Bu soru OpenVPN kullanıcıları için ortak olabilir, ancak her çözüm başarısız olduğu için çok sinirliyim. Bu problem için internette görebildiğim hemen hemen her çözümü denedim. CentOS 7 NAT vps sunucusunda bir OpenVPN kurdum. Sonra dizüstü bilgisayarıma OpenVPN GUI'yi kurdum (Windows 7). İlk başta Tamam oldu: bağlandı ve IP adresi değişti. Fakat birkaç dakika sonra, tekrar IP maskesine geri döndü, gerçek IP'ye geri döndü. Bunları denedim:
Uyumluluk - OpenVPN GUI'ye sağ tıklayın, bu programı uyumluluk modunda çalıştırın → neredeyse hepsini deneyin. IP adresi neredeyse bir dakika değişti, yine otomatik olarak orijinale dönüştü.
IPv6'yı Devre Dışı Bırakma - Kontrol paneli → Ağ ve internet → Ağ bağlantıları → Git ve Windows bağdaştırıcısı v9'a sağ tıklayıp IPv6'yı devre dışı bırakın. Çalışmıyor.
redirect-gateway def -
config.ovpn
Sunucudaki dosyayıpush "redirect-gateway def1"
düzenleyinconfig.ovpn
ve Windows 7'de istemci dosyasını ekleyin ve düzenleyin ve ekleyinredirect-gateway def1
. Hala hiçbir şey işe yaramadı.
Ben clueless'ım. İstemciden gelen günlük dosyası:
Thu Aug 24 23:55:03 2017 OpenVPN 2.4.3 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Jul 14 2017
Thu Aug 24 23:55:03 2017 Windows version 6.1 (Windows 7) 32bit
Thu Aug 24 23:55:03 2017 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10
Enter Management Password:
Thu Aug 24 23:55:03 2017 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Thu Aug 24 23:55:03 2017 Need hold release from management interface, waiting...
Thu Aug 24 23:55:03 2017 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Thu Aug 24 23:55:04 2017 MANAGEMENT: CMD 'state on'
Thu Aug 24 23:55:04 2017 MANAGEMENT: CMD 'log all on'
Thu Aug 24 23:55:04 2017 MANAGEMENT: CMD 'echo all on'
Thu Aug 24 23:55:04 2017 MANAGEMENT: CMD 'hold off'
Thu Aug 24 23:55:04 2017 MANAGEMENT: CMD 'hold release'
Thu Aug 24 23:55:05 2017 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Aug 24 23:55:05 2017 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Aug 24 23:55:05 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]104.152.190.126:17600
Thu Aug 24 23:55:05 2017 Socket Buffers: R=[8192->8192] S=[8192->8192]
Thu Aug 24 23:55:05 2017 UDP link local: (not bound)
Thu Aug 24 23:55:05 2017 UDP link remote: [AF_INET]104.152.190.126:17600
Thu Aug 24 23:55:05 2017 MANAGEMENT: >STATE:1503597305,WAIT,,,,,,
Thu Aug 24 23:55:05 2017 MANAGEMENT: >STATE:1503597305,AUTH,,,,,,
Thu Aug 24 23:55:05 2017 TLS: Initial packet from [AF_INET]104.152.190.126:17600, sid=d06722a6 e92e9a3e
Thu Aug 24 23:55:05 2017 VERIFY OK: depth=1, CN=ChangeMe
Thu Aug 24 23:55:05 2017 VERIFY KU OK
Thu Aug 24 23:55:05 2017 Validating certificate extended key usage
Thu Aug 24 23:55:05 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Thu Aug 24 23:55:05 2017 VERIFY EKU OK
Thu Aug 24 23:55:05 2017 VERIFY OK: depth=0, CN=server
Thu Aug 24 23:55:06 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Thu Aug 24 23:55:06 2017 [server] Peer Connection Initiated with [AF_INET]104.152.190.126:17600
Thu Aug 24 23:55:07 2017 MANAGEMENT: >STATE:1503597307,GET_CONFIG,,,,,,
Thu Aug 24 23:55:07 2017 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Thu Aug 24 23:55:07 2017 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route-gateway 10.8.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.8.0.2 255.255.255.0,peer-id 0,cipher AES-256-GCM'
Thu Aug 24 23:55:07 2017 OPTIONS IMPORT: timers and/or timeouts modified
Thu Aug 24 23:55:07 2017 OPTIONS IMPORT: --ifconfig/up options modified
Thu Aug 24 23:55:07 2017 OPTIONS IMPORT: route options modified
Thu Aug 24 23:55:07 2017 OPTIONS IMPORT: route-related options modified
Thu Aug 24 23:55:07 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Thu Aug 24 23:55:07 2017 OPTIONS IMPORT: peer-id set
Thu Aug 24 23:55:07 2017 OPTIONS IMPORT: adjusting link_mtu to 1625
Thu Aug 24 23:55:07 2017 OPTIONS IMPORT: data channel crypto options modified
Thu Aug 24 23:55:07 2017 Data Channel: using negotiated cipher 'AES-256-GCM'
Thu Aug 24 23:55:07 2017 Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Thu Aug 24 23:55:07 2017 Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Thu Aug 24 23:55:07 2017 interactive service msg_channel=0
Thu Aug 24 23:55:07 2017 ROUTE_GATEWAY 10.211.52.95/255.255.255.255 I=40 HWADDR=00:00:00:00:00:00
Thu Aug 24 23:55:07 2017 open_tun
Thu Aug 24 23:55:07 2017 TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{7A6A15EB-2846-4F03-8F06-E5B7B16FE4B7}.tap
Thu Aug 24 23:55:07 2017 TAP-Windows Driver Version 9.21
Thu Aug 24 23:55:07 2017 Set TAP-Windows TUN subnet mode network/local/netmask = 10.8.0.0/10.8.0.2/255.255.255.0 [SUCCEEDED]
Thu Aug 24 23:55:07 2017 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.2/255.255.255.0 on interface {7A6A15EB-2846-4F03-8F06-E5B7B16FE4B7} [DHCP-serv: 10.8.0.254, lease-time: 31536000]
Thu Aug 24 23:55:07 2017 Successful ARP Flush on interface [14] {7A6A15EB-2846-4F03-8F06-E5B7B16FE4B7}
Thu Aug 24 23:55:07 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Thu Aug 24 23:55:07 2017 MANAGEMENT: >STATE:1503597307,ASSIGN_IP,,10.8.0.2,,,,
Thu Aug 24 23:55:07 2017 Block_DNS: WFP engine opened
Thu Aug 24 23:55:08 2017 Block_DNS: Using existing sublayer
Thu Aug 24 23:55:08 2017 Block_DNS: Added permit filters for exe_path
Thu Aug 24 23:55:08 2017 Block_DNS: Added block filters for all interfaces
Thu Aug 24 23:55:08 2017 Block_DNS: Added permit filters for TAP interface
Thu Aug 24 23:55:13 2017 TEST ROUTES: 1/1 succeeded len=0 ret=1 a=0 u/d=up
Thu Aug 24 23:55:13 2017 C:\Windows\system32\route.exe ADD 104.152.190.126 MASK 255.255.255.255 10.211.52.95
Thu Aug 24 23:55:13 2017 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Thu Aug 24 23:55:13 2017 Route addition via IPAPI succeeded [adaptive]
Thu Aug 24 23:55:13 2017 C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.1
Thu Aug 24 23:55:13 2017 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=3 and dwForwardType=4
Thu Aug 24 23:55:13 2017 Route addition via IPAPI succeeded [adaptive]
Thu Aug 24 23:55:13 2017 C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.1
Thu Aug 24 23:55:13 2017 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=3 and dwForwardType=4
Thu Aug 24 23:55:13 2017 Route addition via IPAPI succeeded [adaptive]
Thu Aug 24 23:55:13 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Thu Aug 24 23:55:13 2017 Initialization Sequence Completed
Thu Aug 24 23:55:13 2017 MANAGEMENT: >STATE:1503597313,CONNECTED,SUCCESS,10.8.0.2,104.152.190.126,17600,,
İşte config dosya kodu:
client
dev tun
proto udp
sndbuf 0
rcvbuf 0
remote 104.152.190.126 17600
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-CBC
comp-lzo
setenv opt block-outside-dns
key-direction 1
verb 3
redirect-gateway def1
<ca>
İşte Sunucu Yapılandırma dosyası:
port 17600
proto udp
dev tun
sndbuf 0
rcvbuf 0
ca ca.crt
cert server.crt
key server.key
dh dh.pem
tls-auth ta.key 0
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 10 120
cipher AES-256-CBC
comp-lzo
user nobody
group nobody
persist-key
persist-tun
route print
Windows öncesi "gerçek ip geri dönüyor" dan önce ve sonra kontrol etmek istiyorsunuz .