[操作疑難] IOS openvpn求助

小弟現身在大陸,終於用到OPENVPN翻牆啦,在香港己有QNAP,PORT 443用了一陳便被封了,後來改了用了其他PORT後一小時也沒事,現在想用IPHONE手機上埋,但有問題.手機己安裝OPENVPN, 我將QNAP產生出來的CA和OPENVPN檔滙到IPHONE,CA在手機打開問我是否裝,安裝後再打開OPENVPN檔,但程式顥示"ca.crt:cannot open for read,後來上綱搵有人話要將CA檔放入OPENVPN檔入面,我完全不明,可否有高手求救,謝

client
proto udp
remote openvpnserver.example.com
port 1194
dev tun
nobind

key-direction 1

<ca>
-----BEGIN CERTIFICATE-----
# insert base64 blob from ca.crt
-----END CERTIFICATE-----
</ca>

<cert>
-----BEGIN CERTIFICATE-----
# insert base64 blob from client1.crt
-----END CERTIFICATE-----
</cert>

<key>
-----BEGIN PRIVATE KEY-----
# insert base64 blob from client1.key
-----END PRIVATE KEY-----
</key>

<tls-auth>
-----BEGIN OpenVPN Static key V1-----
# insert ta.key
-----END OpenVPN Static key V1-----
</tls-auth>

TOP

C兄,謝謝你的回覆,小弟試了一下,也是不成功,所以煩請再指教一下,以下是QNAP滙出來的ovpn FILE

"client
dev tun
script-security 3
proto udp
remote  qnap.myqnapcloud.com  5000
resolv-retry infinite
nobind
ca ca.crt
auth-user-pass
reneg-sec 0
cipher AES-128-CBC
comp-lzo"

然後是滙出來的ca檔

"<ca>
-----BEGIN CERTIFICATE-----
一堆英文和符號
-----END CERTIFICATE-----
</ca>
我就將這2 個放在一起,結果都係唔得,請幫幫我,萬分感謝

TOP

nobind
ca ca.crt (delete this line)

TOP

C兄,得啦,超感謝你

TOP

另,我也有一台SYNOLOGY,也搞不到,可否幫多我一次?

以下是滙出來的OVPN檔

"dev tun
tls-client

remote synology.noip.com 1194

# The "float" tells OpenVPN to accept authenticated packets from any address,
# not only the address which was specified in the --remote option.
# This is useful when you are connecting to a peer which holds a dynamic address
# such as a dial-in user or DHCP client.
# (Please refer to the manual of OpenVPN for more information.)

#float

# If redirect-gateway is enabled, the client will redirect it's
# default network gateway through the VPN.
# It means the VPN connection will firstly connect to the VPN Server
# and then to the internet.
# (Please refer to the manual of OpenVPN for more information.)

#redirect-gateway

# dhcp-option DNS: To set primary domain name server address.
# Repeat this option to set secondary DNS server addresses.

#dhcp-option DNS DNS_IP_ADDRESS

pull

proto udp
script-security 2

ca ca.crt

comp-lzo

reneg-sec 0

auth-user-pass"

我試過將CA CA.CRT DEL,再滙入CA檔,個OPENVPN寫error,polarSSL:ca certificate is undefined,many thx^^

TOP