我已经在 Windows Server 2008 上配置了 OpenVPN 服务器,在 Windows 7 上配置了客户端。它们之间的连接正常,路由表中有一个服务器默认网关 (192.168.0.1),但我看不到网络中的其他机器,并且 TAP-Windows Adapter V9 的网关地址字段为空。我在服务器上添加了推送“redirect-gateway def1”,在客户端上添加了推送“redirect-gateway def1bypass-dhcp”,防火墙已关闭...请帮助我,因为我是 OpenVPN 的新用户,我花了很多时间尝试解决这个问题,但仍然一无所获:(
服务器.ovpn
mode server
local 192.168.0.197
port 1194
proto udp
dev tap0
persist-key
persist-tun
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\albaserver.crt"
key "C:\\Program Files\\OpenVPN\\config\\albaserver.key"
dh "C:\\Program Files\\OpenVPN\\config\\dh1024.pem"
tls-auth "C:\\Program Files\\OpenVPN\\config\\ta.key" 0
cipher BF-CBC
comp-lzo
server-bridge 192.168.0.197 255.255.255.0 192.168.0.171 192.168.0.180
push "dhcp-option DNS 192.168.0.1"
push "redirect-gateway def1"
max-clients 10
user nobody
group nogroup
keepalive 10 120
status openvpn-status.log
客户端.ovpn
client
dev tap0
proto udp
remote my_remote_server_address 1194
nobind
resolv-retry infinite
persist-key
persist-tun
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\albaclient2.crt"
key "C:\\Program Files\\OpenVPN\\config\\albaclient2.key"
tls-auth "C:\\Program Files\\OpenVPN\\config\\ta.key" 1
push "redirect-gateway def1 bypass-dhcp"
cipher BF-CBC
comp-lzo
服务器日志
Mon Jul 22 13:34:46 2013 NOTE: --user option is not implemented on Windows
Mon Jul 22 13:34:46 2013 NOTE: --group option is not implemented on Windows
Mon Jul 22 13:34:46 2013 OpenVPN 2.3.2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11]
[eurephia] [IPv6] built on Jun 3 2013
Mon Jul 22 13:34:46 2013 NOTE: when bridging your LAN adapter with the TAP adapter, note
that the new bridge adapter will often take on its own IP address that is different from what the LAN adapter was previously set to
Mon Jul 22 13:34:46 2013 NOTE: your local LAN uses the extremely common subnet address
192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same
subnet.
Mon Jul 22 13:34:47 2013 Control Channel Authentication: using 'C:\Program Files\OpenVPN
\config\ta.key' as a OpenVPN static key file
Mon Jul 22 13:34:47 2013 open_tun, tt->ipv6=0
Mon Jul 22 13:34:47 2013 TAP-WIN32 device [Po?czenie lokalne 3] opened: \\.\Global
\{4E9F5624-F9C6-47F8-BA83-FF44BD7E8F62}.tap
Mon Jul 22 13:34:47 2013 Sleeping for 10 seconds...
Mon Jul 22 13:34:57 2013 Successful ARP Flush on interface [25] {4E9F5624-F9C6-47F8-
BA83-FF44BD7E8F62}
Mon Jul 22 13:34:57 2013 UDPv4 link local (bound): [AF_INET]192.168.0.197:1194
Mon Jul 22 13:34:57 2013 UDPv4 link remote: [undef]
Mon Jul 22 13:34:57 2013 Initialization Sequence Completed
Mon Jul 22 13:35:25 2013 ADDRESS:64329 [albaclient2] Peer Connection Initiated with
[AF_INET]ADDRESS:64329
Mon Jul 22 13:35:25 2013 albaclient2/ADDRESS:64329 MULTI_sva: pool returned
IPv4=192.168.0.171, IPv6=(Not enabled)
Mon Jul 22 13:35:28 2013 albaclient2/ADDRESS:64329 send_push_reply(): safe_cap=940
客户端日志
Mon Jul 22 13:35:15 2013 OpenVPN 2.3.2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Jun 3 2013
Mon Jul 22 13:35:15 2013 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Mon Jul 22 13:35:16 2013 Control Channel Authentication: using 'C:\Program Files\OpenVPN\config\ta.key' as a OpenVPN static key file
Mon Jul 22 13:35:16 2013 UDPv4 link local: [undef]
Mon Jul 22 13:35:16 2013 UDPv4 link remote: [AF_INET]MY REMOTE SERVER ADDRESS:1194
Mon Jul 22 13:35:22 2013 [albaserver] Peer Connection Initiated with [AF_INET]MY REMOTE
SERVER ADDRESS:1194
Mon Jul 22 13:35:25 2013 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mon Jul 22 13:35:25 2013 open_tun, tt->ipv6=0
Mon Jul 22 13:35:25 2013 TAP-WIN32 device [Po?czenie lokalne 2] opened: \\.\Global
\{D5B721DA-C466-472E-846B-A1915686F314}.tap
Mon Jul 22 13:35:25 2013 Notified TAP-Windows driver to set a DHCP IP/netmask of
192.168.0.171/255.255.255.0 on interface {D5B721DA-C466-472E-846B-A1915686F314} [DHCP-serv: 192.168.0.0, lease-time: 31536000]
Mon Jul 22 13:35:25 2013 Successful ARP Flush on interface [45] {D5B721DA-C466-472E-
846B-A1915686F314}
Mon Jul 22 13:35:30 2013 Initialization Sequence Completed