|
|
|
|
Strumenti |
27-06-2017, 23:03 | #1 |
Junior Member
Iscritto dal: Oct 2010
Messaggi: 4
|
Openvpn su vps, client si connette ma non naviga su internet
Salve a tutti, spero possiate aiutarmi.
Ho installato su una vps il famoso openvpn attraverso un progetto su github (Chocobozzz) che da anche interfaccia web molto comoda. Openvpn ha funzionato egregiamente per circa 15 giorni. All'improvviso i clienti si collegavano ma non navigavano. Come se non facesse routing. Questi sono i vari conf: Server.conf ## GENERAL ## # TCP, port 53, tunneling mode server proto tcp port 53 dev tun ## KEY, CERTS AND NETWORK CONFIGURATION ## # Identity ca ca.crt # Public key cert server.crt # Private key key server.key # Symmetric encryption dh dh.pem # Improve security (DDOS, port flooding...) # 0 for the server, 1 for the client tls-auth ta.key 0 # Encryption protocol cipher AES-256-CBC # Network # Subnetwork, the server will be the 10.8.0.1 and clients will take the other ips server 10.8.0.0 255.255.255.0 # Redirect all IP network traffic originating on client machines to pass through the OpenVPN server push "redirect-gateway def1" # Alternatives DNS (FDN) #push "dhcp-option DNS 80.67.169.12" #push "dhcp-option DNS 80.67.169.40" # (OpenDNS) push "dhcp-option DNS 208.67.222.222" push "dhcp-option DNS 208.67.220.220" # (Google) # push "dhcp-option DNS 8.8.8.8" # push "dhcp-option DNS 8.8.4.4" # Ping every 10 seconds and if after 120 seconds the client doesn't respond we disconnect keepalive 10 120 # Regenerate key each 5 hours (disconnect the client) reneg-sec 18000 ## SECURITY ## # Downgrade privileges of the daemon user nobody group nogroup # Persist keys (because we are nobody, so we couldn't read them again) persist-key # Don't close and re open TUN/TAP device persist-tun # Enable compression comp-lzo ## LOG ## # Verbosity # 3/4 for a normal utilisation verb 3 # Max 20 messages of the same category mute 20 # Log gile where we put the clients status status openvpn-status.log # Log file log-append /var/log/openvpn.log # Configuration directory of the clients client-config-dir ccd ## PASS ## # Allow running external scripts with password in ENV variables script-security 3 # Use the authenticated username as the common name, rather than the common name from the client cert username-as-common-name # Client certificate non requried client-cert-not-required # Use the connection script when a user wants to login auth-user-pass-verify scripts/login.sh via-env # Maximum of clients max-clients 50 # Run this scripts when the client connects/disconnects client-connect scripts/connect.sh client-disconnect scripts/disconnect.sh Client.ovpn client dev tun proto tcp-client remote 94.xxx. Xxx. Xxx 53 resolv-retry infinite cipher AES-256-CBC redirect-gateway # Keys # Identity ca ca.crt tls-auth ta.key 1 key-direction 1 remote-cert-tls server auth-user-pass auth-nocache # Security nobind persist-key persist-tun comp-lzo verb 3 # Proxy ? # http-proxy cache.univ.fr 3128 Le regole in iptables le crea in automatico il file di installazione. Secondo voi quale può essere il problema.? Grazie mille |
Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 17:44.