Ubuntu11.10マシンからOpenVPNサーバーに接続しようとしています。私はそれを行うために次のコマンドを使用します(rootユーザーの下で):
openvpn --config /home/vladimir/client.ovpn
すべて問題ないようで、警告やエラーなしで正常に接続しますが、インターネットを閲覧しようとすると、まだ自分のIPアドレスを使用していることがわかり、VPN接続が機能しません。 openvpnコマンドを実行すると、特に次のメッセージが表示されます。
NOTE: unable to redirect default gateway -- Cannot read current default gateway from system
それがこの問題の原因だと思いますが、残念ながら修正方法がわかりません。
以下はopenvpnコマンドの完全な出力です:
Sat Jun 9 23:51:36 2012 OpenVPN 2.2.0 x86_64-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Jul 4 2011
Sat Jun 9 23:51:36 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sat Jun 9 23:51:36 2012 Control Channel Authentication: tls-auth using INLINE static key file
Sat Jun 9 23:51:36 2012 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Jun 9 23:51:36 2012 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Jun 9 23:51:36 2012 LZO compression initialized
Sat Jun 9 23:51:36 2012 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ]
Sat Jun 9 23:51:36 2012 Socket Buffers: R=[126976->200000] S=[126976->200000]
Sat Jun 9 23:51:36 2012 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Jun 9 23:51:36 2012 Local Options hash (VER=V4): '504e774e'
Sat Jun 9 23:51:36 2012 Expected Remote Options hash (VER=V4): '14168603'
Sat Jun 9 23:51:36 2012 UDPv4 link local: [undef]
Sat Jun 9 23:51:36 2012 UDPv4 link remote: [AF_INET]94.229.78.130:1194
Sat Jun 9 23:51:37 2012 TLS: Initial packet from [AF_INET]94.229.78.130:1194, sid=13fd921b b42072ab
Sat Jun 9 23:51:37 2012 VERIFY OK: depth=1, /CN=OpenVPN_CA
Sat Jun 9 23:51:37 2012 VERIFY OK: nsCertType=SERVER
Sat Jun 9 23:51:37 2012 VERIFY OK: depth=0, /CN=OpenVPN_Server
Sat Jun 9 23:51:38 2012 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Jun 9 23:51:38 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Jun 9 23:51:38 2012 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Jun 9 23:51:38 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Jun 9 23:51:38 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sat Jun 9 23:51:38 2012 [OpenVPN_Server] Peer Connection Initiated with [AF_INET]94.229.78.130:1194
Sat Jun 9 23:51:40 2012 SENT CONTROL [OpenVPN_Server]: 'Push_REQUEST' (status=1)
Sat Jun 9 23:51:40 2012 Push: Received control message: 'Push_REPLY,explicit-exit-notify,topology subnet,route-delay 5 30,dhcp-pre-release,dhcp-renew,dhcp-release,route-metric 101,ping 5,ping-restart 40,redirect-gateway def1,redirect-gateway bypass-dhcp,redirect-gateway autolocal,route-gateway 5.5.0.1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,register-dns,comp-lzo yes,ifconfig 5.5.117.43 255.255.0.0'
Sat Jun 9 23:51:40 2012 Unrecognized option or missing parameter(s) in [Push-OPTIONS]:4: dhcp-pre-release (2.2.0)
Sat Jun 9 23:51:40 2012 Unrecognized option or missing parameter(s) in [Push-OPTIONS]:5: dhcp-renew (2.2.0)
Sat Jun 9 23:51:40 2012 Unrecognized option or missing parameter(s) in [Push-OPTIONS]:6: dhcp-release (2.2.0)
Sat Jun 9 23:51:40 2012 Unrecognized option or missing parameter(s) in [Push-OPTIONS]:16: register-dns (2.2.0)
Sat Jun 9 23:51:40 2012 OPTIONS IMPORT: timers and/or timeouts modified
Sat Jun 9 23:51:40 2012 OPTIONS IMPORT: explicit notify parm(s) modified
Sat Jun 9 23:51:40 2012 OPTIONS IMPORT: LZO parms modified
Sat Jun 9 23:51:40 2012 OPTIONS IMPORT: --ifconfig/up options modified
Sat Jun 9 23:51:40 2012 OPTIONS IMPORT: route options modified
Sat Jun 9 23:51:40 2012 OPTIONS IMPORT: route-related options modified
Sat Jun 9 23:51:40 2012 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sat Jun 9 23:51:40 2012 ROUTE: default_gateway=UNDEF
Sat Jun 9 23:51:40 2012 TUN/TAP device tun0 opened
Sat Jun 9 23:51:40 2012 TUN/TAP TX queue length set to 100
Sat Jun 9 23:51:40 2012 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Sat Jun 9 23:51:40 2012 /sbin/ifconfig tun0 5.5.117.43 netmask 255.255.0.0 mtu 1500 broadcast 5.5.255.255
Sat Jun 9 23:51:45 2012 NOTE: unable to redirect default gateway -- Cannot read current default gateway from system
Sat Jun 9 23:51:45 2012 Initialization Sequence Completed
ルートコマンドの出力:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default * 0.0.0.0 U 0 0 0 ppp0
5.5.0.0 * 255.255.0.0 U 0 0 0 tun0
link-local * 255.255.0.0 U 1000 0 0 wlan0
192.168.0.0 * 255.255.255.0 U 0 0 0 wlan0
stream-ts1.net. * 255.255.255.255 UH 0 0 0 ppp0
Ifconfigコマンドの出力:
eth0 Link encap:Ethernet HWaddr 6c:62:6d:44:0d:12
inet6 addr: fe80::6e62:6dff:fe44:d12/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:54594 errors:0 dropped:0 overruns:0 frame:0
TX packets:59897 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:44922107 (44.9 MB) TX bytes:8839969 (8.8 MB)
Interrupt:41 Base address:0x8000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:4561 errors:0 dropped:0 overruns:0 frame:0
TX packets:4561 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:685425 (685.4 KB) TX bytes:685425 (685.4 KB)
ppp0 Link encap:Point-to-Point Protocol
inet addr:213.206.63.44 P-t-P:213.206.34.4 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:53577 errors:0 dropped:0 overruns:0 frame:0
TX packets:58892 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:43667387 (43.6 MB) TX bytes:7504776 (7.5 MB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:5.5.117.43 P-t-P:5.5.117.43 Mask:255.255.0.0
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
wlan0 Link encap:Ethernet HWaddr 00:27:19:f6:b5:cf
inet addr:192.168.0.1 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::227:19ff:fef6:b5cf/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:12079 errors:0 dropped:0 overruns:0 frame:0
TX packets:11178 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1483691 (1.4 MB) TX bytes:4307899 (4.3 MB)
だから私の質問は-OpenVPNリダイレクトをデフォルトゲートウェイにする方法は?
ありがとう!
私はこの問題の理由を見つけました。 OpenVPNは、route
コマンドで表示されなかったため、デフォルトゲートウェイを検出できませんでした。解決策は、PPP接続が確立された後にデフォルトゲートウェイを設定することです:
ip route replace default via 213.206.63.44 dev ppp0
まず、ターミナルで次のようにゲートウェイを表示する必要があります。
/sbin/ip addr show ppp0 | grep peer | awk ' { print $4 } ' | sed 's/\/32//'
次に、ターミナルで使用します。
ip route replace default via xx:xx:xx:xx dev ppp0
Xx:xx ...をステップ1で見つかったゲートウェイに置き換えます。
から見た ここ