我的路由器(连接到 OpenVPN 服务器)内有一个 Samba 共享。我尝试用我的手机(连接到同一个 OpenVPN 服务器)挂载该共享,但不起作用。
我的(简化的)OpenVPN server.conf:
local my_ip_address
port port_number
proto tcp
dev tun
ca /path/to/ca.crt
cert /path/to/cert.crt
key /path/to/private.key # This file should be kept secret
dh /path/to//dh.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist /var/log/openvpn/ipp.txt
push "redirect-gateway ipv6 def1 bypass-dhcp"
push "dhcp-option DNS mydns_1"
push "dhcp-option DNS mydns_2"
client-to-client
keepalive 10 120
tls-auth /path/to//ta.key 0 # This file is secret
cipher top_secret
user nobody
group nogroup
persist-key
persist-tun
status /path/to/openvpn-status.log
log /path/to/openvpn.log
log-append /path/to/openvpn.log
verb 4
auth-user-pass-optional
plugin /path/to/openvpn-plugin-auth-pam.so login
client-config-dir ccd
route 192.168.70.0 255.255.255.0
push "route 192.168.70.0 255.255.255.0"
server-ipv6 my_ipv6
push tun-ipv6
push "route-ipv6 my_ipv6"
push "route-ipv6 2000::/3"
push "dhcp-option DNS myipv6dns"
push "dhcp-option DNS myipv6dns"
## My reducted smb.conf:
[global]
workgroup = WORKGROUP
netbios name = home.mustafejen.se
interfaces = driver_name
domain master = yes
domain logons = yes
wins support = yes
dns proxy = yes
hostname lookups = yes
name resolve order = wins lmhosts host bcast
smb ports = 445 139 138 137
log file = /var/log/samba/log.%m
max log size = 1000
logging = file
panic action = /usr/share/samba/panic-action %d
server role = standalone server
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
map to guest = bad user
usershare allow guests = yes
printing = cups
printcap = cups
[printers]
comment = All Printers
browseable = yes
path = /var/spool/samba
printable = yes
guest ok = yes
read only = yes
create mask = 0700
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
read only = no
guest ok = yes
[samba-share]
comment = Samba on Debian
#valid users = user1, user2, user3
path = /home/me/Musik
read only = yes
guest ok = yes
hosts.allow = 192.168.70.0/24 10.8.0.0/24 127.0.0.1
browsable = yes
[mappen]
comment = Samba on Debian
valid users = per
path = /home/me
writable = yes
guest ok = no
#hosts.allow =
browsable = yes
## Attempt to show routing table on OpenVPN server
netstat -nr
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 172.31.1.1 0.0.0.0 UG 0 0 0 eth0
10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
10.8.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
172.31.1.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
185.12.64.1 172.31.1.1 255.255.255.255 UGH 0 0 0 eth0
185.12.64.2 172.31.1.1 255.255.255.255 UGH 0 0 0 eth0
192.168.70.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
(192.168.70.0 在我的路由器内部,也是我的 Samba 共享所在的位置)
我的路由器和手机都有来自 10.8.0.0 子网的地址。OpenVPN 服务器成功重定向来自我的 PC(路由器内部)和手机(路由器外部)的流量。
当我尝试挂载共享时,我的 smb.log 没有输出任何内容,甚至没有收到错误消息。
Android Cx 文件资源管理器给出超时错误。
编辑:我注意到一件事:我可以 ping 10.8.0.1,但不能 ping 路由表网关 10.8.0.2