最近,我公司的 Ubuntu Server 14.04 坏了。我们使用该服务器作为默认网关,用户可以访问文件服务器 (Windows 2012)、互联网和 VPN。我已连接文件服务器和互联网,但 VPN 出现问题。
旧服务器上的文件/etc/network/interfaces
如下所示:
auto lo eth2 eth1 eth2:0 eth2:1 eth2:2
iface lo inet loopback
iface eth2 inet static
address 192.168.101.201
netmask 255.255.255.0
network 192.168.101.0
broadcast 192.168.101.255
dns-nameservers 8.8.8.8
iface eth2:0 inet static
address 192.168.102.201
netmask 255.255.255.0
broadcast 192.168.102.255
network 192.168.102.0
iface eth1 inet static
address 192.168.1.2
netmask 255.255.255.0
broadcast 192.168.1.255
network 192.168.1.0
gateway 192.168.1.1
post-up iptables-restore < /etc/iptables.up.rules
iface eth2:1 inet static
address 192.168.10.201
netmask 255.255.255.0
broadcast 192.168.10.255
network 192.168.10.0
iface eth2:2 inet static
address 10.26.97.201
netmask 255.255.255.0
broadcast 10.26.97.255
network 10.26.97.0
up route add -host 10.26.60.1 gw 10.26.97.1
在 Ubuntu 22.10 上我的配置etc/netplan/00-installer-config.yaml
如下:
network:
ethernets:
enp3s1:
addresses:
- 192.168.1.2/24
gateway4: 192.168.1.1
dhcp4: false
dhcp6: false
optional: true
nameservers:
addresses: [192.168.101.99]
search: [iasu.local]
enp2s0:
addresses:
- 192.168.101.201/24
- 192.168.102.201/24
dhcp4: false
optional: true
nameservers:
search: [iasu.local]
addresses:
- 192.168.101.99
- 8.8.8.8
version: 2
文件/etc/iptables/rules.v4
如下所示:
# Generated by iptables-save v1.8.7 on Tue Feb 14 14:41:10 2023
*mangle
:PREROUTING ACCEPT [56475:51506045]
:INPUT ACCEPT [1684:158193]
:FORWARD ACCEPT [54586:51318730]
:OUTPUT ACCEPT [1564:201453]
:POSTROUTING ACCEPT [56327:51546519]
COMMIT
# Completed on Tue Feb 14 14:41:10 2023
# Generated by iptables-save v1.8.7 on Tue Feb 14 14:41:10 2023
*filter
:INPUT ACCEPT [1684:158193]
:FORWARD ACCEPT [54586:51318730]
:OUTPUT ACCEPT [1545:199261]
COMMIT
# Completed on Tue Feb 14 14:41:10 2023
# Generated by iptables-save v1.8.7 on Tue Feb 14 14:41:10 2023
*nat
:PREROUTING ACCEPT [820:100362]
:INPUT ACCEPT [38:4630]
:OUTPUT ACCEPT [75:9186]
:POSTROUTING ACCEPT [83:9602]
-A POSTROUTING -s 192.168.101.0/24 -o enp3s1 -j MASQUERADE
-A POSTROUTING -s 192.168.102.0/24 -o enp3s1 -j MASQUERADE
COMMIT
# Completed on Tue Feb 14 14:41:10 2023
要使用 VPN 访问网站,我必须在 TCP/IP 设置中输入这些参数VPN 设置在我的 Windows 电脑上,然后在网络浏览器中我必须输入http://10.26.60.1/arhiv访问网站 VPN 网站。
我必须允许所有用户访问 Ubuntu 22.10 上的文件服务器、互联网和 VPN 网络应用程序。
默认网关所有计算机上的都是192.168.101.201
或192.168.102.201
。