服务器 Gind.cn
  1. 服务器 Gind.cn
  3. VPN:错误:Linux路由添加命令失败
Intereting Posts
在虚拟化环境中处理fork炸弹XenServer /“FreeBSD jails” 将.p7b键转换为.pfx Rsyslog.conf禁用mail.info和/或禁用后缀报告 自动化Linux更新的最佳实践 Apache Web服务器间歇性地服务403:“由Options指令禁止的目录索引”和304 validation与UDP端口上的服务器的连接 如何在BlackBerry Enterprise Server上导入策略 英特尔直接IO的Vt-d技术有什么好处? 我需要做什么才能让Windows 7以德语运行? Bugzilla与SSL 由于缺lessSystem.Web.Helpers,IIS 7无法运行ASP.NET MVC应用程序 我可以在ModSecurity中使用什么规则来logging特定站点的POST负载? 改变物理path给出空白主页 油漆的后端重量 什么是默认的来源,当 – 源未指定?

VPN:错误:Linux路由添加命令失败

我已经configuration了一个VPN服务器 

local 192.168.0.250 dev tun proto udp port 1194 ca /etc/openvpn/easy-rsa/keys/ca.crt cert /etc/openvpn/easy-rsa/keys/server-vpn.crt key /etc/openvpn/easy-rsa/keys/server-vpn.key dh /etc/openvpn/easy-rsa/keys/dh1024.pem server 10.8.0.0 255.255.255.0 ifconfig 10.8.0.1 10.8.0.2 push "route 10.8.0.1 255.255.255.255" push "route 10.8.0.0 255.255.255.0" push "route 192.168.0.250 255.255.255.0" push "dhcp-option DNS 8.8.8.8" push "redirect-gateway def1" client-to-client duplicate-cn keepalive 10 120 tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0 cipher AES-128-CBC comp-lzo user nobody group nogroup persist-key persist-tun status /var/log/openvpn-status.log 20 log /var/log/openvpn.log verb 1

当使用此命令从linuxterminal连接到openvpn客户端时: 

 openvpn --config /home/user/myfile.ovpn

我有这个错误: 

 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec 1 2014 Control Channel Authentication: tls-auth using INLINE static key file UDPv4 link local: [undef] UDPv4 link remote: [AF_INET]xx.xx.xx.xx:1194 [server-vpn] Peer Connection Initiated with [AF_INET]xx.xx.xx.xx:1194 TUN/TAP device tun0 opened do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 /sbin/ip link set dev tun0 up mtu 1500 /sbin/ip addr add dev tun0 local 10.8.0.14 peer 10.8.0.13 RTNETLINK answers: Invalid argument ERROR: Linux route add command failed: external program exited with error status: 2 RTNETLINK answers: File exists ERROR: Linux route add command failed: external program exited with error status: 2 Initialization Sequence Completed

以下路线是错误的。 您不能添加前两个(也不需要手动添加),因为它们是您configuration的隧道的vpn ip范围。 (这两个也是多余的,因为10.8.0.1是10.8.0.0networking的一部分。)第三个是你的本地networking,将被自动添加。 所以,全部删除,看看。 

 push "route 10.8.0.1 255.255.255.255" push "route 10.8.0.0 255.255.255.0" push "route 192.168.0.250 255.255.255.0"

请参阅: https : //openvpn.net/index.php/open-source/documentation/howto.html

推送路由用于添加到其他私有子网的路由。 

 # Push routes to the client to allow it # to reach other private subnets behind # the server. Remember that these # private subnets will also need # to know to route the OpenVPN client # address pool (10.8.0.0/255.255.255.0) # back to the OpenVPN server. ;push "route 192.168.10.0 255.255.255.0" ;push "route 192.168.20.0 255.255.255.0"