OpenVPN 客户端与 OpenVPN 服务器的子网不匹配

OpenVPN 客户端与 OpenVPN 服务器的子网不匹配

我设置了一个 OpenVPN 服务器-客户端,VPN IP 为:10.99.0.0/20,但客户端的子网为 /24

服务器:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: thcclnohiyi2frl: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 100
    link/ether 46:ee:65:f4:78:a7 brd ff:ff:ff:ff:ff:ff
    inet 10.99.0.1/20 brd 10.99.15.255 scope global thcclnohiyi2frl
       valid_lft forever preferred_lft forever
310: eth0@if311: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:ac:12:00:16 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 172.18.0.22/16 brd 172.18.255.255 scope global eth0
       valid_lft forever preferred_lft forever

客户:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
3: eth0@if1384: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP group default 
    link/ether 8e:ec:e1:90:78:d3 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.244.2.239/24 brd 10.244.2.255 scope global eth0
       valid_lft forever preferred_lft forever
4: kengine: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 100
    link/ether 0a:36:9d:4a:67:cb brd ff:ff:ff:ff:ff:ff
    inet 10.99.0.2/24 brd 10.99.0.255 scope global kengine
       valid_lft forever preferred_lft forever

服务器配置:

port 10021
proto tcp-server
reneg-sec 0
explicit-exit-notify 0
dev-type tap
dev thcclnohiyi2frl
ca ca.crt
cert bke-vpn.crt
key bke-vpn.key                                                                                                                                       
dh dh.pem                                                                
key-direction 0                                                                                                                                       
<tls-auth>                                                                                          
</tls-auth>                                   
server 10.99.0.0/20 255.255.240.0 
route-up scripts/thcclnohiyi2frl-fw-up.sh                                                                                      
down scripts/thcclnohiyi2frl-fw-down.sh   
script-security 3           
client-config-dir ccd/thcclnohiyi2frl          
client-to-client            
keepalive 20 60                                
comp-lzo  
persist-key     
persist-tun
status /var/log/openvpn/thcclnohiyi2frl/openvpn-status.log
log-append /var/log/openvpn/thcclnohiyi2frl/openvpn.log
verb 3             
mute 20  

客户端配置

client
dev kengine
dev-type tap
reneg-sec 0
proto tcp-client
remote xxx.xx.xx.xxx 10021
resolv-retry infinite
nobind
<ca>
<key>
<cert>
remote-cert-tls server
key-direction 1
script-security 3
keepalive 10 60
persist-key
persist-tun
comp-lzo
verb 3
pull-filter ignore "route-gateway"

那么有人能帮助我知道为什么以及如何解决这些问题吗?

答案1

您的服务器配置文件似乎有错误。

server 10.99.0.0/20 255.255.240.0

应该:

server 10.99.0.0 255.255.240.0

相关内容