Привет всем!!!
Может кто-нибудь поможет решить мою задачу.
Есть роутер Asus RT-N65U на нем есть OpenVPN клиент. Я использую анонимны OpenVPN и хочу его прописать в своем роутере. Подключение OpenVPN происходит, на роутере интернет есть если прописать DSN в resolv.conf вручную, а на notebook нету. Может нужно прописать nat?
Файлы конфигурации находятся
/etc/storage/openvpn/client/Подключаюсь к OpenVPN командой
openvpn --config /etc/storage/openvpn/client/ro_gh.ovpnПодключение проходит хорошо за вычетом одного не жует команду explicit-exit-notify 2, но я просто закоментировал. Насколько я понял не существенная команда и особо не на что не влияет. Без этой команды подключение происходит хорошо.
Настройка router и DHCP servera router
Таблица маршрутизации до подключения
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 178.125.0.1 0.0.0.0 UG 0 0 0 ppp0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
178.125.0.1 * 255.255.255.255 UH 0 0 0 ppp0
192.168.1.0 * 255.255.255.0 U 0 0 0 br0
Сетевые интерфейсы до подключения
br0 Link encap:Ethernet HWaddr ***
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3565727 errors:0 dropped:0 overruns:0 frame:0
TX packets:7177324 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:456099849 (434.9 MiB) TX bytes:9056329478 (8.4 GiB)
eth2 Link encap:Ethernet HWaddr ***
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:34289372 errors:0 dropped:0 overruns:0 frame:0
TX packets:35553336 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:30789431658 (28.6 GiB) TX bytes:13457034276 (12.5 GiB)
Interrupt:3
eth2.1 Link encap:Ethernet HWaddr ***
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3576980 errors:0 dropped:0 overruns:0 frame:0
TX packets:7206227 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:456823572 (435.6 MiB) TX bytes:9057829722 (8.4 GiB)
eth2.2 Link encap:Ethernet HWaddr ***
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:30174530 errors:0 dropped:0 overruns:0 frame:0
TX packets:27677697 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:30102927907 (28.0 GiB) TX bytes:3118075059 (2.9 GiB)
eth2.3 Link encap:Ethernet HWaddr ***
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MULTICAST MTU:16436 Metric:1
RX packets:14913 errors:0 dropped:0 overruns:0 frame:0
TX packets:14913 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1764276 (1.6 MiB) TX bytes:1764276 (1.6 MiB)
ppp0 Link encap:Point-to-Point Protocol
inet addr:178.125.134.40 P-t-P:178.125.0.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING MULTICAST MTU:1492 Metric:1
RX packets:29506237 errors:0 dropped:0 overruns:0 frame:0
TX packets:27194406 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:2682752710 (2.4 GiB) TX bytes:2477658023 (2.3 GiB)
ra0 Link encap:Ethernet HWaddr ***
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:4
rai0 Link encap:Ethernet HWaddr ***
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4087344 errors:0 dropped:0 overruns:0 frame:0
TX packets:7817276 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:549829287 (524.3 MiB) TX bytes:10023499441 (9.3 GiB)
Файл конфигурации DNS resolv.conf
nameserver 127.0.0.1
nameserver 93.85.251.4
nameserver 193.232.248.45
Команда traceroute до подключение с router к yandex.by
traceroute to yandex.by (77.88.21.11), 30 hops max, 38 byte packets
1 * mm-1-0-125-178.minskobl.dynamic.pppoe.byfly.by (178.125.0.1) 33.920 ms *
2 100ge.core.belpak.by (93.85.81.49) 27.660 ms 24.621 ms 24.572 ms
3 mgts.10g.net.belpak.by (93.85.253.129) 27.930 ms 27.258 ms 27.384 ms
4 ie1.net.belpak.by (93.85.80.38) 105.782 ms 27.403 ms 72.105 ms
5 asbr3.net.belpak.by (93.85.80.74) 25.908 ms 24.830 ms 23.094 ms
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
Файл конфигурации ro_gh.ovpn:
client
remote ro.openvpn.cyberghostvpn.com 443
dev tun
proto udp
auth-user-pass login.conf
resolv-retry infinite
redirect-gateway def1
persist-key
persist-tun
nobind
cipher AES-256-CBC
auth MD5
ping 5
ping-exit 60
ping-timer-rem
#explicit-exit-notify 2
script-security 2
remote-cert-tls server
route-delay 5
tun-mtu 1500
fragment 1300
mssfix 1300
verb 4
comp-lzo
Лог подключения Openvpn
Thu Jun 19 17:57:20 2014 us=677980 OpenVPN 2.3.3 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Apr 12 2014
Thu Jun 19 17:57:20 2014 us=678973 WARNING: file 'login.conf' is group or others accessible
Thu Jun 19 17:57:20 2014 us=685154 LZO compression initialized
Thu Jun 19 17:57:20 2014 us=686194 Control Channel MTU parms [ L:1558 D:138 EF:38 EB:0 ET:0 EL:0 ]
Thu Jun 19 17:57:20 2014 us=687048 Socket Buffers: R=[163840->131072] S=[163840->131072]
Thu Jun 19 17:57:20 2014 us=743973 Data Channel MTU parms [ L:1558 D:1300 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
Thu Jun 19 17:57:20 2014 us=744196 Fragmentation MTU parms [ L:1558 D:1300 EF:57 EB:135 ET:1 EL:0 AF:3/1 ]
Thu Jun 19 17:57:20 2014 us=744364 UDPv4 link local: [undef]
Thu Jun 19 17:57:20 2014 us=744556 UDPv4 link remote: [AF_INET]109.163.225.177:443
Thu Jun 19 17:57:20 2014 us=843373 TLS: Initial packet from [AF_INET]109.163.225.177:443, sid=f0f7c65c 91c4af8f
Thu Jun 19 17:57:20 2014 us=844220 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Thu Jun 19 17:57:21 2014 us=327423 VERIFY OK: depth=1, C=DE, O=CyberGhost VPN, OU=CyberGhost, CN=CyberGhost
Thu Jun 19 17:57:21 2014 us=351591 Validating certificate key usage
Thu Jun 19 17:57:21 2014 us=351807 ++ Certificate has key usage 00a0, expects 00a0
Thu Jun 19 17:57:21 2014 us=351951 VERIFY KU OK
Thu Jun 19 17:57:21 2014 us=352127 Validating certificate extended key usage
Thu Jun 19 17:57:21 2014 us=352301 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Thu Jun 19 17:57:21 2014 us=352425 VERIFY EKU OK
Thu Jun 19 17:57:21 2014 us=352557 VERIFY OK: depth=0, C=RO, ST=RO, L=Bucharest, O=CyberGhost VPN, OU=CyberGhost, CN=CyberGhost, name=CyberGhost VPN, emailAddress=webmaster@cyberghostvpn.com
Thu Jun 19 17:57:23 2014 us=668709 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Thu Jun 19 17:57:23 2014 us=668952 Data Channel Encrypt: Using 128 bit message hash 'MD5' for HMAC authentication
Thu Jun 19 17:57:23 2014 us=669099 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Thu Jun 19 17:57:23 2014 us=669244 Data Channel Decrypt: Using 128 bit message hash 'MD5' for HMAC authentication
Thu Jun 19 17:57:23 2014 us=669716 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Thu Jun 19 17:57:23 2014 us=670035 [CyberGhost] Peer Connection Initiated with [AF_INET]109.163.225.177:443
Thu Jun 19 17:57:25 2014 us=846848 SENT CONTROL [CyberGhost]: 'PUSH_REQUEST' (status=1)
Thu Jun 19 17:57:25 2014 us=978427 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 95.169.183.219,dhcp-option DNS 89.41.60.38,dhcp-option DNS 37.221.175.198,comp-lzo yes,route 10.129.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.129.9.114 10.129.9.113'
Thu Jun 19 17:57:25 2014 us=979579 OPTIONS IMPORT: timers and/or timeouts modified
Thu Jun 19 17:57:25 2014 us=979744 OPTIONS IMPORT: LZO parms modified
Thu Jun 19 17:57:25 2014 us=979841 OPTIONS IMPORT: --ifconfig/up options modified
Thu Jun 19 17:57:25 2014 us=979934 OPTIONS IMPORT: route options modified
Thu Jun 19 17:57:25 2014 us=980028 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Thu Jun 19 17:57:26 2014 us=23540 TUN/TAP device tun0 opened
Thu Jun 19 17:57:26 2014 us=23795 TUN/TAP TX queue length set to 100
Thu Jun 19 17:57:26 2014 us=23990 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Thu Jun 19 17:57:26 2014 us=24337 /sbin/ifconfig tun0 10.129.9.114 pointopoint 10.129.9.113 mtu 1500
Thu Jun 19 17:57:31 2014 us=250819 /sbin/route add -net 109.163.225.177 netmask 255.255.255.255 gw 178.125.0.1
Thu Jun 19 17:57:31 2014 us=257374 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.129.9.113
Thu Jun 19 17:57:31 2014 us=262858 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.129.9.113
Thu Jun 19 17:57:31 2014 us=268633 /sbin/route add -net 10.129.0.1 netmask 255.255.255.255 gw 10.129.9.113
Thu Jun 19 17:57:31 2014 us=274045 Initialization Sequence Completed
Таблица маршрутизации после подключения по OpenVPN
Destination Gateway Genmask Flags Metric Ref Use Iface
default 10.129.9.113 128.0.0.0 UG 0 0 0 tun0
default 178.125.0.1 0.0.0.0 UG 0 0 0 ppp0
10.129.0.1 10.129.9.113 255.255.255.255 UGH 0 0 0 tun0
10.129.9.113 * 255.255.255.255 UH 0 0 0 tun0
109.163.225.177 178.125.0.1 255.255.255.255 UGH 0 0 0 ppp0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
128.0.0.0 10.129.9.113 128.0.0.0 UG 0 0 0 tun0
178.125.0.1 * 255.255.255.255 UH 0 0 0 ppp0
192.168.1.0 * 255.255.255.0 U 0 0 0 br0
Сетевые интерфейсы после подключения
br0 Link encap:Ethernet HWaddr ***
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3563495 errors:0 dropped:0 overruns:0 frame:0
TX packets:7173714 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:455890074 (434.7 MiB) TX bytes:9052608415 (8.4 GiB)
eth2 Link encap:Ethernet HWaddr ***
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:34266442 errors:0 dropped:0 overruns:0 frame:0
TX packets:35531475 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:30767906125 (28.6 GiB) TX bytes:13449337613 (12.5 GiB)
Interrupt:3
eth2.1 Link encap:Ethernet HWaddr ***
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3574706 errors:0 dropped:0 overruns:0 frame:0
TX packets:7202557 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:456609745 (435.4 MiB) TX bytes:9054105545 (8.4 GiB)
eth2.2 Link encap:Ethernet HWaddr ***
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:30153991 errors:0 dropped:0 overruns:0 frame:0
TX packets:27659518 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:30081752042 (28.0 GiB) TX bytes:3114279454 (2.9 GiB)
eth2.3 Link encap:Ethernet HWaddr ***
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MULTICAST MTU:16436 Metric:1
RX packets:14909 errors:0 dropped:0 overruns:0 frame:0
TX packets:14909 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1763904 (1.6 MiB) TX bytes:1763904 (1.6 MiB)
ppp0 Link encap:Point-to-Point Protocol
inet addr:178.125.134.40 P-t-P:178.125.0.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING MULTICAST MTU:1492 Metric:1
RX packets:29485720 errors:0 dropped:0 overruns:0 frame:0
TX packets:27176233 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:2662030058 (2.4 GiB) TX bytes:2474266736 (2.3 GiB)
ra0 Link encap:Ethernet HWaddr ***
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:4
rai0 Link encap:Ethernet HWaddr ***
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4085102 errors:0 dropped:0 overruns:0 frame:0
TX packets:7813710 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:549569679 (524.1 MiB) TX bytes:10019787071 (9.3 GiB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.129.9.114 P-t-P:10.129.9.113 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:55313 errors:0 dropped:0 overruns:0 frame:0
TX packets:50549 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:56356852 (53.7 MiB) TX bytes:5413757 (5.1 MiB)
Изначально Traceroute не проходи, но после добавление в resolv.conf DNS взятых из строки подключения к OpenVPN
Thu Jun 19 17:57:25 2014 us=978427 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 95.169.183.219,dhcp-option DNS 89.41.60.38,dhcp-option DNS 37.221.175.198,comp-lzo yes,route 10.129.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.129.9.114 10.129.9.113'
nameserver 95.169.183.219
nameserver 89.41.60.38
nameserver 37.221.175.198
Traceroute проходитКоманда traceroute после подключение с router к yandex.by
traceroute to yandex.by (77.88.21.11), 30 hops max, 38 byte packets
1 10.129.0.1 (10.129.0.1) 87.319 ms 83.986 ms 83.141 ms
2 buc-ird-17sw.voxility.net (93.115.94.145) 93.153 ms 84.706 ms 84.084 ms
3 buc-ird-01c.voxility.net (93.115.83.237) 84.125 ms 83.709 ms 84.084 ms
4 buc-ird-03gw.voxility.net (109.163.235.153) 84.104 ms buc-ird-01gw.voxility.net (109.163.235.57) 84.331 ms buc-ird-04gw.voxility.net (109.163.235.61) 83.920 ms
5 fra-anc-04gw.voxility.net (195.60.76.66) 115.408 ms 116.148 ms fra-anc-02gw.voxility.net (109.163.235.130) 116.392 ms
6 fra-anc-06gw.voxility.net (93.115.89.6) 116.221 ms fra-anc-06gw.voxility.net (93.115.88.138) 116.342 ms fra-anc-06gw.voxility.net (93.115.89.6) 117.244 ms
7 de-cix1.RT.ACT.FKT.DE.retn.net (80.81.192.73) 115.557 ms 116.097 ms 116.898 ms
8 ae0-7.RT.TC2.AMS.NL.retn.net (87.245.233.78) 123.185 ms 122.369 ms 123.160 ms
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
Тема: Router Asus RT-N65U (rt-n56u) and OpenVPN (Прочитано 5421 раз)
