我使用openvpn將兩個xp sp3電腦建vpn,目前不管互ping或是開網路芳鄰都已經ok,但我照how-to的說明想使用redirect-gateway將client的瀏覽行為全走server出去,但這樣反而會讓client所有的網頁都開不了,網址直接打ip也沒用。
我的server.ovpn是(已刪註解):
management localhost 7505
port 1194
proto udp
dev tun
ca "\\Program Files\\OpenVPN\\config\\ca.crt"
cert "\\Program Files\\OpenVPN\\config\\server.crt"
key "\\Program Files\\OpenVPN\\config\\server.key" # This file should be kept secret
dh "\\Program Files\\OpenVPN\\config\\dh1024.pem"
server 10.66.77.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway"
client-to-client
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
開redirect-gateway後的route print
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 123.192.36.1 123.192.37.181 20
10.66.77.0 255.255.255.252 10.66.77.1 10.66.77.1 30
10.66.77.0 255.255.255.0 10.66.77.2 10.66.77.1 1
10.66.77.1 255.255.255.255 127.0.0.1 127.0.0.1 30
10.255.255.255 255.255.255.255 10.66.77.1 10.66.77.1 30
123.192.36.0 255.255.252.0 123.192.37.181 123.192.37.181 20
123.192.37.181 255.255.255.255 127.0.0.1 127.0.0.1 20
123.255.255.255 255.255.255.255 123.192.37.181 123.192.37.181 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 240.0.0.0 10.66.77.1 10.66.77.1 30
224.0.0.0 240.0.0.0 123.192.37.181 123.192.37.181 20
255.255.255.255 255.255.255.255 10.66.77.1 10.66.77.1 1
255.255.255.255 255.255.255.255 123.192.37.181 123.192.37.181 1
Default Gateway: 123.192.36.1
client.ovpn的內容:
client
dev tun
proto udp
remote 123.192.37.181 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\client2.crt"
key "C:\\Program Files\\OpenVPN\\config\\client2.key"
ns-cert-type server
comp-lzo
verb 3
client的route print:
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.66.77.9 10.66.77.10 1
10.66.77.0 255.255.255.0 10.66.77.9 10.66.77.10 1
10.66.77.8 255.255.255.252 10.66.77.10 10.66.77.10 30
10.66.77.10 255.255.255.255 127.0.0.1 127.0.0.1 30
10.255.255.255 255.255.255.255 10.66.77.10 10.66.77.10 30
123.192.37.181 255.255.255.255 123.192.52.1 123.192.52.238 1
123.192.52.0 255.255.252.0 123.192.52.238 123.192.52.238 20
123.192.52.238 255.255.255.255 127.0.0.1 127.0.0.1 20
123.255.255.255 255.255.255.255 123.192.52.238 123.192.52.238 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 240.0.0.0 10.66.77.10 10.66.77.10 30
224.0.0.0 240.0.0.0 123.192.52.238 123.192.52.238 20
255.255.255.255 255.255.255.255 10.66.77.10 10.66.77.10 1
255.255.255.255 255.255.255.255 123.192.52.238 123.192.52.238 1
Default Gateway: 10.66.77.9
我有去regedit中改IPEnableRouter成1,大部分說明中用linux當例子,還有加iptables導向,不過xp中我還沒看到類似功能,不清楚是不是這個原因。請問我的設定還有哪裡有問題,可以麻煩高手指點一下嗎?
書籤