Answer the question
In order to leave comments, you need to log in
D
D
dobromin2022-02-08 02:14:05
dobromin, 2022-02-08 02:14:05
OpenVPN as a gateway does not work why?
Hello! It would seem a simple question, there are a lot of solutions, but it doesn’t work for me, a day has flown by and I’m in flight)
In Kratz, I’m making an OpenVPN server to access the Internet through it, everything works fine on the phone as it should and the Internet goes through the server. computer no, not in any
server config:
spoiler
port 1199
proto udp
dev tun
# Сертификаты
# ==============================================
ca /etc/openvpn/keys/ca.crt
crl-verify /etc/openvpn/keys/crl.pem
dh /etc/openvpn/keys/dh2048.pem
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
tls-auth /etc/openvpn/keys/ta.key 0
# Плагин авторизации pam
# ==============================================
plugin openvpn-plugin-auth-pam.so service-type
client-cert-not-required
username-as-common-name
# Сеть сервера
# ===========================
server 10.10.0.0 255.255.255.0
max-clients 50
# Разрешить несколько подключений
# ===============================
#duplicate-cn
# Маршрут до сети и адрес DNS сервера
# ===================================
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "redirect–gateway def1 bypass–dhcp"
push "route-gateway 10.10.0.1"
push "route 0.0.0.0 0.0.0.0"
client-config-dir /etc/openvpn/ccd/
comp-lzo
keepalive 10 120
cipher AES-256-CBC
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
log /var/log/openvpn/openvpn.log
log-append /var/log/openvpn/openvpn.log
#ifconfig-pool-persist /var/log/openvpn/ipp.txt
#mssfix
topology subnet
verb 3
explicit-exit-notify 1
port 1199
proto udp
dev tun
# Сертификаты
# ==============================================
ca /etc/openvpn/keys/ca.crt
crl-verify /etc/openvpn/keys/crl.pem
dh /etc/openvpn/keys/dh2048.pem
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
tls-auth /etc/openvpn/keys/ta.key 0
# Плагин авторизации pam
# ==============================================
plugin openvpn-plugin-auth-pam.so service-type
client-cert-not-required
username-as-common-name
# Сеть сервера
# ===========================
server 10.10.0.0 255.255.255.0
max-clients 50
# Разрешить несколько подключений
# ===============================
#duplicate-cn
# Маршрут до сети и адрес DNS сервера
# ===================================
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "redirect–gateway def1 bypass–dhcp"
push "route-gateway 10.10.0.1"
push "route 0.0.0.0 0.0.0.0"
client-config-dir /etc/openvpn/ccd/
comp-lzo
keepalive 10 120
cipher AES-256-CBC
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
log /var/log/openvpn/openvpn.log
log-append /var/log/openvpn/openvpn.log
#ifconfig-pool-persist /var/log/openvpn/ipp.txt
#mssfix
topology subnet
verb 3
explicit-exit-notify 1
spoiler
dev tun
proto udp
remote СамыйбелыйИП 1199
client
resolv-retry infinite
auth-user-pass
remote-cert-tls server
persist-key
persist-tun
key-direction 1
cipher AES-256-CBC
comp-lzo
verb 3
status-version 3
################################################################
dev tun
proto udp
remote СамыйбелыйИП 1199
client
resolv-retry infinite
auth-user-pass
remote-cert-tls server
persist-key
persist-tun
key-direction 1
cipher AES-256-CBC
comp-lzo
verb 3
status-version 3
################################################################
Removed certificates and keys, so they are!
routing on Windows with commented out routing pushes to dns
route print
spoiler
Активные маршруты:
Сетевой адрес Маска сети Адрес шлюза Интерфейс Метрика
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.101 40
10.10.0.0 255.255.255.0 10.10.0.1 10.10.0.3 257
10.10.0.3 255.255.255.255 On-link 10.10.0.3 257
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
172.25.192.0 255.255.240.0 On-link 172.25.192.1 271
172.25.192.1 255.255.255.255 On-link 172.25.192.1 271
172.25.207.255 255.255.255.255 On-link 172.25.192.1 271
172.30.0.0 255.255.240.0 On-link 172.30.0.1 271
172.30.0.1 255.255.255.255 On-link 172.30.0.1 271
172.30.15.255 255.255.255.255 On-link 172.30.0.1 271
188.134.89.2 255.255.255.255 192.168.0.1 192.168.0.101 296
192.168.0.0 255.255.255.0 On-link 192.168.0.101 296
192.168.0.101 255.255.255.255 On-link 192.168.0.101 296
192.168.0.255 255.255.255.255 On-link 192.168.0.101 296
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 10.10.0.3 257
224.0.0.0 240.0.0.0 On-link 192.168.0.101 296
224.0.0.0 240.0.0.0 On-link 172.25.192.1 271
224.0.0.0 240.0.0.0 On-link 172.30.0.1 271
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 10.10.0.3 257
255.255.255.255 255.255.255.255 On-link 192.168.0.101 296
255.255.255.255 255.255.255.255 On-link 172.25.192.1 271
255.255.255.255 255.255.255.255 On-link 172.30.0.1 271
===========================================================================
Постоянные маршруты:
Отсутствует
Активные маршруты:
Сетевой адрес Маска сети Адрес шлюза Интерфейс Метрика
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.101 40
10.10.0.0 255.255.255.0 10.10.0.1 10.10.0.3 257
10.10.0.3 255.255.255.255 On-link 10.10.0.3 257
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
172.25.192.0 255.255.240.0 On-link 172.25.192.1 271
172.25.192.1 255.255.255.255 On-link 172.25.192.1 271
172.25.207.255 255.255.255.255 On-link 172.25.192.1 271
172.30.0.0 255.255.240.0 On-link 172.30.0.1 271
172.30.0.1 255.255.255.255 On-link 172.30.0.1 271
172.30.15.255 255.255.255.255 On-link 172.30.0.1 271
188.134.89.2 255.255.255.255 192.168.0.1 192.168.0.101 296
192.168.0.0 255.255.255.0 On-link 192.168.0.101 296
192.168.0.101 255.255.255.255 On-link 192.168.0.101 296
192.168.0.255 255.255.255.255 On-link 192.168.0.101 296
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 10.10.0.3 257
224.0.0.0 240.0.0.0 On-link 192.168.0.101 296
224.0.0.0 240.0.0.0 On-link 172.25.192.1 271
224.0.0.0 240.0.0.0 On-link 172.30.0.1 271
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 10.10.0.3 257
255.255.255.255 255.255.255.255 On-link 192.168.0.101 296
255.255.255.255 255.255.255.255 On-link 172.25.192.1 271
255.255.255.255 255.255.255.255 On-link 172.30.0.1 271
===========================================================================
Постоянные маршруты:
Отсутствует
ipconfig
spoiler
Неизвестный адаптер Подключение по локальной сети 2:
DNS-суффикс подключения . . . . . :
Описание. . . . . . . . . . . . . : TAP-Windows Adapter V9 for OpenVPN Connect
Физический адрес. . . . . . . . . : 00-FF-E3-4B-DD-98
DHCP включен. . . . . . . . . . . : Нет
Автонастройка включена. . . . . . : Да
Локальный IPv6-адрес канала . . . : fe80::165:c7da:207d:83d2%26(Основной)
IPv4-адрес. . . . . . . . . . . . : 10.10.0.3(Основной)
Маска подсети . . . . . . . . . . : 255.255.255.0
Основной шлюз. . . . . . . . . :
IAID DHCPv6 . . . . . . . . . . . : 1275133923
DUID клиента DHCPv6 . . . . . . . : 00-01-00-01-26-A9-39-46-E4-AA-EA-89-A1-01
DNS-серверы. . . . . . . . . . . : 8.8.8.8
8.8.4.4
NetBios через TCP/IP. . . . . . . . : Включен
Неизвестный адаптер Подключение по локальной сети 2:
DNS-суффикс подключения . . . . . :
Описание. . . . . . . . . . . . . : TAP-Windows Adapter V9 for OpenVPN Connect
Физический адрес. . . . . . . . . : 00-FF-E3-4B-DD-98
DHCP включен. . . . . . . . . . . : Нет
Автонастройка включена. . . . . . : Да
Локальный IPv6-адрес канала . . . : fe80::165:c7da:207d:83d2%26(Основной)
IPv4-адрес. . . . . . . . . . . . : 10.10.0.3(Основной)
Маска подсети . . . . . . . . . . : 255.255.255.0
Основной шлюз. . . . . . . . . :
IAID DHCPv6 . . . . . . . . . . . : 1275133923
DUID клиента DHCPv6 . . . . . . . : 00-01-00-01-26-A9-39-46-E4-AA-EA-89-A1-01
DNS-серверы. . . . . . . . . . . : 8.8.8.8
8.8.4.4
NetBios через TCP/IP. . . . . . . . : Включен
ip route from server
spoiler
default via 192.168.0.1 dev enp8s0 proto dhcp metric 108
10.10.0.0/24 dev tun0 proto kernel scope link src 10.10.0.1
192.168.0.0/24 dev enp8s0 proto kernel scope link src 192.168.0.109 metric 108
default via 192.168.0.1 dev enp8s0 proto dhcp metric 108
10.10.0.0/24 dev tun0 proto kernel scope link src 10.10.0.1
192.168.0.0/24 dev enp8s0 proto kernel scope link src 192.168.0.109 metric 108
Similar questions
V
S
A
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question