Raspberry Pi OpenVPN - 无互联网

Raspberry Pi OpenVPN - 无互联网

几天来,我一直在寻找有关 OpenVPN 问题的答案。我用运行 raspbian 的 raspberry pi 制作了一个 VPN。当我连接到 VPN 时,我的 IP 地址会更改,但我无法连接到互联网。我尝试过在 Windows 10、iPhone 和 Galaxy s7 上进行操作。我的 Raspberry Pi 通过以太网电缆直接连接到路由器。

所有设备都连接到 VPN,但最终会说,“无法访问此站点。找不到 [URL] 的服务器 DNS 地址

我知道已经有大量关于此问题的支持页面,但我已经尝试了所有方法,但都没有成功。下面列出了一些文件,如果您需要的话。

/etc/openvpn/server.conf:

local 192.168.1.103
dev tun
proto udp
port 1194
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/RaspberryVPN.crt
key /etc/openvpn/easy-rsa/keys/RaspberryVPN.key
dh /etc/openvpn/easy-rsa/keys/dh1024.pem 
server 10.8.0.0 255.255.255.0
ifconfig 10.8.0.1 10.8.0.2
push "route 10.8.0.1 255.255.255.255"
push "route 10.8.0.0 255.255.255.0"
push "route 192.168.1.103 255.255.255.0"
push "dhcp-option DNS 8.8.8.8"
client-to-client
push "redirect-gateway def1"
duplicate-cn
keepalive 10 120
tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0
cipher AES-128-CBC
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn-status.log 20
log /var/log/openvpn.log
verb 1

/etc/firewall-openvpn-rules.sh:

#!/bin/sh

#iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j SNAT --to-source 192.168.1.103
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

在 /etc/网络/接口:

# interfaces(5) file used by ifup(8) and ifdown(8)

# Please note that this file is written to be used with dhcpcd
# For static IP, consult /etc/dhcpcd.conf and 'man dhcpcd.conf'

# Include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d

auto lo
iface lo inet loopback

iface eth0 inet static
address 192.168.1.103
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1
        pre-up /etc/firewall-openvpn-rules.sh

allow-hotplug wlan0
iface wlan0 inet manual
    wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf

allow-hotplug wlan1
iface wlan1 inet manual
    wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf

/etc/openvpn/easy-rsa/keys/Default.txt:

client
dev tun
proto udp
remote [EXTERNAL IP] 1194
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
ns-cert-type server
key-direction 1
cipher AES-128-CBC
comp-lzo
verb 1
mute 20

/etc/sysctl.conf:

net.ipv4.ip_forward=1

答案1

您是否在 Pi 上启用了数据包转发?

您需要编辑该/etc/sysctl.conf文件并确保以下值设置为 1(如此处) - 并确保它也没有被注释掉:

net.ipv4.ip_forward=1

希望这能有所帮助。我无法立即发现上述配置存在任何问题。

答案2

您是否已确保接口已启动?尝试运行

sudo ifconfig <interface> down
sudo ifconfig <interface> up

另外,您似乎正在使用 Google 的 DNS,您可以尝试使用其他提供商,例如 Freenom 的 DNS(80.80.80.80、80.80.81.81)或 OpenNIC DNS(87.98.175.85)。除此之外,我想不出其他任何方法,如果都不起作用,您可能不得不重新开始,从头开始。

答案3

所以我重置了我的 SD 卡并重新开始,但这次我使用了 PiVPN。它很简单,设置起来很快。以下是 PiVPN 设置的文件。问题中列出的一些文件不是用 PiVPN 创建的。PiVPN 网站

/etc/openvpn/server.conf:

push "route 192.168.1.0 255.255.255.0"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "redirect-gateway def1"
client-to-client
duplicate-cn
keepalive 10 120
tls-version-min 1.2
tls-auth /etc/openvpn/easy-rsa/pki/ta.key 0
cipher AES-256-CBC
auth SHA256
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
#crl-verify /etc/openvpn/crl.pem
status /var/log/openvpn-status.log 20
status-version 3
log /var/log/openvpn.log
verb 1
# Generated for use by PiVPN.io

在 /etc/网络/接口:

# interfaces(5) file used by ifup(8) and ifdown(8)

# Please note that this file is written to be used with dhcpcd
# For static IP, consult /etc/dhcpcd.conf and 'man dhcpcd.conf'

# Include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d

auto lo
iface lo inet loopback

iface eth0 inet manual

allow-hotplug wlan0
iface wlan0 inet manual
    wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf

allow-hotplug wlan1
iface wlan1 inet manual
    wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf

/etc/sysctl.conf:

net.ipv4.ip_forward=1

相关内容