pfsense openvpn 问题“无法解析/解析主机/网络的路由:192.168.0.0”

tag-icon tag-icon openvpn pfsense
pfsense openvpn 问题“无法解析/解析主机/网络的路由:192.168.0.0”

问题:

  • 无法 ping 通内部网络
  • 客户端有时会获取 DHCP 地址

  • 日志文件中的错误

    2017 年 2 月 19 日星期日 12:49:17 OpenVPN ROUTE:无法解析/解析主机/网络的路由:192.168.0.0

    2017 年 2 月 19 日星期日 12:49:17 OpenVPN ROUTE:OpenVPN 需要 --route 选项的网关参数,但 --route-gateway 或 --ifconfig 选项均未指定默认值

服务器设置

Server Mode: Remote Access (SSL/TLS)
Protocol: UDP
Device Mode: TAP
Interface: WAN
Local port: 1194
Description: *************

Crypto Settings:

TLS Authentication: Check both check boxes
Peer Certificate Authority: Use the CA we created ealier
Peer Revoke List: 
Server Certificate: Mobile
DH Paramters Length: 2048
Encryption Algorithm: AES-256-CBC
Hardware Crypto: No
Cert Depth: One

tunnel Settings
Tunnel Network: Blank
Bridge DHCP: Checked
Bridge Interface: LAN
Server DHCP Start/Stop: Blank
Redirect Gateway: Unchecked
Concurrent Connections: self explanatory
Compression: checked
TOS: unchecked
Inter-client communication: Checked
Duplicate connections: Blank

Custom options: push "route 192.168.0.0 255.255.255.0"

客户端配置:

dev tap
persist-tun
persist-key
cipher AES-256-CBC
auth SHA1
tls-client
client
resolv-retry infinite
remote FQDN 1194 udp
verify-x509-name "Mobile Users Certificate" name
pkcs12 firewall-udp-1194-[UserName].p12
tls-auth firewall-udp-1194-[UserName]-tls.key 1
ns-cert-type server
comp-lzo adaptive

有问题的使用日志文件

Sun Feb 19 12:49:14 2017 OpenVPN 2.4.0 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Dec 27 2016
Sun Feb 19 12:49:14 2017 Windows version 6.1 (Windows 7) 64bit
Sun Feb 19 12:49:14 2017 library versions: OpenSSL 1.0.2i  22 Sep 2016, LZO 2.09
Enter Management Password:
Sun Feb 19 12:49:15 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]66.27.79.183:1194
Sun Feb 19 12:49:15 2017 UDP link local (bound): [AF_INET][undef]:1194
Sun Feb 19 12:49:15 2017 UDP link remote: [AF_INET][IP]:1194
Sun Feb 19 12:49:16 2017 [Mobile Users Certificate] Peer Connection Initiated with [AF_INET]66.27.79.183:1194
Sun Feb 19 12:49:17 2017 OpenVPN ROUTE: OpenVPN needs a gateway parameter for a --route option and no default was specified by either --route-gateway or --ifconfig options
Sun Feb 19 12:49:17 2017 OpenVPN ROUTE: failed to parse/resolve route for host/network: 192.168.0.0
Sun Feb 19 12:49:17 2017 OpenVPN ROUTE: OpenVPN needs a gateway parameter for a --route option and no default was specified by either --route-gateway or --ifconfig options
Sun Feb 19 12:49:17 2017 OpenVPN ROUTE: failed to parse/resolve route for host/network: 192.168.0.1
Sun Feb 19 12:49:17 2017 open_tun
Sun Feb 19 12:49:17 2017 TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{024DC9A5-CA6C-4D7A-BB5F-0FCF63C5F246}.tap
Sun Feb 19 12:49:17 2017 Successful ARP Flush on interface [18] {024DC9A5-CA6C-4D7A-BB5F-0FCF63C5F246}
Sun Feb 19 12:49:22 2017 Initialization Sequence Completed
Sun Feb 19 12:49:22 2017 Register_dns request sent to the service

有时客户端会获得本地 IP,有时却得不到...

相关内容