将 OpenVPN 连接从 Raspberry Pi 设备传递到子网中仅一个特定设备时出现问题

tag-icon tag-icon networking vpn raspbian
将 OpenVPN 连接从 Raspberry Pi 设备传递到子网中仅一个特定设备时出现问题

我正在尝试弄清楚如何将 OpenVPN 连接从 Raspberry Pi 传递到设备 Raspberry Pi 上设置了 openVPN 连接。还通过主网关 (192.168.4.1) 为整个网络设置了 pi-hole

到目前为止我已经做到了:

在 Raspberry Pi 上为 VPN 流量设置 NAT,并使用 iptables 通过 tun0 接口允许流量到 roter(192.168.4.26)

sudo iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
sudo iptables -A FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i eth0 -o tun0 -j ACCEPT

VPN 在整个 192.168.1.0 子网上运行。 在此处输入图片描述 我想要实现的目标:

仅使一台所需设备使用 VPN,而所有其他设备都使用主网关 (192.168.4.1) 的正常连接

这是网络地图

https://ibb.co/y4VbjWq

这是 Raspberry Pi 上的 ifconfig:

eth0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet6 fe80::dea6:32ff:fe77:aad5  prefixlen 64  scopeid 0x20<link>
        ether dc:a6:32:77:aa:d5  txqueuelen 1000  (Ethernet)
        RX packets 201  bytes 20556 (20.0 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 35  bytes 4493 (4.3 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 963679  bytes 64497533 (61.5 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 963679  bytes 64497533 (61.5 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 10.2.4.41  netmask 255.255.255.0  destination 10.2.4.41
        inet6 fe80::5771:b937:4abf:a649  prefixlen 64  scopeid 0x20<link>
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 500  (UNSPEC)
        RX packets 526  bytes 261965 (255.8 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 44079  bytes 3212701 (3.0 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.4.134  netmask 255.255.252.0  broadcast 192.168.7.255
        inet6 fded:e1f6:da1:a0f7:d277:13d9:6c2a:a991  prefixlen 64  scopeid 0x0<global>
        inet6 fe80::967b:faf9:3b40:3a25  prefixlen 64  scopeid 0x20<link>
        inet6 fd63:24b9:a0e1:1:34ed:ea0c:a201:1feb  prefixlen 64  scopeid 0x0<global>
        ether dc:a6:32:77:aa:d6  txqueuelen 1000  (Ethernet)
        RX packets 158020  bytes 26009412 (24.8 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 92237  bytes 49728175 (47.4 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

花了几个小时尝试这样做... 我将非常感激任何有关如何做到这一点的线索。谢谢!

相关内容