Openvpn服务器安装与配置 - 防火墙与vpn

一、软件安装

下载软件:

lzo-1.08-4.0.i386.rpm 或 lzo-2.01.tar.gz ./configure 、make 、make install 然后lzo-devel-1.08-fr2.i386.rpm

openvpn-2.0.2.tar.tar ./configure make make install cd /usr/src/redhat/SOURCES rpmbuild -tb openvpn-2.0.2.tar.gz

rpm位于：/usr/src/redhat/RPMS/i386/openvpn-2.0.2-1.i386.rpm 然后rpm -ivh 安装后配置文件在/etc/openvpn下

另：在ipcop安装为：tar zxvf ZERINA-0.9.1b-Installer.tar.gz 然后运行./install即可

二、服务配置

1、复制sample配置文件到/etc/openvpn

2、 ovpnconfig配置：

1,on,jiang,jiangdaoyou,host,cert,,,,,,,,,,,,,,,,,,,,,,,,,,,

2,on,test01,test01,host,cert,,,,,,,,,,,,,,,,,,,,,,,,,,,

3、 server.conf内容

#OpenVPN Server conf

daemon openvpnserver

writepid /var/run/openvpn.pid

;local 192.168.2.229

dev tun

tun-mtu 1400

proto udp

port 1194

tls-server

ca /etc/openvpn/ca/cacert.pem

cert /etc/openvpn/certs/servercert.pem

key /etc/openvpn/certs/serverkey.pem

dh /etc/openvpn/ca/dh1024.pem

server 192.168.60.0 255.255.255.0

push "route 192.168.219.0 255.255.255.0"

push "route 192.168.34.0 255.255.255.0"

push "route 192.168.50.0 255.255.255.0"

client-config-dir /var/ipcop/ovpn/ccd

route 192.168.60.9 255.255.255.252

route 192.168.60.17 255.255.255.252

client-to-client

keepalive 10 120

status-version 1

status /var/log/server.log 30

cipher BF-CBC

comp-lzo

max-clients 100

tls-verify /etc/openvpn/verify

user nobody

group nobody

persist-key

persist-tun

4、指定客户端IP

server.conf文件中增加：

#client-config-dir /var/ipcop/ovpn/ccd

#route 192.168.60.9 255.255.255.252

建立/var/ipcop/ovpn/ccd/jiangdaoyou文件，内容如下：

ifconfig-push 192.168.60.9 192.168.60.10

5、文件说明：

ca目录下是ca证书 cert目录是证书库 crls为吊销列表 openssl目录中为openssl.cnf配置文件

5、启动服务

openvpn --daemon --config server.conf或/etc/init.d/openvpn start

三、证书申请

略

四、疑难问题

1. 无法获得IP：重新启动客户端电脑的dhcp client服务

你好，我在win2000下建服务器，用户名/密码登录，客户端连接不上，如下：
Tue May 29 22:20:28 2007 NOTE: --user option is not implemented on Windows
Tue May 29 22:20:28 2007 NOTE: --group option is not implemented on Windows
Tue May 29 22:20:28 2007 us=108644 Current Parameter Settings:
Tue May 29 22:20:28 2007 us=108659   config = 'client.ovpn'
Tue May 29 22:20:28 2007 us=108669   mode = 0
Tue May 29 22:20:28 2007 us=108680   show_ciphers = DISABLED
Tue May 29 22:20:28 2007 us=108691   show_digests = DISABLED
Tue May 29 22:20:28 2007 us=108703   show_engines = DISABLED
Tue May 29 22:20:28 2007 us=108714   genkey = DISABLED
Tue May 29 22:20:28 2007 us=108725   key_pass_file = '[UNDEF]'
Tue May 29 22:20:28 2007 us=108736   show_tls_ciphers = DISABLED
Tue May 29 22:20:28 2007 us=108747   proto = 2
Tue May 29 22:20:28 2007 us=108757   local = '[UNDEF]'
Tue May 29 22:20:28 2007 us=108769   remote_list[0] = {'vnscn.vicp.net', 443}
Tue May 29 22:20:28 2007 us=108781   remote_random = DISABLED
Tue May 29 22:20:28 2007 us=108792   local_port = 1194
Tue May 29 22:20:28 2007 us=108803   remote_port = 1194
Tue May 29 22:20:28 2007 us=108814   remote_float = DISABLED
Tue May 29 22:20:28 2007 us=108825   ipchange = '[UNDEF]'
Tue May 29 22:20:28 2007 us=108836   bind_local = DISABLED
Tue May 29 22:20:28 2007 us=108847   dev = 'tun'
Tue May 29 22:20:28 2007 us=108857   dev_type = '[UNDEF]'
Tue May 29 22:20:28 2007 us=108867   dev_node = '[UNDEF]'
Tue May 29 22:20:28 2007 us=108878   tun_ipv6 = DISABLED
Tue May 29 22:20:28 2007 us=108889   ifconfig_local = '[UNDEF]'
Tue May 29 22:20:28 2007 us=108900   ifconfig_remote_netmask = '[UNDEF]'
Tue May 29 22:20:28 2007 us=108911   ifconfig_noexec = DISABLED
Tue May 29 22:20:28 2007 us=108922   ifconfig_nowarn = DISABLED
Tue May 29 22:20:28 2007 us=108933   shaper = 0
Tue May 29 22:20:28 2007 us=108943   tun_mtu = 1500
Tue May 29 22:20:28 2007 us=108954   tun_mtu_defined = ENABLED
Tue May 29 22:20:28 2007 us=108965   link_mtu = 1500
Tue May 29 22:20:28 2007 us=108976   link_mtu_defined = DISABLED
Tue May 29 22:20:28 2007 us=108987   tun_mtu_extra = 0
Tue May 29 22:20:28 2007 us=108998   tun_mtu_extra_defined = DISABLED
Tue May 29 22:20:28 2007 us=109008   fragment = 0
Tue May 29 22:20:28 2007 us=109020   mtu_discover_type = -1
Tue May 29 22:20:28 2007 us=109031   mtu_test = 0
Tue May 29 22:20:28 2007 us=109041   mlock = DISABLED
Tue May 29 22:20:28 2007 us=109051   keepalive_ping = 0
Tue May 29 22:20:28 2007 us=109063   keepalive_timeout = 0
Tue May 29 22:20:28 2007 us=109073   inactivity_timeout = 0
Tue May 29 22:20:28 2007 us=109085   ping_send_timeout = 0
Tue May 29 22:20:28 2007 us=109095   ping_rec_timeout = 0
Tue May 29 22:20:28 2007 us=109106   ping_rec_timeout_action = 0
Tue May 29 22:20:28 2007 us=109117   ping_timer_remote = DISABLED
Tue May 29 22:20:28 2007 us=109129   remap_sigusr1 = 0
Tue May 29 22:20:28 2007 us=109140   explicit_exit_notification = 0
Tue May 29 22:20:28 2007 us=109151   persist_tun = ENABLED
Tue May 29 22:20:28 2007 us=109162   persist_local_ip = DISABLED
Tue May 29 22:20:28 2007 us=109173   persist_remote_ip = DISABLED
Tue May 29 22:20:28 2007 us=109183   persist_key = ENABLED
Tue May 29 22:20:28 2007 us=109194   mssfix = 1450
Tue May 29 22:20:28 2007 us=109206   resolve_retry_seconds = 1000000000
Tue May 29 22:20:28 2007 us=109218   connect_retry_seconds = 5
Tue May 29 22:20:28 2007 us=109229   username = '[UNDEF]'
Tue May 29 22:20:28 2007 us=109240   groupname = '[UNDEF]'
Tue May 29 22:20:28 2007 us=109251   chroot_dir = '[UNDEF]'
Tue May 29 22:20:28 2007 us=109262   cd_dir = '[UNDEF]'
Tue May 29 22:20:28 2007 us=109272   writepid = '[UNDEF]'
Tue May 29 22:20:28 2007 us=109283   up_script = '[UNDEF]'
Tue May 29 22:20:28 2007 us=109294   down_script = '[UNDEF]'
Tue May 29 22:20:28 2007 us=109305   down_pre = DISABLED
Tue May 29 22:20:28 2007 us=109316   up_restart = DISABLED
Tue May 29 22:20:28 2007 us=109326   up_delay = DISABLED
Tue May 29 22:20:28 2007 us=109337   daemon = DISABLED
Tue May 29 22:20:28 2007 us=109347   inetd = 0
Tue May 29 22:20:28 2007 us=109357   log = DISABLED
Tue May 29 22:20:28 2007 us=229262   suppress_timestamps = DISABLED
Tue May 29 22:20:28 2007 us=229286   nice = 0
Tue May 29 22:20:28 2007 us=229297   verbosity = 4
Tue May 29 22:20:28 2007 us=229307   mute = 0
Tue May 29 22:20:28 2007 us=229317   gremlin = 0
Tue May 29 22:20:28 2007 us=229328   status_file = '[UNDEF]'
Tue May 29 22:20:28 2007 us=229338   status_file_version = 1
Tue May 29 22:20:28 2007 us=229348   status_file_update_freq = 60
Tue May 29 22:20:28 2007 us=229359   occ = ENABLED
Tue May 29 22:20:28 2007 us=229369   rcvbuf = 0
Tue May 29 22:20:28 2007 us=229379   sndbuf = 0
Tue May 29 22:20:28 2007 us=229390 BEGIN http_proxy
Tue May 29 22:20:28 2007 us=229400   server = '10.199.0.149'
Tue May 29 22:20:28 2007 us=229411   port = 80
Tue May 29 22:20:28 2007 us=229422   auth_method_string = 'none'
Tue May 29 22:20:28 2007 us=229432   auth_file = '[UNDEF]'
Tue May 29 22:20:28 2007 us=229443   retry = DISABLED
Tue May 29 22:20:28 2007 us=229453   timeout = 5
Tue May 29 22:20:28 2007 us=229463   http_version = '1.0'
Tue May 29 22:20:28 2007 us=244075   user_agent = '[UNDEF]'
Tue May 29 22:20:28 2007 us=244104 END http_proxy
Tue May 29 22:20:28 2007 us=244116   socks_proxy_server = '[UNDEF]'
Tue May 29 22:20:28 2007 us=244128   socks_proxy_port = 0
Tue May 29 22:20:28 2007 us=244139   socks_proxy_retry = DISABLED
Tue May 29 22:20:28 2007 us=244150   fast_io = DISABLED
Tue May 29 22:20:28 2007 us=244160   comp_lzo = ENABLED
Tue May 29 22:20:28 2007 us=244171   comp_lzo_adaptive = ENABLED
Tue May 29 22:20:28 2007 us=244181   route_script = '[UNDEF]'
Tue May 29 22:20:28 2007 us=244192   route_default_gateway = '[UNDEF]'
Tue May 29 22:20:28 2007 us=244203   route_noexec = DISABLED
Tue May 29 22:20:28 2007 us=244214   route_delay = 0
Tue May 29 22:20:28 2007 us=244224   route_delay_window = 30
Tue May 29 22:20:28 2007 us=244236   route_delay_defined = ENABLED
Tue May 29 22:20:28 2007 us=244248   management_addr = '[UNDEF]'
Tue May 29 22:20:28 2007 us=244259   management_port = 0
Tue May 29 22:20:28 2007 us=257086   management_user_pass = '[UNDEF]'
Tue May 29 22:20:28 2007 us=257112   management_log_history_cache = 250
Tue May 29 22:20:28 2007 us=257125   management_echo_buffer_size = 100
Tue May 29 22:20:28 2007 us=257137   management_query_passwords = DISABLED
Tue May 29 22:20:28 2007 us=257149   management_hold = DISABLED
Tue May 29 22:20:28 2007 us=257161   shared_secret_file = '[UNDEF]'
Tue May 29 22:20:28 2007 us=257173   key_direction = 2
Tue May 29 22:20:28 2007 us=257184   ciphername_defined = ENABLED
Tue May 29 22:20:28 2007 us=257194   ciphername = 'BF-CBC'
Tue May 29 22:20:28 2007 us=257205   authname_defined = ENABLED
Tue May 29 22:20:28 2007 us=257216   authname = 'SHA1'
Tue May 29 22:20:28 2007 us=257226   keysize = 0
Tue May 29 22:20:28 2007 us=257236   engine = DISABLED
Tue May 29 22:20:28 2007 us=257247   replay = ENABLED
Tue May 29 22:20:28 2007 us=257258   mute_replay_warnings = ENABLED
Tue May 29 22:20:28 2007 us=257269   replay_window = 0
Tue May 29 22:20:28 2007 us=267687   replay_time = 0
Tue May 29 22:20:28 2007 us=267708   packet_id_file = '[UNDEF]'
Tue May 29 22:20:28 2007 us=267719   use_iv = ENABLED
Tue May 29 22:20:28 2007 us=267729   test_crypto = DISABLED
Tue May 29 22:20:28 2007 us=267739   tls_server = DISABLED
Tue May 29 22:20:28 2007 us=267749   tls_client = ENABLED
Tue May 29 22:20:28 2007 us=267762   key_method = 2
Tue May 29 22:20:28 2007 us=267773   ca_file = 'ca.crt'
Tue May 29 22:20:28 2007 us=267784   dh_file = '[UNDEF]'
Tue May 29 22:20:28 2007 us=267795   cert_file = '[UNDEF]'
Tue May 29 22:20:28 2007 us=267806   priv_key_file = '[UNDEF]'
Tue May 29 22:20:28 2007 us=267816   pkcs12_file = '[UNDEF]'
Tue May 29 22:20:28 2007 us=267827   cryptoapi_cert = '[UNDEF]'
Tue May 29 22:20:28 2007 us=267837   cipher_list = '[UNDEF]'
Tue May 29 22:20:28 2007 us=267848   tls_verify = '[UNDEF]'
Tue May 29 22:20:28 2007 us=267860   tls_remote = '[UNDEF]'
Tue May 29 22:20:28 2007 us=278387   crl_file = '[UNDEF]'
Tue May 29 22:20:28 2007 us=278409   ns_cert_type = 64
Tue May 29 22:20:28 2007 us=278420   tls_timeout = 2
Tue May 29 22:20:28 2007 us=278430   renegotiate_bytes = 0
Tue May 29 22:20:28 2007 us=278441   renegotiate_packets = 0
Tue May 29 22:20:28 2007 us=278454   renegotiate_seconds = 3600
Tue May 29 22:20:28 2007 us=278465   handshake_window = 60
Tue May 29 22:20:28 2007 us=278475   transition_window = 3600
Tue May 29 22:20:28 2007 us=278486   single_session = DISABLED
Tue May 29 22:20:28 2007 us=278496   tls_exit = DISABLED
Tue May 29 22:20:28 2007 us=278507   tls_auth_file = 'ta.key'
Tue May 29 22:20:28 2007 us=278538   server_network = 0.0.0.0
Tue May 29 22:20:28 2007 us=278552   server_netmask = 0.0.0.0
Tue May 29 22:20:28 2007 us=278565   server_bridge_ip = 0.0.0.0
Tue May 29 22:20:28 2007 us=278577   server_bridge_netmask = 0.0.0.0
Tue May 29 22:20:28 2007 us=278589   server_bridge_pool_start = 0.0.0.0
Tue May 29 22:20:28 2007 us=309340   server_bridge_pool_end = 0.0.0.0
Tue May 29 22:20:28 2007 us=309369   ifconfig_pool_defined = DISABLED
Tue May 29 22:20:28 2007 us=309382   ifconfig_pool_start = 0.0.0.0
Tue May 29 22:20:28 2007 us=309395   ifconfig_pool_end = 0.0.0.0
Tue May 29 22:20:28 2007 us=309408   ifconfig_pool_netmask = 0.0.0.0
Tue May 29 22:20:28 2007 us=309421   ifconfig_pool_persist_filename = '[UNDEF]'
Tue May 29 22:20:28 2007 us=309434   ifconfig_pool_persist_refresh_freq = 600
Tue May 29 22:20:28 2007 us=309445   ifconfig_pool_linear = DISABLED
Tue May 29 22:20:28 2007 us=309456   n_bcast_buf = 256
Tue May 29 22:20:28 2007 us=309467   tcp_queue_limit = 64
Tue May 29 22:20:28 2007 us=309478   real_hash_size = 256
Tue May 29 22:20:28 2007 us=309489   virtual_hash_size = 256
Tue May 29 22:20:28 2007 us=309499   client_connect_script = '[UNDEF]'
Tue May 29 22:20:28 2007 us=309511   learn_address_script = '[UNDEF]'
Tue May 29 22:20:28 2007 us=319876   client_disconnect_script = '[UNDEF]'
Tue May 29 22:20:28 2007 us=319898   client_config_dir = '[UNDEF]'
Tue May 29 22:20:28 2007 us=319910   ccd_exclusive = DISABLED
Tue May 29 22:20:28 2007 us=319920   tmp_dir = '[UNDEF]'
Tue May 29 22:20:28 2007 us=319931   push_ifconfig_defined = DISABLED
Tue May 29 22:20:28 2007 us=319945   push_ifconfig_local = 0.0.0.0
Tue May 29 22:20:28 2007 us=319958   push_ifconfig_remote_netmask = 0.0.0.0
Tue May 29 22:20:28 2007 us=319969   enable_c2c = DISABLED
Tue May 29 22:20:28 2007 us=319980   duplicate_cn = DISABLED
Tue May 29 22:20:28 2007 us=319990   cf_max = 0
Tue May 29 22:20:28 2007 us=320001   cf_per = 0
Tue May 29 22:20:28 2007 us=320012   max_clients = 1024
Tue May 29 22:20:28 2007 us=320023   max_routes_per_client = 256
Tue May 29 22:20:28 2007 us=320034   client_cert_not_required = DISABLED
Tue May 29 22:20:28 2007 us=320045   username_as_common_name = DISABLED
Tue May 29 22:20:28 2007 us=330160   auth_user_pass_verify_script = '[UNDEF]'
Tue May 29 22:20:28 2007 us=330186   auth_user_pass_verify_script_via_file = DISABLED
Tue May 29 22:20:28 2007 us=330199   client = ENABLED
Tue May 29 22:20:28 2007 us=330209   pull = ENABLED
Tue May 29 22:20:28 2007 us=330221   auth_user_pass_file = 'mypass.txt'
Tue May 29 22:20:28 2007 us=330236   show_net_up = DISABLED
Tue May 29 22:20:28 2007 us=330247   route_method = 0
Tue May 29 22:20:28 2007 us=330258   ip_win32_defined = DISABLED
Tue May 29 22:20:28 2007 us=330269   ip_win32_type = 3
Tue May 29 22:20:28 2007 us=330280   dhcp_masq_offset = 0
Tue May 29 22:20:28 2007 us=330291   dhcp_lease_time = 31536000
Tue May 29 22:20:28 2007 us=330301   tap_sleep = 0
Tue May 29 22:20:28 2007 us=330312   dhcp_options = DISABLED
Tue May 29 22:20:28 2007 us=330322   dhcp_renew = DISABLED
Tue May 29 22:20:28 2007 us=330333   dhcp_pre_release = DISABLED
Tue May 29 22:20:28 2007 us=330344   dhcp_release = DISABLED
Tue May 29 22:20:28 2007 us=341472   domain = '[UNDEF]'
Tue May 29 22:20:28 2007 us=341495   netbios_scope = '[UNDEF]'
Tue May 29 22:20:28 2007 us=341505   netbios_node_type = 0
Tue May 29 22:20:28 2007 us=341516   disable_nbt = DISABLED
Tue May 29 22:20:28 2007 us=341531 OpenVPN 2.0.7 Win32-MinGW [SSL] [LZO] built on Apr 14 2006
Tue May 29 22:20:28 2007 us=341926 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Tue May 29 22:20:28 2007 us=343159 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Tue May 29 22:20:28 2007 us=343211 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue May 29 22:20:28 2007 us=343231 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue May 29 22:20:28 2007 us=343262 LZO compression initialized
Tue May 29 22:20:28 2007 us=354019 Control Channel MTU parms [ L:1544 D:168 EF:68 EB:0 ET:0 EL:0 ]
Tue May 29 22:20:28 2007 us=356190 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue May 29 22:20:28 2007 us=356263 Local Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Tue May 29 22:20:28 2007 us=356281 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,keydir 0,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Tue May 29 22:20:28 2007 us=356318 Local Options hash (VER=V4): 'ee93268d'
Tue May 29 22:20:28 2007 us=356341 Expected Remote Options hash (VER=V4): 'bd577cd1'
Tue May 29 22:20:28 2007 us=356390 Attempting to establish TCP connection with UW
Tue May 29 22:20:28 2007 us=748107 TCP connection established with UW
Tue May 29 22:20:28 2007 us=748146 Send to HTTP proxy: 'CONNECT vnscn.vicp.net:443 HTTP/1.0'
Tue May 29 22:20:30 2007 us=207710 HTTP proxy returned: 'HTTP/1.1 200 Connection established'
Tue May 29 22:20:30 2007 us=327575 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue May 29 22:20:30 2007 us=327713 TCPv4_CLIENT link local: [undef]
Tue May 29 22:20:30 2007 us=327729 TCPv4_CLIENT link remote: US
Tue May 29 22:20:30 2007 us=328228 TLS: Initial packet from 10.199.0.149:80, sid=c15c2155 dea27df4
Tue May 29 22:20:33 2007 us=337386 Connection reset, restarting [0]
Tue May 29 22:20:33 2007 us=338689 TCP/UDP: Closing socket
Tue May 29 22:20:33 2007 us=339195 SIGUSR1[soft,connection-reset] received, process restarting
Tue May 29 22:20:33 2007 us=339221 Restart pause, 5 second(s)
Tue May 29 22:20:38 2007 us=340760 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Tue May 29 22:20:38 2007 us=340822 Re-using SSL/TLS context
Tue May 29 22:20:38 2007 us=340863 LZO compression initialized
Tue May 29 22:20:38 2007 us=340955 Control Channel MTU parms [ L:1544 D:168 EF:68 EB:0 ET:0 EL:0 ]
Tue May 29 22:20:38 2007 us=344732 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Tue May 29 22:20:38 2007 us=344802 Local Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Tue May 29 22:20:38 2007 us=344818 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,keydir 0,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Tue May 29 22:20:38 2007 us=344852 Local Options hash (VER=V4): 'ee93268d'
Tue May 29 22:20:38 2007 us=344874 Expected Remote Options hash (VER=V4): 'bd577cd1'
Tue May 29 22:20:38 2007 us=344912 Attempting to establish TCP connection with UW
Tue May 29 22:20:38 2007 us=788123 TCP connection established with UW
Tue May 29 22:20:38 2007 us=788163 Send to HTTP proxy: 'CONNECT vnscn.vicp.net:443 HTTP/1.0'
Tue May 29 22:20:43 2007 us=452774 HTTP proxy returned: 'HTTP/1.1 200 Connection established'
Tue May 29 22:20:43 2007 us=608182 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue May 29 22:20:43 2007 us=608302 TCPv4_CLIENT link local: [undef]
Tue May 29 22:20:43 2007 us=608317 TCPv4_CLIENT link remote: US
Tue May 29 22:20:43 2007 us=611385 TLS: Initial packet from 10.199.0.149:80, sid=99523919 2c401a78
Tue May 29 22:20:46 2007 us=341789 Connection reset, restarting [0]
Tue May 29 22:20:46 2007 us=343048 TCP/UDP: Closing socket
Tue May 29 22:20:46 2007 us=344301 SIGUSR1[soft,connection-reset] received, process restarting
Tue May 29 22:20:46 2007 us=344337 Restart pause, 5 second(s)

一、 软件安装

二、 服务配置

三、 证书申请

一、软件安装

二、服务配置

三、证书申请