OpenVPN 无法连接 Ubuntu 17.10

tag-icon tag-icon linux ubuntu openvpn
OpenVPN 无法连接 Ubuntu 17.10 
sudo openvpn --auth-nocache --config Downloads/ubuntu.ovpn 
[sudo] password for chris: 
Fri Dec 15 09:34:04 2017 OpenVPN 2.4.3 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul  3 2017
Fri Dec 15 09:34:04 2017 library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08
Fri Dec 15 09:34:05 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]81.153.56.141:1194
Fri Dec 15 09:34:05 2017 UDP link local: (not bound)
Fri Dec 15 09:34:05 2017 UDP link remote: [AF_INET]81.153.56.141:1194
Fri Dec 15 09:34:08 2017 [server] Peer Connection Initiated with [AF_INET]81.153.56.141:1194
Fri Dec 15 09:34:09 2017 TUN/TAP device tun0 opened
Fri Dec 15 09:34:09 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Fri Dec 15 09:34:09 2017 /sbin/ip link set dev tun0 up mtu 1500
Fri Dec 15 09:34:09 2017 /sbin/ip addr add dev tun0 10.8.0.4/24 broadcast 10.8.0.255
Fri Dec 15 09:34:09 2017 Initialization Sequence Completed

该配置在 Android、Windows 和 Mac 上运行良好,因此我推测这是 Ubuntu 17.10 的问题

它不工作有什么原因吗?这是服务器配置;

dev tun
proto udp
port 1194
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/server.crt
key /etc/openvpn/easy-rsa/pki/private/server.key
dh /etc/openvpn/easy-rsa/pki/dh4096.pem
topology subnet
server 10.8.0.0 255.255.255.0
# server and remote endpoints
# ifconfig 10.8.0.1 10.8.0.2
# Add route to Client routing table for the OpenVPN Server
# push "route 10.8.0.1 255.255.255.255"
# Add route to Client routing table for the OPenVPN Subnet
# push "route 10.8.0.0 255.255.255.0"
# your local subnet
# push "route 0.0.0.0 "
# Set your primary domain name server address for clients
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
# Override the Client default gateway by using 0.0.0.0/1 and
# 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of
# overriding but not wiping out the original default gateway.
push "redirect-gateway def1"
client-to-client
duplicate-cn
keepalive 10 120
tls-version-min 1.2
tls-auth /etc/openvpn/easy-rsa/pki/ta.key 0
cipher AES-256-CBC
auth SHA256
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
crl-verify /etc/openvpn/crl.pem
status /var/log/openvpn-status.log 20
status-version 3
log /var/log/openvpn.log
verb 1

但是我无法连接到任何服务器或服务,例如,192.168.1.100:6789这个 IP 可以在所有其他设备上使用,包括 Android、Mac 和 Windows,但不能在 Linux 上使用

答案1

我认为这只是语法错误。Linux 不喜欢这部分 - ifconfig 10.8.0.1 10.8.0.2 - push "route 10.8.0.1 255.255.255.255"
如果你从服务器配置中删除它,我认为它会起作用

答案2

我不太确定,但我认为您不需要将路由推送到服务器和本地子网。(推送“路由 10.8.0.1 255.255.255.255”和推送“路由 10.8.0.0 255.255.255.0”)您有拓扑子网和服务器 10.8.0.0 255.255.255.0 这将为您的客户端提供路由而无需推送它。尝试注释这两行。

相关内容