我有一个位于 3 个物理位置的网络。首先,我有一台称为 PC1 的 PC,配置为 OpenVpn 客户端,IP 地址为 10.8.0.3。其次,我有一台路由器,配置为 OpenVpn 服务器。第三,我有另一台路由器,配置为 OpenVpn 客户端。实际上,OpenVpn 工作正常,从 PC1 可以 ping 通 10.8.0.2。
Router 1 | Router 2
________________ | ________________
| OpenVpnServer | | | OpenVpnClient |
| 10.8.0.1 |<-----------| 10.8.0.2 |
|________________| | | ---------------|
/|\ | | 169.254.11.254 |
| | |________________|
________|______________| /|\
| | |
PC 1 (10.8.0.3) | PC2 (169.254.11.23)
Openvpn client |
我想要实现的是通过对 169.254.11.23 执行 ping 操作从 PC1 ping PC2。我认为有必要根据我的需求修改路由表,但我不知道该怎么做。我尝试修改 PC1 和路由器 1 和 2 上的一些路由规则,但没有成功。下面我将报告网络每个点的实际配置:
PC1 路线:
Route attive:
Indirizzo rete Mask Gateway Interfaccia Metri
0.0.0.0 0.0.0.0 192.168.138.3 192.168.139.43 25
10.8.0.0 255.255.255.0 On-link 10.8.0.3 276
10.8.0.3 255.255.255.255 On-link 10.8.0.3 276
10.8.0.255 255.255.255.255 On-link 10.8.0.3 276
25.0.0.0 255.0.0.0 On-link 25.36.0.209 9256
25.36.0.209 255.255.255.255 On-link 25.36.0.209 9256
25.255.255.255 255.255.255.255 On-link 25.36.0.209 9256
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.11.0 255.255.255.0 10.8.0.1 10.8.0.3 21
192.168.138.0 255.255.254.0 On-link 192.168.139.43 281
192.168.139.43 255.255.255.255 On-link 192.168.139.43 281
192.168.139.255 255.255.255.255 On-link 192.168.139.43 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 25.36.0.209 9256
224.0.0.0 240.0.0.0 On-link 10.8.0.3 276
224.0.0.0 240.0.0.0 On-link 192.168.139.43 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 25.36.0.209 9256
255.255.255.255 255.255.255.255 On-link 10.8.0.3 276
255.255.255.255 255.255.255.255 On-link 192.168.139.43 281
Openvpn 客户端配置:
client
ip-win32 ipapi
;float
dev tun
proto udp
remote xxx.duckdns.org 1194
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
ca ca.crt
cert client4.crt
key client4.key
remote-cert-tls server
comp-lzo
verb 3
Router1 路由:
Destination Gateway Genmask Flags Metric Ref Use Iface
default 192.168.1.20 0.0.0.0 UG 0 0 0 vlan2
10.8.0.0 * 255.255.255.0 U 0 0 0 tun0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
192.168.0.0 * 255.255.255.0 U 0 0 0 br0
192.168.1.0 * 255.255.255.0 U 0 0 0 vlan2
openvpn服务器配置:
push "route 192.168.0.0 255.255.255.0"
push "dhcp-option DNS 8.8.8.8"
server 10.8.0.0 255.255.255.0
dev tun0
proto udp
keepalive 10 60
dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem
路由器2路由:
Destination Gateway Genmask Flags Metric Ref Use Iface
10.64.64.64 * 255.255.255.255 UH 0 0 0 ppp0
10.8.0.0 * 255.255.255.0 U 0 0 0 tun11
169.254.11.0 * 255.255.255.0 U 0 0 0 br0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 10.64.64.64 0.0.0.0 UG 0 0 0 ppp0
openvpn客户端配置:
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
ca ca.crt
comp-lzo
verb 3