Имеется сервер с Freebsd 12 имеющий статический ip адрес A.B.C.D. На нём установлен и настроен OpenVPN сервер со следующей конфигурацией:
Код: Выделить всё
port 1194
proto tcp
dev tun
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
dh dh2048.pem
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
;push "route 192.168.0.0 255.255.255.0"
;client-config-dir ccd
;push "redirect-gateway def1 bypass-dhcp
client-to-client
keepalive 10 120
tls-auth ta.key 0 # This file is secret
cipher AES-256-CBC
auth SHA512
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
verb 6
Код: Выделить всё
client
tls-client
dev tun
proto tcp
remote A.B.C.D 1194
nobind
user nobody
group nobody
persist-key
persist-tun
key-direction 1
cipher AES-256-CBC
auth SHA512
#comp-lzo
verb 3
На клиенте route print выдаёт:
Код: Выделить всё
===========================================================================
Interface List
13...00 ff f9 28 bc 16 ......TAP-Windows Adapter V9 for OpenVPN Connect
11...08 00 27 4d 7f 23 ......Intel(R) PRO/1000 MT Desktop Adapter
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.110 10
10.8.0.0 255.255.255.0 On-link 10.8.0.4 257
10.8.0.4 255.255.255.255 On-link 10.8.0.4 257
10.8.0.255 255.255.255.255 On-link 10.8.0.4 257
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.110 266
192.168.1.110 255.255.255.255 On-link 192.168.1.110 266
192.168.1.255 255.255.255.255 On-link 192.168.1.110 266
A.B.C.D 255.255.255.255 192.168.1.1 192.168.1.110 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.110 266
224.0.0.0 240.0.0.0 On-link 10.8.0.4 257
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.110 266
255.255.255.255 255.255.255.255 On-link 10.8.0.4 257
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 266 fe80::/64 On-link
13 266 fe80::/64 On-link
11 266 fe80::398d:bca2:2cdb:edc6/128
On-link
13 266 fe80::cc43:3672:a984:3569/128
On-link
1 306 ff00::/8 On-link
11 266 ff00::/8 On-link
13 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
Код: Выделить всё
Routing tables
Internet:
Destination Gateway Flags Netif Expire
default A.B.C.1 UGS vmx0
10.8.0.0/24 10.8.0.2 UGS tun0
10.8.0.1 link#7 UHS lo0
10.8.0.2 link#7 UH tun0
127.0.0.1 link#4 UH lo0
192.168.0.2 link#2 UHS lo0
192.168.0.2/32 link#2 U vmx1
192.168.0.3 link#3 UHS lo0
192.168.0.3/32 link#3 U vmx2
A.B.C.0/24 link#1 U vmx0
A.B.C.D link#1 UHS lo0
Internet6:
Destination Gateway Flags Netif Expire
::/96 ::1 UGRS lo0
::1 link#4 UH lo0
::ffff:0.0.0.0/96 ::1 UGRS lo0
fe80::/10 ::1 UGRS lo0
fe80::%lo0/64 link#4 U lo0
fe80::1%lo0 link#4 UHS lo0
fe80::250:56ff:fea6:4846%tun0 link#7 UHS lo0
ff02::/16 ::1 UGRS lo0
Что нужно сделать, чтобы клиент был доступен с сервера?