我已建立 VPN 连接,但路由或解析不起作用。配置取自http://louwrentius.com/blog/2011/12/setting-up-a-vpn-with-your-iphone-using-l2tp,-ipsec-and-linux/和http://blog.bertelsen.co/2012/02/debian-squeeze-l2tpipsec-vpn-server.html
在 vpn 服务器上,执行 ngrep 会得到以下内容,而 85.25.128.10 是 dns 服务器:
interface: ppp0 (10.0.1.200/255.255.255.255)
#
U 10.0.1.201:55631 -> 85.25.128.10:53
.............login.skype.com.....
#
U 10.0.1.201:55631 -> 85.25.128.10:53
.............login.skype.com.....
#
U 10.0.1.201:55631 -> 85.25.128.10:53
.............login.skype.com.....
#
U 10.0.1.201:55631 -> 85.25.128.10:53
.............login.skype.com.....
#
DNS 数据包发生了什么?我无法在 iPhone 客户端上加载任何网站。
编辑:这有效直到重定向:
####
T 10.0.1.201:51936 -> 10.0.1.200:80 [AP]
GET / HTTP/1.1..Host: 10.0.1.200..Connection: keep-alive..Accept-Encoding: gzip, deflate..User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 6_0_1 like Mac OS X) Apple
WebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A523 Safari/8536.25..Accept- Language: de-de..Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*
/*;q=0.8....
##
T 10.0.1.200:80 -> 10.0.1.201:51936 [AP]
HTTP/1.1 302 Found..Date: Sat, 01 Jun 2013 13:40:38 GMT..Server: Apache/2..X-Powered- By: PHP/5.3.3-7+squeeze15..Location: http://xxxxxxx.com/..Vary: Accept-Enco
ding..Content-Encoding: gzip..Content-Length: 20..Keep-Alive: timeout=15, max=100..Connection: Keep-Alive..Content-Type: text/html........................
##
答案1
解决方案:
iptables -t nat -A POSTROUTING -s 10.0.1.0/24 -o eth0 -j MASQUERADE