Openvpn
我只能使用 IPv6 而不是 IPv4 連接到 OpenVPN 伺服器
我在 Synology Router 上設置了 OpenVPN 伺服器,但無法讓 IPv4 和 IPv6 連接正常工作。最初,我在弄清楚這一點時非常頭疼,但我已將其縮小到這一點:我可以通過它的 IPv6 地址成功連接到我的 OpenVPN 伺服器,但每次僅通過 IPv4 地址連接都會失敗。
我正在通過使用 DDNS 設置的域名進行連接。如果我手動將記錄設置為僅 IPv4 地址,它當然會失敗。一旦我更新 IPv6 記錄,它就會正常工作。
我已經在幾個不同的客戶端和網路上對此進行了測試,以確保它不是我的客戶端所在的網路。
這是我的伺服器配置: 伺服器配置
和客戶端配置文件:
dev tun tls-client remote my.domain.com 1194 redirect-gateway def1 pull proto udp script-security 2 reneg-sec 0 auth SHA1 cipher AES-128-CBC auth-user-pass key-direction 1 comp-lzo explicit-exit-notify <ca> -----BEGIN CERTIFICATE----- -----END CERTIFICATE----- </ca> <tls-auth> -----BEGIN OpenVPN Static key V1----- -----END OpenVPN Static key V1----- </tls-auth>這是客戶端連接日誌文件,已針對個人資訊進行了編輯:
5/20/2020, 1:03:10 AM OpenVPN core 3.git::15c71c44 win x86_64 64-bit PT_PROXY built on Feb 19 2020 17:36:01 ⏎5/20/2020, 1:03:10 AM Frame=512/2048/512 mssfix-ctrl=1250 ⏎5/20/2020, 1:03:10 AM UNUSED OPTIONS 1 [tls-client] 4 [pull] 6 [script-security] [2] 13 [explicit-exit-notify] ⏎5/20/2020, 1:03:10 AM EVENT: RESOLVE ⏎5/20/2020, 1:03:10 AM EVENT: WAIT ⏎5/20/2020, 1:03:10 AM Contacting 104.232.115.21:1194 via UDP ⏎5/20/2020, 1:03:10 AM Connecting to [my.domain.com]:1194 (x.x.x.x) via UDPv4 ⏎5/20/2020, 1:03:20 AM Server poll timeout, trying next remote entry... ⏎5/20/2020, 1:03:20 AM EVENT: RECONNECTING ⏎5/20/2020, 1:03:20 AM EVENT: RESOLVE ⏎5/20/2020, 1:03:20 AM Contacting x.x.x.x:1194 via UDP ⏎5/20/2020, 1:03:20 AM Connecting to [my.domain.com]:1194 (x.x.x.x) via UDPv4 ⏎5/20/2020, 1:03:20 AM EVENT: WAIT ⏎5/20/2020, 1:03:30 AM Server poll timeout, trying next remote entry...5 次嘗試失敗,直到超時:
⏎5/20/2020, 1:04:10 AM EVENT: CONNECTION_TIMEOUT ⏎5/20/2020, 1:04:10 AM EVENT: DISCONNECTED現在嘗試 IPv6 地址
⏎5/20/2020, 1:04:46 AM OpenVPN core 3.git::15c71c44 win x86_64 64-bit PT_PROXY built on Feb 19 2020 17:36:01 ⏎5/20/2020, 1:04:46 AM Frame=512/2048/512 mssfix-ctrl=1250 ⏎5/20/2020, 1:04:46 AM UNUSED OPTIONS 1 [tls-client] 4 [pull] 6 [script-security] [2] 13 [explicit-exit-notify] ⏎5/20/2020, 1:04:46 AM EVENT: RESOLVE ⏎5/20/2020, 1:04:46 AM EVENT: WAIT ⏎5/20/2020, 1:04:46 AM Contacting x.x.x.x:1194 via UDP ⏎5/20/2020, 1:04:46 AM Connecting to [my.domain.com]:1194 (x.x.x.x) via UDPv4 ⏎5/20/2020, 1:04:56 AM Server poll timeout, trying next remote entry... ⏎5/20/2020, 1:04:56 AM EVENT: RECONNECTING ⏎5/20/2020, 1:04:56 AM EVENT: RESOLVE ⏎5/20/2020, 1:04:56 AM EVENT: WAIT ⏎5/20/2020, 1:04:56 AM Contacting 104.232.115.21:1194 via UDP ⏎5/20/2020, 1:04:56 AM Connecting to [my.domain.com]:1194 (x.x.x.x) via UDPv4 ⏎5/20/2020, 1:05:06 AM Server poll timeout, trying next remote entry... ⏎5/20/2020, 1:05:06 AM EVENT: RECONNECTING ⏎5/20/2020, 1:05:06 AM EVENT: RESOLVE ⏎5/20/2020, 1:05:06 AM EVENT: WAIT ⏎5/20/2020, 1:05:06 AM Contacting [xxxx::xxxx]:1194 via UDP ⏎5/20/2020, 1:05:06 AM Connecting to [my.domain.com]:1194 (xxxx::xxxx) via UDPv6 ⏎5/20/2020, 1:05:06 AM EVENT: CONNECTING ⏎5/20/2020, 1:05:06 AM Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client ⏎5/20/2020, 1:05:06 AM Creds: Username/Password ⏎5/20/2020, 1:05:06 AM Peer Info: IV_GUI_VER=OCmacOS_3.1.2-572 IV_VER=3.git::15c71c44 IV_PLAT=win IV_NCP=2 IV_TCPNL=1 IV_PROTO=2 IV_LZO_STUB=1 IV_COMP_STUB=1 IV_COMP_STUBv2=1 ⏎5/20/2020, 1:05:06 AM VERIFY OK : depth=1 Certificate Information ⏎5/20/2020, 1:05:06 AM VERIFY OK : depth=0 Certificate Information ⏎5/20/2020, 1:05:08 AM SSL Handshake: TLSv1.2/TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 ⏎5/20/2020, 1:05:08 AM Session is ACTIVE ⏎5/20/2020, 1:05:08 AM Sending PUSH_REQUEST to server... ⏎5/20/2020, 1:05:08 AM EVENT: GET_CONFIG ⏎5/20/2020, 1:05:09 AM EVENT: DISCONNECTED如您所見,使用 IPv6 地址時,它可以正常連接。但是當嘗試連接 IPv4 地址時,它每次都會失敗。這與我的 ISP 阻止某些 UDP 數據包有關嗎?我很好奇為什麼它只適用於 IPv6。
只花了幾個小時的故障排除,但我想通了,現在看起來很明顯,我不想承認。
在這一切開始時,我從 Synology 閱讀了一些需要在路由器上設置埠轉發規則的錯誤文件。但是他們忽略了提到如果您在路由器本身上使用 VPN 伺服器,您不應該這樣做!
我一起刪除了埠轉發規則,仔細檢查了我的防火牆規則並讓它正常工作。