我对使用 VPN 还很陌生。对于一个家庭项目,我正在运行一个 OpenVPN 服务器。该服务器在网络 192.168.2.0 和子网 255.255.255.0 内运行
我可以使用 IP 范围 5.5.0.0 连接到这个网络,我猜测子网是 255.255.255.192,但我对此并不确定。
当连接到我的 VPN 网络时,我可以通过 5.5.0.1 访问服务器,并且可以看到在该机器上创建的 Samba 共享。但是,我无权连接到 Samba 共享。当我查看尝试连接的计算机的 Samba 日志时,我可以看到以下消息:
lib/access.c:338(allow_access) Denied connection from 5.5.0.132 (5.5.0.132)
这些是 /etc/samba/smb.conf 中的共享定义
interfaces = 192.168.2.0/32 5.5.0.0/24
security = user
# wins-support = no
# wins-server = w.x.y.z.
// A LOT OF MORE SETTINGS AND COMMENTS
hosts allow = 127.0.0.1 192.168.2.0/24 5.5.0.132/24
hosts deny = 0.0.0.0/0
browseable = yes
path = [path to share]
directory mask = 0755
force create mode = 0755
valid users = [a valid user, which i use to login with]
writeable = yes
force group = [the group i force to write with]
force user = [the user i force to write with]
这是 ifconfig 命令的输出
as0t0
Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:5.5.0.1 P-t-P:5.5.0.1 Mask:255.255.255.192
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:200
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
as0t1
Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:5.5.0.65 P-t-P:5.5.0.65 Mask:255.255.255.192
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:200
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
as0t2
Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:5.5.0.129 P-t-P:5.5.0.129 Mask:255.255.255.192
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:xxxx errors:0 dropped:0 overruns:0 frame:0
TX packets:xxxx errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:200
RX bytes:xxxx (xxxx MB) TX bytes:12403514 (xxxx MB)
as0t3
Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:5.5.0.193 P-t-P:5.5.0.193 Mask:255.255.255.192
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:7041 errors:0 dropped:0 overruns:0 frame:0
TX packets:9797 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:200
RX bytes:xxxx (xxxx KB) TX bytes:xxxx (xxxx MB)
eth1
Link encap:Ethernet HWaddr 00:0e:2e:61:78:21
inet addr:192.168.2.100 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: xxxx:xxxx:xxxx:xxxx:7821/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:xxxx errors:0 dropped:0 overruns:0 frame:0
TX packets:xxxx errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:xxxx (xxxx MB) TX bytes:xxxx (xxxx MB)
Interrupt:16 Base address:0x6000
lo
Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:xxxx errors:0 dropped:0 overruns:0 frame:0
TX packets:xxxx errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:xxxx (xxxx MB) TX bytes:xxxx (xxxx MB)
谁能告诉我出了什么问题?
我的服务器运行的是 Ubuntu 12.04 LTS
答案1
您不必为单个主机添加 /24。您可以尝试
hosts allow = 127.0.0.1 192.168.2.0/24 5.5.0.0/24
允许来自 ips 5.5.0.0 - 5.5.0.255 的所有主机,或者如果你只想要一个主机,请尝试
hosts allow = 127.0.0.1 192.168.2.0/24 5.5.0.132
对于 IP 为 5.5.0.132 的主机