我正在尝试连接到我公司的 VPN 服务器。
▶ sudo openvpn --config client.ovpn --auth-user-pass --auth-retry interact
client.ovpn是从 OpenVPN 服务器下载的。同一个文件可以在装有 openVPN 客户端的 OSX 上运行。所以我假设client.ovpn一切正常。
连接后,我在终端上看到的内容如下(省略了一些部分):
Thu Nov 15 01:58:24 2018 us=369587 Option 'explicit-exit-notify' in [PUSH-OPTIONS]:1 is ignored by previous <connection> blocks
Thu Nov 15 01:58:24 2018 us=369660 Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:4: dhcp-pre-release (2.4.4)
Thu Nov 15 01:58:24 2018 us=369699 Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:5: dhcp-renew (2.4.4)
Thu Nov 15 01:58:24 2018 us=369731 Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:6: dhcp-release (2.4.4)
Thu Nov 15 01:58:24 2018 us=370033 Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:31: register-dns (2.4.4)
Thu Nov 15 01:58:24 2018 us=370068 Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:32: block-ipv6 (2.4.4)
............
............
............
Thu Nov 15 01:58:29 2018 us=641193 Initialization Sequence Completed
ifconfig显示如下界面:
tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 172.27.227.152 netmask 255.255.255.0 destination 172.27.227.152
inet6 fe80::d604:d89a:a84a:3bc9 prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3 bytes 144 (144.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
此后我无法浏览内部网站。我可以访问其他网站。OpenVPN 中没有报告任何错误。
我怎样才能解决这个问题?
lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 18.04.1 LTS
Release: 18.04
Codename: bionic
OpenVPN 版本说明如下:
▶ openvpn --version
OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 5 2018
library versions: OpenSSL 1.1.0g 2 Nov 2017, LZO 2.08
Originally developed by James Yonan
Copyright (C) 2002-2017 OpenVPN Technologies, Inc. <[email protected]>
Compile time defines: enable_async_push=no enable_comp_stub=no enable_crypto=yes enable_crypto_ofb_cfb=yes enable_debug=yes enable_def_auth=yes enable_dependency_tracking=no enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=needless enable_fragment=yes enable_iproute2=yes enable_libtool_lock=yes enable_lz4=yes enable_lzo=yes enable_maintainer_mode=no enable_management=yes enable_multihome=yes enable_pam_dlopen=no enable_pedantic=no enable_pf=yes enable_pkcs11=yes enable_plugin_auth_pam=yes enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_selinux=no enable_server=yes enable_shared=yes enable_shared_with_static_runtimes=no enable_silent_rules=no enable_small=no enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=yes enable_werror=no enable_win32_dll=yes enable_x509_alt_username=yes with_aix_soname=aix with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no with_sysroot=no
答案1
尝试编辑你的 OpenVPN 客户端配置并添加:
# Set CloudFlare and Google DNS:
dhcp-option DNS 1.1.1.1
dhcp-option DNS 8.8.8.8
然后重新连接。如果没有效果,请再次编辑配置并将上面的行替换为:
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
^ 首先确保这两个设置示例未包含在您的客户端配置中。
(最好事先确保该文件/etc/openvpn/update-resolv-conf存在于您的操作系统中。例如:ls /etc/openvpn/update-resolv-conf或cat /etc/openvpn/update-resolv-conf)