OpenVPN bağlı ancak IP değişmiyor


0

Bu soru OpenVPN kullanıcıları için ortak olabilir, ancak her çözüm başarısız olduğu için çok sinirliyim. Bu problem için internette görebildiğim hemen hemen her çözümü denedim. CentOS 7 NAT vps sunucusunda bir OpenVPN kurdum. Sonra dizüstü bilgisayarıma OpenVPN GUI'yi kurdum (Windows 7). İlk başta Tamam oldu: bağlandı ve IP adresi değişti. Fakat birkaç dakika sonra, tekrar IP maskesine geri döndü, gerçek IP'ye geri döndü. Bunları denedim:

  1. Uyumluluk - OpenVPN GUI'ye sağ tıklayın, bu programı uyumluluk modunda çalıştırın → neredeyse hepsini deneyin. IP adresi neredeyse bir dakika değişti, yine otomatik olarak orijinale dönüştü.

  2. IPv6'yı Devre Dışı Bırakma - Kontrol paneli → Ağ ve internet → Ağ bağlantıları → Git ve Windows bağdaştırıcısı v9'a sağ tıklayıp IPv6'yı devre dışı bırakın. Çalışmıyor.

  3. redirect-gateway def - config.ovpnSunucudaki dosyayı push "redirect-gateway def1"düzenleyin config.ovpnve Windows 7'de istemci dosyasını ekleyin ve düzenleyin ve ekleyin redirect-gateway def1. Hala hiçbir şey işe yaramadı.

Ben clueless'ım. İstemciden gelen günlük dosyası:

Thu Aug 24 23:55:03 2017 OpenVPN 2.4.3 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Jul 14 2017
Thu Aug 24 23:55:03 2017 Windows version 6.1 (Windows 7) 32bit
Thu Aug 24 23:55:03 2017 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.10
Enter Management Password:
Thu Aug 24 23:55:03 2017 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Thu Aug 24 23:55:03 2017 Need hold release from management interface, waiting...
Thu Aug 24 23:55:03 2017 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Thu Aug 24 23:55:04 2017 MANAGEMENT: CMD 'state on'
Thu Aug 24 23:55:04 2017 MANAGEMENT: CMD 'log all on'
Thu Aug 24 23:55:04 2017 MANAGEMENT: CMD 'echo all on'
Thu Aug 24 23:55:04 2017 MANAGEMENT: CMD 'hold off'
Thu Aug 24 23:55:04 2017 MANAGEMENT: CMD 'hold release'
Thu Aug 24 23:55:05 2017 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Aug 24 23:55:05 2017 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Aug 24 23:55:05 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]104.152.190.126:17600
Thu Aug 24 23:55:05 2017 Socket Buffers: R=[8192->8192] S=[8192->8192]
Thu Aug 24 23:55:05 2017 UDP link local: (not bound)
Thu Aug 24 23:55:05 2017 UDP link remote: [AF_INET]104.152.190.126:17600
Thu Aug 24 23:55:05 2017 MANAGEMENT: >STATE:1503597305,WAIT,,,,,,
Thu Aug 24 23:55:05 2017 MANAGEMENT: >STATE:1503597305,AUTH,,,,,,
Thu Aug 24 23:55:05 2017 TLS: Initial packet from [AF_INET]104.152.190.126:17600, sid=d06722a6 e92e9a3e
Thu Aug 24 23:55:05 2017 VERIFY OK: depth=1, CN=ChangeMe
Thu Aug 24 23:55:05 2017 VERIFY KU OK
Thu Aug 24 23:55:05 2017 Validating certificate extended key usage
Thu Aug 24 23:55:05 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Thu Aug 24 23:55:05 2017 VERIFY EKU OK
Thu Aug 24 23:55:05 2017 VERIFY OK: depth=0, CN=server
Thu Aug 24 23:55:06 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Thu Aug 24 23:55:06 2017 [server] Peer Connection Initiated with [AF_INET]104.152.190.126:17600
Thu Aug 24 23:55:07 2017 MANAGEMENT: >STATE:1503597307,GET_CONFIG,,,,,,
Thu Aug 24 23:55:07 2017 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Thu Aug 24 23:55:07 2017 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route-gateway 10.8.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.8.0.2 255.255.255.0,peer-id 0,cipher AES-256-GCM'
Thu Aug 24 23:55:07 2017 OPTIONS IMPORT: timers and/or timeouts modified
Thu Aug 24 23:55:07 2017 OPTIONS IMPORT: --ifconfig/up options modified
Thu Aug 24 23:55:07 2017 OPTIONS IMPORT: route options modified
Thu Aug 24 23:55:07 2017 OPTIONS IMPORT: route-related options modified
Thu Aug 24 23:55:07 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Thu Aug 24 23:55:07 2017 OPTIONS IMPORT: peer-id set
Thu Aug 24 23:55:07 2017 OPTIONS IMPORT: adjusting link_mtu to 1625
Thu Aug 24 23:55:07 2017 OPTIONS IMPORT: data channel crypto options modified
Thu Aug 24 23:55:07 2017 Data Channel: using negotiated cipher 'AES-256-GCM'
Thu Aug 24 23:55:07 2017 Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Thu Aug 24 23:55:07 2017 Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Thu Aug 24 23:55:07 2017 interactive service msg_channel=0
Thu Aug 24 23:55:07 2017 ROUTE_GATEWAY 10.211.52.95/255.255.255.255 I=40 HWADDR=00:00:00:00:00:00
Thu Aug 24 23:55:07 2017 open_tun
Thu Aug 24 23:55:07 2017 TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{7A6A15EB-2846-4F03-8F06-E5B7B16FE4B7}.tap
Thu Aug 24 23:55:07 2017 TAP-Windows Driver Version 9.21 
Thu Aug 24 23:55:07 2017 Set TAP-Windows TUN subnet mode network/local/netmask = 10.8.0.0/10.8.0.2/255.255.255.0 [SUCCEEDED]
Thu Aug 24 23:55:07 2017 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.2/255.255.255.0 on interface {7A6A15EB-2846-4F03-8F06-E5B7B16FE4B7} [DHCP-serv: 10.8.0.254, lease-time: 31536000]
Thu Aug 24 23:55:07 2017 Successful ARP Flush on interface [14] {7A6A15EB-2846-4F03-8F06-E5B7B16FE4B7}
Thu Aug 24 23:55:07 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Thu Aug 24 23:55:07 2017 MANAGEMENT: >STATE:1503597307,ASSIGN_IP,,10.8.0.2,,,,
Thu Aug 24 23:55:07 2017 Block_DNS: WFP engine opened
Thu Aug 24 23:55:08 2017 Block_DNS: Using existing sublayer
Thu Aug 24 23:55:08 2017 Block_DNS: Added permit filters for exe_path
Thu Aug 24 23:55:08 2017 Block_DNS: Added block filters for all interfaces
Thu Aug 24 23:55:08 2017 Block_DNS: Added permit filters for TAP interface
Thu Aug 24 23:55:13 2017 TEST ROUTES: 1/1 succeeded len=0 ret=1 a=0 u/d=up
Thu Aug 24 23:55:13 2017 C:\Windows\system32\route.exe ADD 104.152.190.126 MASK 255.255.255.255 10.211.52.95
Thu Aug 24 23:55:13 2017 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Thu Aug 24 23:55:13 2017 Route addition via IPAPI succeeded [adaptive]
Thu Aug 24 23:55:13 2017 C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.1
Thu Aug 24 23:55:13 2017 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=3 and dwForwardType=4
Thu Aug 24 23:55:13 2017 Route addition via IPAPI succeeded [adaptive]
Thu Aug 24 23:55:13 2017 C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.1
Thu Aug 24 23:55:13 2017 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=3 and dwForwardType=4
Thu Aug 24 23:55:13 2017 Route addition via IPAPI succeeded [adaptive]
Thu Aug 24 23:55:13 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Thu Aug 24 23:55:13 2017 Initialization Sequence Completed
Thu Aug 24 23:55:13 2017 MANAGEMENT: >STATE:1503597313,CONNECTED,SUCCESS,10.8.0.2,104.152.190.126,17600,,

İşte config dosya kodu:

client
dev tun
proto udp
sndbuf 0
rcvbuf 0
remote 104.152.190.126 17600
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-CBC
comp-lzo
setenv opt block-outside-dns
key-direction 1
verb 3
redirect-gateway def1
<ca>

İşte Sunucu Yapılandırma dosyası:

port 17600
proto udp
dev tun
sndbuf 0
rcvbuf 0
ca ca.crt
cert server.crt
key server.key
dh dh.pem
tls-auth ta.key 0
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 10 120
cipher AES-256-CBC
comp-lzo
user nobody
group nobody
persist-key
persist-tun

İlk adım; IP adresinin değişmediğine nasıl karar verdiniz?
Darren,

Vpn'yi bağladıktan sonra, whatismyipaddress.com adresinde kontrol edip, asıl ipimi gösteriyorum. Ve benim vps ipimin Amerika'dan geldiğini ve orjinalimin Bangladeş olduğunu biliyorum.
bdspice

Sunucu yapılandırma dosyasını da gönderebilir ve sunucudaki Openvpn günlüğüne bir göz atabilir misiniz?
Anonim

Belki de route printWindows öncesi "gerçek ip geri dönüyor" dan önce ve sonra kontrol etmek istiyorsunuz .
Tom Yan

Mesele şu ki, gerçekten "geri döndü" mü? Yoksa hiç değişti mi?
Tom Yan
Sitemizi kullandığınızda şunları okuyup anladığınızı kabul etmiş olursunuz: Çerez Politikası ve Gizlilik Politikası.
Licensed under cc by-sa 3.0 with attribution required.