服务器 Gind.cn
  1. 服务器 Gind.cn
  3. OpenVPN:Windows 7 x64客户端无法看到远程局域网,但XP客户端可以
Intereting Posts
Virtualizor + VPS备份(裸机还原function)使用rSync 3 如何在不使用PEM文件的情况下login到Amazon EC2? 当Docker卷正在使用时,CoreOS如何迁移Docker容器? 有关为教室环境设置两个不相交networking的AD基础结构的提示 IPv6 AAAA与CNAME相同的域名 将文件迁移到Windows Server 2016后,AutoCAD LT 2012的CreateDate字段无法正常工作 CentOS 5,端口8080不会允许stream量 在Active Directory复制时需要触发程序 在运行界面上更改ipv6networking掩码和网关 面向公众的网站的应用程序池设置? OCT文件和办公室2010年 vmrun无法启动VM(Linux下的VMware Workstation) 我无法删除文件rm:无法删除X只读文件系统 厨师的bootstrap(添加节点)本地主机 DOS打印机文本输出在“新”计算机上有错误的字符

OpenVPN:Windows 7 x64客户端无法看到远程局域网,但XP客户端可以

我将OpenVPN 2.1.1与Windows XP x86 SP3和Windows 7 x64客户端一起使用到包含OpenVPN 2.1-rc15的Endian Community 2.4.0盒子。

从两个连接工作正常,但访问绿色局域网上的资源不适用于Windows 7,并适用于XP。
所以:我可以通过VPN ping通推送networking上的主机,但使用windows7,我只能ping防火墙的绿色ip地址。

编辑:我已经尝试了route-method exe / route-delay 2技巧,但是这并不能解决问题。

关于Endianconfiguration的更多细节(尝试2.2和2.4都失败):

红色= 192.168.100.25; 192.168.71.25
绿色= 176.16.41.1
橙色= 176.16.141.1

它基本上是作为一个OpenVPN服务器运行,提供红色,提供访问绿色。

在Windows XP上,我使用了OpenVPN 2.1.1安装 ,使用OpenVPN GUI(包含在安装中),而且一切都很花哨。

在Windows 7 x64上,我运行相同的,但现在以pipe理员身份使用OpenVPN GUI。
它只能ping绿色网关,而不能其他机器。

Windows 7日志: 

 Tue Aug 10 18:50:15 2010 OpenVPN 2.1.1 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Dec 11 2009 Tue Aug 10 18:50:23 2010 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Tue Aug 10 18:50:23 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Tue Aug 10 18:50:24 2010 LZO compression initialized Tue Aug 10 18:50:24 2010 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ] Tue Aug 10 18:50:24 2010 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ] Tue Aug 10 18:50:24 2010 Local Options hash (VER=V4): '31fdf004' Tue Aug 10 18:50:24 2010 Expected Remote Options hash (VER=V4): '3e6d1056' Tue Aug 10 18:50:24 2010 Attempting to establish TCP connection with 192.168.71.25:1194 Tue Aug 10 18:50:24 2010 TCP connection established with 192.168.71.25:1194 Tue Aug 10 18:50:24 2010 Socket Buffers: R=[8192->8192] S=[8192->8192] Tue Aug 10 18:50:24 2010 TCPv4_CLIENT link local: [undef] Tue Aug 10 18:50:24 2010 TCPv4_CLIENT link remote: 192.168.71.25:1194 Tue Aug 10 18:50:24 2010 TLS: Initial packet from 192.168.71.25:1194, sid=165d50de 52c0ecba Tue Aug 10 18:50:24 2010 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Tue Aug 10 18:50:24 2010 VERIFY OK: depth=1, /C=IT/O=efw/CN=efw_CA Tue Aug 10 18:50:24 2010 VERIFY OK: depth=0, /C=IT/O=efw/CN=127.0.0.1 Tue Aug 10 18:50:24 2010 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Tue Aug 10 18:50:24 2010 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Aug 10 18:50:24 2010 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Tue Aug 10 18:50:24 2010 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Aug 10 18:50:24 2010 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Tue Aug 10 18:50:24 2010 [127.0.0.1] Peer Connection Initiated with 192.168.71.25:1194 Tue Aug 10 18:50:26 2010 SENT CONTROL [127.0.0.1]: 'PUSH_REQUEST' (status=1) Tue Aug 10 18:50:27 2010 PUSH: Received control message: 'PUSH_REPLY,ifconfig 172.16.41.209 255.255.255.0,dhcp-option DOMAIN pluimers.com,ping-restart 30,ping 8,route-gateway 172.16.41.1,route-gateway 172.16.41.1' Tue Aug 10 18:50:27 2010 OPTIONS IMPORT: timers and/or timeouts modified Tue Aug 10 18:50:27 2010 OPTIONS IMPORT: --ifconfig/up options modified Tue Aug 10 18:50:27 2010 OPTIONS IMPORT: route-related options modified Tue Aug 10 18:50:27 2010 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Tue Aug 10 18:50:27 2010 TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{F3F5E8A1-1797-4FA8-902E-3895A2163148}.tap Tue Aug 10 18:50:27 2010 TAP-Win32 Driver Version 9.6 Tue Aug 10 18:50:27 2010 TAP-Win32 MTU=1500 Tue Aug 10 18:50:27 2010 Notified TAP-Win32 driver to set a DHCP IP/netmask of 172.16.41.209/255.255.255.0 on interface {F3F5E8A1-1797-4FA8-902E-3895A2163148} [DHCP-serv: 172.16.41.0, lease-time: 31536000] Tue Aug 10 18:50:27 2010 Successful ARP Flush on interface [34] {F3F5E8A1-1797-4FA8-902E-3895A2163148} Tue Aug 10 18:50:32 2010 TEST ROUTES: 0/0 succeeded len=-1 ret=1 a=0 u/d=up Tue Aug 10 18:50:32 2010 Initialization Sequence Completed[/code]

Windows 7路由表: 

 IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.71.1 192.168.71.160 20 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 169.254.0.0 255.255.0.0 On-link 169.254.100.145 276 169.254.100.145 255.255.255.255 On-link 169.254.100.145 276 169.254.255.255 255.255.255.255 On-link 169.254.100.145 276 172.16.41.0 255.255.255.0 On-link 172.16.41.209 286 172.16.41.209 255.255.255.255 On-link 172.16.41.209 286 172.16.41.255 255.255.255.255 On-link 172.16.41.209 286 192.168.71.0 255.255.255.0 On-link 192.168.71.160 276 192.168.71.160 255.255.255.255 On-link 192.168.71.160 276 192.168.71.255 255.255.255.255 On-link 192.168.71.160 276 192.168.237.0 255.255.255.0 On-link 192.168.237.1 276 192.168.237.1 255.255.255.255 On-link 192.168.237.1 276 192.168.237.255 255.255.255.255 On-link 192.168.237.1 276 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.71.160 276 224.0.0.0 240.0.0.0 On-link 169.254.100.145 276 224.0.0.0 240.0.0.0 On-link 192.168.237.1 276 224.0.0.0 240.0.0.0 On-link 172.16.41.209 286 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.71.160 276 255.255.255.255 255.255.255.255 On-link 169.254.100.145 276 255.255.255.255 255.255.255.255 On-link 192.168.237.1 276 255.255.255.255 255.255.255.255 On-link 172.16.41.209 286 ===========================================================================

(你可以忽略这些路由,就像运行在同一台机器上的VMware工作站一样: – 192.168.237.0/24 – 169.254.0.0/16)

Windows XP日志: 

 Tue Aug 10 19:01:04 2010 OpenVPN 2.1.1 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Dec 11 2009 Tue Aug 10 19:01:06 2010 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Tue Aug 10 19:01:06 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Tue Aug 10 19:01:07 2010 LZO compression initialized Tue Aug 10 19:01:07 2010 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ] Tue Aug 10 19:01:07 2010 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ] Tue Aug 10 19:01:07 2010 Local Options hash (VER=V4): '31fdf004' Tue Aug 10 19:01:07 2010 Expected Remote Options hash (VER=V4): '3e6d1056' Tue Aug 10 19:01:07 2010 Attempting to establish TCP connection with 192.168.71.25:1194 Tue Aug 10 19:01:07 2010 TCP connection established with 192.168.71.25:1194 Tue Aug 10 19:01:07 2010 Socket Buffers: R=[8192->8192] S=[8192->8192] Tue Aug 10 19:01:07 2010 TCPv4_CLIENT link local: [undef] Tue Aug 10 19:01:07 2010 TCPv4_CLIENT link remote: 192.168.71.25:1194 Tue Aug 10 19:01:07 2010 TLS: Initial packet from 192.168.71.25:1194, sid=983b94eb 87732d38 Tue Aug 10 19:01:07 2010 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Tue Aug 10 19:01:07 2010 VERIFY OK: depth=1, /C=IT/O=efw/CN=efw_CA Tue Aug 10 19:01:07 2010 VERIFY OK: depth=0, /C=IT/O=efw/CN=127.0.0.1 Tue Aug 10 19:01:07 2010 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Tue Aug 10 19:01:07 2010 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Aug 10 19:01:07 2010 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Tue Aug 10 19:01:07 2010 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Aug 10 19:01:07 2010 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Tue Aug 10 19:01:07 2010 [127.0.0.1] Peer Connection Initiated with 192.168.71.25:1194 Tue Aug 10 19:01:09 2010 SENT CONTROL [127.0.0.1]: 'PUSH_REQUEST' (status=1) Tue Aug 10 19:01:10 2010 PUSH: Received control message: 'PUSH_REPLY,ifconfig 172.16.41.201 255.255.255.0,dhcp-option DOMAIN pluimers.com,ping-restart 30,ping 8,route-gateway 172.16.41.1,route-gateway 172.16.41.1' Tue Aug 10 19:01:10 2010 OPTIONS IMPORT: timers and/or timeouts modified Tue Aug 10 19:01:10 2010 OPTIONS IMPORT: --ifconfig/up options modified Tue Aug 10 19:01:10 2010 OPTIONS IMPORT: route-related options modified Tue Aug 10 19:01:10 2010 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Tue Aug 10 19:01:10 2010 TAP-WIN32 device [Local Area Connection 3] opened: \\.\Global\{C4752F65-93BA-4DED-A1FE-2633F1481ABF}.tap Tue Aug 10 19:01:10 2010 TAP-Win32 Driver Version 9.6 Tue Aug 10 19:01:10 2010 TAP-Win32 MTU=1500 Tue Aug 10 19:01:10 2010 Notified TAP-Win32 driver to set a DHCP IP/netmask of 172.16.41.201/255.255.255.0 on interface {C4752F65-93BA-4DED-A1FE-2633F1481ABF} [DHCP-serv: 172.16.41.0, lease-time: 31536000] Tue Aug 10 19:01:10 2010 Successful ARP Flush on interface [2] {C4752F65-93BA-4DED-A1FE-2633F1481ABF} Tue Aug 10 19:01:15 2010 TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down Tue Aug 10 19:01:15 2010 Route: Waiting for TUN/TAP interface to come up... Tue Aug 10 19:01:18 2010 TEST ROUTES: 0/0 succeeded len=-1 ret=1 a=0 u/d=up Tue Aug 10 19:01:18 2010 Initialization Sequence Completed

XP路由表: 

 =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.237.2 192.168.237.128 10 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 172.16.41.0 255.255.255.0 172.16.41.201 172.16.41.201 30 172.16.41.201 255.255.255.255 127.0.0.1 127.0.0.1 30 172.16.255.255 255.255.255.255 172.16.41.201 172.16.41.201 30 192.168.237.0 255.255.255.0 192.168.237.128 192.168.237.128 10 192.168.237.128 255.255.255.255 127.0.0.1 127.0.0.1 10 192.168.237.255 255.255.255.255 192.168.237.128 192.168.237.128 10 224.0.0.0 240.0.0.0 172.16.41.201 172.16.41.201 30 224.0.0.0 240.0.0.0 192.168.237.128 192.168.237.128 10 255.255.255.255 255.255.255.255 172.16.41.201 172.16.41.201 1 255.255.255.255 255.255.255.255 192.168.237.128 192.168.237.128 1 Default Gateway: 192.168.237.2 ===========================================================================

任何人有一个想法出了什么问题?

–jeroen

那么我面临同样的问题。 尝试了所有的东西,如启用文件共享,设置相同的工作组等。没有什么帮助,但这:

我注意到设备pipe理器中有多个networking适配器。 所有被隐藏,所以必须点击查看并启用隐藏的设备。

他们都被命名为… 4to6适配器。 当我删除所有这些适配器时,我的文件/打印机共享和XP客户端networking重新启动后开始工作。 如果这些适配器数量巨大,则必须将其全部删除。 它可以使用适当的(32或64位版本)工具DEVCON.EXE(它是Windows驱动程序工具包的一部分 – 下载详细信息:Windows驱动程序工具包版本7.1.0)完成。 更多可以在这里findDevCon命令行实用程序作为设备pipe理器的替代function。

我在这里find了这个解决scheme: http : //ryanvictory.com/posts/automating-6to4-adapter-removal-in-windows/

我解决了我的问题:这是一个testing用例错误。

Windows XP连接到物理Endian框。
Windows 7 x64连接到虚拟Endian框。

虚拟机在VMware ESX / ESXi上运行,使用虚拟networking交换机。
我忘记为该开关启用混杂模式 。

启用它可以解决问题。

–jeroen