OpenVPN 桥接网关停止所有流量

tag-icon tag-icon linux openvpn bridge gateway
OpenVPN 桥接网关停止所有流量

我不确定这是linux还是windows的问题。我已经使用包含 tap0 和 eth0 的桥接接口设置了 openvpn。我的客户端计算机(win10)通过 dhcp 服务器获取其 IP。配置行server-bridge会导致 dhcp 网关被删除,因此客户端不会收到它。当我将该行更改为server-bridge nogw网关地址时,会提供给客户端,但我无法 ping 或连接到网关。我有什么错吗?

客户端(win10)路由表

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.79     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
       172.16.0.0      255.255.0.0         On-link      172.16.1.205    257
     172.16.1.205  255.255.255.255         On-link      172.16.1.205    257
   172.16.255.255  255.255.255.255         On-link      172.16.1.205    257
      192.168.1.0    255.255.255.0         On-link      192.168.1.79    266
     192.168.1.79  255.255.255.255         On-link      192.168.1.79    266
    192.168.1.255  255.255.255.255         On-link      192.168.1.79    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link      192.168.1.79    266
        224.0.0.0        240.0.0.0         On-link      172.16.1.205    257
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link      192.168.1.79    266
  255.255.255.255  255.255.255.255         On-link      172.16.1.205    257
===========================================================================

当我让它正常工作并通过 VPN 路由流量时,以下行将添加到路由表中:

0.0.0.0     0.0.0.0       172.16.0.1  172.16.1.205 2
64.191.11.0 255.255.255.0 192.168.1.1 192.168.1.96 61

第二行允许 VPN 流量使用原始网关。

OpenVPN 服务器配置文件

port 1194
proto udp
dev tap
ca /etc/openvpn/ca.crt
cert /etc/openvpn/myservername.crt
key /etc/openvpn/myservername.key  # This file should be kept secret
dh /etc/openvpn/dh2048.pem
server-bridge
script-security 2
up "up br0 eth0"
down "down br0 eth0"
down-pre
push "dhcp-option DNS 172.16.0.1"
client-to-client
keepalive 10 120
tls-auth /etc/openvpn/ta.key 0 # This file is secret
cipher BF-CBC        # Blowfish (default)
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3

添加nogwserver-bridge线路允许网关通过 dhcp,但我无法再访问服务器。脚本up并将downTap 接口添加到桥或将其删除。

OpenVPN 客户端配置:

client
dev tap
remote jmerrill.us 1194
nobind
persist-key
persist-tun
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\client1.crt"
key "C:\\Program Files\\OpenVPN\\config\\client1.key"
tls-auth "C:\\Program Files\\OpenVPN\\config\\ta.key" 1
cipher BF-CBC
comp-lzo
verb 3

相关内容