NetworkManager OpenVPN 创建到 VPN 服务器的额外/不正确的路由

tag-icon tag-icon linux ubuntu networkmanager openvpn
NetworkManager OpenVPN 创建到 VPN 服务器的额外/不正确的路由

我正在使用网络管理器连接到 Ubuntu 中的 OpenVPN 服务器。连接建立良好,但正在创建一条路由,将 VPN 服务器的 IP 路由到错误的接口。

default via 192.168.101.1 dev enxc8f750d7f457 proto dhcp src 192.168.101.212 metric 100
107.152.8.72 via 192.168.101.1 dev enxc8f750d7f457 proto static metric 50
172.16.0.0/12 dev vpn0 proto static scope link metric 50

not needed and incorrect >>>> 172.16.140.182 via 192.168.101.1 dev enxc8f750d7f457 proto static metric 50 <<<<

172.28.12.0/24 dev vpn0 proto kernel scope link src 172.28.12.117 metric 50
192.168.101.0/24 dev enxc8f750d7f457 proto kernel scope link src 192.168.101.212 metric 100
192.168.101.1 dev enxc8f750d7f457 proto static scope link metric 50
192.168.140.0/24 via 192.168.141.1 dev tun0 proto static metric 50
192.168.141.0/24 dev tun0 proto kernel scope link src 192.168.141.2 metric 50

如果我手动删除路线,一切都很好。另外,如果我从命令行运行 openvpn ,则不会创建路由,一切都很好......

default via 192.168.101.1 dev enxc8f750d7f457 proto dhcp src 192.168.101.212 metric 100
107.152.8.72 via 192.168.101.1 dev enxc8f750d7f457 proto static metric 50
172.16.0.0/12 dev vpn0 proto static scope link metric 50
172.28.12.0/24 dev vpn0 proto kernel scope link src 172.28.12.117 metric 50
192.168.101.0/24 dev enxc8f750d7f457 proto kernel scope link src 192.168.101.212 metric 100
192.168.101.1 dev enxc8f750d7f457 proto static scope link metric 50
192.168.140.0/24 via 192.168.141.1 dev tun0
192.168.141.0/24 dev tun0 proto kernel scope link src 192.168.141.2

根据评论中的请求,这是nmcliopenvpn 连接启动之前的输出...

***1 VPN connection
        master enxc8f750d7f457, VPN
        inet4 172.28.12.114/24
        route4 172.16.0.0/12 metric 50
        route4 172.28.12.0/24 metric 50
        inet6 fe80::b0fd:7457:8bb9:645a/64
        route6 fe80::/64 metric 256

enxc8f750d7f457: connected to Dock (DHCP)
        "Realtek RTL8153"
        ethernet (r8152), C8:F7:50:D7:F4:57, hw, mtu 1500
        ip4 default
        inet4 192.168.101.212/24
        route4 default via 192.168.101.1 metric 100
        route4 192.168.101.0/24 metric 100
        route4 192.168.101.1/32 metric 50
        route4 107.152.8.72/32 via 192.168.101.1 metric 50
        inet6 fe80::9f9c:d780:b443:a93c/64
        route6 fe80::/64 metric 1024

lo: connected (externally) to lo
        "lo"
        loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536
        inet4 127.0.0.1/8
        inet6 ::1/128
        route6 ::1/128 metric 256

vpn0: connected (externally) to vpn0
        "vpn0"
        tun, sw, mtu 1390
        inet4 172.28.12.114/24
        route4 172.16.0.0/12 metric 50
        route4 172.28.12.0/24 metric 50
        inet6 fe80::b0fd:7457:8bb9:645a/64
        route6 fe80::/64 metric 256

wlo1: disconnected
        "Intel Cannon Lake PCH CNVi"
        3 connections available
        wifi (iwlwifi), 04:EA:56:3A:81:67, autoconnect, hw, mtu 1500

p2p-dev-wlo1: disconnected
        "p2p-dev-wlo1"
        wifi-p2p, hw

eno2: unavailable
        "Intel I219-LM"
        ethernet (e1000e), C8:F7:50:5D:7B:CE, hw, mtu 1500

DNS configuration:
        servers: 172.16.5.50 172.16.6.50
        interface: vpn0
        type: vpn

        servers: 192.168.101.1
        domains: home
        interface: enxc8f750d7f457

...之后....

***2 VPN connection
        master enxc8f750d7f457, VPN
        inet4 192.168.141.2/24
        route4 192.168.141.0/24 metric 50
        route4 192.168.140.0/24 via 192.168.141.1 metric 50
        inet6 fe80::ac80:5ff7:3635:5611/64
        route6 fe80::/64 metric 256

***1 VPN connection
        master enxc8f750d7f457, VPN
        inet4 172.28.12.114/24
        route4 172.16.0.0/12 metric 50
        route4 172.28.12.0/24 metric 50
        inet6 fe80::b0fd:7457:8bb9:645a/64
        route6 fe80::/64 metric 256

enxc8f750d7f457: connected to Dock (DHCP)
        "Realtek RTL8153"
        ethernet (r8152), C8:F7:50:D7:F4:57, hw, mtu 1500
        ip4 default
        inet4 192.168.101.212/24
        route4 default via 192.168.101.1 metric 100
        route4 192.168.101.0/24 metric 100
        route4 192.168.101.1/32 metric 50
        route4 107.152.8.72/32 via 192.168.101.1 metric 50
        route4 172.16.140.182/32 via 192.168.101.1 metric 50
        inet6 fe80::9f9c:d780:b443:a93c/64
        route6 fe80::/64 metric 1024

lo: connected (externally) to lo
        "lo"
        loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536
        inet4 127.0.0.1/8
        inet6 ::1/128
        route6 ::1/128 metric 256

tun0: connected (externally) to tun0
        "tun0"
        tun, sw, mtu 1500
        inet4 192.168.141.2/24
        route4 192.168.141.0/24 metric 50
        route4 192.168.140.0/24 via 192.168.141.1 metric 50
        inet6 fe80::ac80:5ff7:3635:5611/64
        route6 fe80::/64 metric 256

vpn0: connected (externally) to vpn0
        "vpn0"
        tun, sw, mtu 1390
        inet4 172.28.12.114/24
        route4 172.16.0.0/12 metric 50
        route4 172.28.12.0/24 metric 50
        inet6 fe80::b0fd:7457:8bb9:645a/64
        route6 fe80::/64 metric 256

wlo1: disconnected
        "Intel Cannon Lake PCH CNVi"
        3 connections available
        wifi (iwlwifi), 04:EA:56:3A:81:67, autoconnect, hw, mtu 1500

p2p-dev-wlo1: disconnected
        "p2p-dev-wlo1"
        wifi-p2p, hw

eno2: unavailable
        "Intel I219-LM"
        ethernet (e1000e), C8:F7:50:5D:7B:CE, hw, mtu 1500

DNS configuration:
        servers: 172.16.5.50 172.16.6.50
        interface: vpn0
        type: vpn

        servers: 192.168.101.1
        domains: home
        interface: enxc8f750d7f457

我不确定master enxc8f750d7f457, VPN到底是什么意思或者你如何设置它,但如果是的话似乎更正确master vpn0, VPN。 ***2 VPN 连接位于 ***1 VPN 连接内部。

相关内容