Configurando o route em servidor VPN

1. Configurando o route em servidor VPN

Eduardo
edu_mofio

(usa Outra)

Enviado em 07/09/2016 - 22:17h

Conforme a imagem do link a baixo,

https://uploaddeimagens.com.br/imagens/vpn-jpg--2

Um notebook pinga no IP de sub-rede do seu servidor,
Seu servidor pinga no IP de sub-rede do outro servidor,
Seu servidor não pinga no outro notebook,
e o notebook não pinga no outro notebook.

Segue a configuração da VPN.
port 1194
proto tcp
dev tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key # This file should be kept secret
dh /etc/openvpn/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig 10.8.0.1 10.8.0.2 #####
ifconfig-pool-persist ipp.txt
;push "route 211.0.7.0 255.255.255.0"
client-config-dir ccd
route 172.16.1.0 255.255.255.0
route 172.16.2.0 255.255.255.0
route 172.16.3.0 255.255.255.0
route 172.16.4.0 255.255.255.0
route 172.16.5.0 255.255.255.0
route 172.16.6.0 255.255.255.0
push "route 172.16.1.0 255.255.255.0"
push "route 172.16.2.0 255.255.255.0"
push "route 172.16.3.0 255.255.255.0"
push "route 172.16.4.0 255.255.255.0"
push "route 172.16.5.0 255.255.255.0"
push "route 172.16.6.0 255.255.255.0"
;push "redirect-gateway"
client-to-client
keepalive 10 120
comp-lzo
;user nobody
;group nobody
persist-key
persist-tun
status /etc/openvpn/log/openvpn-status.log
log-append /etc/openvpn/log/openvpn.log
verb 3
mute 3

Route -n do Servidor VPN
Kernel IP routing table
Destination Gateway Genmask Use Iface
0.0.0.0 x.x.x.10 0.0.0.0 enp1s1
10.8.0.0 10.8.0.2 255.255.255.0 tun0
10.8.0.2 0.0.0.0 255.255.255.255 tun0
127.0.0.0 0.0.0.0 255.0.0.0 lo
172.16.1.0 0.0.0.0 255.255.255.0 enp1s8
172.16.2.0 10.8.0.2 255.255.255.0 tun0
172.16.3.0 10.8.0.2 255.255.255.0 tun0
172.16.4.0 10.8.0.2 255.255.255.0 tun0
172.16.5.0 10.8.0.2 255.255.255.0 tun0
172.16.6.0 10.8.0.2 255.255.255.0 tun0
x.x.x.0 0.0.0.0 255.255.255.0 enp1s1

cat /proc/sys/net/ipv4/ip_forward
1

Tenho que fazer mais algum roteamento?
Tenho que mexer no firewall também?


  






Patrocínio

Site hospedado pelo provedor RedeHost.
Linux banner

Destaques

Artigos

Dicas

Tópicos

Top 10 do mês

Scripts