我试图在我的Linux Mint 17上运行openvpn。(ps:PPTP工作但我需要使用openvpn)当我尝试时:
sudo openvpn --config 'somewhere.ovpn'
它告诉我:
Initialization Sequence Completed
但我无法浏览互联网。我关闭了防火墙,但它仍然无法正常工作。所以我在网上查找了这个:https://wiki.archlinux.org/index.php/OpenVPN#DNS
我按照步骤安装 openresolv 并添加:
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
仍然无法浏览互联网。
以下是整个终端日志:
Fri Nov 20 23:58:16 2015 DEPRECATED OPTION: --tls-remote, please update your configuration
Fri Nov 20 23:58:16 2015 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec 1 2014
Fri Nov 20 23:58:16 2015 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Fri Nov 20 23:58:16 2015 Control Channel Authentication: tls-auth using INLINE static key file
Fri Nov 20 23:58:16 2015 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Nov 20 23:58:16 2015 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Nov 20 23:58:16 2015 Socket Buffers: R=[212992->131072] S=[212992->131072]
Fri Nov 20 23:58:16 2015 UDPv4 link local: [undef]
Fri Nov 20 23:58:16 2015 UDPv4 link remote: [AF_INET]193.182.144.38:1194
Fri Nov 20 23:58:16 2015 TLS: Initial packet from [AF_INET]193.182.144.38:1194, sid=ddd06419 1056c517
Fri Nov 20 23:58:18 2015 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=Fort-Funston_CA/emailAddress=me@myhost.mydomain
Fri Nov 20 23:58:18 2015 VERIFY OK: nsCertType=SERVER
Fri Nov 20 23:58:18 2015 VERIFY X509NAME OK: /C=US/ST=CA/O=Fort-Funston/CN=server_v1/emailAddress=me@myhost.mydomain
Fri Nov 20 23:58:18 2015 VERIFY OK: depth=0, /C=US/ST=CA/O=Fort-Funston/CN=server_v1/emailAddress=me@myhost.mydomain
Fri Nov 20 23:58:20 2015 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Nov 20 23:58:20 2015 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Nov 20 23:58:20 2015 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Nov 20 23:58:20 2015 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Nov 20 23:58:20 2015 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Fri Nov 20 23:58:20 2015 [server_v1] Peer Connection Initiated with [AF_INET]193.182.144.38:1194
Fri Nov 20 23:58:22 2015 SENT CONTROL [server_v1]: 'PUSH_REQUEST' (status=1)
Fri Nov 20 23:58:22 2015 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.10.0.1,route 10.10.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.10.0.102 10.10.0.101'
Fri Nov 20 23:58:22 2015 OPTIONS IMPORT: timers and/or timeouts modified
Fri Nov 20 23:58:22 2015 OPTIONS IMPORT: --ifconfig/up options modified
Fri Nov 20 23:58:22 2015 OPTIONS IMPORT: route options modified
Fri Nov 20 23:58:22 2015 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Nov 20 23:58:22 2015 ROUTE_GATEWAY 10.0.0.1/255.255.255.0 IFACE=eth0 HWADDR=44:1e:a1:cf:84:1b
Fri Nov 20 23:58:22 2015 TUN/TAP device tun1 opened
Fri Nov 20 23:58:22 2015 TUN/TAP TX queue length set to 100
Fri Nov 20 23:58:22 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Fri Nov 20 23:58:22 2015 /sbin/ip link set dev tun1 up mtu 1500
Fri Nov 20 23:58:22 2015 /sbin/ip addr add dev tun1 local 10.10.0.102 peer 10.10.0.101
Fri Nov 20 23:58:22 2015 /etc/openvpn/update-resolv-conf tun1 1500 1546 10.10.0.102 10.10.0.101 init
dhcp-option DNS 10.10.0.1
Fri Nov 20 23:58:24 2015 /sbin/ip route add 193.182.144.38/32 via 10.0.0.1
Fri Nov 20 23:58:24 2015 /sbin/ip route add 0.0.0.0/1 via 10.10.0.101
Fri Nov 20 23:58:24 2015 /sbin/ip route add 128.0.0.0/1 via 10.10.0.101
Fri Nov 20 23:58:24 2015 /sbin/ip route add 10.10.0.1/32 via 10.10.0.101
Fri Nov 20 23:58:24 2015 Initialization Sequence Completed
这是syslog:
Nov 20 23:58:22 My-PC NetworkManager[15711]: SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/tun1, iface: tun1)
Nov 20 23:58:22 My-PC NetworkManager[15711]: SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/tun1, iface: tun1): no ifupdown configuration found.
Nov 20 23:58:22 My-PC NetworkManager[15711]: <warn> /sys/devices/virtual/net/tun1: couldn't determine device driver; ignoring...
Nov 20 23:58:38 My-PC kernel: [57507.741910] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:1d:d6:bb:80:d1:08:00 SRC=10.0.0.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2
Nov 20 23:58:38 My-PC kernel: [57507.741969] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:00:00:fb:6c:59:40:71:7a:93:08:00 SRC=10.0.0.64 DST=224.0.0.251 LEN=40 TOS=0x00 PREC=0x00 TTL=1 ID=0 PROTO=2
请帮帮我!谢谢。