Ïðîáëåìû ñ OpenVPN. Ïðîøó ïîìîùè!

**FilimoniC** · 22-07-2011, 07:21

Originally Posted by ANVIL

Åñòü ñåòü ïðîâàéäåðà - WAN ðîóòåðà.
Åñòü ëîêàëêà, ïîðòû íà ðîóòåðå - LAN
Â ñåòè ïðîâàéäåðà ñòîèò ñåðâåð OpenVPN.
Â ñåòè ïðîâàéäåðà âûäåëåííûå Ip àäðåñà (èëè DHCP, íå âàæíî).
Â ñåòè LAN íåò èíòåðíåòà, åñòü òîëüêî ñåòü ïðîâàéäåðà.
Íà ñåðâåðå OpenVPN åñòü èíòåðíåò.
Çàäà÷à ïîäêëþ÷èòüñÿ ê ñåðâåðó ñ OpenVPN è ðàçäàâàòü ðîóòåðîì èíòåðíåò â ñåòü LAN. Ñòðóêòóðà êàê ïðè PPPT + static.
Ñåé÷àñ ó ìåíÿ ðîóòåð ïîäêëþ÷àåòñÿ ê ñåòè OpenVPN íî èç LAN ïîïàñòü â èíòåðíåò íå óäàåòñÿ. Ïðè ýòîì ñ ðîóòåðà èíòåðíåò åñòü. Åñòü ïîäîçðåíèå, ÷òî íàäî ïðîïèñàòü ëèáî NAT, ëèáî ìàðøðóò.
Íå ìîãó ïîíÿòü òî÷íî ÷òî èç ýòîãî. Ïîýòîìó ïðîøó ïîìîùè.

Ñ áóêà ÿ è òàê ìîãó ïîäêëþ÷èòüñÿ ê ñåðâåðó OpenVPN äëÿ ýòîãî ìíå íå íàäî íà ðîóòåðå ïîäíèìàòü OpenVPN. Õîòåëîñü áû ÷òîáû ðîóòåð ñàì ðàçäàâàë è-íåò.

Ïî ñóòè, ó âàñ ïîëó÷àåòñÿ àíàëîã øòàòíîãî VPN. Òàê ÷òî ëèáî êîâûðÿåì îäèí èç øòàòíûõ ñïîñîáîâ VPN, ëèáî ãóãëèì â òåìó MultiWan

**ANVIL** · 22-07-2011, 10:38

Originally Posted by FilimoniC

Ïî ñóòè, ó âàñ ïîëó÷àåòñÿ àíàëîã øòàòíîãî VPN. Òàê ÷òî ëèáî êîâûðÿåì îäèí èç øòàòíûõ ñïîñîáîâ VPN, ëèáî ãóãëèì â òåìó MultiWan

À ãäå ìîæíî ïîñìîòðåòü êàê óñòðîåí øòàòíûé VPN, êàê òàì âñå ðàáîòàåò? Õîðîøî áûëî áû, åñëè èç ñïèñêà ïîäêëþ÷åíèé ìîæíî áûëî âûáðàòü íå òîëüêî PPTP è L2TP íî è OpenVPN. Ñëûøàë ÷òî íåêîòîðûå ïðîâàéäåðû ïåðåõîäÿò íà íåãî. Ñìîòðåë MultiWan - óæ áîëüíî ñëîæíî.

Originally Posted by tempik

man iptables ... ìîæåò íàâåäåò íà ìûñëè âûâîä êîìàíäû

Code:

iptables-save

Òàì â òàáëèöå "*nat" åñòü èíòåðåñíûå ñòðîêè ....

man iptables - íè÷åãî íå âûâåëî.
Âûâîä iptables-save:

Code:

*nat
:PREROUTING ACCEPT [19829:1743590]
:POSTROUTING ACCEPT [1712:406978]
:OUTPUT ACCEPT [1423:414130]
:UPNP - [0:0]
:VSERVER - [0:0]
-A PREROUTING -d 10.10.15.34/32 -j VSERVER
-A POSTROUTING ! -s 10.10.15.34/32 -o vlan1 -j MASQUERADE
-A POSTROUTING -s 192.168.1.0/24 -d 192.168.1.0/24 -o br0 -j MASQUERADE
-A VSERVER -j UPNP
COMMIT
# Completed on Fri Jul 22 06:10:21 2011
# Generated by iptables-save v1.4.3.2 on Fri Jul 22 06:10:21 2011

Ñ iptables ïðîáîâàë ðàçáèðàòüñÿ, íî òàê íè÷åãî íå ïîëó÷èëîñü ó ìåíÿ. Ìîæåò êòî-íèáóäü âñå æå ïîìîæåò, ÷òî íàäî ïðîïèñàòü?

**tempik** · 22-07-2011, 18:41

Originally Posted by ANVIL

man iptables - íè÷åãî íå âûâåëî.
Âûâîä iptables-save:
*nat
:PREROUTING ACCEPT [19829:1743590]
:POSTROUTING ACCEPT [1712:406978]
:OUTPUT ACCEPT [1423:414130]
:UPNP - [0:0]
:VSERVER - [0:0]
-A PREROUTING -d 10.10.15.34/32 -j VSERVER
-A POSTROUTING ! -s 10.10.15.34/32 -o vlan1 -j MASQUERADE
-A POSTROUTING -s 192.168.1.0/24 -d 192.168.1.0/24 -o br0 -j MASQUERADE
-A VSERVER -j UPNP
COMMIT
# Completed on Fri Jul 22 06:10:21 2011
# Generated by iptables-save v1.4.3.2 on Fri Jul 22 06:10:21 2011

Ñ iptables ïðîáîâàë ðàçáèðàòüñÿ, íî òàê íè÷åãî íå ïîëó÷èëîñü ó ìåíÿ. Ìîæåò êòî-íèáóäü âñå æå ïîìîæåò, ÷òî íàäî ïðîïèñàòü?

man iptables íàáðàòü â ãóããëå....
à ïðèâåñòè âåñü âûâîä êîìàíäû ðåëèãèÿ íå ïîçâîëèëà? Íàäåþñü âûâîä áûë ñäåëàí â ìîìåíò êîãäà OpenVPN áûë ïîäêëþ÷åí?

**ANVIL** · 25-07-2011, 10:22

Originally Posted by tempik

man iptables íàáðàòü â ãóããëå....
à ïðèâåñòè âåñü âûâîä êîìàíäû ðåëèãèÿ íå ïîçâîëèëà? Íàäåþñü âûâîä áûë ñäåëàí â ìîìåíò êîãäà OpenVPN áûë ïîäêëþ÷åí?

Äà, êîãäà áûë ïîäíÿò OpenVPN. Âîò âûâîä ïîëíîñòüþ. Äóìàë ÷òî íóæíà òîëüêî ñåêöèÿ *nat.

Code:

# Generated by iptables-save v1.4.3.2 on Mon Jul 25 09:25:54 2011
*nat
:PREROUTING ACCEPT [882343:51046977]
:POSTROUTING ACCEPT [7233:1861117]
:OUTPUT ACCEPT [6487:1887059]
:UPNP - [0:0]
:VSERVER - [0:0]
-A PREROUTING -d 10.10.15.34/32 -j VSERVER
-A POSTROUTING ! -s 10.10.15.34/32 -o vlan1 -j MASQUERADE
-A POSTROUTING -s 192.168.1.0/24 -d 192.168.1.0/24 -o br0 -j MASQUERADE
-A VSERVER -j UPNP
COMMIT
# Completed on Mon Jul 25 09:25:54 2011
# Generated by iptables-save v1.4.3.2 on Mon Jul 25 09:25:54 2011
*mangle
:PREROUTING ACCEPT [1778726:158465796]
:INPUT ACCEPT [1543532:144631920]
:FORWARD ACCEPT [4067:277047]
:OUTPUT ACCEPT [96787:24564865]
:POSTROUTING ACCEPT [100852:24840760]
COMMIT
# Completed on Mon Jul 25 09:25:54 2011
# Generated by iptables-save v1.4.3.2 on Mon Jul 25 09:25:54 2011
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [832:75354]
:OUTPUT ACCEPT [96792:24565193]
:BRUTE - [0:0]
:MACS - [0:0]
:SECURITY - [0:0]
:UPNP - [0:0]
:logaccept - [0:0]
:logdrop - [0:0]
-A INPUT -i tun0 -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -m conntrack --ctstate INVALID -j DROP
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -m conntrack --ctstate NEW -j ACCEPT
-A INPUT -i br0 -m conntrack --ctstate NEW -j ACCEPT
-A INPUT -p udp -m udp --sport 67 --dport 68 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 --tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT
-A INPUT -p tcp -m tcp --dport 21 --tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT
-A INPUT -j DROP
-A FORWARD -i tun0 -o br0 -j ACCEPT
-A FORWARD -i br0 -o tun0 -j ACCEPT
-A FORWARD -i br0 -o br0 -j ACCEPT
-A FORWARD -m conntrack --ctstate INVALID -j DROP
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD ! -i br0 -o vlan1 -j DROP
-A FORWARD -m conntrack --ctstate DNAT -j ACCEPT
-A FORWARD -o br0 -j DROP
-A SECURITY -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 1/sec -j RETURN
-A SECURITY -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK RST -m limit --limit 1/sec -j RETURN
-A SECURITY -p udp -m limit --limit 5/sec -j RETURN
-A SECURITY -p icmp -m limit --limit 5/sec -j RETURN
-A SECURITY -j DROP
-A logaccept -m conntrack --ctstate NEW -j LOG --log-prefix "ACCEPT " --log-tcp-sequence --log-tcp-options --log-ip-options --log-macdecode
-A logaccept -j ACCEPT
-A logdrop -m conntrack --ctstate NEW -j LOG --log-prefix "DROP " --log-tcp-sequence --log-tcp-options --log-ip-options --log-macdecode
-A logdrop -j DROP
COMMIT
# Completed on Mon Jul 25 09:25:54 2011

Äëÿ ïîëíîãî ñ÷àñòüÿ íóæíî áûëî äîáàèòü â post-firewall

Code:

#!/bin/sh
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
iptables -I INPUT -i tun0 -p tcp --dport 80 -j ACCEPT

À â êîíöå âûïîëíèòü êîìàíäó:
nvram set misc_fastnat_x=0
flashfs save && flashfs commit && flashfs enable && reboot
Èíà÷å ðîóòåð áóäåò ïàäàòü ÷åðåç íåêîòîðîå âðåìÿ ïîñëå óñòàíîâêè ñîåäèíåíèÿ.

PS. Ñêîðîñòü ñêà÷èâàíèÿ ÷åðåç òàêîé êàíàë íå ïðåâûøàåò 700 kb/s, èç-çà çàãðóçêè ïðîöà â 100%. Íî äëÿ ïîâñåäíåâíîé æèçíè - õâàòàåò.

**tridog** · 08-08-2011, 13:05

Èòàê, åñòü óæàñíàÿ óáèéñòâåííàÿ ñõåìà, ñîñòîÿùàÿ èç òðåõ íåçàâèñèìûõ ïîäñåòåé:
Name: sshot-1.jpg
Views: 1234
Size: 166.1 KB

Ñåòü 10.10.10.x â äàííîì ñëó÷àå ÿâëÿåòñÿ îñíîâíîé, âåñü òðàôèê õîäèò ÷åðåç ISP#2. ISP#1 íóæåí òîëüêî äëÿ ñâÿçè ñ ñåòüþ 10.10.11.x ÷åðåç âíóòðåíþþ ñåòü ïðîâàéäåðà. Ìåæäó ñåòÿìè 10.x è 11.x ïîäíÿò OpenVPN-òóíåëü, ÷åðåç êîòîðûé è õîäèò âåñü òðàôèê ñåòè 11.x.

Ïîìèìî ýòîãî, åñòü êîðïîðàòèâíàÿ ñåòü 192.168.1.x, òóíåëü â êîòîðóþ ñäåëàí ÷åðåç vpnc (Cisco VPN Client). ×åðåç ýòîò òóíåëü îñóùåñòâëÿåòñÿ òîëüêî äîñòóï ê êîðïîðàòèâíûì ðåñóðñàì, èíòåðíåò â îáå äðóãèå ñåòè õîäèò ÷åðåç ISP#2.

Ñîáñòâåííî ïîäíÿòü òóíåëè è ðàçðóëèòü òðàôèê óæå ïîëó÷èëîñü, ãëàâíàÿ çàïàðêà çäåñü, ðàçóìååòñÿ, ñ DNS'àìè.

Äëÿ îáåèõ ïîäñåòåé íóæíî ñäåëàòü ñëåäóþùåå:

Àäðåñà âèäà *.home.local äîëæíû ðàçðåøàòüñÿ ÷åðåç ñåðâåð 10.10.10.254
Àäðåñà âèäâ *.parents.local äîëæíû ðàçðåøàòüñÿ ÷åðåç ñåðâåð 10.10.11.254
Àäðåñà âèäà *.company.com äîëæíû ðàçðåøàòüñÿ ÷åðåç ñåðâåð 192.168.1.125
Âñå îñòàëüíûå àäðåñà äîëæíû ðàçðåøàòüñÿ ÷åðåç ñåðâåð ISP#2 91.144.138.3

Çàäà÷à êîíå÷íî æå - ñäåëàòü ÷òî-òî âèäà "óñëîâíîãî ïåðåíàïðàâèòåëÿ DNS-çàïðîñîâ" íà ðîóòåðàõ 10.10.10.254 è 10.10.11.254. Âîïðîñ - êàêèì ñîôòîì è êàê.

10.10.10.254 - ýòî WNR3500L, ïðîøèâêà îò Vampik. 10.10.11.254 - ìîæíî íå îáñóæäàòü, ïîòîì ñäåëàåì ïî àíàëîãèè.

**star** · 15-08-2011, 12:31

Äîáðûé äåíü.
Íèêàê íå ìîãó ðàçîáðàòüñÿ ñ ïðîáëåìîé.
Áûë ðîóòåð WL500W, íà íåì óñòàíîâëåí OpenVPN â ðåæèìå ìîñòà, çàïóùåí igmpproxy ñ upstream, ñîîòâåòñòâóþùèì OpenVPN èíòåðôåéñó. Çàäà÷à - âèäåòü â ëîêàëêå òðàôèê Multicast, êîòîðûé ïîñòóïàåò ÷åðåç OpenVPN. Âñå ðàáîòàëî íîðìàëüíî.

Â ñâÿçè ñî ñìåðòüþ WL500 ïîä ýòî äåëî áûë êóïëåí RT-N16, ïðîøèò ïðîøèâêîé 3181, óñòàíîâëåí OpenVPN èç ðåïîçèòàðèÿ è ñêîïèðîâàíû êîíôèãè openvpn ñî ñòàðîãî ðîóòåðà. Ñîåäèíåíèå ïîäíèìàåòñÿ, âñå íîðìàëüíî, íî ïðîáëåìà â òîì, ÷òî ðîóòåð "óäâàèâàåò" ïàêåòû, ïðèíèìàåìûå ïî OpenVPN èíòåðôåéñó (ò.å. óäàëåííûé ñåðâàê îòãðóæàåò 4 ìáèò/ñ, à â ëîêàëêå ÿ âèæó 8 ìáèò/ñ). Ïðè÷åì ýòî ïðîèñõîäèò òîëüêî ñ UDP Multicast òðàôèêîì.
Â Diagnostic Info âåá ìîðäû ýòî âèäíî òàê : ïðè ïåðåäà÷å îáû÷íîãî ôàéëà ÷åðåç TCP (ñêà÷èâàåì total commander-îì ôàéë) çàãðóçêà íà èíòåðôåéñå lan(br0) òîëüêî èñõîäÿùàÿ. À ïðè ïîëó÷åíèè UDP òðàôèêà ñêîðîñòü In è Out ñîâïàäàåò (íà ãðàôèêå î÷åíü õîðîøî âèäíî).

Òàêîå îùóùåíèå, ÷òî òðàôèê ðîóòèòñÿ äâà ðàçà. Ïðè÷åì åñëè ïðèáèòü igmpproxy - òî òðàôèêà íåò âîîáùå.

Ïîäñêàæèòå, ïîæàëóéñòà, ÷òî ýòî ìîæåò áûòü? FastNAT ïðîáîâàë âêëþ÷àòü è âûêëþ÷àòü - áåç ðàçíèöû.

**as_lan** · 09-09-2011, 17:56

Òàêàÿ ïðîáëåìà.
Ïðîâàéäåð ïðåäîñòàâëÿåò èíòåðíåò ïî ADSL. Ðîóòåð ïîäíèìàåò pppoe ñîåäèíåíèå. Íî äëÿ òîãî ÷òîá ïîëüçîâàòüñÿ âíóòðåííèìè ðåñóðñàìè íàäî äîïîëíèòåëüíî ïîäêëþ÷àòüñÿ ïî openvpn, êàæäûé ðàç äåëàòü ýòî íà êîìï íàäîåëî. Ïîñòàâèë OpenVPN íà ðîóòåð. Íî íåäàâíî íà÷àë èñïîëüçîâàòü Flylink, è ïðîáëåìà â òîì ÷òî îí íå èùåò è íå çàõîäèò íà øàðû ïîëüçîâàòåëåé. ß òàê ïîíèìàþ äëÿ ýòîãî îí èñïîëüçóåò UPD ïðîòîêîë, íî ãäå òî íå ïðîõîäèò ýòî âñå. Íà äàííûé ìîìåíò ïðîïèñàë ïðàâèëî òîëüêî

iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE

Èòàê èñõîäíûå äàííûå.
èíòåðôåéñ âïí ïîíÿòíî tun0, åãî àäðåñ 172.16.1.6
ïîðòû ïî êîòîðîìó ïóñêàþ flylink tcp 5555 udp 6666
Âíóòðåííèé àäðåñ êîìï íà êîòîðîì ôëàéëèíê 192.168.1.3.

Êàêîãî âèäà ïðàâèëüíî äîëæíî áûòü ÷òîá âñå çàðàáîòàëî. Ïûòàëñÿ ñàì ÷òî-òî ñäåëàòü, íî íå ïîëó÷àåòñÿ. Ïîèñê òàê è íå ðàáîòàåò. Áóäó î÷åíü ïðèçíàòåëåí åñëè êòî-òî ïîìîæåò

**5v5** · 24-09-2011, 16:18

íà ðîóòåðå (WL-500gP) ñ ïðîøèâêîé 19.2.7-rtn-r3300 ÷åðåç ipkg óñòàíîâëåí openvpn. ïðè ñòàðòå openvpn âûïîëíÿåòñÿ ñêðèïò:

Code:

#!/bin/sh

if [ "$6" == "init" ]
then
    iptables -t nat -A POSTROUTING -o $1 ! -s $4 -j MASQUERADE
fi

$1 - èñïîëüçóåìûé tun, $4 - àäðåñ êëèåíòñêîãî êîíöà òóíåëÿ.

ïðè ïîïûòêå îáðàùåíèÿ èç ëîêàëüíîé ñåòè ê àäðåñàì ñ äðóãîé ñòîðîíû òóíåëÿ ðîóòåð ïàäàåò (ïåðåãðóæàåòñÿ).

p.s. âèäèìî ìåíÿ íåïðàâèëüíî ïîíÿëè - ïðîáëåìà íå â openvpn - ó ìåíÿ íà ðîóòåðå âèñèò åùå øòóê 5 êëèåíòîâ, íî áåç ìàñêàðàäà, âñå îòëè÷íî ðàáîòàåò - ïðîáëåìà ãäå-òî â ÿäðå.

**abi** · 03-10-2011, 18:01

Ïðøó ïîìîùè. Ëåò 5 íàçàä íàñòðîèë openvpn íà wl500gP Âñ¸ ðàáîòàëî, ïîêà íå ñãîðåë âèíò.
Çàìåíèë è ïûòàþñü âñïîìíèòü êàê íàñòðîèòü.

Ñèñòåìà òàêàÿ.
Öèñêà, âîòêíóòà â èíåò (10.0.0.222)
Ðîóòåð ïåðåâåä¸í â ðåæèì ñâèò÷à è âîòêíóò LAN'îì â êîøêó (10.0.0.1)

Íà ðîóòåðå íàïèñàë ïðèìåðíî òàê:

Code:

#
# Sample OpenVPN configuration file for
# office using SSL/TLS mode and RSA certificates/keys.
#
# '#' or ';' may be used to delimit comments.

# Use a dynamic tun device.
# For Linux 2.2 or non-Linux OSes,
# you may want to use an explicit
# unit number such as "tun1".
# OpenVPN also supports virtual
# ethernet "tap" devices.
#dev tun
; dev tap

dev tap0

# Choose an uncommon local subnet for the virtual VPN end points.
# 10.1.0.1 is the local side of the VPN endpoint (slug side)
# 10.1.0.2 is the remote side of the VPN endpoint (client side)
# For tun mode use ifconfig 10.1.0.1 10.1.0.2
# For tap mode use ifconfig 10.1.0.1 255.255.255.0
; ifconfig 10.1.0.1 10.1.0.2
; ifconfig 10.1.0.1 255.255.255.0

server-bridge 10.0.0.222 255.255.255.0 10.0.0.50 10.0.0.70
ifconfig-pool-persist /opt/etc/openvpn/ipp.txt
client-to-client

# Our up script will establish routes once the VPN is alive.
# Running scripts need the script-security set to 2.
#script-security 2
#up ./openvpn.up

# Push the 'server subnet route' to the clients
#push "route 192.168.1.0 255.255.255.0"
push "route 10.0.0.0 255.255.255.0"

# Push the WINS server to the clients - if we have a Samba WINS server.
; push "dhcp-option WINS 192.168.1.77"
push "dhcp-option DNS 10.0.0.222"
;push "dhcp-option WINS 10.0.1.222"

# Server Static Key
# (For security run - chmod 600 /opt/etc/openvpn/static.key)
#secret static.key

# In SSL/TLS key exchange, Office will
# assume server role and Home
# will assume client role.
tls-server

# Diffie-Hellman Parameters (tls-server only)
dh /opt/etc/openvpn/keys/dh1024.pem

# Certificate Authority file
ca /opt/etc/openvpn/keys/ca.crt

# Our certificate/public key
cert /opt/etc/openvpn/keys/server.crt

# Our private key
#crl-verify /opt/etc/openvpn/crl.pem
key  /opt/etc/openvpn/keys/server.key

# OpenVPN 2.0 uses UDP port 1194 by default
# (official port assignment by iana.org 11/04).
# OpenVPN 1.x uses UDP port 5000 by default.
# Each OpenVPN tunnel must use
# a different port number.
# lport or rport can be used
# to denote different ports
# for local and remote.

proto tcp-server

port 443

# Downgrade UID and GID to
# "nobody" after initialization
# for extra security.
user nobody
group nobody

# If you built OpenVPN with
# LZO compression, uncomment
# out the following line.
comp-lzo

# Send a UDP ping to remote once
# every 15 seconds to keep
# stateful firewall connection
# alive.  Uncomment this
# out if you are using a stateful
# firewall.
; ping 15

# Uncomment this section for a more reliable detection when a system
# loses its connection.  For example, dial-ups or laptops that
# travel to other locations.
; ping 15
; ping-restart 45
; ping-timer-rem
persist-tun
persist-key

# Verbosity level.
# 0 -- quiet except for fatal errors.
# 1 -- mostly quiet, but display non-fatal network errors.
# 3 -- medium output, good for normal operation.
# 9 -- verbose, good for troubleshooting
verb 3

# Log files
log-append /opt/var/log/openvpn/openvpn.log
; status /opt/var/log/openvpn/status.log

#  Inactivity timeout
; inactive            45
keepalive 10 60

Â post-mount âïèñàë

openvpn --mktun --dev tap0
brctl addif br0 ta0
ifconfig tap0 0.0.0.0 promisc up

Êëèåíò êîííåêòèòñÿ. Ïîëó÷àåò àäðåñ, íî íå ïèíãàåò êîøêó (10.0.0.222).
Âåðíåå, íå ïèíãàåò íè÷åãî.

Ïðè ýòîì, êëèåíò íå ïîëó÷àåò gateway !
Ïîìíþ, ÷òî òàêîãî òî÷íî íåáûëî.

Ïîìîãèòå, ïëèç. Êóäà ñìîòðåòü? Ñèæó 2 äåíü

**abi** · 03-10-2011, 18:33

Âîïðîñ ñíÿò. Âîò êàê áûâàåò ïîëåçíî îïèñàòü ïðîáëåìó.
ß äîáàâëÿë tap0 íå â òîò áðèäæ.....

**melnikdima** · 05-10-2011, 14:22

Óñòàíàâëèâàë openvpn ïî ýòîé èíñòðóêöèè íà RT-16N
http://wl500g.info/showthread.php?t=5312

íà ýòàïå
Start OpenVPN server manually

ðóãàåòñÿ íà /sbin/insmod tun

[admin@ROUT sbin]$ /sbin/insmod tun
insmod: can't insert 'tun.ko': File exists

êàê áûòü?

**legionnet** · 06-10-2011, 05:47

Îðãàíèçîâàë ìåæäó äâóìÿ ASUS RT-N16 VPN-òóííåëü ñ ïîìîùüþ OpenVPN, íî ìàêñèìàëüíàÿ ñêîðîñòü, êîòîðóþ óäàëîñü ïîëó÷èòü - 10ìáèò/ñ â ëþáóþ ñòîðîíó, ïðîáîâàë âûêëþ÷àòü øèôðîâàíèå, ñæàòèå. Íî ðåçóëüòàòîâ íå äàëî, ñêîðîñòü íèêàê íå óâåëè÷èëàñü.
Ñêîðîñòü ìåæäó äâóìÿ RT-N16 íàïðÿìóþ ~80-90 ìáèò/ñ, èçìåðÿë ñ ïîìîùüþ iperf.
Êàê äîáèòüñÿ áîëåå âûñîêèõ ñêîðîñòåé ÂÏÍ? Ïîñîâåòóéòå ðåøåíèå ïðîáëåìû.

Ïðîøèâêè RT-N-1.9.2.7-rtn-r2274 (2010-10-17)

**YVM** · 06-10-2011, 06:40

Originally Posted by legionnet

ìàêñèìàëüíàÿ ñêîðîñòü, êîòîðóþ óäàëîñü ïîëó÷èòü - 10ìáèò/ñ â ëþáóþ ñòîðîíó

Ó ìåíÿ òîò æå ðåçóëüòàò. Õîòÿ, ïðè íàëè÷èè íåñêîëüêèõ òóííåëåé ïîëó÷àåòñÿ 10 íà êàæäûé.

**mooncat4er** · 07-10-2011, 01:37

ïîäñêàæèòå êàê ñîçäàòü dh1024.pem

**j00e** · 07-10-2011, 06:36

ðàññêàæèòå ïëèç êàê íàñòðîèòü óñòàíîâëåííûé ÷åðåç âàø ñêðèïò OpenVPN.

Thread: Ïðîáëåìû ñ OpenVPN. Ïðîøó ïîìîùè!

Thread Tools

Rate This Thread

Display

Òðè íåçàâèñìûõ ïîäñåòè è êàøà ñ DNS

RT-N16 Äóáëèðóåòñÿ òðàôèê

ïðîáëåìà ìàñêàðàäà ASUS WL-500gP & WL500gp-1.9.2.7-rtn-r3300

[OpenVPN] Íå ïèíãóåòñÿ....

RT-N16 & VPN (Tunnel)

openvpn

Similar Threads

Óïðàâëåíèå UPS ïðè ïîìîùè apcupsd è nut

Îòïðàâêà SMS-îïîâåùåíèé ïðè ïîìîùè Google

OpenVPN â ñîñòàâå ïðîøèâêè îò ýíòóçèàñòîâ

HowTo install OpenVPN server

Tags for this Thread

Posting Permissions