Firewall
OpenVPN 通過埠阻止防火牆連接
我在 VPS 上設置了一個 OpenVPN 實例。我通過我大學的防火牆連接到它。他們已經阻止了一切(包括 ssh!)。所以,我已經設置了我的 OpenVPN,當我通過家庭連接進行連接時一切正常。當我嘗試通過我的大學聯繫時,我得到了這個:
Tue Mar 15 09:57:40 2011 us=482000 TCP connection established with 78.138.13.91:80 Tue Mar 15 09:57:40 2011 us=482000 TCPv4_CLIENT link local: [undef] Tue Mar 15 09:57:40 2011 us=482000 TCPv4_CLIENT link remote: 78.138.13.91:80 Tue Mar 15 09:57:40 2011 us=482000 TCPv4_CLIENT WRITE [14] to 78.138.13.91:80: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0 Tue Mar 15 09:57:40 2011 us=872000 TCPv4_CLIENT READ [26] from 78.138.13.91:80: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 [ 0 ] pid=0 DATA len=0 Tue Mar 15 09:57:40 2011 us=872000 TLS: Initial packet from 78.138.13.91:80, sid=5cb8cc85 0057a337 Tue Mar 15 09:57:40 2011 us=872000 TCPv4_CLIENT WRITE [22] to 78.138.13.91:80: P_ACK_V1 kid=0 [ 0 ] Tue Mar 15 09:57:40 2011 us=872000 TCPv4_CLIENT WRITE [108] to 78.138.13.91:80: P_CONTROL_V1 kid=0 [ ] pid=1 DATA len=94 Tue Mar 15 09:57:42 2011 us=42000 TCPv4_CLIENT WRITE [108] to 78.138.13.91:80: P_CONTROL_V1 kid=0 [ ] pid=1 DATA len=94 Tue Mar 15 09:57:46 2011 us=722000 TCPv4_CLIENT WRITE [108] to 78.138.13.91:80: P_CONTROL_V1 kid=0 [ ] pid=1 DATA len=94 Tue Mar 15 09:57:55 2011 us=146000 TCPv4_CLIENT WRITE [108] to 78.138.13.91:80: P_CONTROL_V1 kid=0 [ ] pid=1 DATA len=94 Tue Mar 15 09:58:11 2011 us=214000 TCPv4_CLIENT WRITE [108] to 78.138.13.91:80: P_CONTROL_V1 kid=0 [ ] pid=1 DATA len=94 Tue Mar 15 09:58:40 2011 us=589000 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Tue Mar 15 09:58:40 2011 us=589000 TLS Error: TLS handshake failed Tue Mar 15 09:58:40 2011 us=589000 Fatal TLS error (check_tls_errors_co), restarting Tue Mar 15 09:58:40 2011 us=589000 TCP/UDP: Closing socket Tue Mar 15 09:58:40 2011 us=589000 SIGUSR1[soft,tls-error] received, process restarting Tue Mar 15 09:58:40 2011 us=589000 Restart pause, 5 second(s)
關於如何繼續調試此問題的任何想法?自從我收到第一個數據包後,我可以看到埠 80 正在工作,但為什麼在那之後它停止了?
(另一個提示,Skype 在系統托盤中顯示綠色的“已連接”圖示,但實際上並未連接。我認為兩者的問題幾乎相同。)
可能是因為他們代理了 HTTP 流量(也就是說,將其分開,意識到它不是網站流量並將其丟棄)。只要 HTTPS 不進行中間人代理,您可能會更幸運。
我所說的“更幸運”是指“檢查你的連接的使用條款,你可能會因為試圖規避它們而面臨紀律處分”。