Vpn
無法從 docker compose 連接到靜態 VPN
我正在嘗試在 docker-compose 中使用 openvpn 創建一個對稱 VPN 伺服器。這裡是:
--- version: "3" services: vpn: image: whitebox/vpn:0.2 networks: - standard tty: true ports: - "1194:1194/udp" volumes: - ./server:/home/server:ro - ./static.key:/home/static.key:ro cap_add: - NET_ADMIN - SYS_MODULE restart: always networks: standard: ipv4_address: "10.10.0.254" web: image: tutum/apache-php volumes: - ./web:/var/www/html:ro - ./client:/home/client:ro networks: standard: ipv4_address: "10.10.0.2" networks: standard: driver: bridge ipam: config: - subnet: 10.10.0.0/16當它啟動時,我(暫時)手動安裝 openvpn,做一些基本配置並啟動服務。一切似乎都很好,除了我無法從任何設備連接到它。
伺服器配置文件:
ifconfig 10.10.0.254 10.10.0.10 verb 3 secret static.key keepalive 1 10 persist-key persist-tun proto udp port 1195 dev tun status /home/vpn.log客戶端配置文件:
remote 192.168.37.137 1194 dev tun ifconfig 10.10.0.10 10.10.0.254 secret static.key奇怪的是,我嘗試在一個簡單的虛擬機上安裝完全相同的伺服器並且一切正常。客戶端可以連接到它並訪問 10.10.0.0/16 網路。雖然,這是客戶端的連接日誌:
Wed Aug 11 00:37:16 2021 TUN/TAP device tun0 opened Wed Aug 11 00:37:16 2021 /sbin/ip link set dev tun0 up mtu 1500 Wed Aug 11 00:37:16 2021 /sbin/ip addr add dev tun0 local 10.10.0.10 peer 10.10.0.254 Wed Aug 11 00:37:16 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]192.168.37.137:1194 Wed Aug 11 00:37:16 2021 UDP link local (bound): [AF_INET][undef]:1194 Wed Aug 11 00:37:16 2021 UDP link remote: [AF_INET]192.168.37.137:1194以及相應的基於容器的伺服器:
Wed Aug 11 07:34:40 2021 TUN/TAP device tun0 opened Wed Aug 11 07:34:40 2021 TUN/TAP TX queue length set to 100 Wed Aug 11 07:34:40 2021 /sbin/ip link set dev tun0 up mtu 1500 Wed Aug 11 07:34:40 2021 /sbin/ip addr add dev tun0 local 10.10.0.254 peer 10.10.0.10 Wed Aug 11 07:34:40 2021 Could not determine IPv4/IPv6 protocol. Using AF_INET Wed Aug 11 07:34:40 2021 Socket Buffers: R=[212992->212992] S=[212992->212992] Wed Aug 11 07:34:40 2021 UDPv4 link local (bound): [AF_INET][undef]:1195 Wed Aug 11 07:34:40 2021 UDPv4 link remote: [AF_UNSPEC]如您所見,沒有建立任何联系。有人知道為什麼嗎?
確保埠配置正確。
您將埠 1194 轉發到您的容器,但 OpenVPN 配置為偵聽埠 1195。