ngineseva ye-NAS okufanele ngiyenzele ukuyidlulisela ngembobo ukuze ngenze izinsizakalo zayo zifinyeleleke ku-inthanethi. Kodwa-ke i-ISP yami ivimba amachweba, ngakho-ke ngikwazile ukuzithengela i-Ubuntu VPS eshibhile ukuze ngisebenzise iseva ye-OpenVPN lapho bese ngandlela thize ngiqondise kabusha yonke ithrafikhi ye-NAS namachweba adingekayo lapho.
Ukusetha kwami ​​kunjengokulandelayo:
| Rapha | (192.168.0.101/24)| |(192.168.1.1/24) (192.168.0.1/24) APwlan0 eth0NAS (192.168.1.102/24) | \/| |ama-iptable kanye nenjini yomzila{tun0} | | 10.8.0.6 |
Uhlangothi lwe-VPS lucushwe kahle ngicabanga ukuthi, njengoba ngikwazi ukufaka i-SSH ku-Raspberry Pi yami ngisebenzisa i-VPS yami ye-IP. Yilokho engikwenzile lapho ukuze ngiyenze isebenze:
iptables -t nat -A PREROUTING -d A.B.C.D -p tcp --dport 22 -j DNAT --to-dest 10.8.0.6:22 iptables -t nat -A POSTROUTING -d 10.8.0.6 -p tcp --dport 2 j I-SNAT --to-source 10.8.0.1
Ukulungiselelwa kweseva yami ye-OpenVPN:
port X proto udp dev tun ca ca.crt cert server.crt key server.key dh dh2048.pem iseva 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt client-config-dir ccd push "redirect-gateway def1 bypass -dhcp"push "dhcp-option DNS 208.67.222.222"push "dhcp-option DNS 208.67.220.220"keepalive 10 120 comp-lzo umsebenzisi akekho iqembu nogroup persist-key persist-tun status openvpn-status3.
Ngenze futhi:
sysctl -w net.ipv4.ip_forward=1
futhi ubeke
DEFAULT_FORWARD_POLICY="VUMA"phakathi
/etc/default/ufw futhi ingeziwe
# QALA IMITHETHO YE-OPENVPN # imithetho yethebula le-NAT *nat :POSTROUTING YAMUKELA [0:0] # Vumela ithrafikhi esuka kuklayenti le-OpenVPN iye eth0 -A POSTROUTING -s 10.8.0.0/8 -o eth0 -j MASQUERADE# QEDA IMITHETHO YE-OPENVPN
ku
/etc/ufw/before.rules
Ukulungiselelwa kweklayenti le-OpenVPN:
client dev tun proto udp remote A.B.C.D X resolv-phinda zama okungenamkhawulo nobind umsebenzisi akekho iqembu nogroup persist-key persist-tun ns-cert-type server comp-lzo isenzo 3 XXX YYY ZZZ
Ngiyiqondisa kanjani kabusha ithrafikhi ye-eth0 ku-tun0 kanye nezimbobo zokudlulisela u-Y no-Z emhubheni?
Ngiyazi nje ukuthi kwamanye amachweba kufanele ngilungise kabusha i-VPS yami ngokufanele njengoba ngenzile kumbobo 22.