使用 OpenVPN 连接两台服务器

tag-icon tag-icon openvpn centos5 linux-networking
使用 OpenVPN 连接两台服务器

伙计们,

我需要咨询。我需要连接两台位于不同地理位置的服务器。其中一台服务器位于 LeaseWeb,另一台位于我们莫斯科的办公室。

我使用 OpenVPN 进行隧道传输。我通过 安装了 OpenVPN yum -y install openvpn。之后,我尝试启动接口。

在第一台服务器上:

/usr/sbin/openvpn --remote 217.28.227.46 --dev tun1 --ifconfig 172.16.1.1 172.16.1.2 
Wed Jul 31 18:07:31 2013 OpenVPN 2.2.2 i686-redhat-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] built on Apr  5 2012
Wed Jul 31 18:07:31 2013 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Wed Jul 31 18:07:31 2013 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Wed Jul 31 18:07:31 2013 ******* WARNING *******: all encryption and authentication features disabled -- all data will be tunnelled as cleartext
Wed Jul 31 18:07:31 2013 TUN/TAP device tun1 opened
Wed Jul 31 18:07:31 2013 /sbin/ip link set dev tun1 up mtu 1500
Wed Jul 31 18:07:31 2013 /sbin/ip addr add dev tun1 local 172.16.1.1 peer 172.16.1.2
Wed Jul 31 18:07:31 2013 UDPv4 link local (bound): [undef]:1194
Wed Jul 31 18:07:31 2013 UDPv4 link remote: 217.28.227.46:1194
Wed Jul 31 18:07:41 2013 write UDPv4 []: No such process (code=3)
Wed Jul 31 18:07:51 2013 write UDPv4 []: No such process (code=3)
Wed Jul 31 18:08:02 2013 write UDPv4 []: No such process (code=3)
Wed Jul 31 18:08:12 2013 write UDPv4 []: No such process (code=3)

第二台服务器上的命令相同:

/usr/sbin/openvpn --remote 95.211.186.49 --dev tun1 --ifconfig 172.16.1.2 172.16.1.1
Wed Jul 31 18:08:41 2013 OpenVPN 2.2.2 i686-redhat-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] built on Apr  5 2012
Wed Jul 31 18:08:41 2013 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Wed Jul 31 18:08:41 2013 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Wed Jul 31 18:08:41 2013 ******* WARNING *******: all encryption and authentication features disabled -- all data will be tunnelled as cleartext
Wed Jul 31 18:08:41 2013 TUN/TAP device tun1 opened
Wed Jul 31 18:08:41 2013 /sbin/ip link set dev tun1 up mtu 1500
Wed Jul 31 18:08:41 2013 /sbin/ip addr add dev tun1 local 172.16.1.2 peer 172.16.1.1
Wed Jul 31 18:08:41 2013 UDPv4 link local (bound): [undef]:1194
Wed Jul 31 18:08:41 2013 UDPv4 link remote: 95.211.186.49:1194
Wed Jul 31 18:08:51 2013 write UDPv4 []: No such process (code=3)
Wed Jul 31 18:09:01 2013 write UDPv4 []: No such process (code=3)
Wed Jul 31 18:09:11 2013 write UDPv4 []: No such process (code=3)
Wed Jul 31 18:09:21 2013 write UDPv4 []: No such process (code=3)

接口已升级,似乎可以正常工作。不幸的是,我无法从第一台服务器 ping 通 IP 172.16.1.2。我介意这些有关 UDP 的消息。您能建议一下吗 - 我的主机是否阻止了 UDP?我给他们写了一条消息,他们说他们只阻止了 tcp/445 和 tcp/139(这是 LeaseWeb)。

总的来说,我省略了什么?

我的两台服务器都是 CentOS 5.9 x86。LeaseWeb 的服务器是 Xen DomU,第二个节点位于我们办公室的 KVM 虚拟机管理程序中。

谢谢。

相关内容