OpenVPN-路由问题

tag-icon tag-icon networking server iptables openvpn routing
OpenVPN-路由问题

服务器:Ubuntu 11(Openvz VPS)

客户:Windows 7的

问题

  • 客户端成功连接到 VPN,但进入 VPN 后无法访问互联网。

事实:

  • 一切基本默认
  • 是路由/网络问题。
  • iptables 是处女。100%
  • 没有其他活动的守护进程/服务(仅 VPN 端口监听)
  • 我在 Google 上搜索答案几个小时,得到了 12 页结果。

服务器命令的输出:

/etc/sysctl.conf

net.ipv4.ip_forward=1

/etc/openvpn/server.conf

port xxxx
proto udp
dev tun
ca MyCa.crt
cert Server.crt
key Server.key 
dh dh1024.pem
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
keepalive 10 120
cipher AES-128-CBC
max-clients 8
log-append  openvpn.log
persist-key
persist-tun
verb 9

网络状态监测

Gateway         Genmask         Flags   MSS Window        irtt          Iface
10.8.0.2        0.0.0.0         255.255.255.255 UH        0 0          0 tun0
10.8.0.0        10.8.0.2        255.255.255.0   UG        0 0          0 tun0
0.0.0.0         0.0.0.0         0.0.0.0         U         0 0          0 venet0

/etc/网络/接口

auto lo
iface lo inet loopback

auto venet0
iface venet0 inet manual
    up ifconfig venet0 up
    up ifconfig venet0 127.0.0.2
    up route add default dev venet0
    down route del default dev venet0
    down ifconfig venet0 down

iface venet0 inet6 manual
    up route -A inet6 add default dev venet0
    down route -A inet6 del default dev venet0

auto venet0:0
iface venet0:0 inet static
    address xxx.xxx.xxx.xxx
    netmask 255.255.255.255

auto venet0:1
iface venet0:1 inet static
    address xxx.xxx.xxx.xxx
    netmask 255.255.255.255

网络状态

gre0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
      NOARP  MTU:1476  Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

lo        Link encap:Local Loopback
      inet addr:127.0.0.1  Mask:255.0.0.0
      inet6 addr: :: Scope:Host
      UP LOOPBACK RUNNING  MTU:16436  Metric:1
      RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

venet0    Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
      inet addr:127.0.0.2  P-t-P:127.0.0.2  Bcast:0.0.0.0  Mask:255.255.255.255
      UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
      RX packets:217 errors:0 dropped:0 overruns:0 frame:0
      TX packets:175 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:23259 (23.2 KB)  TX bytes:29368 (29.3 KB)

venet0:0  Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
      inet addr:xxx.xxx.xxx.xxx  P-t-P:xxx.xxx.xxx.xxx  Bcast:0.0.0.0   Mask:255.255.255.255
      UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1

venet0:1  Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
      inet addr:in.ter.net.address  P-t-P:in.ter.net.address  Bcast:0.0.0.0  Mask:255.255.255.255
      UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1

解决方案或想法?

答案1

您的路由似乎设置不正确。路由到 0.0.0.0 网关不起作用 ;)

尝试运行此命令来设置正确的默认网关:

route add default gw GATEWAY_IP_ADDRESS

确保您也可以 ping 该地址。

如果这仍然不起作用,请告诉我...

相关内容