Linux
連接到 Centos openvpn 但沒有外部網際網路訪問
我正在使用 Windows 7 連接到執行 CentOS 6.4 的 VPS 伺服器
首先,我已經閱讀了每一篇文章,只是找不到解決我問題的方法
我用 openvpn 配置了我的 VPN 伺服器,並且在嘗試了 4 個月後終於讓它工作了……
所以我必須連接到我的伺服器,這是一個突破但是,我無法訪問網際網路:(我不確定你們都需要看到什麼才能提供幫助,但我會發布我知道可能相關的內容
據我了解,我已經正確配置了openvpn,因為我可以成功連接到伺服器
我不知道我用的是什麼防火牆,我猜它叫 iptables
iptables # Generated by iptables-save v1.4.7 on Thu Feb 13 17:10:07 2014 *nat :PREROUTING ACCEPT [721:50130] :POSTROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE COMMIT # Completed on Thu Feb 13 17:10:07 2014 # Generated by iptables-save v1.4.7 on Thu Feb 13 17:10:07 2014 *filter :INPUT DROP [886:120871] :FORWARD DROP [0:0] :OUTPUT ACCEPT [1209:156538] -A INPUT -p udp --dport 1194 -j ACCEPT -A INPUT -i tun+ -j ACCEPT -A FORWARD -i tun+ -j ACCEPT -A OUTPUT -m state --state NEW -o eth0 -j ACCEPT -A FORWARD -m state --state NEW -o eth0 -j ACCEPT -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p tcp -m tcp --dport 22 -m comment --comment "SSH" -j ACCEPT -A INPUT -p tcp -m tcp --dport 5252 -m comment --comment "SecureSSH" -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type 8 -m state --state NEW,RELATED,ESTABLISHED$ -A INPUT -i lo -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A OUTPUT -p icmp -m icmp --icmp-type 0 -m state --state RELATED,ESTABLISHED -j$ COMMIT # Completed on Thu Feb 13 17:10:07 2014和
ifconfig eth0 Link encap:Ethernet HWaddr 00:1D:D8:B7:22:17 inet addr:41.185.26.95 Bcast:41.185.26.255 Mask:255.255.255.0 inet6 addr: fe80::21d:d8ff:feb7:2217/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:6598 errors:0 dropped:0 overruns:0 frame:0 TX packets:464 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:545682 (532.8 KiB) TX bytes:51265 (50.0 KiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:141 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:7352 (7.1 KiB) TX bytes:0 (0.0 b)如果有人需要別的什麼,就問吧,我在這裡真的很掙扎,我不知道還能做什麼……
如果有人有建議,我仍然是 linux 新手,所以請解釋我需要做什麼並在需要時提供程式碼,我將不勝感激
提前致謝
我編輯了我的 iptables :)
# Generated by iptables-save v1.4.7 on Thu Feb 13 17:10:07 2014 *nat :PREROUTING ACCEPT [721:50130] :POSTROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE COMMIT # Completed on Thu Feb 13 17:10:07 2014 # Generated by iptables-save v1.4.7 on Thu Feb 13 17:10:07 2014 *filter :INPUT DROP [886:120871] :FORWARD DROP [0:0] :OUTPUT ACCEPT [1209:156538] -A INPUT -p tcp --dport 443 -j ACCEPT -A INPUT -i tun0 -j ACCEPT -A FORWARD -i tun0 -o eth0 -j ACCEPT -A FORWARD -i eth0 -o tun0 -j ACCEPT -A OUTPUT -m state --state NEW -o eth0 -j ACCEPT -A FORWARD -m state --state NEW -o eth0 -j ACCEPT -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p tcp -m tcp --dport 22 -m comment --comment "SSH" -j ACCEPT -A INPUT -p tcp -m tcp --dport 5252 -m comment --comment "SecureSSH" -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type 8 -m state --state NEW,RELATED,ESTABLISHED -j A$ -A INPUT -i lo -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A OUTPUT -p icmp -m icmp --icmp-type 0 -m state --state RELATED,ESTABLISHED -j ACCE$ COMMIT # Completed on Thu Feb 13 17:10:07 2014在職的!!!
正如你沒有提到它值得一試……你是否啟用了 ipv4 轉發?
sysctl net.ipv4.ip_forward=1如果可行,請編輯 /etc/sysctl.conf 並添加或編輯
# Controls IP packet forwarding net.ipv4.ip_forward =1還要檢查您是否從伺服器推送了合適的路由,
push "redirect-gateway"或者
push "redirect-gateway def1"
您也可以告訴網路管理器外掛不要通過 VPN 路由流量。下面有一個選項
IPv4 Settings- 點擊Routes按鈕,然後選中旁邊的框Use this connection only for resources on its network,看看是否有效。蘇蘭加