Temat: Połącznie oVPN między 2 ma routerami Openwrt - Problem!
Hej napotkałem pewien problem podczas łączenia 2 routerów przy pomocy open VPN w jedna dużą sieć LAN.
Vpn się łączy ale jakoś nie działa do końca dobrze.
Mianowicie udało mi się nawiązać połączenie między routerem Klienckim a routerem Serwerowym oraz całą siecią routera serwera.
Lecz nie mogę z Serwera połączyć się ani do klienckiego routera ani z siecią klienta...
Sieć Serwera Openvpn:
192.168.2.0 255.255.255.0Sieć Klienta Openvpn:
192.168.0.0 255.255.255.0Ping Kienta openvpn do urządzen w sieci serwera i samego serwera:
root@OpenWrt:~# ping 192.168.2.1
PING 192.168.2.1 (192.168.2.1): 56 data bytes
64 bytes from 192.168.2.1: seq=0 ttl=64 time=28.164 ms
64 bytes from 192.168.2.1: seq=1 ttl=64 time=28.662 ms
^C
--- 192.168.2.1 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 28.164/28.413/28.662 ms
root@OpenWrt:~# ping 192.168.2.2
PING 192.168.2.2 (192.168.2.2): 56 data bytes
64 bytes from 192.168.2.2: seq=0 ttl=63 time=34.417 ms
64 bytes from 192.168.2.2: seq=1 ttl=63 time=32.598 ms
^C
--- 192.168.2.2 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 32.598/33.507/34.417 ms
root@OpenWrt:~# ping 192.168.2.3
PING 192.168.2.3 (192.168.2.3): 56 data bytes
64 bytes from 192.168.2.3: seq=0 ttl=63 time=28.792 ms
64 bytes from 192.168.2.3: seq=1 ttl=63 time=28.746 ms
^C
--- 192.168.2.3 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 28.746/28.769/28.792 msPing Serwera Openvpn do sieci klienta:
root@Szrot:~# ping 192.168.0.1
PING 192.168.0.1 (192.168.0.1): 56 data bytes
^C
--- 192.168.0.1 ping statistics ---
10 packets transmitted, 0 packets received, 100% packet loss
root@Szrot:~# ping 192.168.0.101
PING 192.168.0.101 (192.168.0.101): 56 data bytes
^C
--- 192.168.0.101 ping statistics ---
2 packets transmitted, 0 packets received, 100% packet lossKonfiguracja Openvpn servera:
config openvpn 'Bubello'
option dev 'tun1'
option proto 'udp'
option log '/tmp/openvpn.log'
option verb '3'
option ca '<klucz>'
option cert '<klucz>'
option key '<klucz>'
option keepalive '10 120'
option dh '<klucz>'
option tls_auth '<klucz> 0'
option key_direction '0'
option cipher 'AES-128-CBC'
option server '10.8.1.0 255.255.255.0'
list push 'route 192.168.2.0 255.255.255.0'
option port '<Port>'
option persist_tun '1'
option persist_key '1'
option persist_local_ip '1'
option persist_remote_ip '1'
option route '192.168.0.0 255.255.255.0'
option comp_lzo 'yes'
option fast_io '1'
option client_to_client '1'
option enabled '1'Konfiguracja Openvpn Klienta:
config openvpn 'Bubello_cl'
option float '1'
option client '1'
option reneg_sec '0'
option verb '3'
option persist_key '1'
option nobind '1'
option cert '<klucz>'
option key '<klucz>'
option ca '<klucz>'
option tls_client '1'
option pull '1'
option fast_io '1'
option log '/tmp/openvpn.log'
option dev 'tun'
option remote '<Host>'
option port '<Port>'
option enabled '1'
option tls_auth '<klucz> 1'
option comp_lzo 'yes'
option cipher 'AES-128-CBC'
option persist_remote_ip '1'Ustawienia FW servera:
config zone
option name 'Bubello'
option network 'VPN1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option masq '1'
config forwarding
option dest 'lan'
option src 'Bubello'
config forwarding
option dest 'Bubello'
option src 'lan'Ustawienia FW Klienta:
config zone
option input 'ACCEPT'
option output 'ACCEPT'
option name 'Vpn'
option forward 'ACCEPT'
option network 'VPN'
option family 'ipv4'
option masq '1'
option mtu_fix '1'
config forwarding
option dest 'lan'
option src 'Vpn'
config forwarding
option dest 'Vpn'
option src 'lan'