Estou tentando instalar o OpenVPN 2.2.1 no meu CentOS 6.2 VPS. Esta é a primeira vez que me preparo e tudo correu bem. O serviço está sendo executado e o cliente pode se conectar. Minha intenção é encaminhar todo o meu tráfego do cliente, para o meu VPS, para a internet. No entanto, me deparo com um problema.
Ao fazer o ping do IP do VPS, tudo funciona bem. No entanto, ao pingar QUALQUER outro servidor IP / nome na internet, ele se recusa a se conectar.
Passei as últimas cinco horas lendo tópicos e procurando soluções, mas nenhum deles se aplicava a mim. A natureza do problema me levou a acreditar que é um problema com o tráfego não ser roteado corretamente.
Configuração do servidor OpenVPN:
local 5.34.244.*** (asterisks applied for privacy)
port 443
proto tcp
dev tun
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login
client-cert-not-required
username-as-common-name
server 1.2.4.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 4.2.2.1"
keepalive 5 30
comp-lzo
persist-key
persist-tun
status server-tcp.log
verb 3
Configuração do cliente OpenVPN:
client
dev tun
proto tcp
remote 5.34.244.*** 443
resolv-retry infinite
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ca ca.crt
cert sample.crt
key sample.key
comp-lzo
verb 3
route-method exe
route-delay 2
IPtables:
# iptables -L -t nat -v
Chain PREROUTING (policy ACCEPT 6706 packets, 397K bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 6406 packets, 377K bytes)
pkts bytes target prot opt in out source destination
2386 145K SNAT all -- any any 1.2.4.0/24 anywhere
to:5.34.244.***
0 0 SNAT all -- any any 1.2.4.0/24 anywhere
to:5.34.244.***
0 0 MASQUERADE all -- any eth0 1.2.4.0/24 anywhere
Chain OUTPUT (policy ACCEPT 5270 packets, 312K bytes)
pkts bytes target prot opt in out source destination
e
# iptables -L -v
Chain INPUT (policy ACCEPT 1377 packets, 415K bytes)
pkts bytes target prot opt in out source destination
4 216 ACCEPT tcp -- any any anywhere anywhere tcp
dpt:87
0 0 ACCEPT tcp -- any any anywhere anywhere tcp
dpt:87
0 0 ACCEPT tcp -- any any anywhere anywhere tcp
dpt:87
1 60 ACCEPT tcp -- any any anywhere anywhere tcp
dpt:87
0 0 ACCEPT tcp -- any any anywhere anywhere tcp
dpt:87
0 0 ACCEPT tcp -- any any anywhere anywhere tcp
dpt:87
0 0 ACCEPT all -- tun0 any anywhere anywhere
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- tun0 any anywhere anywhere
Chain OUTPUT (policy ACCEPT 140K packets, 3823K bytes)
pkts bytes target prot opt in out source destination
No meu arquivo sysctl.conf, habilitei o encaminhamento de IP:
net.ipv4.ip_forward = 1
Eu tentei postar nos fóruns do OpenVPN para suporte, mas meu thread foi misteriosamente deletado. Qualquer ajuda seria apreciada.
Editar: Adicionando entrada de registro recorrente de / var / log / messages (asteriscos adicionados para privacidade):
Aug 11 03:53:27 vps openvpn[28055]: mac/**.233.229.93:50840 Need IPv6 code in mroute_extract_addr_from_packet
Editar: Adicionando informações solicitadas:
# sysctl -p
net.ipv4.ip_forward = 1
net.ipv4.tcp_syncookies = 1
error: "net.bridge.bridge-nf-call-ip6tables" is an unknown key
error: "net.bridge.bridge-nf-call-iptables" is an unknown key
error: "net.bridge.bridge-nf-call-arptables" is an unknown key
-
# cat /proc/sys/net/ipv4/ip_forward
1
-
# tcpdump -i tun0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tun0, link-type RAW (Raw IP), capture size 65535 bytes
05:24:30.574250 IP resolver1.opendns.com.domain > 1.2.4.6.62511: 20077 2/0/0 CNAME teredo.ipv6.microsoft.com.ns
atc.net., A 94.245.121.253 (108)
05:24:32.328193 IP a.resolvers.level3.net.domain > 1.2.4.6.62511: 20077 2/0/0 CNAME teredo.ipv6.microsoft.com.n
satc.net., A 65.55.158.118 (108)
05:24:34.027459 IP google-public-dns-a.google.com > 1.2.4.6: ICMP echo reply, id 1, seq 1242, length 40
05:24:37.848645 IP google-public-dns-a.google.com > 1.2.4.6: ICMP echo reply, id 1, seq 1243, length 40
05:24:38.729543 IP 63-225-240-44.hlrn.qwest.net.30160 > 1.2.4.6.51958: Flags [S.], seq 784307014, ack 187668555
9, win 14600, options [mss 1452,nop,nop,sackOK,nop,wscale 4], length 0
05:24:39.132105 IP 63-225-240-44.hlrn.qwest.net.30160 > 1.2.4.6.51960: Flags [S.], seq 3810646056, ack 33965940
38, win 14600, options [mss 1452,nop,nop,sackOK,nop,wscale 4], length 0
05:24:42.866762 IP google-public-dns-a.google.com > 1.2.4.6: ICMP echo reply, id 1, seq 1244, length 40
05:24:48.065918 IP google-public-dns-a.google.com > 1.2.4.6: ICMP echo reply, id 1, seq 1245, length 40
05:24:58.234720 IP google-public-dns-a.google.com > 1.2.4.6: ICMP echo reply, id 1, seq 1247, length 40
05:25:02.852886 IP google-public-dns-a.google.com > 1.2.4.6: ICMP echo reply, id 1, seq 1248, length 40
10 packets captured
10 packets received by filter
-
Log do lado do cliente (asteriscos para privacidade):
Sat Aug 11 02:53:46 2012 OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2] [PKCS11] built on Dec 15 2011
Sat Aug 11 02:53:50 2012 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sat Aug 11 02:53:50 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sat Aug 11 02:53:50 2012 LZO compression initialized
Sat Aug 11 02:53:50 2012 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sat Aug 11 02:53:50 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sat Aug 11 02:53:50 2012 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Sat Aug 11 02:53:50 2012 Local Options hash (VER=V4): '2547efd2'
Sat Aug 11 02:53:50 2012 Expected Remote Options hash (VER=V4): '77cf0943'
Sat Aug 11 02:53:50 2012 Attempting to establish TCP connection with 5.34.244.***:443
Sat Aug 11 02:53:51 2012 TCP connection established with 5.34.244.***:443
Sat Aug 11 02:53:51 2012 TCPv4_CLIENT link local: [undef]
Sat Aug 11 02:53:51 2012 TCPv4_CLIENT link remote: 5.34.244.***:443
Sat Aug 11 02:53:51 2012 TLS: Initial packet from 5.34.244.***:443, sid=41dd99fd d7cc097e
Sat Aug 11 02:53:51 2012 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sat Aug 11 02:53:54 2012 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/OU=changeme/CN=macvpn/name=changeme/[email protected]
Sat Aug 11 02:53:54 2012 VERIFY OK: depth=0, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/OU=changeme/CN=Build_Diffie_Hellman/name=changeme/[email protected]
Sat Aug 11 02:53:56 2012 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Aug 11 02:53:56 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Aug 11 02:53:56 2012 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Aug 11 02:53:56 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Aug 11 02:53:56 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sat Aug 11 02:53:56 2012 [Build_Diffie_Hellman] Peer Connection Initiated with 5.34.244.***:443
Sat Aug 11 02:53:58 2012 SENT CONTROL [Build_Diffie_Hellman]: 'PUSH_REQUEST' (status=1)
Sat Aug 11 02:53:59 2012 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 208.67.222.222,dhcp-option DNS 4.2.2.1,route 1.2.4.1,topology net30,ping 5,ping-restart 30,ifconfig 1.2.4.6 1.2.4.5'
Sat Aug 11 02:53:59 2012 OPTIONS IMPORT: timers and/or timeouts modified
Sat Aug 11 02:53:59 2012 OPTIONS IMPORT: --ifconfig/up options modified
Sat Aug 11 02:53:59 2012 OPTIONS IMPORT: route options modified
Sat Aug 11 02:53:59 2012 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sat Aug 11 02:53:59 2012 ROUTE default_gateway=192.168.1.1
Sat Aug 11 02:53:59 2012 TAP-WIN32 device [Local Area Connection 2] opened: \.\Global\{3A817AE1-696B-4DEB-BD4F-8BE01F11FC47}.tap
Sat Aug 11 02:53:59 2012 TAP-Win32 Driver Version 9.9
Sat Aug 11 02:53:59 2012 TAP-Win32 MTU=1500
Sat Aug 11 02:53:59 2012 Notified TAP-Win32 driver to set a DHCP IP/netmask of 1.2.4.6/255.255.255.252 on interface {3A817AE1-696B-4DEB-BD4F-8BE01F11FC47} [DHCP-serv: 1.2.4.5, lease-time: 31536000]
Sat Aug 11 02:53:59 2012 Successful ARP Flush on interface [25] {3A817AE1-696B-4DEB-BD4F-8BE01F11FC47}
Sat Aug 11 02:54:01 2012 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
Sat Aug 11 02:54:01 2012 C:\WINDOWS\system32\route.exe ADD 5.34.244.*** MASK 255.255.255.255 192.168.1.1
OK!
Sat Aug 11 02:54:01 2012 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 1.2.4.5
OK!
Sat Aug 11 02:54:01 2012 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 1.2.4.5
OK!
Sat Aug 11 02:54:01 2012 C:\WINDOWS\system32\route.exe ADD 1.2.4.1 MASK 255.255.255.255 1.2.4.5
OK!
Sat Aug 11 02:54:01 2012 Initialization Sequence Completed
Sat Aug 11 03:53:56 2012 TLS: soft reset sec=0 bytes=429941/0 pkts=4470/0
Sat Aug 11 03:54:00 2012 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/OU=changeme/CN=macvpn/name=changeme/[email protected]
Sat Aug 11 03:54:00 2012 VERIFY OK: depth=0, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/OU=changeme/CN=Build_Diffie_Hellman/name=changeme/[email protected]
Sat Aug 11 03:54:02 2012 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Aug 11 03:54:02 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Aug 11 03:54:02 2012 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Aug 11 03:54:02 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Aug 11 03:54:02 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sat Aug 11 04:34:50 2012 TCP/UDP: Closing socket
Sat Aug 11 04:34:50 2012 C:\WINDOWS\system32\route.exe DELETE 1.2.4.1 MASK 255.255.255.255 1.2.4.5
OK!
Sat Aug 11 04:34:50 2012 C:\WINDOWS\system32\route.exe DELETE 5.34.244.*** MASK 255.255.255.255 192.168.1.1
OK!
Sat Aug 11 04:34:50 2012 C:\WINDOWS\system32\route.exe DELETE 0.0.0.0 MASK 128.0.0.0 1.2.4.5
OK!
Sat Aug 11 04:34:50 2012 C:\WINDOWS\system32\route.exe DELETE 128.0.0.0 MASK 128.0.0.0 1.2.4.5
OK!
Sat Aug 11 04:34:50 2012 Closing TUN/TAP interface
Sat Aug 11 04:34:50 2012 SIGTERM[hard,] received, process exiting
Sat Aug 11 04:39:00 2012 OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2] [PKCS11] built on Dec 15 2011
Sat Aug 11 04:39:07 2012 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sat Aug 11 04:39:07 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sat Aug 11 04:39:07 2012 LZO compression initialized
Sat Aug 11 04:39:07 2012 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sat Aug 11 04:39:07 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sat Aug 11 04:39:07 2012 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Sat Aug 11 04:39:07 2012 Local Options hash (VER=V4): '2547efd2'
Sat Aug 11 04:39:07 2012 Expected Remote Options hash (VER=V4): '77cf0943'
Sat Aug 11 04:39:07 2012 Attempting to establish TCP connection with 5.34.244.***:443
Sat Aug 11 04:39:08 2012 TCP connection established with 5.34.244.***:443
Sat Aug 11 04:39:08 2012 TCPv4_CLIENT link local: [undef]
Sat Aug 11 04:39:08 2012 TCPv4_CLIENT link remote: 5.34.244.***:443
Sat Aug 11 04:39:08 2012 TLS: Initial packet from 5.34.244.***:443, sid=c86d779b e406746d
Sat Aug 11 04:39:08 2012 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sat Aug 11 04:39:12 2012 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/OU=changeme/CN=macvpn/name=changeme/[email protected]
Sat Aug 11 04:39:12 2012 VERIFY OK: depth=0, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/OU=changeme/CN=Build_Diffie_Hellman/name=changeme/[email protected]
Sat Aug 11 04:39:14 2012 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Aug 11 04:39:14 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Aug 11 04:39:14 2012 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Aug 11 04:39:14 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Aug 11 04:39:14 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sat Aug 11 04:39:14 2012 [Build_Diffie_Hellman] Peer Connection Initiated with 5.34.244.***:443
Sat Aug 11 04:39:16 2012 SENT CONTROL [Build_Diffie_Hellman]: 'PUSH_REQUEST' (status=1)
Sat Aug 11 04:39:16 2012 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 208.67.222.222,dhcp-option DNS 4.2.2.1,route 1.2.4.1,topology net30,ping 5,ping-restart 30,ifconfig 1.2.4.6 1.2.4.5'
Sat Aug 11 04:39:16 2012 OPTIONS IMPORT: timers and/or timeouts modified
Sat Aug 11 04:39:16 2012 OPTIONS IMPORT: --ifconfig/up options modified
Sat Aug 11 04:39:16 2012 OPTIONS IMPORT: route options modified
Sat Aug 11 04:39:16 2012 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sat Aug 11 04:39:16 2012 ROUTE default_gateway=192.168.1.1
Sat Aug 11 04:39:16 2012 TAP-WIN32 device [Local Area Connection 2] opened: \.\Global\{3A817AE1-696B-4DEB-BD4F-8BE01F11FC47}.tap
Sat Aug 11 04:39:16 2012 TAP-Win32 Driver Version 9.9
Sat Aug 11 04:39:16 2012 TAP-Win32 MTU=1500
Sat Aug 11 04:39:16 2012 Notified TAP-Win32 driver to set a DHCP IP/netmask of 1.2.4.6/255.255.255.252 on interface {3A817AE1-696B-4DEB-BD4F-8BE01F11FC47} [DHCP-serv: 1.2.4.5, lease-time: 31536000]
Sat Aug 11 04:39:16 2012 Successful ARP Flush on interface [25] {3A817AE1-696B-4DEB-BD4F-8BE01F11FC47}
Sat Aug 11 04:39:18 2012 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
Sat Aug 11 04:39:18 2012 C:\WINDOWS\system32\route.exe ADD 5.34.244.*** MASK 255.255.255.255 192.168.1.1
OK!
Sat Aug 11 04:39:18 2012 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 1.2.4.5
OK!
Sat Aug 11 04:39:18 2012 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 1.2.4.5
OK!
Sat Aug 11 04:39:18 2012 C:\WINDOWS\system32\route.exe ADD 1.2.4.1 MASK 255.255.255.255 1.2.4.5
OK!
Sat Aug 11 04:39:18 2012 Initialization Sequence Completed
ipconfig:
Windows IP Configuration
Ethernet adapter Local Area Connection 2:
Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::7590:fe5e:9de3:cb2d%25
IPv4 Address. . . . . . . . . . . : 1.2.4.6
Subnet Mask . . . . . . . . . . . : 255.255.255.252
Default Gateway . . . . . . . . . :
Wireless LAN adapter Wireless Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : WAG320N
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : WAG320N
Link-local IPv6 Address . . . . . : fe80::607e:9cac:93a7:78d5%11
IPv4 Address. . . . . . . . . . . : 192.168.1.100
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:3466:31c3:fefd:fbf9
Link-local IPv6 Address . . . . . : fe80::3466:31c3:fefd:fbf9%13
Default Gateway . . . . . . . . . :
Tunnel adapter isatap.WAG320N:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter isatap.{3A817AE1-696B-4DEB-BD4F-8BE01F11FC47}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter 6TO4 Adapter:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2002:102:406::102:406
Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
Tunnel adapter isatap.{ADF8B671-A3A2-4908-B5D0-4150F860DCDB}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : WAG320N
route print (asteriscos para privacidade):
===========================================================================
Interface List
25...00 ff 3a 81 7a e1 ......TAP-Win32 Adapter V9
12...00 13 e8 4b 12 61 ......Intel(R) Wireless WiFi Link 4965AGN
11...00 1b 38 18 41 aa ......Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
28...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.104 20
0.0.0.0 128.0.0.0 1.2.4.5 1.2.4.6 31
1.2.4.1 255.255.255.255 1.2.4.5 1.2.4.6 31
1.2.4.4 255.255.255.252 On-link 1.2.4.6 286
1.2.4.6 255.255.255.255 On-link 1.2.4.6 286
1.2.4.7 255.255.255.255 On-link 1.2.4.6 286
5.34.244.*** 255.255.255.255 192.168.1.1 192.168.1.104 21
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
128.0.0.0 128.0.0.0 1.2.4.5 1.2.4.6 31
192.168.1.0 255.255.255.0 On-link 192.168.1.104 276
192.168.1.104 255.255.255.255 On-link 192.168.1.104 276
192.168.1.255 255.255.255.255 On-link 192.168.1.104 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.104 276
224.0.0.0 240.0.0.0 On-link 1.2.4.6 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.104 276
255.255.255.255 255.255.255.255 On-link 1.2.4.6 286
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
28 1140 ::/0 2002:c058:6301::c058:6301
1 306 ::1/128 On-link
28 1040 2002::/16 On-link
28 296 2002:102:406::102:406/128
On-link
11 276 fe80::/64 On-link
25 286 fe80::/64 On-link
11 276 fe80::607e:9cac:93a7:78d5/128
On-link
25 286 fe80::7590:fe5e:9de3:cb2d/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
25 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
ATUALIZAÇÃO: Algo estranho aconteceu. Alguns antecedentes primeiro: Eu uso o Skype para transferir arquivos da máquina cliente para a máquina que estou usando agora para solucionar problemas. Eu geralmente me desconecto da VPN primeiro (com a suposição de que não está funcionando), no entanto , enquanto enviava os arquivos .txt para a máquina de solução de problemas para uma solicitação recente, percebi que estava funcionando enquanto está sendo conectado à VPN. Para ter certeza de que isso não foi um acaso, eu me ressinto de um arquivo maior, e com certeza o IP que eu recebia combinava com o da VPN. Isso me deu um pouco de esperança de que nem tudo esteja perdido. Espero que isso lance alguma luz sobre a solução para este problema.
O que eu posso fazer: Envie arquivos pelo Skype enquanto estiver conectado à VPN, somente se o Skype já tiver efetuado login antes da conexão que a VPN estabeleceu.
O que eu não posso * fazer: Entre / conecte-se ao Skype usando a VPN.
Tudo bem pessoal, tendo algumas dificuldades técnicas com minha conta atm, será resolvido em breve, espero. No entanto, grande atualização:
Agora sou capaz de fazer ping / tracert para 1.2.4.1
Percebi que a primeira regra no IPtables POSTROUTING estava configurada incorretamente, então a removi e a re-adicionei. Tudo está funcionando como deveria agora! Obrigado a todos por sua ajuda, eu nunca encontraria a solução sem ela.
@cjc @Alex @Kilo