OpenVPN连接到服务器，但没有internet连接。

Question

我试图设置我的openvpn服务器，但它不工作！

客户端配置：

client

dev tap

;dev-node MyTap

;proto tcp
proto udp

remote 5.1.85.206 1194

;remote-random

resolv-retry infinite

nobind

;user nobody
;group nobody

persist-key
persist-tun


;http-proxy-retry 
;http-proxy [proxy server] [proxy port #]


;mute-replay-warnings


ca ca.crt
cert client1.crt
key client1.key


remote-cert-tls server


tls-auth ta.key 1


;cipher x


comp-lzo

verb 3

;mute 20

redirect-gateway
dhcp-option DNS 8.8.8.8

服务器配置：

;local a.b.c.d

port 1194

;proto tcp
proto udp

dev tap
;dev tun

;dev-node MyTap


ca ca.crt
cert server.crt
key server.key  # This file should be kept secret


dh dh2048.pem


server 10.8.0.0 255.255.255.0


ifconfig-pool-persist ipp.txt


;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100


;server-bridge

;push "route 192.168.10.0 255.255.255.0"
;push "route 192.168.20.0 255.255.255.0"
push "dhcp-option DNS 8.8.8.8"


;client-config-dir ccd
;route 192.168.40.128 255.255.255.248

;client-config-dir ccd
;route 10.9.0.0 255.255.255.252

;learn-address ./script

;push "redirect-gateway def1 bypass-dhcp"

;push "dhcp-option DNS 208.67.222.222"
;push "dhcp-option DNS 208.67.220.220"

;client-to-client

;duplicate-cn

keepalive 10 120

tls-auth ta.key 0 # This file is secret

;cipher BF-CBC        # Blowfish (default)
;cipher AES-128-CBC   # AES
;cipher DES-EDE3-CBC  # Triple-DES6

comp-lzo

max-clients 2

user nobody
group nogroup

persist-key
#persist-tun

status openvpn-status.log

;log         openvpn.log
;log-append  openvpn.log

verb 3

;mute 20

日志:没有错误:/

我希望你能帮我:)

PS:我在Windows 10上有最新版本的openvpn，我和以太网直接连接到我的路由器

Answer 1

您可能还没有为服务器使用的VPN网络设置出站NAT。因此，服务器网络上的路由器不知道如何将流量从VPN网络转换为WAN侧IP。

Answer 2

固定

我只是忘记将网络适配器从eth0更改为venet0 (它是)。

我的表规则：

sysctl -w net.ipv4.ip_forward=1
iptables -A FORWARD -o eth0 -i tun0 -s 10.8.0.0/24 -m conntrack --ctstate NEW -$
iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A POSTROUTING -o venet0 -j MASQUERADE