我在 linux/Debian 上设置了一个 OpenVPN 服务器。它应该是仅用于游戏目的的虚拟网络。这意味着我想保持他们通常的流量通过他们的默认路由器,并且只通过 OpenVPN 的连接引导游戏流量。这是服务器的配置:
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
dh dh.pem
topology subnet
server 10.8.0.0 255.255.255.0
client-to-client
keepalive 10 120
tls-auth ta.key 0 # This file is secret
cipher AES-256-CBC
persist-key
persist-tun
status openvpn-status.log
verb 3
explicit-exit-notify 1
客户端配置:
client
dev tap
proto udp
remote <MY_SERVER'S_IP> 1194 #CHANGEME
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
ca ca.crt
cert client3.crt
key client3.key
tls-auth ta.key 1
cipher AES-256-CBC
verb 3
mute 20
我所有的客户端都在 NAT 之后,本地子网为 192.168.1.0/24 或 192.168.0.0/24。作为客户端( Win10 ),我可以成功连接到服务器。至少 OpenVPN 的 GUI 框会弹出并说它已连接。但我什至无法 ping 服务器(10.8.0.1),因为所有流量都通过默认路由 192.168.0.1。这是连接到 OpenVPN 服务器之前的route -4 打印命令输出。
===========================================================================
Список интерфейсов
23...d8 97 ba 08 5d 16 ......Qualcomm Atheros AR8172/8176/8178 PCI-E Fast Ethernet Controller (NDIS 6.30)
11...00 ff 55 13 9e 5f ......TAP-Windows Adapter V9
30...12 10 b3 ed e0 6c ......Microsoft Wi-Fi Direct Virtual Adapter #5
22...22 10 b3 ed e0 6c ......Microsoft Wi-Fi Direct Virtual Adapter #6
21...42 10 b3 ed e0 6c ......Microsoft Hosted Network Virtual Adapter #2
8...30 10 b3 ed e0 6c ......Qualcomm Atheros AR956x Wireless Network Adapter
1...........................Software Loopback Interface 1
===========================================================================
IPv4 таблица маршрута
===========================================================================
Активные маршруты:
Сетевой адрес Маска сети Адрес шлюза Интерфейс Метрика
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.14 55
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
192.168.0.0 255.255.255.0 On-link 192.168.0.14 311
192.168.0.14 255.255.255.255 On-link 192.168.0.14 311
192.168.0.255 255.255.255.255 On-link 192.168.0.14 311
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.0.14 311
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.0.14 311
===========================================================================
Постоянные маршруты:
Отсутствует
以及连接成功后的路由-4打印输出:
===========================================================================
Список интерфейсов
23...d8 97 ba 08 5d 16 ......Qualcomm Atheros AR8172/8176/8178 PCI-E Fast Ethernet Controller (NDIS 6.30)
11...00 ff 55 13 9e 5f ......TAP-Windows Adapter V9
30...12 10 b3 ed e0 6c ......Microsoft Wi-Fi Direct Virtual Adapter #5
22...22 10 b3 ed e0 6c ......Microsoft Wi-Fi Direct Virtual Adapter #6
21...42 10 b3 ed e0 6c ......Microsoft Hosted Network Virtual Adapter #2
8...30 10 b3 ed e0 6c ......Qualcomm Atheros AR956x Wireless Network Adapter
1...........................Software Loopback Interface 1
===========================================================================
IPv4 таблица маршрута
===========================================================================
Активные маршруты:
Сетевой адрес Маска сети Адрес шлюза Интерфейс Метрика
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.14 55
10.8.0.0 255.255.255.0 On-link 10.8.0.2 281
10.8.0.2 255.255.255.255 On-link 10.8.0.2 281
10.8.0.255 255.255.255.255 On-link 10.8.0.2 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
192.168.0.0 255.255.255.0 On-link 192.168.0.14 311
192.168.0.14 255.255.255.255 On-link 192.168.0.14 311
192.168.0.255 255.255.255.255 On-link 192.168.0.14 311
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 10.8.0.2 281
224.0.0.0 240.0.0.0 On-link 192.168.0.14 311
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 10.8.0.2 281
255.255.255.255 255.255.255.255 On-link 192.168.0.14 311
===========================================================================
Постоянные маршруты:
Отсутствует
我尝试尝试将不同的指标设置为 0.0.0.0 或 10.8.0.0 路由,但没有达到任何程度。 tracert.exe 10.8.0.1仍然通过 192.168.0.1。
$>tracert 10.8.0.1
Трассировка маршрута к 10.8.0.1 [10.8.0.1]
с максимальным числом прыжков 30:
1 1 ms 1 ms 1 ms rt [192.168.0.1]
2 15 ms 14 ms 12 ms
--SNIPPED----
如果需要任何其他信息,我会更新这篇文章。