openvpn - OpenVPN 客户端作为互联网网关

问题描述

如何使 VPN 客户端成为网关？

那些。来自服务器的请求必须通过连接的客户端。

我现在有：

客户端.ovpn

client
dev tun
proto tcp
remote X.X.X.X 1194
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-CBC
auth SHA256
verb 3
key-direction 1
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
<ca>...</ca>
<cert>...</cert>
<key>...</key>
<tls-auth>...</tls-auth>

服务器配置文件

port 1194
proto tcp
dev tun
ca ca.crt
cert server.crt
key server.key                                   
dh dh.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist /var/log/openvpn/ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
tls-auth ta.key 0                      
cipher AES-256-CBC
auth SHA256
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
verb 3
explicit-exit-notify 0

使用此配置，来自服务器的请求不会通过。

ping 8.8.8.8 -I tun0
PING 8.8.8.8 (8.8.8.8) from 10.8.0.1 tun0: 56(84) bytes of data.

curl --interface tun0 -v ipinfo.io
* Rebuilt URL to: ipinfo.io/
*   Trying 216.239.38.21...
* TCP_NODELAY set

任何意见，将不胜感激。

标签： openvpn