Shunze ¾Ç¶é >¸ê°T³]³Æ±M°Ï >Sophos XG > ¡m¤À¨É¡nRemote Access SSL VPN³]©w «¢Åo¡AÁÙ¨S¦³µù¥U©ÎªÌµn¤J¡C½Ð§A[µù¥U|µn¤J]
« ¤W¤@½g¥DÃD ¤U¤@½g¥DÃD » Åã¥Ü¦¨¦C¦L¼Ò¦¡ | ¼W¥[¨ì§Úªº³Ì·R
µoªí·s¥DÃD µoªí¦^ÂÐ
§@ªÌ
¥DÃD
shunze
¤u¤Í§B§B


µù¥U¤é´Á: 2002 04
¨Ó¦Û: ¼é¦Á²×¤î¤§¦a
¤å³¹: 2380

shunze Â÷½u
¡m¤À¨É¡nRemote Access SSL VPN³]©w¤Þ¥Î¦^ÂÐ ½s¿è/§R°£¤å³¹ ·j´M¥Ñ  µoªíªº¨ä¥L¤å³¹ ¦^³øµ¹ª©¥D IP ¦ì¸m ¦^¦¹­¶³Ì¤W¤è

Sophos XG¤WªºSSL VPN¸òCyberoam­ì²z¬Û¦P¡A¦ý¦bWindowsª©¥»¤Wªº²ÕºAÀɵ²ºc¤£¦P¡A
XG±Ä¥Îªº¬O¼Ð·Çªº open vpn ÀɮסA¦ÓCyberoam±Ä¥Îªº¬O±N¾ÌÃÒ»P²ÕºAÀÉÀ£ÁY¥´¥]«áªº tgz ÀÉ¡A
©Ò¥HµLªk¥HCyberoamªºSSL VPNµ{¦¡¡A¶×¤JXGªº²ÕºAÀɨӨϥΡI
¦ý¬Û¹ïªº¡A«o¬O¬Û®e©ó¼Ð·ÇªºOpen VPN¼·±µµ{¦¡³á¡ã


¥H¤U§Ú­Ì´N¨Ó¬Ý¬Ý¦bXG¤¤¦p¦ó³]©wRemote AccessªºSSL VPN¡C

  • ¾ÌÃÒ³]©w
    ¬JµM¬OSSL VPN¡A¾ÌÃÒ·íµM¬OVPN tunnel«Ø¥ßªº¥D¨¤¡A
    §Ú­Ì¥i¥H¨Ï¥ÎXG defaultªºCA¨Óñµo¾ÌÃÒ¡C



    ³¡¸p¨Ï¥Îªº¾ÌÃÒ¡A¥Hdefault CA®Öµoªº¹w³]¾ÌÃÒ ApplianceCertificate ¨Ó¨Ï¥Î§Y¥i¡C



    ·íµM¡A­Y¦³¥Ó½Ð¥¿¦¡ªºCA¾ÌÃÒ¡A§Ú­Ì¤]¥i¤W¶Ç¨Ó¨Ï¥Î¡I

  • SSL VPN Global³]©w

    SSL VPNªºglobal³]©w¡A½Ð¨ì CONFIGURE > VPN > Show VPN Settings > SSL VPN Settings ¨Ó¶i¦æ¡C

    °£¤F³]©w¿ï¥Îªº¾ÌÃÒ¥~¡AXG«Øij¥HUDPªºprotocol¨Ó¼W¥[performance¡A
    µM«á³]©wVPN user¼·¤W¨Ó«á°t¸mªºIP°Ï¬q»PDNS³]©w¡C



  • Remote Access SSL VPN­Ó§O³]©w
    ¦b³]©w¦nSSL VPNªºglobal³]©w«á¡A
    ±µµÛ§Ú­Ì´N¥i¥H¦b CONFIGURE > VPN > SSL VPN (Remote Access) ³]©w¹ïÀ³¨ì«eºÝuserªº­Ó§O³]©w¡C



    «Ø¥ß¤@­ÓRemote Access SSL VPN®É¡A³Ì­«­nªº´N¬O¿ï¾Ü¹ïÀ³ªºVPN user±b¸¹¡C



    µM«á¦bTunnel Access¤¤¡A¥i¥H³]©w³s¤WXG«áªº¸ô¥Ñ¤è¦¡¡C
    ±Ò¥Î Use as Default Gateway¡A·|±N©Ò¦³¬y¶q©¹»·ºÝXG°e¡A
    ·N¨ýµÛVPN userªº³s¥~»Ý¨D±N¶¨ìXG¨Ó¶i¦æ¡A¦Ó¤£¬O³z¹Luser¦Û¤vªº¥~ºô¤U¨®¡C

    ¤£½×±Ò¥Î Use as Default Gateway »P§_¡A¤¹³\VPN user³sµ²ªº¤º³¡ºô¬q¡A§¡»Ý©ó¤U¤èPermitted Network Resource¶i¦æ³]©w¡A
    §_«hVPN¼·¤J«á¡A¥¼©w¸qªº¤º³¡ºô¬qÁÙ¬OµLªk´£¨Ñuser³sµ²ªº¡I



  • ½T»{¬O§_½á¤©User VPNÅv­­
    «Ø¥ß¦nRemote Access SSL VPN profile«á¡A¦^ÀY½T»{¤@¤Uuser±b¸¹ùتºSSL VPNÅv­­¬O§_¤w¶}±Ò¡C
    ½Ð°È¥²½T»{user¤¤SSL VPN policyùتºRemote Access¤w¹ïÀ³¨ì­è¤~«Ø¥ßªºprofile¡C



    ¶â¡H¦³¨S¦³ª`·N¨ì¤U¤è¦³¤@­ÓClientless¿ï¶µ¡H³o¬O¤°»ò¡H

  • Clientless Access Resource
    ©Ò¿×ªºClientless VPN Policy¬O«üVPN¨Ï¥ÎªÌ³s¤WUser portal«á¡A
    ¦bportal­¶­±¤W¤£¥ÎÃB¥~¦w¸Ëµ{¦¡¡A´N¥i¥Hª½±µ¨Ï¥Î»·ºÝºô¸ô¤Wªº¸ê·½(ÁÙ¦³¥t¤@ºØ»¡ªk¥sHTML5 VPN)¡C
    ¦r­±¤W Clientless ©Ò«üªº¡A´N¬O¤£¥ÎÃB¥~¸ËclientºÝªº¤¸¥ó¡C



    Clientless Access¤ä´©¦hºØ¨ó©w¡A³z¹LBookmark¨ÓºÞ²z¡A
    ¦b¨Ï¥ÎClientless Access«e¡A½Ð¥ý©ó CONFIGURE > VPN > Bookmarks ¤¤«Ø¥ßºô­¶¸ê·½¡C



    µM«á¦b CONFIGURE > VPN > Clientless Access ¤¤¡A±Nuser¤ÎBookmark»PClientless Access³sµ²°_¨Ó¡C



  • ½T»{VPN³s¤JÅv­­¬O§_¶}©ñ
    SSL VPNªº«e¸m§@·~§¹¦¨«á¡A±µ¤U¨Ó½Ð½T»{VPN¨Ï¥Î¤Wªº±µ¤f¬O§_©ñ¦æ¡C

    ²Ä¤@­Ó­nÀˬdªº¬O System > Administration > Admin Settings ùتºUser Portal HTTPS Port¸¹¬O¦h¤Ö¡H
    ¿ï¥Îªº¾ÌÃÒ¬O§_¤@­P¡I



    ±µµÛ©ó System > Administration > Device Access ¤¤½T»{WANªºSSL VPN»PUser Portal¬O§_±Ò¥Î¡H
    ­Y¨S±Ò¥Î¡A¬OµLªk¦b¥~¬É¥HSSL VPN¶i¦æ¼·¤Jªº¡I



    ¥t¥~­Y¼·¤Jªº±b¸¹°£¤FXG¥»¾÷±b¸¹¥~¡AÁÙ­n¥]§tAD¤W±b¸¹ªº¸Ü¡A
    ½Ð¦bCONFIGURE > Authentication > Services ¤¤ªº SSL VPN Authentication Methods °Ï¶ô¤¤¡A±NAD¤Ä¿ï°µ¬°ÅçÃÒªºsever¡A
    ³o¼ËAD¤Wªº±b¸¹¤~¯à¶i¦æSSL VPNªº¼·¤J³á¡ã



  • ¶}©ñVPN zoneÅv­­
    VPNªºÅv­­³]©w¥¿½T«á¡A°O±o­n©ñ¦æVPN©Ò¦b°Ï°ìVPN Zoneªº³s½u¯à¤O¡A
    ­Y­n¶}©ñ¹ï¥~¡A½Ð°O±o¶}VPN to WANªº©ñ¦æ³W«h¡F
    ­Y­n¶}©ñ¹ïLANªº¦s¨ú¡A´N­n¶}VPN to LANªºÅv­­¡C



  • UserºÝ¤U¸ü¦w¸Ëµ{¦¡
    ¸U¨Æ­Ñ¥þ¡A¥u³ÑªF­·¡A«áºÝ³£³]©w¦n¤F¡A±µ¤U¨Ó´N³ÑuserºÝ¼·±µµ{¦¡ªº¦w¸Ë³]©w¡C
    ½Ð¥H System > Administration > Admin Settings ùتºUser Portal HTTPS Port¸¹¡Aµn¤JVPN user portal¡C



    µn¤J«á¡A§Y¥i¤U¸üSSL VPN clientºÝµ{¦¡¨Ó¶i¦æ¦w¸Ë¡C



    ¦Ó¦b³]©wVPN®É¡A­Y¦³³]©wClientless Access Bookmark¡A«h·|Åã¥Ü¦bClientless Access Connections°Ï¶ô¨Ñª½±µ¨Ï¥Î¡C



    ÂI¶}«Ø¥ßªºBookmark®É¡A´N·|¥HXG°µ¬°proxyµM«á³sµ²¨ì«ü©wªº¸ê·½¡C
    ·íuser¦b¥~³¡µLªk¦w¸ËVPN¡A¤S­n³sµ²¨ì¤º³¡Àô¹Ò¦s¨úHTTP/RDPµ¥¸ê·½®É¡A«D±`¦n¥Î³á¡ã


    ¡ô¥HXG°µ¬°proxy³sµ²¨ì¤º³¡ºô¯¸¡C


    ¡ô¥HXG°µ¬°proxy³sµ²¨ì¤º³¡»·ºÝ®à­±RDP¥D¾÷¡C

    ¤£¹LClientless VPN¤£¬O§K¶Oªº³á...
    ¥¦»Ý­nNetwork Protection±ÂÅv¤~¯à¨Ï¥Î¡A§ó¦hªºClientless VPN¬ÛÃö¸ê°T¥i¥H°Ñ¦Ò ³o½g¡C

  • ª¬ºA½T»{
    ¦w¸ËclientºÝVPNµ{¦¡«á¡A¦b¥k¤U¨¤±`¾n¦C¤¤¥i¥H¬Ý¨ì«G¬õ¿OªºSophos SSL VPN¼·±µµ{¦¡¹Ï¥Ü¡C
    ¥H·Æ¹«¥kÁä©I¥s¥X¥\¯àªí¡AÂI¿ï¡§³s±µ¡¨§Y¥i¶i¦æ¼·±µ¡C



    ¿é¤J±b/±K¶i¦æ¼·±µ¡C



    ¶}©l¼·±µ¡A¹Ï¥Ü·|¥[«G¶À¿O¡C



    ¼·±µ¦¨¥\«á¡A¬õ¡B¶À¿O®ø¥¢¡A§ï«Gºñ¿O¡A¥Nªí¼·±µ¦¨¥\¡ã



    ¦bXG¤W¡A¥i¥H¬Ý¨ìuser¦¨¥\¼·¤Jªºlog¡C



    ¤]¥i¥H³z¹L¡§Åã¥Üª¬ºA¡¨¨Ó¬d¬Ý¼·±µ¹Lµ{ª¬ºA¡C



    ¥t¥~³z¹L¡§Åã¥Ü¬ö¿ý¡¨«h¥i¥H¬d¬Ý§¹¾ãlog¡C



    ¦pªG¤U¸ü¤F¦h­Óuserªº²ÕºAÀɦæ¦w¸Ë¡A¨º»ò¼·±µµ{¦¡·|Åã¥Ü¦h­Óuser±b¸¹¨Ó¶i¦æ°Ï§O¡C



    ¦Ó¦bVPN¦¨¥\«Ø¥ß«á¡A¦bXG¤Wªº¾ÌÃÒºÞ²z­¶­±¡A¤]¯à¬Ý¨ìuserºÝ©Ò²£¥Íªº¾ÌÃÒ¡C


¥t¥~¡Auser¦b³z¹LSSL VPN¼·¤J«á¡A¨­¥÷ÅçÃÒ¾÷¨î¬O«ùÄò¦³®Äªº¡A
·N«ä¬O»¡¡A­Y»Ý°w¹ï¤£¦Puser¶i¦æÅv­­°Ï¤À¡A
¨Ò¦puser A¥i¶iDMZ¡A¦Óuser B¤£¥i¶iDMZ¡A
¨º§Ú­Ì¥i¥H«Ø¤@±øVPN to DMZªº³W«h¡A¨Ã®M¥Î¨ì¨­¥÷A¤W¡A³o¼Ë´N¥i¥H»´ÃP¹F¨ì¥Øªº¡ã

Sophos XGªºSSL VPN³]©w¨ì¦¹§i¤@¬q¸¨¡C



♥¶¶¤l¦Ñ±Cªººô©ç¡A½Ð¦hÃö·Ó¡ã

If you don't like something, change it.
If you can't change it, change your attitude.
Don't complain!




2016-09-22, 15:02 shunze ªº­Ó¤H¸ê®Æ §â shunze ¥[¤J¦n¤Í¦Cªí µo°eEmailµ¹ shunze ÂsÄý shunze ªººô¯¸ MSN : shunze@gmail.com
shunze
¤u¤Í§B§B


µù¥U¤é´Á: 2002 04
¨Ó¦Û: ¼é¦Á²×¤î¤§¦a
¤å³¹: 2380

shunze Â÷½u
¡m¤À¨É¡nXP¾A¥ÎªºSSL VPN³nÅé¤Þ¥Î¦^ÂÐ ½s¿è/§R°£¤å³¹ ·j´M¥Ñ  µoªíªº¨ä¥L¤å³¹ ¦^³øµ¹ª©¥D IP ¦ì¸m ¦^¦¹­¶³Ì¤W¤è

¦bWindows XP¤W¦w¸Ë¦nSophos XGªºSSL VPN³nÅé«á¡A«o¬O«ç»ò¼·¤]¼·¤£³q¡H
¬d¬Ýlog«á¡Aµo²{¦³¦p¤Uªº¿ù»~¡I

Thu Sep 22 10:25:23 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Thu Sep 22 10:25:23 2016 MANAGEMENT: >STATE:1474511123,ASSIGN_IP,,10.20.30.5,,,,
Thu Sep 22 10:25:23 2016 open_tun, tt->ipv6=0
Thu Sep 22 10:25:23 2016 CreateFile failed on TAP device: \\.\Global\{35E4E288-5187-4F92-84C7-472AB9062A21}.tap
Thu Sep 22 10:25:23 2016 MANAGEMENT: Client disconnected
Thu Sep 22 10:25:23 2016 All TAP-Windows adapters on this system are currently in use.
Thu Sep 22 10:25:23 2016 Exiting due to fatal error

¦P®É©ó¸Ë¸mºÞ²z­û¤¤¡A¬Ý¨ì¤FSophos SSL VPN Adapter²§±`ªº°T®§¡C



¬Ý¨Ó¬OSophosÅX°Êµ{¦¡¨Ã¤£¤ä´©XP¡A
¨º»ò¦³¨ä¥¦¸Ñªk¶Ü¡H

¦³ªº¡A¤@¶}©l¶¶¤l´N¦³´£¨ìXGªºSSL VPN²ÕºAÀɬOOpen VPN¼Ð·Ç®æ¦¡¡A
¨ìOpen VPNºô¯¸¥h¤U¸ü XPª©¥»ªºOpen VPN³nÅé À³¸Ó¦³¾÷·|¦¨¥\¡C

¦w¸Ë¦n«á¡A§â²ÕºAÀɲ¾¨ìOpen VPN¸ô®|¤¤ªºconfig¥Ø¿ý¤U±Ò°Êµ{¦¡¡C
Open VPNªGµM¥i¥H¦bXP¤¤¦¨¥\¹B¦æ¡ã




¨Æ«á¶¶¤l¤]¦³§âXPªº¬Û®e©Ê°ÝÃD¦b Community ¤W¸òSophos¤Ï¬M¡A
¨S·Q¨ì­ì¼t¤]¬O«ØijXPª½±µ¨Ï¥ÎOpen VPN¨Ó´À¥N¡C

Windows XP¤w¸g¦b2014¦~8¤ë°±¤î«áÄòªº¤ä´©ªA°È¡A
¦pªG«D±o¨Ï¥ÎXP¡A¨º»ò¦bSSL VPNªº³nÅé¿ï¾Ü¤W¡A½Ð§ï¥ÎOpen VPN§a¡ã



♥¶¶¤l¦Ñ±Cªººô©ç¡A½Ð¦hÃö·Ó¡ã

If you don't like something, change it.
If you can't change it, change your attitude.
Don't complain!




2016-09-22, 21:40 shunze ªº­Ó¤H¸ê®Æ §â shunze ¥[¤J¦n¤Í¦Cªí µo°eEmailµ¹ shunze ÂsÄý shunze ªººô¯¸ MSN : shunze@gmail.com
shunze
¤u¤Í§B§B


µù¥U¤é´Á: 2002 04
¨Ó¦Û: ¼é¦Á²×¤î¤§¦a
¤å³¹: 2380

shunze Â÷½u
¡m¤À¨É¡nSSL VPN¦æ°Ê¸Ë¸m¤Wªºbug¤Þ¥Î¦^ÂÐ ½s¿è/§R°£¤å³¹ ·j´M¥Ñ  µoªíªº¨ä¥L¤å³¹ ¦^³øµ¹ª©¥D IP ¦ì¸m ¦^¦¹­¶³Ì¤W¤è

¤µ¤Ñ«È¤á¦^³øSSL VPN¦biOS¤W·|³ø¿ù¡AµLªk¥¿±`³s½u¡A°T®§¦p¤U¡C

PolarSSL: error parsing cert
certificate: X508 - The date tag or value is invalid



¶¶¤l¦bAndroid¤â¾÷¤W¶i¦æ´ú¸Õ¤]¦³¬Û¦Pµ²ªG¡A
¬Ý¨Ó³o¬O¤@­Óbug...

¦b Community ¤W¬d¬Ý«á¡A½T©w¥¦¬OV15¶´Å骩¥»¤Wªº¤@­Óbug¡A
·|¦bXG¶´Å骩¥»V16¤W¶i¦æ­×´_¡C

¸g¤É¯Å¨ìV16«á¡A¦æ°Ê¸Ë¸m¤w½T»{¥i¥H³z¹LOpenVPN¨Ó¶i¦æSSL VPNªº¼·±µ¡A
¥u¬OV16ªº¤¶­±¸òV15®t¦n¦h¡I

¬Ý¨Ó¤S­nªá¤@ÂI®É¶¡¥h¾AÀ³¤F...



♥¶¶¤l¦Ñ±Cªººô©ç¡A½Ð¦hÃö·Ó¡ã

If you don't like something, change it.
If you can't change it, change your attitude.
Don't complain!




2016-10-05, 21:56 shunze ªº­Ó¤H¸ê®Æ §â shunze ¥[¤J¦n¤Í¦Cªí µo°eEmailµ¹ shunze ÂsÄý shunze ªººô¯¸ MSN : shunze@gmail.com
shunze
¤u¤Í§B§B


µù¥U¤é´Á: 2002 04
¨Ó¦Û: ¼é¦Á²×¤î¤§¦a
¤å³¹: 2380

shunze Â÷½u
¡m¤À¨É¡nAndroid³]©wSSL VPN¤Þ¥Î¦^ÂÐ ½s¿è/§R°£¤å³¹ ·j´M¥Ñ  µoªíªº¨ä¥L¤å³¹ ¦^³øµ¹ª©¥D IP ¦ì¸m ¦^¦¹­¶³Ì¤W¤è

¦bªù¸¹Äò¬ù´«¤F¤@°¦¤â¾÷«á¡A
Á`ºâ¥i¥H¶¶§Q¶i¦æAndroidªºSSL VPN¾Þ§@¬yµ{Â^¹Ï¡C

  1. ­º¥ý¦b¥«¶°¤U¸üOpenVPN¡C









  2. µM«á¶}±ÒÂsÄý¾¹µn¤JUser Portal¤U¸ü¦æ°Ê¸Ë¸mªº³]©wÀÉ¡C



    ¤U¸ü«á¶}±Ò­è¤~¤U¸üªº³]©wÀÉ·|ª½±µ©I¥sOpenVPN¨Ó°õ¦æ¡A
    ½Ð±µ¨ü¶×¤J³]©wÀÉ¡C



    ³]©wÀɶפJ§¹¦¨«á¡A¿é¤J±K½X¡A«ö¤UConnect³sµ²¡C



    ­Y¿é¤Jªº±K½X¬O¥¿½Tªº¸Ü¡AOpenVPN´N¯à¦¨¥\³s½u¡C



    ¦æ°Ê¸Ë¸m³]©wSSL VPN´N¬O³o»ò²³æ¡ã



♥¶¶¤l¦Ñ±Cªººô©ç¡A½Ð¦hÃö·Ó¡ã

If you don't like something, change it.
If you can't change it, change your attitude.
Don't complain!




2017-03-13, 17:12 shunze ªº­Ó¤H¸ê®Æ §â shunze ¥[¤J¦n¤Í¦Cªí µo°eEmailµ¹ shunze ÂsÄý shunze ªººô¯¸ MSN : shunze@gmail.com
shunze
¤u¤Í§B§B


µù¥U¤é´Á: 2002 04
¨Ó¦Û: ¼é¦Á²×¤î¤§¦a
¤å³¹: 2380

shunze Â÷½u
¡m¤À¨É¡nMAC¤W¦p¦ó³]©wSSL VPN¤Þ¥Î¦^ÂÐ ½s¿è/§R°£¤å³¹ ·j´M¥Ñ  µoªíªº¨ä¥L¤å³¹ ¦^³øµ¹ª©¥D IP ¦ì¸m ¦^¦¹­¶³Ì¤W¤è

MAC¤W¦p¦ó³]©wSSL VPN¡H
¸g¬d OPENVPN ©xºô«áµo²{¡AOPENVPN¦bMAC¤W³Ì¨Î³nÅ鬰Tunnelblick¡C



©Ò¥H½Ð¨ì Tunnelblick ¤U¸üDMG¦w¸ËÀÉ¡C



¤U¸ü«áDMGÀÉ«á¡AÂIÀ»¸ÓÀɶi¦æ¦w¸Ë¡C




¦w¸Ë®É¡A½Ð«ö¹Ï¥Ü¨â¤U¡A¦P·N¶i¦æ¦w¸Ë¡C



µM«á«ö¤U¡§¥´¶}¡¨¥H½T»{¦w¸Ë¡C



­Y¦]¦w¥þ©Ê°ÝÃD¡A¾É­PµLªk¦w¸Ë¡A
½Ð¦w¥þ©Ê»PÁô¨p³]©w­¶­±¤¤¡A¤¹³\±q¥ô¦ó¨Ó·½¶i¦æÀ³¥Îµ{¦¡ªº¦w¸Ë¡C



¦w¸Ë§¹¦¨¡A½Ð«ö¤U¡§ÀˬdÅܤơ¨«ö¶s¡C



§¹¦¨«á¦^¨ìTunnelblick¥D­¶­±¡A
¥i¥H¨ìXGªºUser Portal¨Ó¤U¸üSSLVPNªº³]©wÀɤF¡C




¶}±ÒÂsÄý¾¹¡A³s¤Juser portal«á,¡A½Ð¤U¸ü²Ä4­Ó³]©wÀÉ¡C




OVPN³]©wÀɤU¸ü«á¡A¥i¥Hª½±µÂIÀ»¦¹³]©wÀÉ©I¥sTunnelblick APP¡C



©Î¬O¦bTunnelblick¥\¯à­¶­±¤¤¡A©ì¦²¦¹³]©wÀɨì³]©wÀɺ޲z­¶­±¤¤¡A
µM«á«ö¤U³s±µ¡A¶i¦æSSLVPNªº¼·±µ¡C



³]©wÀɦb«Ø¥ß®É¡A½Ð¨Ì»Ý¨D¿ï¾Ü¨Ï¥Î¹ï¶H¡C



³s±µ®É¡A½Ð¿é¤JSSLVPNªº±b¸¹±K½X¡C
±b¸¹±K½X°È¥²»PUser Portal¤@¼Ë¥¿½T¿é¤J¡C




±b±K¥¿½Tªº¸Ü¡A·|¶i¦æ¥æ¯A¡B·¾³q»P¤À°tIP¡C



¦¨¥\³s½u«á¡A·|Åã¥Üºñ¦â¤w³s½u¦r¦ê³qª¾¨Ï¥ÎªÌ¡C



MAC¤W³]©wSSL VPN¨ì¦¹¶¶§Q§¹¦¨¡ã


*****2017/10/16§ó·s*****
MAC§ó·s¨ì10.13 high sierraª©¥»«á¡AtunnelblickµLªk³s½u¡I¡H

User¤Ï¬M¡A¦bMAC§ó·s¨ì10.13 high sierraª©¥»«á¡AtunnelblickµLªk³s½u¡A
¿ù»~°T®§¦p¤U¡C

2017-10-05 16:48:29 Socket Buffers: R=[131072->131072] S=[131072->131072]
2017-10-05 16:48:29 Attempting to establish TCP connection with [AF_INET]2XX.XX.XX.XX:8443 [nonblock]
2017-10-05 16:48:29 MANAGEMENT: >STATE:1507193309,TCP_CONNECT,,,
2017-10-05 16:48:30 TCP connection established with [AF_INET]2XX.XX.XX.XX:8443
2017-10-05 16:48:30 TCPv4_CLIENT link local: [undef]
2017-10-05 16:48:30 TCPv4_CLIENT link remote: [AF_INET]2XX.XX.XX.XX:8443
2017-10-05 16:48:30 MANAGEMENT: >STATE:1507193310,WAIT,,,
2017-10-05 16:48:30 MANAGEMENT: >STATE:1507193310,AUTH,,,
2017-10-05 16:48:30 TLS: Initial packet from [AF_INET]2XX.XX.XX.XX:8443, sid=963f2931 a91478c5
2017-10-05 16:48:30 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2017-10-05 16:48:30 VERIFY OK: depth=1, C=TW, ST=NA, L=NA, O=SOPHOS, OU=OU, CN=Sophos_CA_S2201765C73F887, emailAddress=XXX.YY@demo.com
2017-10-05 16:48:30 VERIFY ERROR: depth=0, error=format error in certificate's notBefore field: C=TW, ST=NA, L=NA, O=DEMO, OU=OU, CN=SophosApplianceCertificate_S2201765C73F887, emailAddress=XXX.YY@demo.com
2017-10-05 16:48:30 OpenSSL: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
2017-10-05 16:48:30 TLS_ERROR: BIO read tls_read_plaintext error
2017-10-05 16:48:30 TLS Error: TLS object -> incoming plaintext read error
2017-10-05 16:48:30 TLS Error: TLS handshake failed
2017-10-05 16:48:30 Fatal TLS error (check_tls_errors_co), restarting

2017-10-05 16:48:30 SIGUSR1[soft,tls-error] received, process restarting


¬d¸ß Tunnelblick and macOS High Sierra (10.13) «á¡Aµo²{ª¬ªp»P²Ä¤GÂI§k¦X¡C
#2 Tunnelblick is unable to connect and the log in the VPN Details¡K window mentions problems with a certificate.
According to this post, you need to set the configuration to use a version of OpenVPN with OpenSSL, not a version with LibreSSL.
You can choose which version of OpenVPN/SSL on the "Settings" tab of the "Configurations" panel of Tunnelblick's "VPN Details" window.
By default, Tunnelblick uses a version of OpenVPN with OpenSSL.
Tip: If you select multiple configurations in the list on the left side using the Shift or Command keys,
then when you change a setting the change will be applied to all of the selected configurations.


¨Ì·Ó¤W­z»¡©ú¡A½Ð¨Ï¥ÎªÌ½Õ¾ã²ÕºA³]©w¡A±q¹w³]ªº LibreSSL §ï¿ï¥Î OpenSSL «á¡A





tunnelblickªº¼·±µ³s½u´N«ì´_¥¿±`¡A¥i¥H¶¶§Q³s½u¤F¡ã

¥Ñ shunze ¦b 2017-10-16, 11:59 ³Ì«á­×§ï.



♥¶¶¤l¦Ñ±Cªººô©ç¡A½Ð¦hÃö·Ó¡ã

If you don't like something, change it.
If you can't change it, change your attitude.
Don't complain!




2017-08-08, 16:38 shunze ªº­Ó¤H¸ê®Æ §â shunze ¥[¤J¦n¤Í¦Cªí µo°eEmailµ¹ shunze ÂsÄý shunze ªººô¯¸ MSN : shunze@gmail.com
shunze
¤u¤Í§B§B


µù¥U¤é´Á: 2002 04
¨Ó¦Û: ¼é¦Á²×¤î¤§¦a
¤å³¹: 2380

shunze Â÷½u
¡m¤À¨É¡nAndroid OpenVPN§ïª©«áµLªk¨Ï¥Î¡H¤Þ¥Î¦^ÂÐ ½s¿è/§R°£¤å³¹ ·j´M¥Ñ  µoªíªº¨ä¥L¤å³¹ ¦^³øµ¹ª©¥D IP ¦ì¸m ¦^¦¹­¶³Ì¤W¤è

³o´X¤Ñ³°Äò¦³«È¤á¤Ï¬MAndroid¦æ°Ê¸Ë¸m¤WªºOpenVPNµLªk¨Ï¥Î¡I¡H
¸gÁA¸Ñ¡A­ì¨Ó¦æ°Ê¸Ë¸m¤WªºOpenVPN APP¦³¶i¦æ§ïª©(3.0.1)¡A¾É­P­ì¨Óªº¾Þ§@¤è¦¡µLªk¶¶§Q¨Ï¥Î¡C

­ì¥»¦bUser Portal¤U¸ü¨Ï¥ÎªÌovpn²ÕºAÀÉ«á¡A¥i¥Hª½±µÂI¿ï¦¹²ÕºAÀÉ¡A©I¥sOpenVPN¨Ó°õ¦æ¡F
¦ý·sª©¥»¤wµLªkª½±µ©I¥s¤F...




¥H¶¶¤lªºAndroid¬°¨Ò¡A·sª©APP¶×¤Jovpn²ÕºAÀɤ覡¦p¤U¡A
¦w¸Ë¦nOpenVPN«á¡A½Ð°õ¦æ¥¦¨ÃÂI¿ïOVPN profile¥\¯à¡C



§ä¨ì¤U¸üªº²ÕºAÀɨÿï¾Ü«á(¸Ó²ÕºAÀÉ«á­±·|¥X²{¤Ä¤Ä)¡A
¦A¿ï¥k¤W¤èªºIMPORT¥\¯à¡C



±µµÛ·|¥X²{¸Ó²ÕºAÀɪº³]©w¡A
½Ð©ó¦¹¿é¤J¨Ï¥ÎªÌªº±b¸¹±K½X¡C



§¹¦¨«á¡A«ö¤U¥k¤W¤èªºADD¥\¯à¡A¼W¥[¦¹²ÕºAÀÉ¡C



²ÕºAÀɦ¨¥\Àx¦s«á¡D¥i«ö¤U¶}Ãö¼·¶s¨Ó³s³q¤ÎÂ_±¼VPN³s½u¡C




¥t¥~¦bUser Portal¤U¸ü²ÕºAÀɮɡA¦³³¡¤Àuser¤Ï¬MµLªk¶¶§Q¤U¸ü...
¶¶¤l«ØijAndroid¨Ï¥ÎChromeÂsÄý¾¹¡AiOS¨t²Î«h«Øij¨Ï¥ÎSafariÂsÄý¾¹¨Ó¶i¦æ¤U¸ü¡C
­Y¨ÌµMµo¥ÍµLªk¤U¸üªº±¡ªp¡A½Ð¦A´«­ÓÂsÄý¾¹¨Ó´ú¸Õ¡C

¥H¤W§ó·sµ¹¤j®a¡ã



♥¶¶¤l¦Ñ±Cªººô©ç¡A½Ð¦hÃö·Ó¡ã

If you don't like something, change it.
If you can't change it, change your attitude.
Don't complain!




2018-02-22, 15:41 shunze ªº­Ó¤H¸ê®Æ §â shunze ¥[¤J¦n¤Í¦Cªí µo°eEmailµ¹ shunze ÂsÄý shunze ªººô¯¸ MSN : shunze@gmail.com
shunze
¤u¤Í§B§B


µù¥U¤é´Á: 2002 04
¨Ó¦Û: ¼é¦Á²×¤î¤§¦a
¤å³¹: 2380

shunze Â÷½u
¡m¤À¨É¡niPhone³]©wSSL VPN¤Þ¥Î¦^ÂÐ ½s¿è/§R°£¤å³¹ ·j´M¥Ñ  µoªíªº¨ä¥L¤å³¹ ¦^³øµ¹ª©¥D IP ¦ì¸m ¦^¦¹­¶³Ì¤W¤è

­è­èSam­ô­É¤F¥LªºiPhone X¤â¾÷µ¹§Ú¶i¦æSSL VPNªº¾Þ§@Â^¹Ï¡A
iPhone²×©ó¦³¤FSSL VPN¾Þ§@µe­±¡Aª÷¬[´ª·P¤ß¡ã

­º¥ý¥ý¦b¥«¶°¦w¸Ë¦nOpenVPN¡C



µM«á¥HSafariÂsÄý¾¹¨ìUser Portal¤U¸ü²ÕºAÀÉ¡C



¤U¸ü§¹¦¨«á¡A¥i¥H¦bSafari¤¤ª½±µÂI¿ï¡§¦b¡uOpenVPN¡v¤¤¥´¶}¡¨¡C



©I¥sOpenVPN¶}±Ò«á¡A½ÐÂI + ¸¹¡A§â¦¹³]©wÀÉ¥[¤J¡C



¨Ã¤¹³\OpenVPN¼W¥[¦¹²ÕºAÀÉ¡C



²ÕºAÀÉ¥[¤J«á¡A¿é¤J¨Ï¥ÎªÌªº±b¸¹/±K½X¡A«ö¤U³s½u«ö¶s´N§¹¦¨¤F¡I



iPhone¤Wªº¾Þ§@¤]¬Û·í²³æ©O¡ã



♥¶¶¤l¦Ñ±Cªººô©ç¡A½Ð¦hÃö·Ó¡ã

If you don't like something, change it.
If you can't change it, change your attitude.
Don't complain!




2018-02-22, 17:04 shunze ªº­Ó¤H¸ê®Æ §â shunze ¥[¤J¦n¤Í¦Cªí µo°eEmailµ¹ shunze ÂsÄý shunze ªººô¯¸ MSN : shunze@gmail.com
shunze
¤u¤Í§B§B


µù¥U¤é´Á: 2002 04
¨Ó¦Û: ¼é¦Á²×¤î¤§¦a
¤å³¹: 2380

shunze Â÷½u
¡m¤À¨É¡nSSLVPN¯à§_§ïport¡H¤Þ¥Î¦^ÂÐ ½s¿è/§R°£¤å³¹ ·j´M¥Ñ  µoªíªº¨ä¥L¤å³¹ ¦^³øµ¹ª©¥D IP ¦ì¸m ¦^¦¹­¶³Ì¤W¤è

«È¤á¦b°Ý¡A¥Ñ©óSSLVPN user©Ò¦bªºÀô¹Ò¦³­­¨î¹ï¥~portªº¨Ï¥Î¡A
¯à§_±NSSLVPNªºport§ï¦¨TCP 443¡H


XG¦bV17.1«á¡A¶}©ñ¤FSSLVPN¨Ï¥Îportªº­×§ï¥\¯à¡C


¡ô¹w³]¬OTCPªº8443 port¡C

¦]¦¹¦bV17.1«á¡Auser¬O¥i¥H¨Ì»Ý¨D¨Ó¦Û­qSSLVPN port¡C
¤£¹L­n¯S§Oª`·Nªº¬O¡Auser portal¹w³]¨Ï¥Îªº¬OTCP 443 port¡A
©Ò¥H­Y­n±NSSLVPN§ï¦¨TCP 443¡A°O±o­n±Nuser portal©Ò¨Ï¥Îªºport½Õ¶}¡A¨Ã³qª¾user¡A¥HÁקK¥\¯à¤Wªº½Ä¬ð¡C



♥¶¶¤l¦Ñ±Cªººô©ç¡A½Ð¦hÃö·Ó¡ã

If you don't like something, change it.
If you can't change it, change your attitude.
Don't complain!




2018-09-06, 10:25 shunze ªº­Ó¤H¸ê®Æ §â shunze ¥[¤J¦n¤Í¦Cªí µo°eEmailµ¹ shunze ÂsÄý shunze ªººô¯¸ MSN : shunze@gmail.com
  « ¤W¤@½g¥DÃD ¤U¤@½g¥DÃD »
µoªí·s¥DÃD µoªí¦^ÂÐ
¸õ¨ì:

Powered by: Burning Board 1.1.1 2001 WoltLab GbR