我在路由器上安装了 openvpn。一切运行良好。但是,当隧道启动时,我的路由器不再能从外部访问(我有一个“白色”专用地址)。数据包到达外部接口,响应通过路由进入隧道 - 这很明显。但如何处理呢?
我无法显示服务器配置(这是 ProtonVPN),但我可以显示客户端配置 - 这是标准的
client
dev tun
proto udp
remote X.X.X.X 80
server-poll-timeout 20
remote-random
resolv-retry infinite
nobind
# The following setting is only needed for old OpenVPN clients compatibility. New clients
# automatically negotiate the optimal cipher.
cipher AES-256-CBC
auth SHA512
verb 3
setenv CLIENT_CERT 0
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
reneg-sec 0
remote-cert-tls server
auth-user-pass
pull
fast-io
block-outside-dns
<ca>
-----BEGIN CERTIFICATE-----
MIIFozCCA4ugAwIBAgIBATANBgkqhkiG9w0BAQ0FADBAMQswCQYDVQQGEwJDSDEV
...............................
-----END CERTIFICATE-----
</ca>
key-direction 1
<tls-auth>
# 2048 bit OpenVPN static key
-----BEGIN OpenVPN Static key V1-----
6acef03f62675b4b1bbd03e53b187727
.........
-----END OpenVPN Static key V1-----
</tls-auth>
答案1
一切都变得简单了。(谁会读文档?)你只需要不接受来自服务器的默认网关:
拉动过滤器忽略“路由网关”