OpenVPN连接成功但未通过审查!

OpenVPN连接成功但未通过审查!

我使用 Ubuntu 18.04,刚刚安装了 openVPN。当我运行它并传递凭据(在终端中)时,它成功连接:(除了证书验证警告外,没有错误或其他内容)

Sun Aug 12 16:00:29 2018 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Sun Aug 12 16:00:29 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]EXTERNAL_IP-ADDRESS:7080
Sun Aug 12 16:00:29 2018 Socket Buffers: R=[87380->87380] S=[16384->16384]
Sun Aug 12 16:00:29 2018 Attempting to establish TCP connection with [AF_INET]EXTERNAL_IP-ADDRESS:7080 [nonblock]
Sun Aug 12 16:00:31 2018 TCP connection established with [AF_INET]EXTERNAL_IP-ADDRESS:7080
Sun Aug 12 16:00:31 2018 Send to HTTP proxy: 'CONNECT 127.0.0.1:443 HTTP/1.0'
Sun Aug 12 16:00:31 2018 Send to HTTP proxy: 'Host: 127.0.0.1'
Sun Aug 12 16:00:33 2018 HTTP proxy returned: 'HTTP/1.1 200 Connection established'
Sun Aug 12 16:00:35 2018 TCP_CLIENT link local: (not bound)
Sun Aug 12 16:00:35 2018 TCP_CLIENT link remote: [AF_INET]EXTERNAL_IP-ADDRESS:7080
Sun Aug 12 16:00:36 2018 TLS: Initial packet from [AF_INET]EXTERNAL_IP-ADDRESS:7080, sid=2187abbb 60e49570
Sun Aug 12 16:00:36 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sun Aug 12 16:00:40 2018 VERIFY OK: depth=1, CN=Next
Sun Aug 12 16:00:40 2018 VERIFY OK: depth=0, CN=server
Sun Aug 12 16:00:43 2018 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 384 bit EC, curve: secp384r1
Sun Aug 12 16:00:43 2018 [server] Peer Connection Initiated with [AF_INET]EXTERNAL_IP-ADDRESS:7080
Sun Aug 12 16:00:45 2018 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Sun Aug 12 16:00:50 2018 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Sun Aug 12 16:00:50 2018 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route 10.7.0.1,topology net30,ping 15,ping-restart 120,ifconfig 10.7.2.18 10.7.2.17,peer-id 0,cipher AES-256-GCM'
Sun Aug 12 16:00:50 2018 OPTIONS IMPORT: timers and/or timeouts modified
Sun Aug 12 16:00:50 2018 OPTIONS IMPORT: --ifconfig/up options modified
Sun Aug 12 16:00:50 2018 OPTIONS IMPORT: route options modified
Sun Aug 12 16:00:50 2018 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sun Aug 12 16:00:50 2018 OPTIONS IMPORT: peer-id set
Sun Aug 12 16:00:50 2018 OPTIONS IMPORT: adjusting link_mtu to 1626
Sun Aug 12 16:00:50 2018 OPTIONS IMPORT: data channel crypto options modified
Sun Aug 12 16:00:50 2018 Data Channel: using negotiated cipher 'AES-256-GCM'
Sun Aug 12 16:00:50 2018 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Sun Aug 12 16:00:50 2018 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Sun Aug 12 16:00:50 2018 ROUTE_GATEWAY Router_IP_Address/255.255.255.0 IFACE=wlp2s0 HWADDR=48:d2:24:37:87:5d
Sun Aug 12 16:00:50 2018 TUN/TAP device tun0 opened
Sun Aug 12 16:00:50 2018 TUN/TAP TX queue length set to 100
Sun Aug 12 16:00:50 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Sun Aug 12 16:00:50 2018 /sbin/ip link set dev tun0 up mtu 1500
Sun Aug 12 16:00:50 2018 /sbin/ip addr add dev tun0 local 10.7.2.18 peer 10.7.2.17
Sun Aug 12 16:00:50 2018 /sbin/ip route add EXTERNAL_IP-ADDRESS/32 via 192.168.1.1
Sun Aug 12 16:00:50 2018 /sbin/ip route add 0.0.0.0/1 via 10.7.2.17
Sun Aug 12 16:00:50 2018 /sbin/ip route add 128.0.0.0/1 via 10.7.2.17
Sun Aug 12 16:00:50 2018 /sbin/ip route add 10.7.0.1/32 metric 1 via 10.7.2.17
Sun Aug 12 16:00:50 2018 Initialization Sequence Completed

当我在谷歌上搜索“我的 IP 地址”时,它显示了我的新 IP,但我无法打开被屏蔽的网站,例如 youtube 或 facebook。(不幸的是,它们在我的国家被屏蔽了!)

编辑:原来是DNS泄漏问题!

提前致谢!

答案1

也许您需要禁用 IPv6?我猜您的计算机正在尝试通过 IPv6 连接到网站,而您仅通过 IPv4 通过 VPN 路由流量。我遇到了差不多相同的问题。

您可以查看:https://whatismyipaddress.com/

之后,它应该只显示您的 VPN IPv4 地址。

答案2

我花了两天时间在 Google 上搜索,然后意识到(通过dnsleaktest.com)我遇到了 DNS 泄漏问题。本博客本维基对我帮助很大所以我首先安装:

sudo apt install openresolv

然后补充道:

--script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf

到我的 openvpn 配置文件的底部,现在它运行得很好!仅供参考,我仅从终端运行 openvpn。

相关内容