服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 设置PPTP VPN服务器,不能访问远程主机
Intereting Posts
nginx,别名,php-fpm =未find文件 如何自定义MPM在apache上获得最佳性能? AWS Elasticache Redis实施上的缺省生存时间(TTL) 将AWS资源移至另一个帐户 将strace连接到100%CPU Apache进程 – 输出 什么会导致成功的文件传输有校验和不匹配? 从ASP.net和桌面应用程序连接到SQL Server的不同之处在CAL方面? 用于videostream的VPN CloudFormation脚本 – 引用早期创build的安全组 状态ESTABLISHED,相关的解决方法允许下载? packet_write_wait:MacOS Sierra SSH上的Broken Pipe错误到Amazon EC2 Amazon Linux服务器 – 将时间更改为英国夏令时? Apache不会popuphtpasswdauthentication 在Apache2中使用Ruby代替PHP qdel删除了我所有的工作

设置PPTP VPN服务器,不能访问远程主机

我试图在工业ProRoute M2M 4G路由器上build立VPN服务器。 我的目标是客户端能够在VPN上login,并能够在路由器局域网上的“本地”主机上运行。 我的第一个挑战来自路由器configuration页面上模糊的PPTP服务器设置。 我已经尝试了所有我能想到的组合。 不过,下面的内容是用来产生以下输出的。

我的本地机器是192.168.1.64和我的本地网关192.168.1.254。 远程路由器有网关192.168.8.1和DHCP分配LAN地址192.168.8.100-192.168.8.200。 我正在运行Windows 7,但也尝试过使用OS X.路由器正在使用一个固定的公共IP SIM卡。

路由器设置

本地IP – 192.168.8.100-192.168.8.200

远程IP – 192.168.1.100-192.168.1.200

encryption – MPPE 128位(testing没有encryption的一切)

用户名和密码 – 设置

用户静态IP – 留为空白

远程LAN /掩码 – 192.168.8.0/24

请注意,我无法在任何地方为PPTP服务器启用DHCP。

本地客户端设置

IPv6 – 已禁用

IPv4 – 全自动,虽然静态testing结果相同,但DNS手动指向8.8.8.8/8.8.4.4(Google Public DNS),并且选中默认网关框

ipconfig输出没有VPN连接: 

Windows IP Configuration Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : gateway.2wire.net Link-local IPv6 Address . . . . . : fe80::a985:527b:f5e3:a66b%11 IPv4 Address. . . . . . . . . . . : 192.168.1.64 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.254 Tunnel adapter isatap.gateway.2wire.net: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : gateway.2wire.net Tunnel adapter Local Area Connection* 11: Connection-specific DNS Suffix . : IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:34ff:3fd9:3f57:febf Link-local IPv6 Address . . . . . : fe80::34ff:3fd9:3f57:febf%13 Default Gateway . . . . . . . . . : ::

没有VPN连接的路由打印: 

 =========================================================================== Interface List 11...44 8a 5b 61 bd d3 ......Realtek PCIe GBE Family Controller 1...........................Software Loopback Interface 1 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.64 10 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.1.0 255.255.255.0 On-link 192.168.1.64 266 192.168.1.64 255.255.255.255 On-link 192.168.1.64 266 192.168.1.255 255.255.255.255 On-link 192.168.1.64 266 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.1.64 259 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.1.64 266 =========================================================================== Persistent Routes: None IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 13 58 ::/0 On-link 1 306 ::1/128 On-link 13 58 2001::/32 On-link 13 306 2001:0:5ef5:79fd:34ff:3fd9:3f57:febf/128 On-link 11 266 fe80::/64 On-link 13 306 fe80::/64 On-link 13 306 fe80::34ff:3fd9:3f57:febf/128 On-link 11 266 fe80::a985:527b:f5e3:a66b/128 On-link 1 306 ff00::/8 On-link 13 306 ff00::/8 On-link 11 266 ff00::/8 On-link =========================================================================== Persistent Routes: None

带有VPN连接的ipconfig: 

 Windows IP Configuration PPP adapter VPN Connection: Connection-specific DNS Suffix . : IPv4 Address. . . . . . . . . . . : 192.168.1.100 Subnet Mask . . . . . . . . . . . : 255.255.255.255 Default Gateway . . . . . . . . . : 0.0.0.0 Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : gateway.2wire.net Link-local IPv6 Address . . . . . : fe80::a985:527b:f5e3:a66b%11 IPv4 Address. . . . . . . . . . . : 192.168.1.64 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.254 Tunnel adapter isatap.gateway.2wire.net: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : gateway.2wire.net Tunnel adapter Local Area Connection* 11: Connection-specific DNS Suffix . : IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:102f:dd7:3f57:fe9b Link-local IPv6 Address . . . . . : fe80::102f:dd7:3f57:fe9b%13 Default Gateway . . . . . . . . . : :: Tunnel adapter isatap.{C4127ACE-546B-4448-B79A-D0807C092C0B}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . :

使用VPN连接路由打印: 

 =========================================================================== Interface List 20...........................VPN Connection 11...44 8a 5b 61 bd d3 ......Realtek PCIe GBE Family Controller 1...........................Software Loopback Interface 1 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2 =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.64 4235 0.0.0.0 0.0.0.0 On-link 192.168.1.100 11 93.91.45.109 255.255.255.255 192.168.1.254 192.168.1.64 4236 127.0.0.0 255.0.0.0 On-link 127.0.0.1 4531 127.0.0.1 255.255.255.255 On-link 127.0.0.1 4531 127.255.255.255 255.255.255.255 On-link 127.0.0.1 4531 192.168.1.0 255.255.255.0 On-link 192.168.1.64 4491 192.168.1.64 255.255.255.255 On-link 192.168.1.64 4491 192.168.1.100 255.255.255.255 On-link 192.168.1.100 266 192.168.1.255 255.255.255.255 On-link 192.168.1.64 4491 224.0.0.0 240.0.0.0 On-link 127.0.0.1 4531 224.0.0.0 240.0.0.0 On-link 192.168.1.64 4485 224.0.0.0 240.0.0.0 On-link 192.168.1.100 11 255.255.255.255 255.255.255.255 On-link 127.0.0.1 4531 255.255.255.255 255.255.255.255 On-link 192.168.1.64 4491 255.255.255.255 255.255.255.255 On-link 192.168.1.100 266 =========================================================================== Persistent Routes: None IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 13 58 ::/0 On-link 1 306 ::1/128 On-link 13 58 2001::/32 On-link 13 306 2001:0:9d38:6abd:102f:dd7:3f57:fe9b/128 On-link 11 266 fe80::/64 On-link 13 306 fe80::/64 On-link 13 306 fe80::102f:dd7:3f57:fe9b/128 On-link 11 266 fe80::a985:527b:f5e3:a66b/128 On-link 1 306 ff00::/8 On-link 13 306 ff00::/8 On-link 11 266 ff00::/8 On-link =========================================================================== Persistent Routes: None

带有VPN连接的tracert 192.168.8.1(远程路由器网关): 

 Tracing route to 192.168.8.1 over a maximum of 30 hops 1 * * * Request timed out. 2 * * * Request timed out. 3 * * * Request timed out. 4 * * * Request timed out. 5 * * * Request timed out.

我可以成功获得VPN连接。 如果使用IP地址,我可以通过路由器访问互联网(DNS似乎不起作用)。 但是,我无法访问远程路由器LAN上的任何内部主机。

解决了! 问题是不正确的远程/本地IP范围。 确保远程IP和远程子网是客户端networking的IP范围,本地是路由器networking的IP范围。