我想在我的家庭服务器上运行 VPN,一位朋友建议我使用 PiVPN,尽管我在 Debian 9 上运行它,因为它易于设置。我安装它以通过 TCP 连接(故意的决定,我试图绕过工作场所代理)并确保一切都配置正确,静态 IP 和一切。当我尝试使用它给我的 .ovpn 文件进行连接时(通过 Ubuntu 19.04 的网络管理器),由于超时而无法连接。这对我来说似乎很奇怪(我在邻居家测试它)所以我检查了 /var/log/syslog:
Oct 29 21:34:27 Archimedes nm-openvpn[28489]: OpenVPN 2.4.6 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2019
Oct 29 21:34:27 Archimedes nm-openvpn[28489]: library versions: OpenSSL 1.1.1b 26 Feb 2019, LZO 2.10
Oct 29 21:34:27 Archimedes nm-openvpn[28489]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Oct 29 21:34:28 Archimedes nm-openvpn[28489]: TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xxx.xxx:443
Oct 29 21:34:28 Archimedes nm-openvpn[28489]: Attempting to establish TCP connection with [AF_INET]xxx.xxx.xxx.xxx:443 [nonblock]
Oct 29 21:34:30 Archimedes nm-openvpn[28489]: TCP connection established with [AF_INET]xxx.xxx.xxx.xxx:443
Oct 29 21:34:30 Archimedes nm-openvpn[28489]: TCP_CLIENT link local: (not bound)
Oct 29 21:34:30 Archimedes nm-openvpn[28489]: TCP_CLIENT link remote: [AF_INET]xxx.xxx.xxx.xxx:443
Oct 29 21:34:30 Archimedes nm-openvpn[28489]: NOTE: chroot will be delayed because of --client, --pull, or --up-delay
Oct 29 21:34:30 Archimedes nm-openvpn[28489]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Oct 29 21:34:31 Archimedes nm-openvpn[28489]: Connection reset, restarting [0]
Oct 29 21:34:31 Archimedes nm-openvpn[28489]: SIGUSR1[soft,connection-reset] received, process restarting
Oct 29 21:34:36 Archimedes nm-openvpn[28489]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Oct 29 21:34:36 Archimedes nm-openvpn[28489]: TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xxx.xxx:443
Oct 29 21:34:36 Archimedes nm-openvpn[28489]: Attempting to establish TCP connection with [AF_INET]xxx.xxx.xxx.xxx:443 [nonblock]
Oct 29 21:34:37 Archimedes nm-openvpn[28489]: TCP connection established with [AF_INET]xxx.xxx.xxx.xxx:443
Oct 29 21:34:37 Archimedes nm-openvpn[28489]: TCP_CLIENT link local: (not bound)
Oct 29 21:34:37 Archimedes nm-openvpn[28489]: TCP_CLIENT link remote: [AF_INET]xxx.xxx.xxx.xxx:443
Oct 29 21:34:37 Archimedes nm-openvpn[28489]: Connection reset, restarting [0]
Oct 29 21:34:37 Archimedes nm-openvpn[28489]: SIGUSR1[soft,connection-reset] received, process restarting
重复了几次,最后
Oct 29 21:35:27 Archimedes NetworkManager[1218]: <warn> [1572399327.6425] vpn-connection[0x55ad1824c700,91094ad9-b7ac-4022-928e-6a286ffe18ef,"plato-Archimedes",0]: VPN connection: connect timeout exceeded.
Oct 29 21:35:27 Archimedes nm-openvpn-serv[28486]: Connect timer expired, disconnecting.
Oct 29 21:35:27 Archimedes nm-openvpn[28489]: SIGTERM[hard,init_instance] received, process exiting
Oct 29 21:35:27 Archimedes NetworkManager[1218]: <warn> [1572399327.6513] vpn-connection[0x55ad1824c700,91094ad9-b7ac-4022-928e-6a286ffe18ef,"plato-Archimedes",0]: VPN plugin: failed: connect-failed (1)
Oct 29 21:35:27 Archimedes NetworkManager[1218]: <info> [1572399327.6514] vpn-connection[0x55ad1824c700,91094ad9-b7ac-4022-928e-6a286ffe18ef,"plato-Archimedes",0]: VPN plugin: state changed: stopping (5)
Oct 29 21:35:27 Archimedes NetworkManager[1218]: <info> [1572399327.6514] vpn-connection[0x55ad1824c700,91094ad9-b7ac-4022-928e-6a286ffe18ef,"plato-Archimedes",0]: VPN plugin: state changed: stopped (6)
我认为这可能是防火墙问题(我可能偏离了主题 - 我对 Linux 和网络还不太熟悉)因此我检查了服务器端的 /var/log/ufw.log,其中只包含一行:
Oct 29 21:21:45 plato-debian kernel: [ 1752.752849] [UFW BLOCK] IN=enp3s0 OUT= MAC=33:33:00:00:00:01:48:45:20:8f:e4:ef:86:dd SRC=fe80:0000:0000:0000:9526:95e6:224a:04d7 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=229 TC=0 HOPLIMIT=1 FLOWLBL=862228 PROTO=UDP SPT=27036 DPT=27036 LEN=189
我注意到 SRC 块看起来像一个 IPv6 地址,而我以为我是尝试使用 IPv4 进行连接。即便如此,防火墙也应该让我通过。
有人知道如何解决这个问题吗?如果不知道,至少知道出了什么问题?