oversky
2009-12-21, 11:56 AM
我把兩台 AP 都裝了 tomatovpn (SgtPepperKSU 版),現在 vpn 算是測通了,可是不知如何設定 port forwarding,目前 Bittorrent 及 emule 的 port checker 都沒過。
我的網路配置如下:
Laptop -> AP2 -> Public AP -> Internet -> AP1 -> Internet
其中的 Public AP 有擋 ports。
AP1(openvpn server)
Public IP: 111.222.333.444
Private IP: 192.168.0.1
Public AP
Public IP: 555.666.777.888
Private IP: 192.168.1.254
AP2(openvpn client):loggin Public AP in wireless client mode
WAN IP: 192.168.1.10
Private IP: 192.168.2.1
Laptop:
Private IP: 192.168.2.2
OpenVPN 的設定如下
AP1(openvpn server)
Start with router: v
Interface Type: TUN
Protocal: UDP
Port: 1194
Firewall: Automatic
Authorization Mode: Static Key
Local/remote endpoint: 10.8.0.1 10.8.0.2
Respond to DNS: v
Paste Static Key and save
Port Forwarding:
DMZ: 10.8.0.2
AP2(Openvpn client)
Start with router: v
Interface Type: TUN
Protocol: UDP
Server Address/Port 111.222.333.444 1194
Firewall: Automatic
Authorization Mode: Static Key
Create NAT on tunnel: v
Local/remote endpoint: 10.8.0.2 10.8.0.1
Redirect Internet traffic: v
Paste Static Key and save
Port Forwarding:
DMZ: 192.168.2.2
請問我 firewall 的 port forwarding 有設錯嗎?
在網路上查到如果是在 linux 下架 openvpn server, 執行下列指令就可以把 port forward 到 openvpn client,
iptables -t nat -A PREROUTING -p tcp --dport 1234 -j DNAT --to-destination 10.66.66.6
iptables -A FORWARD -s 10.66.66.6 -p tcp --dport 1234 -j ACCEPT
請問是不是直接 copy 到 tomato 內的 script 就可以了?
我的網路配置如下:
Laptop -> AP2 -> Public AP -> Internet -> AP1 -> Internet
其中的 Public AP 有擋 ports。
AP1(openvpn server)
Public IP: 111.222.333.444
Private IP: 192.168.0.1
Public AP
Public IP: 555.666.777.888
Private IP: 192.168.1.254
AP2(openvpn client):loggin Public AP in wireless client mode
WAN IP: 192.168.1.10
Private IP: 192.168.2.1
Laptop:
Private IP: 192.168.2.2
OpenVPN 的設定如下
AP1(openvpn server)
Start with router: v
Interface Type: TUN
Protocal: UDP
Port: 1194
Firewall: Automatic
Authorization Mode: Static Key
Local/remote endpoint: 10.8.0.1 10.8.0.2
Respond to DNS: v
Paste Static Key and save
Port Forwarding:
DMZ: 10.8.0.2
AP2(Openvpn client)
Start with router: v
Interface Type: TUN
Protocol: UDP
Server Address/Port 111.222.333.444 1194
Firewall: Automatic
Authorization Mode: Static Key
Create NAT on tunnel: v
Local/remote endpoint: 10.8.0.2 10.8.0.1
Redirect Internet traffic: v
Paste Static Key and save
Port Forwarding:
DMZ: 192.168.2.2
請問我 firewall 的 port forwarding 有設錯嗎?
在網路上查到如果是在 linux 下架 openvpn server, 執行下列指令就可以把 port forward 到 openvpn client,
iptables -t nat -A PREROUTING -p tcp --dport 1234 -j DNAT --to-destination 10.66.66.6
iptables -A FORWARD -s 10.66.66.6 -p tcp --dport 1234 -j ACCEPT
請問是不是直接 copy 到 tomato 內的 script 就可以了?