开启辅助访问 切换到宽版

iKuai爱快流控路由

 找回密码
 立即注册

QQ登录

只需一步,快速开始

iKuai爱快流控路由»iKuai爱快论坛 iKuai 爱快流控路由技术讨论 openvpn 客户端设置问题。请高手帮忙。访问客户端所在局 ...
返回列表 发新帖
查看: 9523|回复: 2
打印 上一主题 下一主题

openvpn 客户端设置问题。请高手帮忙。访问客户端所在局域.

[复制链接]
djb188
跳转到指定楼层
楼主
发表于 2017-10-17 17:57:55 | 只看该作者 |只看大图 回帖奖励 |倒序浏览 |阅读模式
各位大大,小弟这里有个openvpn的问题请教各位。
现在有一个VPS 安装OPENVPN server 。10.8.0.1
  1. port 8090
  2. proto udp
  3. dev tun
  4. ca ca.crt
  5. cert server.crt
  6. key server.key  # This file should be kept secret
  7. dh dh4096.pem
  8. server 10.8.0.0 255.255.255.0
  9. ifconfig-pool-persist ipp.txt
  10. client-to-client
  11. keepalive 10 120
  12. cipher AES-256-CBC
  13. persist-key
  14. persist-tun
  15. status openvpn-status.log
  16. verb 3
  17. keysize 256
  18. explicit-exit-notify 1
复制代码
以及server log 文件
  1. Tue Oct 17 17:06:30 2017 WARNING: --keysize is DEPRECATED and will be removed in OpenVPN 2.6
  2. Tue Oct 17 17:06:30 2017 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
  3. Tue Oct 17 17:06:30 2017 Windows version 6.2 (Windows 8 or greater) 64bit
  4. Tue Oct 17 17:06:30 2017 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.10
  5. Enter Management Password:
  6. Tue Oct 17 17:06:30 2017 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
  7. Tue Oct 17 17:06:30 2017 Need hold release from management interface, waiting...
  8. Tue Oct 17 17:06:31 2017 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
  9. Tue Oct 17 17:06:31 2017 MANAGEMENT: CMD 'state on'
  10. Tue Oct 17 17:06:31 2017 MANAGEMENT: CMD 'log all on'
  11. Tue Oct 17 17:06:31 2017 MANAGEMENT: CMD 'echo all on'
  12. Tue Oct 17 17:06:31 2017 MANAGEMENT: CMD 'hold off'
  13. Tue Oct 17 17:06:31 2017 MANAGEMENT: CMD 'hold release'
  14. Tue Oct 17 17:06:31 2017 Diffie-Hellman initialized with 4096 bit key
  15. Tue Oct 17 17:06:31 2017 interactive service msg_channel=0
  16. Tue Oct 17 17:06:31 2017 ROUTE_GATEWAY $.184.66.1/255.255.255.192 I=12 HWADDR=00:16:3e:f6:2c:24
  17. Tue Oct 17 17:06:31 2017 open_tun
  18. Tue Oct 17 17:06:31 2017 TAP-WIN32 device [以太网 2] opened: \\.\Global\{6F87E538-7DB5-478F-9C72-D4F42256B753}.tap
  19. Tue Oct 17 17:06:31 2017 TAP-Windows Driver Version 9.21
  20. Tue Oct 17 17:06:31 2017 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.1/255.255.255.252 on interface {6F87E538-7DB5-478F-9C72-D4F42256B753} [DHCP-serv: 10.8.0.2, lease-time: 31536000]
  21. Tue Oct 17 17:06:31 2017 Sleeping for 10 seconds...
  22. Tue Oct 17 17:06:41 2017 Successful ARP Flush on interface [15] {6F87E538-7DB5-478F-9C72-D4F42256B753}
  23. Tue Oct 17 17:06:41 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
  24. Tue Oct 17 17:06:41 2017 MANAGEMENT: >STATE:1508231201,ASSIGN_IP,,10.8.0.1,,,,
  25. Tue Oct 17 17:06:41 2017 MANAGEMENT: >STATE:1508231201,ADD_ROUTES,,,,,,
  26. Tue Oct 17 17:06:41 2017 C:\Windows\system32\route.exe ADD 10.8.0.0 MASK 255.255.255.0 10.8.0.2
  27. Tue Oct 17 17:06:41 2017 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
  28. Tue Oct 17 17:06:41 2017 Route addition via IPAPI succeeded [adaptive]
  29. Tue Oct 17 17:06:41 2017 Could not determine IPv4/IPv6 protocol. Using AF_INET6
  30. Tue Oct 17 17:06:41 2017 Socket Buffers: R=[65536->65536] S=[65536->65536]
  31. Tue Oct 17 17:06:41 2017 setsockopt(IPV6_V6ONLY=0)
  32. Tue Oct 17 17:06:41 2017 UDPv6 link local (bound): [AF_INET6][undef]:8090
  33. Tue Oct 17 17:06:41 2017 UDPv6 link remote: [AF_UNSPEC]
  34. Tue Oct 17 17:06:41 2017 MULTI: multi_init called, r=256 v=256
  35. Tue Oct 17 17:06:41 2017 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
  36. Tue Oct 17 17:06:41 2017 ifconfig_pool_read(), in='$1client,10.8.0.4', TODO: IPv6
  37. Tue Oct 17 17:06:41 2017 succeeded -> ifconfig_pool_set()
  38. Tue Oct 17 17:06:41 2017 ifconfig_pool_read(), in='client2,10.8.0.8', TODO: IPv6
  39. Tue Oct 17 17:06:41 2017 succeeded -> ifconfig_pool_set()
  40. Tue Oct 17 17:06:41 2017 ifconfig_pool_read(), in='client3,10.8.0.12', TODO: IPv6
  41. Tue Oct 17 17:06:41 2017 succeeded -> ifconfig_pool_set()
  42. Tue Oct 17 17:06:41 2017 IFCONFIG POOL LIST
  43. Tue Oct 17 17:06:41 2017 $1client,10.8.0.4
  44. Tue Oct 17 17:06:41 2017 client2,10.8.0.8
  45. Tue Oct 17 17:06:41 2017 client3,10.8.0.12
  46. Tue Oct 17 17:06:41 2017 Initialization Sequence Completed
  47. Tue Oct 17 17:06:41 2017 MANAGEMENT: >STATE:1508231201,CONNECTED,SUCCESS,10.8.0.1,,,,
  48. Tue Oct 17 17:06:56 2017 $.219.88.21 TLS: Initial packet from [AF_INET6]::ffff:$.219.88.21:51618, sid=5ea9b331 1c2a93e3
  49. Tue Oct 17 17:06:56 2017 $.130.247.15 TLS: Initial packet from [AF_INET6]::ffff:$.130.247.15:2204, sid=e91ffdc9 74788aad
  50. Tue Oct 17 17:06:57 2017 $.130.247.15 VERIFY OK: depth=1, C=CN, ST=YN, L=BAOSHAN, O=$, OU=changeme, CN=$1, name=changeme, emailAddress=$$@163.com
  51. Tue Oct 17 17:06:57 2017 $.130.247.15 VERIFY OK: depth=0, C=CN, ST=YN, L=BAOSHAN, O=$, OU=changeme, CN=$1client, name=changeme, emailAddress=$$@163.com
  52. Tue Oct 17 17:06:57 2017 $.130.247.15 peer info: IV_VER=2.3.11
  53. Tue Oct 17 17:06:57 2017 $.130.247.15 peer info: IV_PLAT=linux
  54. Tue Oct 17 17:06:57 2017 $.130.247.15 peer info: IV_PROTO=2
  55. Tue Oct 17 17:06:57 2017 $.130.247.15 Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
  56. Tue Oct 17 17:06:57 2017 $.130.247.15 Outgoing Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
  57. Tue Oct 17 17:06:57 2017 $.130.247.15 Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
  58. Tue Oct 17 17:06:57 2017 $.130.247.15 Incoming Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
  59. Tue Oct 17 17:06:57 2017 $.130.247.15 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
  60. Tue Oct 17 17:06:57 2017 $.130.247.15 [$1client] Peer Connection Initiated with [AF_INET6]::ffff:$.130.247.15:2204
  61. Tue Oct 17 17:06:57 2017 $1client/$.130.247.15 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
  62. Tue Oct 17 17:06:57 2017 $1client/$.130.247.15 MULTI: Learn: 10.8.0.6 -> $1client/$.130.247.15
  63. Tue Oct 17 17:06:57 2017 $1client/$.130.247.15 MULTI: primary virtual IP for $1client/$.130.247.15: 10.8.0.6
  64. Tue Oct 17 17:06:59 2017 $1client/$.130.247.15 PUSH: Received control message: 'PUSH_REQUEST'
  65. Tue Oct 17 17:06:59 2017 $1client/$.130.247.15 SENT CONTROL [$1client]: 'PUSH_REPLY,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 1' (status=1)
  66. Tue Oct 17 17:07:06 2017 $.219.88.21 VERIFY OK: depth=1, C=CN, ST=YN, L=BAOSHAN, O=$, OU=changeme, CN=$1, name=changeme, emailAddress=$$$@163.com
  67. Tue Oct 17 17:07:06 2017 $.219.88.21 VERIFY OK: depth=0, C=CN, ST=YN, L=BAOSHAN, O=$, OU=changeme, CN=client3, name=changeme, emailAddress=$$$@163.com
  68. Tue Oct 17 17:07:06 2017 $.219.88.21 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1557', remote='link-mtu 1500'
  69. Tue Oct 17 17:07:06 2017 $.219.88.21 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1500', remote='tun-mtu 1443'
  70. Tue Oct 17 17:07:06 2017 $.219.88.21 Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
  71. Tue Oct 17 17:07:06 2017 $.219.88.21 Outgoing Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
  72. Tue Oct 17 17:07:06 2017 $.219.88.21 Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
  73. Tue Oct 17 17:07:06 2017 $.219.88.21 Incoming Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
  74. Tue Oct 17 17:07:06 2017 $.219.88.21 Control Channel: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 4096 bit RSA
  75. Tue Oct 17 17:07:06 2017 $.219.88.21 [client3] Peer Connection Initiated with [AF_INET6]::ffff:$.219.88.21:51618
  76. Tue Oct 17 17:07:06 2017 client3/$.219.88.21 MULTI_sva: pool returned IPv4=10.8.0.14, IPv6=(Not enabled)
  77. Tue Oct 17 17:07:06 2017 client3/$.219.88.21 MULTI: Learn: 10.8.0.14 -> client3/$.219.88.21
  78. Tue Oct 17 17:07:06 2017 client3/$.219.88.21 MULTI: primary virtual IP for client3/$.219.88.21: 10.8.0.14
  79. Tue Oct 17 17:07:09 2017 client3/$.219.88.21 PUSH: Received control message: 'PUSH_REQUEST'
  80. Tue Oct 17 17:07:09 2017 client3/$.219.88.21 SENT CONTROL [client3]: 'PUSH_REPLY,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.14 10.8.0.13' (status=1)
  81. Tue Oct 17 17:07:55 2017 SENT CONTROL [$1client]: 'RESTART' (status=1)
  82. Tue Oct 17 17:07:55 2017 SENT CONTROL [client3]: 'RESTART' (status=1)
  83. Tue Oct 17 17:07:55 2017 C:\Windows\system32\route.exe DELETE 10.8.0.0 MASK 255.255.255.0 10.8.0.2
  84. Tue Oct 17 17:07:55 2017 Route deletion via IPAPI succeeded [adaptive]
  85. Tue Oct 17 17:07:55 2017 Closing TUN/TAP interface
  86. Tue Oct 17 17:07:55 2017 TAP: DHCP address released
  87. Tue Oct 17 17:07:55 2017 SIGTERM[hard,] received, process exiting
  88. Tue Oct 17 17:07:55 2017 MANAGEMENT: >STATE:1508231275,EXITING,SIGTERM,,,,,
复制代码


客户端1为树莓派 10.8.0.14
  1. client
  2. dev tun
  3. proto udp
  4. remote 118.184.66.56 8090
  5. resolv-retry infinite
  6. nobind
  7. persist-key
  8. persist-tun
  9. ca /etc/openvpn/ca.crt
  10. cert /etc/openvpn/client.crt
  11. key /etc/openvpn/client.key
  12. verb 3

复制代码


客户端2为爱快路由 10.8.0.6

互相能够ping通,也能访问客户端1的局域网共享。

现在我需要访问 爱快路由下的 局域网中的(192.168.1.220),请问改如何设置?谢谢。


分享到:  QQ好友和群QQ好友和群 QQ空间QQ空间 腾讯微博腾讯微博 腾讯朋友腾讯朋友
收藏收藏1 支持支持 反对反对
回复

举报

沙发
发表于 2017-10-18 10:37:25 | 只看该作者
楼主,您好
如果要访问爱快的客户端,需要在对端的树莓派上,做一条到爱快路由内网的静态路由 网关为服务器的OPENVPN的地址
回复 支持 反对

举报

djb188
板凳
 楼主| 发表于 2017-10-23 22:34:33 | 只看该作者
你好谢谢您的回复爱快技术支持02。
现在是这样的情况。
10.8.0.1 为VPS  OPENVPN服务器
10.8.0.6 为爱快路由(本地IP192.168.1.1)  使用客户端
10.8.0.22 为外网PC(本地IP192.168.1.100) 使用客户端
三个IP都能互相PING通。
现在我希望我外网的PC能够放访问爱快路由所在的网段中的几个服务器。请问静态IP是需要在PC上设置,还是在爱快路由上设置?如何设置?
再次感谢您的帮助。
回复 支持 反对

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

关闭

站长推荐上一条 /1 下一条

QQ|小黑屋|手机版|Archiver|论坛规章制度|iKuai Inc. ( 京ICP备13042604号 )

GMT+8, 2024-11-15 15:10

Powered by Discuz! X3.3

© 2001-2024 Comsenz Inc.

快速回复 返回顶部 返回列表