通过 OpenVPN 隧道在调制解调器和辅助路由器之间进行路由

tag-icon tag-icon linux networking router routing openvpn
通过 OpenVPN 隧道在调制解调器和辅助路由器之间进行路由

ifconfig:

[sean@vpnroute ~]$ ifconfig
enp2s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.73  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::ec0b:ae38:36e5:804b  prefixlen 64  scopeid 0x20<link>
        ether 00:e0:4c:d2:31:69  txqueuelen 1000  (Ethernet)
        RX packets 2402  bytes 276939 (270.4 KiB)
        RX errors 0  dropped 2  overruns 0  frame 0
        TX packets 278  bytes 41664 (40.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

enp4s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::f85a:9d48:bbc9:9ccd  prefixlen 64  scopeid 0x20<link>
        ether 00:e0:4c:d2:31:6a  txqueuelen 1000  (Ethernet)
        RX packets 77  bytes 17028 (16.6 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 23  bytes 6396 (6.2 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 10.117.222.6  netmask 255.255.254.0  destination 10.117.222.6
        inet6 fe80::2f3d:36f7:5e2f:4c0b  prefixlen 64  scopeid 0x20<link>
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 100  (UNSPEC)
        RX packets 185  bytes 34148 (33.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 171  bytes 20199 (19.7 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

wlp3s0b1: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        ether 00:8e:f2:df:da:04  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

路线:

[sean@vpnroute ~]$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.117.222.1    128.0.0.0       UG    0      0        0 tun0
0.0.0.0         192.168.1.254   0.0.0.0         UG    202    0        0 enp2s0
10.117.222.0    0.0.0.0         255.255.254.0   U     0      0        0 tun0
128.0.0.0       10.117.222.1    128.0.0.0       UG    0      0        0 tun0
192.168.1.0     0.0.0.0         255.255.255.0   U     202    0        0 enp2s0
213.159.14.131  192.168.1.254   255.255.255.255 UGH   0      0        0 enp2s0

目标:

Modem <--enp2s0--> Firewall <--tun0--> VPN Server
                  (vpnroute)    |
                                 --enp4s0--> Router <--lan--> Clients

我不知道自己到底在做什么,所以我很难解释我尝试过的事情,但是尝试以下操作似乎不起作用:

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables --table nat --append POSTROUTING --out-interface tun0 -j MASQUERADE
iptables --append FORWARD --in-interface enp4s0 -j ACCEPT

我无法修改 OpenVPN 配置。

相关内容