• Benvenuti su RaspberryItaly!
Benvenuto ospite! Login Login con Facebook Registrati Login with Facebook

RaspberryItaly > Software > Software Generale > Problema con server PIVPN? >

Valutazione discussione:
  • 0 voto(i) - 0 media
  • 1
  • 2
  • 3
  • 4
  • 5

[-]
Tags
con pivpn? problema server

Problema con server PIVPN?
Enrico Sartori Offline
Smanettone e Guidologo :)
******
Messaggi: 1,587
Discussioni: 78
Registrato: Nov 2015
Reputazione: 90
#11
01/06/2018, 12:25 (Questo messaggio è stato modificato l'ultima volta il: 01/06/2018, 12:30 da Enrico Sartori.)
scrivi mio ip che significa? apro il sito mioip.it?
se è questo il caso non ti darà mai l'ip privato, ma pubblico.
come scritto nel post n°2 cerca un file di configurazione dentro a /etc/openvpn
o scrivi
cd /etc/openvpn
ll
e posti il contenuto.
La documentazione che ti avevo linkato dice questo
Routing all client traffic (including web-traffic) through the VPN
Overview
By default, when an OpenVPN client is active, only network traffic to and from the OpenVPN server site will pass over the VPN. General web browsing, for example, will be accomplished with direct connections that bypass the VPN.
In certain cases this behavior might not be desirable -- you might want a VPN client to tunnel all network traffic through the VPN, including general internet web browsing. While this type of VPN configuration will exact a performance penalty on the client, it gives the VPN administrator more control over security policies when a client is simultaneously connected to both the public internet and the VPN at the same time.
Implementation
Add the following directive to the server configuration file:
push "redirect-gateway def1"
If your VPN setup is over a wireless network, where all clients and the server are on the same wireless subnet, add the local flag:
push "redirect-gateway local def1"
Pushing the redirect-gateway option to clients will cause all IP network traffic originating on client machines to pass through the OpenVPN server. The server will need to be configured to deal with this traffic somehow, such as by NATing it to the internet, or routing it through the server site's HTTP proxy.
On Linux, you could use a command such as this to NAT the VPN client traffic to the internet:
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
This command assumes that the VPN subnet is 10.8.0.0/24 (taken from the server directive in the OpenVPN server configuration) and that the local ethernet interface is eth0.
When redirect-gateway is used, OpenVPN clients will route DNS queries through the VPN, and the VPN server will need handle them. This can be accomplished by pushing a DNS server address to connecting clients which will replace their normal DNS server settings during the time that the VPN is active. For example:
push "dhcp-option DNS 10.8.0.1"
will configure Windows clients (or non-Windows clients with some extra server-side scripting) to use 10.8.0.1 as their DNS server. Any address which is reachable from clients may be used as the DNS server address.
Caveats
Redirecting all network traffic through the VPN is not entirely a problem-free proposition. Here are some typical gotchas to be aware of:
  • Many OpenVPN client machines connecting to the internet will periodically interact with a DHCP server to renew their IP address leases. The redirect-gateway option might prevent the client from reaching the local DHCP server (because DHCP messages would be routed over the VPN), causing it to lose its IP address lease.
  • Issues exist with respect to pushing DNS addresses to Windows clients.
  • Web browsing performance on the client will be noticably slower.
[size=undefined]
For more information on the mechanics of the redirect-gateway directive, see the manual page.[/size]
Heart Libro  | Blog EnricoSartori.it | Idea YouTube
Se un utente ti è stato utile, aumenta la sua reputazione! premi il Pollicione! 
Risposta
Oresterosso Offline
Utente Standard
*
Messaggi: 25
Discussioni: 5
Registrato: May 2018
Reputazione: 1
#12
01/06/2018, 14:30
(01/06/2018, 12:25)Enrico Sartori Ha scritto: scrivi mio ip che significa? apro il sito mioip.it?
se è questo il caso non ti darà mai l'ip privato, ma pubblico.
come scritto nel post n°2 cerca un file di configurazione dentro a /etc/openvpn
o scrivi
cd /etc/openvpn
ll
e posti il contenuto.
La documentazione che ti avevo linkato dice questo
Routing all client traffic (including web-traffic) through the VPN
Overview
By default, when an OpenVPN client is active, only network traffic to and from the OpenVPN server site will pass over the VPN. General web browsing, for example, will be accomplished with direct connections that bypass the VPN.
In certain cases this behavior might not be desirable -- you might want a VPN client to tunnel all network traffic through the VPN, including general internet web browsing. While this type of VPN configuration will exact a performance penalty on the client, it gives the VPN administrator more control over security policies when a client is simultaneously connected to both the public internet and the VPN at the same time.
Implementation
Add the following directive to the server configuration file:
push "redirect-gateway def1"
If your VPN setup is over a wireless network, where all clients and the server are on the same wireless subnet, add the local flag:
push "redirect-gateway local def1"
Pushing the redirect-gateway option to clients will cause all IP network traffic originating on client machines to pass through the OpenVPN server. The server will need to be configured to deal with this traffic somehow, such as by NATing it to the internet, or routing it through the server site's HTTP proxy.
On Linux, you could use a command such as this to NAT the VPN client traffic to the internet:
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
This command assumes that the VPN subnet is 10.8.0.0/24 (taken from the server directive in the OpenVPN server configuration) and that the local ethernet interface is eth0.
When redirect-gateway is used, OpenVPN clients will route DNS queries through the VPN, and the VPN server will need handle them. This can be accomplished by pushing a DNS server address to connecting clients which will replace their normal DNS server settings during the time that the VPN is active. For example:
push "dhcp-option DNS 10.8.0.1"
will configure Windows clients (or non-Windows clients with some extra server-side scripting) to use 10.8.0.1 as their DNS server. Any address which is reachable from clients may be used as the DNS server address.
Caveats
Redirecting all network traffic through the VPN is not entirely a problem-free proposition. Here are some typical gotchas to be aware of:
  • Many OpenVPN client machines connecting to the internet will periodically interact with a DHCP server to renew their IP address leases. The redirect-gateway option might prevent the client from reaching the local DHCP server (because DHCP messages would be routed over the VPN), causing it to lose its IP address lease.
  • Issues exist with respect to pushing DNS addresses to Windows clients.
  • Web browsing performance on the client will be noticably slower.
[size=undefined]
For more information on the mechanics of the redirect-gateway directive, see the manual page.[/size]
Ok ho trovato il file server. conf
All'interno di esso è presente lo script:
push "redirect-gateway def1"

Ora se ho bem capito per instradare tutto il traffico internet attraverso la vpn dovrei sostituire push "redirect-gateway def1" con push "redirect-gateway local def1".
Eseguito il cambio si presenta questo problema:
Sono impossibilitato alla navigazione internet :-(
Per il file server.conf essendo privato ti mando un PM.

Inviato dal mio HUAWEI VNS-L31 utilizzando Tapatalk
Risposta
  


Vai al forum:


Navigazione: 1 Ospite(i)
Forum con nuovi Post
Forum senza nuovi post
Forum bloccato
Forum Redirect