【发布时间】:2020-10-08 13:15:01
【问题描述】:
如何让 VPN 客户端成为网关?
那些。来自服务器的请求必须通过连接的客户端。
现在我有:
client.ovpn
client
dev tun
proto tcp
remote X.X.X.X 1194
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-CBC
auth SHA256
verb 3
key-direction 1
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
<ca>...</ca>
<cert>...</cert>
<key>...</key>
<tls-auth>...</tls-auth>
server.conf
port 1194
proto tcp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist /var/log/openvpn/ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
tls-auth ta.key 0
cipher AES-256-CBC
auth SHA256
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
verb 3
explicit-exit-notify 0
使用此配置,来自服务器的请求不会通过。
ping 8.8.8.8 -I tun0
PING 8.8.8.8 (8.8.8.8) from 10.8.0.1 tun0: 56(84) bytes of data.
curl --interface tun0 -v ipinfo.io
* Rebuilt URL to: ipinfo.io/
* Trying 216.239.38.21...
* TCP_NODELAY set
任何建议将不胜感激。
【问题讨论】:
标签: openvpn