Debian

無法通過 Debian 8 上的 OpenVPN 路由流量

  • July 21, 2015

我一直在嘗試設置 OpenVPN,但遇到了一些麻煩,我似乎無法通過伺服器路由我的所有流量。我可以很好地連接到伺服器,但是一旦連接,我似乎無法 ping 伺服器或來自客戶端的任何流量通過伺服器推送。

伺服器配置文件

local 94.23.xxx.xxx
port 1194
proto udp
dev tun
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 10.8.0.0 255.255.255.0"
;push "redirect-gateway def1 bypass-dhcp" 
;push "redirect-gateway def1"
push "dhcp-option DNS 208.67.220.222"
push "dhcp-option DNS 208.67.220.220"

當我取消註釋時 ;push “redirect-gateway def1 bypass-dhcp” 或 ;push “redirect-gateway def1” 我失去了與我的伺服器的連接並且必須將它們註釋掉。

我認為我配置 iptables 的方式可能有問題

iptables -L -v -n --line-numbers
Chain INPUT (policy ACCEPT 147K packets, 12M bytes)
num   pkts bytes target     prot opt in     out     source               destination
1        0     0 ACCEPT     all  --  tun0   *       0.0.0.0/0            0.0.0.0/0

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination
1        0     0 ACCEPT     all  --  tun0   *       0.0.0.0/0            0.0.0.0/0
2        0     0 ACCEPT     all  --  tun0   eth0    0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
3        0     0 ACCEPT     all  --  eth0   tun0    0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
4        0     0 ACCEPT     all  --  *      eth0    10.8.0.0/24          0.0.0.0/0

Chain OUTPUT (policy ACCEPT 260K packets, 606M bytes)
num   pkts bytes target     prot opt in     out     source               destination

netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         94.23.xxx.xxx    0.0.0.0         UG        0 0          0 eth0
10.8.0.0        10.8.0.2        255.255.255.0   UG        0 0          0 tun0
10.8.0.1        10.8.0.5        255.255.255.255 UGH       0 0          0 tun1
10.8.0.2        0.0.0.0         255.255.255.255 UH        0 0          0 tun0
10.8.0.5        0.0.0.0         255.255.255.255 UH        0 0          0 tun1
94.23.xxx.xxx      0.0.0.0         255.255.255.0   U         0 0          0 eth0

如果需要,我很樂意提供更多細節乾杯!

看起來我忘記將 client.conf 從 /etc/openvpn/ 目錄中移動,所以當我取消註釋這些行時,它只是循環了伺服器內伺服器的所有流量!嗬!

引用自:https://serverfault.com/questions/707017