OpenVPN AWS .ovpnファイルをubuntu 20.10ネットワーク管理者に接続する問題を解決する必要があります。トラブルシューティングのために、次の記事を試しました。
VPNサービスを開始できなかったため、VPNサービスへの接続に失敗しました。
何も動作しません。
May 6 08:27:59 krillavilla-OMN NetworkManager[59705]: <info> [1620314879.3003] audit: op="connection-update" uuid="46b75e3d-9fa4-45f0-bd59-b2990749c6d3" name="client" args="vpn.data" pid=75463 uid=1000 result="success"
May 6 08:28:05 krillavilla-OMN NetworkManager[59705]: <info> [1620314885.7743] audit: op="connection-activate" uuid="46b75e3d-9fa4-45f0-bd59-b2990749c6d3" name="client" pid=75463 uid=1000 result="success"
May 6 08:28:05 krillavilla-OMN NetworkManager[59705]: <info> [1620314885.7848] vpn-connection[0x564e735e02b0,46b75e3d-9fa4-45f0-bd59-b2990749c6d3,"client",0]: Started the VPN service, PID 75519
May 6 08:28:05 krillavilla-OMN NetworkManager[59705]: <info> [1620314885.8058] vpn-connection[0x564e735e02b0,46b75e3d-9fa4-45f0-bd59-b2990749c6d3,"client",0]: Saw the service appear; activating connection
May 6 08:28:05 krillavilla-OMN NetworkManager[59705]: <info> [1620314885.8588] vpn-connection[0x564e735e02b0,46b75e3d-9fa4-45f0-bd59-b2990749c6d3,"client",0]: VPN plugin: state changed: starting (3)
May 6 08:28:05 krillavilla-OMN NetworkManager[59705]: <info> [1620314885.8589] vpn-connection[0x564e735e02b0,46b75e3d-9fa4-45f0-bd59-b2990749c6d3,"client",0]: VPN connection: (ConnectInteractive) reply received
May 6 08:28:05 krillavilla-OMN nm-openvpn[75525]: DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'xxx-xxx-xxx' to --data-ciphers or change --cipher 'xxx-xxx-xxx' to --data-ciphers-fallback 'xxx-xxx-xxx' to silence this warning.
May 6 08:28:05 krillavilla-OMN nm-openvpn[75525]: OpenVPN 2.5.1 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 27 2021
May 6 08:28:05 krillavilla-OMN nm-openvpn[75525]: library versions: OpenSSL 1.1.1j 16 Feb 2021, LZO 2.10
May 6 08:28:06 krillavilla-OMN nm-openvpn[75525]: WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
May 6 08:28:06 krillavilla-OMN nm-openvpn[75525]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
May 6 08:28:06 krillavilla-OMN nm-openvpn[75525]: TCP/UDP: Preserving recently used remote address: [AF_INET]xx.xxx.xx.xxx:xxxx
May 6 08:28:06 krillavilla-OMN nm-openvpn[75525]: UDP link local: (not bound)
May 6 08:28:06 krillavilla-OMN nm-openvpn[75525]: UDP link remote: [AF_INET]xx.xxx.xx.xxx:xxxx
May 6 08:28:06 krillavilla-OMN nm-openvpn[75525]: NOTE: chroot will be delayed because of --client, --pull, or --up-delay
May 6 08:28:06 krillavilla-OMN nm-openvpn[75525]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
May 6 08:28:10 krillavilla-OMN nm-openvpn[75525]: Server poll timeout, restarting
May 6 08:28:10 krillavilla-OMN nm-openvpn[75525]: SIGUSR1[soft,server_poll] received, process restarting
May 6 08:28:10 krillavilla-OMN nm-openvpn[75525]: WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
May 6 08:28:10 krillavilla-OMN nm-openvpn[75525]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
May 6 08:28:10 krillavilla-OMN nm-openvpn[75525]: TCP/UDP: Preserving recently used remote address: [AF_INET]xx.xxx.xx.xxx:xxxx
May 6 08:28:10 krillavilla-OMN nm-openvpn[75525]: UDP link local: (not bound)
May 6 08:28:10 krillavilla-OMN nm-openvpn[75525]: UDP link remote: [AF_INET]xx.xxx.xx.xxx:xxxx
May 6 08:28:14 krillavilla-OMN nm-openvpn[75525]: Server poll timeout, restarting
May 6 08:28:14 krillavilla-OMN nm-openvpn[75525]: SIGUSR1[soft,server_poll] received, process restarting
May 6 08:28:14 krillavilla-OMN nm-openvpn[75525]: WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
May 6 08:28:14 krillavilla-OMN nm-openvpn[75525]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
May 6 08:28:14 krillavilla-OMN nm-openvpn[75525]: TCP/UDP: Preserving recently used remote address: [AF_INET]xx.xxx.xx.xxx:xxxx
May 6 08:28:14 krillavilla-OMN nm-openvpn[75525]: Attempting to establish TCP connection with [AF_INET]xx.xxx.xx.xxx:xxxx [nonblock]
May 6 08:28:18 krillavilla-OMN nm-openvpn[75525]: TCP: connect to [AF_INET]xx.xxx.xx.xxx:xxxx failed: Connection timed out
May 6 08:28:18 krillavilla-OMN nm-openvpn[75525]: SIGUSR1[connection failed(soft),init_instance] received, process restarting
May 6 08:28:23 krillavilla-OMN nm-openvpn[75525]: WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
May 6 08:28:23 krillavilla-OMN nm-openvpn[75525]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
May 6 08:28:23 krillavilla-OMN nm-openvpn[75525]: TCP/UDP: Preserving recently used remote address: [AF_INET]xx.xxx.xx.xxx:xxxx
May 6 08:28:23 krillavilla-OMN nm-openvpn[75525]: UDP link local: (not bound)
May 6 08:28:23 krillavilla-OMN nm-openvpn[75525]: UDP link remote: [AF_INET]xx.xxx.xx.xxx:xxxx
May 6 08:28:27 krillavilla-OMN nm-openvpn[75525]: Server poll timeout, restarting
May 6 08:28:27 krillavilla-OMN nm-openvpn[75525]: SIGUSR1[soft,server_poll] received, process restarting
May 6 08:28:27 krillavilla-OMN nm-openvpn[75525]: WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
May 6 08:28:27 krillavilla-OMN nm-openvpn[75525]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
May 6 08:28:27 krillavilla-OMN nm-openvpn[75525]: TCP/UDP: Preserving recently used remote address: [AF_INET]xx.xxx.xx.xxx:xxxx
May 6 08:28:27 krillavilla-OMN nm-openvpn[75525]: UDP link local: (not bound)
May 6 08:28:27 krillavilla-OMN nm-openvpn[75525]: UDP link remote: [AF_INET]xx.xxx.xx.xxx:xxxx
May 6 08:28:31 krillavilla-OMN nm-openvpn[75525]: Server poll timeout, restarting
May 6 08:28:31 krillavilla-OMN nm-openvpn[75525]: SIGUSR1[soft,server_poll] received, process restarting
May 6 08:28:31 krillavilla-OMN nm-openvpn[75525]: WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
May 6 08:28:31 krillavilla-OMN nm-openvpn[75525]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
May 6 08:28:31 krillavilla-OMN nm-openvpn[75525]: TCP/UDP: Preserving recently used remote address: [AF_INET]xx.xxx.xx.xxx:xxxx
May 6 08:28:31 krillavilla-OMN nm-openvpn[75525]: UDP link local: (not bound)
May 6 08:28:31 krillavilla-OMN nm-openvpn[75525]: UDP link remote: [AF_INET]xx.xxx.xx.xxx:xxxx
May 6 08:28:35 krillavilla-OMN nm-openvpn[75525]: Server poll timeout, restarting
May 6 08:28:35 krillavilla-OMN nm-openvpn[75525]: SIGUSR1[soft,server_poll] received, process restarting
May 6 08:28:35 krillavilla-OMN nm-openvpn[75525]: WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
May 6 08:28:35 krillavilla-OMN nm-openvpn[75525]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
May 6 08:28:35 krillavilla-OMN nm-openvpn[75525]: TCP/UDP: Preserving recently used remote address: [AF_INET]xx.xxx.xx.xxx:xxxx
May 6 08:28:35 krillavilla-OMN nm-openvpn[75525]: UDP link local: (not bound)
May 6 08:28:35 krillavilla-OMN nm-openvpn[75525]: UDP link remote: [AF_INET]xx.xxx.xx.xxx:xxxx
May 6 08:28:39 krillavilla-OMN nm-openvpn[75525]: Server poll timeout, restarting
May 6 08:28:39 krillavilla-OMN nm-openvpn[75525]: SIGUSR1[soft,server_poll] received, process restarting
May 6 08:28:39 krillavilla-OMN nm-openvpn[75525]: WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
May 6 08:28:39 krillavilla-OMN nm-openvpn[75525]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
May 6 08:28:39 krillavilla-OMN nm-openvpn[75525]: TCP/UDP: Preserving recently used remote address: [AF_INET]xx.xxx.xx.xxx:xxxx
May 6 08:28:39 krillavilla-OMN nm-openvpn[75525]: UDP link local: (not bound)
May 6 08:28:39 krillavilla-OMN nm-openvpn[75525]: UDP link remote: [AF_INET]xx.xxx.xx.xxx:xxxx
May 6 08:28:43 krillavilla-OMN nm-openvpn[75525]: Server poll timeout, restarting
May 6 08:28:43 krillavilla-OMN nm-openvpn[75525]: SIGUSR1[soft,server_poll] received, process restarting
May 6 08:28:43 krillavilla-OMN nm-openvpn[75525]: WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
May 6 08:28:43 krillavilla-OMN nm-openvpn[75525]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
May 6 08:28:43 krillavilla-OMN nm-openvpn[75525]: TCP/UDP: Preserving recently used remote address: [AF_INET]xx.xxx.xx.xxx:xxxx
May 6 08:29:05 krillavilla-OMN NetworkManager[59705]: <warn> [1620314945.8071] vpn-connection[0x564e735e02b0,46b75e3d-9fa4-45f0-bd59-b2990749c6d3,"client",0]: VPN connection: connect timeout exceeded.
May 6 08:29:05 krillavilla-OMN nm-openvpn-serv[75519]: Connect timer expired, disconnecting.
May 6 08:29:05 krillavilla-OMN nm-openvpn[75525]: event_wait : Interrupted system call (code=4)
May 6 08:29:05 krillavilla-OMN nm-openvpn[75525]: SIGTERM[hard,] received, process exiting
May 6 08:29:05 krillavilla-OMN NetworkManager[59705]: <warn> [1620314945.8139] vpn-connection[0x564e735e02b0,46b75e3d-9fa4-45f0-bd59-b2990749c6d3,"client",0]: VPN plugin: failed: connect-failed (1)
May 6 08:29:05 krillavilla-OMN NetworkManager[59705]: <info> [1620314945.8139] vpn-connection[0x564e735e02b0,46b75e3d-9fa4-45f0-bd59-b2990749c6d3,"client",0]: VPN plugin: state changed: stopping (5)
May 6 08:29:05 krillavilla-OMN NetworkManager[59705]: <info> [1620314945.8140] vpn-connection[0x564e735e02b0,46b75e3d-9fa4-45f0-bd59-b2990749c6d3,"client",0]: VPN plugin: state changed: stopped (6)
答え1
修正する*
AWS EC2でセキュリティグループを変更する必要があります。どこでもポートUDP 1192を開きました。どこでもポートTCP 943を開きました。
正常に接続できます。