11-02 10:17:51 +08:00
回复了 halczy 创建的主题 分享创造 尝试优化了一下 AnyConnect(ocserv)的配置, 欢迎大家测试.
@halczy 只开 TCP youtube 视频放不出来呢?
2017-11-02 10:08:59 +08:00
回复了 halczy 创建的主题 分享创造 尝试优化了一下 AnyConnect(ocserv)的配置, 欢迎大家测试.
@halczy 好像有点用。大神能留个联系方式吗?
2017-10-29 16:28:02 +08:00
回复了 halczy 创建的主题 分享创造 尝试优化了一下 AnyConnect(ocserv)的配置, 欢迎大家测试.
@halczy 你好我的 ocserv 搭建好了。访问 GOOGLE 有时候随机断网什么鬼
2017-10-28 15:20:09 +08:00
回复了 halczy 创建的主题 分享创造 尝试优化了一下 AnyConnect(ocserv)的配置, 欢迎大家测试.
请大神留下联系方式 小白求多多请教
2017-10-28 13:30:30 +08:00
回复了 halczy 创建的主题 分享创造 尝试优化了一下 AnyConnect(ocserv)的配置, 欢迎大家测试.
你好请问 尝试优化了一下 AnyConnect(ocserv)的配置 这个怎么优化呢? 我在 IOS 上连接。太慢了
关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   3686 人在线   最高记录 6679   ·     Select Language
创意工作者们的社区
World is powered by solitude
VERSION: 3.9.8.5 · 15ms · UTC 00:59 · PVG 08:59 · LAX 16:59 · JFK 19:59
Developed with CodeLauncher
♥ Do have faith in what you're doing.