客户端物理IP:192.168.1.108 客户端VPN分配IP:10.8.0.6
服务器路由表:
客户端路由表:
server 配置档:
port 1194
proto tcp
dev tun
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
;crl-verify vpncrl.pem
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.0.0 255.0.0.0"
;push "redirect-gateway"
client-to-client
;duplicate-cn
keepalive 10 120
tls-auth ta.key 0 # This file is secret
comp-lzo
;max-clients 100
;user nobody
;group nobody
persist-key
persist-tun
status openvpn-status.log
verb 3
client配置档:
client
dev tun
proto tcp
remote 183.131.xx.xx 6004
resolv-retry infinite
nobind
;user nobody
;group nobody
persist-key
persist-tun
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
ca ca.crt
cert client.crt
key client.key
ns-cert-type server
tls-auth ta.key 1
comp-lzo
# Set log file verbosity.
verb 4
问题:
无法ping通10.0.0.1
无法ping通192.168.0.*网段
客户端物理IP:192.168.1.108 客户端VPN分配IP:10.8.0.6
首先测试是否可以ping通10.8.0.1,如果ping通证明VPN已经搭建成功了一半。因为10.8.0.1和192.168.0.2是通过nat的,所以如果ping服务器没有ping通就是nat不成功。和你的第一个问题没有任何关系。