参考 https://github.com/quericy/on... 的配置,搭出来了VPN服务器。
使用另一个ubuntu linux 连接这个vpn服务器也成功了,但是无法使用vpn上网。
具体信息描述见:https://github.com/quericy/on...
这里再说一下:
首先服务端,win10, iphone, mac都测试过上网没问题。
还有ubuntu linux作为 客户端,一直没搞定,跪求帮忙。
client ipsec.conf
conn toserver
keyexchange=ikev2
ike=aes256-sha256-modp2048,3des-sha1-modp2048,aes256-sha1-modp2048!
esp=aes256-sha256,3des-sha1,aes256-sha1!
rekey=no
left=%any
leftsourceip=0.0.0.0
leftsubnet=0.0.0.0/0
leftfirewall=yes
leftsendcert=never
leftauth=eap-mschapv2
right=47.90.120.12
rightid=47.90.120.12
rightsubnet=0.0.0.0/0
rightsendcert=always
eap_identity=dev
dpdaction=clear
fragmentation=yes
auto=startclient ipsec.secret
dev 47.90.120.12 : EAP "helloword"另外,导入了 server的ca.cert.pem 到 /usr/local/etc/ipsec.d/cacerts 目录中
重新启动 ipsec start 可以连接成功,得到IP地址: 10.31.2.1
server端查看 status 可以看到:
~# ipsec status
Security Associations (2 up, 0 connecting):
ios_ikev2[34]: ESTABLISHED 9 seconds ago, 172.31.98.180[47.90.120.12]...120.77.171.23[172.18.110.74]
ios_ikev2{38}: INSTALLED, TUNNEL, reqid 21, ESP in UDP SPIs: c7aa494b_i c861b147_o
ios_ikev2{38}: 0.0.0.0/0 === 10.31.2.1/32但是 ubuntu client没有路由,我设置默认路由为 10.31.2.1 也不起作用,无法通过VPN上网。
求助。。。
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
It has been solved. There is no problem with the VPN configuration. The reason is that the IP segment of the VPN conflicts with the private IP of ALIYUN. ALIYUN is too cruel, 10.0.0.0/8, don’t play with segment 10.