별도의 인스턴스 OpenWRT를 통한 VPN

tag-icon tag-icon networking wireless-networking router vpn openvpn
별도의 인스턴스 OpenWRT를 통한 VPN

나는 이것을 실현하기 위해 며칠 동안 노력해 왔지만 지금까지 성공하지 못했습니다. 내 상황은 거의 비슷해SSID #2의 VPN(OpenWRT), 그러나 약간 다릅니다.

제 상황에서는 OpenVPN을 사용하고 있습니다. 2,4ghz와 5ghz에 별도의 SSID가 있고 5ghz에 OpenVPN을 통과해야 하는 별도의 인스턴스가 있습니다.

내가 이해하는 것은 IP 라우팅을 살펴봐야 하지만 이를 수행하기에는 네트워킹 지식이 너무 제한적이라는 것입니다.

IP 범위 192.168.1.x에서 "일반" 인스턴스를 실행합니다. VPN을 통과해야 하는 인스턴스는 192.168.55.x에 있습니다.

내가 시도한 비교 질문의 답변에

ip route add 192.168.55.0/24 dev tun0

하지만 이로 인해 오류가 발생합니다.

Cannot find device "tun0"

분명히 tun0은 OpenVPN입니다.

말 그대로 이 문제를 어떻게 해결해야 할지, 어떤 방향으로 가야 할지 전혀 모르겠습니다. 아마도 누군가 내가 이 문제를 해결하도록 도와줄 수 있을 것입니다.

편집 : 나는 다음 단계를 시도했습니다.특정 서브넷을 VPN 터널로 라우팅이는 OpenVPN 구성에서도 볼 수 있지만 성공하지 못했습니다.

내 구성 파일:

/etc/config/네트워크

config interface 'loopback'
    option ifname 'lo'
    option proto 'static'
    option ipaddr '127.0.0.1'
    option netmask '255.0.0.0'

config globals 'globals'
    option ula_prefix 'fd15:4503:4ed4::/48'

config interface 'lan'
    option ifname 'eth1'
    option force_link '1'
    option type 'bridge'
    option proto 'static'
    option ipaddr '192.168.1.1'
    option netmask '255.255.255.0'
    option ip6assign '60'

config interface 'wan'
    option ifname 'eth0'
    option proto 'dhcp'

config interface 'wan6'
    option ifname 'eth0'
    option proto 'dhcpv6'

config switch
    option name 'switch0'
    option reset '1'
    option enable_vlan '1'

config switch_vlan
    option device 'switch0'
    option vlan '1'
    option ports '0 2 3 4 5'

config switch_vlan
    option device 'switch0'
    option vlan '2'
    option ports '1 6'

config interface 'VPN'
    option proto 'none'
    option ifname 'tun0'

config interface 'OVPN'
    option _orig_ifname 'wlan0-1'
    option _orig_bridge 'false'
    option proto 'static'
    option ipaddr '192.168.55.1'
    option netmask '255.255.255.0'

지금까지 이것을 사용하여 OpenVPN에 연결했습니다.

/etc/openvpn/client.ovpn

client
dev tun
proto udp
port 1194
remote 108.61.152.187
resolv-retry infinite
nobind
persist-key
persist-tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/client.crt
key /etc/openvpn/client.key
auth-user-pass ./pass.txt
ns-cert-type server
cipher AES-256-CBC
comp-lzo
verb 3
#Prevents default gateway from being set on the default routing table
route-noexec
#Allows route-up script to be executed
script-security 2
#Calls custom shell script after connection to add necessary routes
route-up /etc/openvpn/route-up.sh

/etc/config/무선

config wifi-device 'radio0'
    option type 'mac80211'
    option hwmode '11a'
    option path 'pci0000:01/0000:01:00.0'
    option country '00'
    option htmode 'VHT80'
    option channel '157'
    option txpower '30'

config wifi-iface
    option device 'radio0'
    option network 'lan'
    option mode 'ap'
    option ssid 'TP-Link 5G'
    option encryption 'psk2'
    option key 'key'

config wifi-device 'radio1'
    option type 'mac80211'
    option channel '5'
    option hwmode '11n'
    option path 'platform/qca955x_wmac'
    option htmode 'HT40'
    option txpower '30'
    option country '00'

config wifi-iface
    option device 'radio1'
    option network 'lan'
    option mode 'ap'
    option ssid 'TP-Link'
    option encryption 'psk-mixed+ccmp'
    option key 'key'

config wifi-iface
    option device 'radio0'
    option mode 'ap'
    option ssid 'TP-Link VPN'
    option network 'OVPN'
    option encryption 'psk2'
    option key 'key'

Route-up.sh

#!/bin/sh

#Clear all routes on vpn routing table (this is to make sure there isn't any crap left over from a previous vpn connection
ip route flush table vpn

#Copy routing table from main routing table into vpn table
ip route show table main | grep -Ev ^default | while read ROUTE ; do ip route add table vpn $ROUTE; done

#Add default gateway to vpn routing table
ip route add default via ${route_vpn_gateway} dev ${dev} table vpn

결과Ifconfig

6rd-wan_6rd Link encap:IPv6-in-IPv4
          inet6 addr: ::77.174.30.80/96 Scope:Compat
          inet6 addr: 2001:838:ad1e:5000::1/40 Scope:Global
          UP RUNNING NOARP  MTU:1280  Metric:1
          RX packets:256964 errors:0 dropped:0 overruns:0 frame:0
          TX packets:160291 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:284886943 (271.6 MiB)  TX bytes:18047017 (17.2 MiB)

br-lan    Link encap:Ethernet  HWaddr E8:DE:27:F5:E7:F6
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: 2001:838:ad1e:5000::1/60 Scope:Global
          inet6 addr: fe80::eade:27ff:fef5:e7f6/64 Scope:Link
          inet6 addr: fd15:4503:4ed4::1/60 Scope:Global
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:19173187 errors:0 dropped:0 overruns:0 frame:0
          TX packets:13930435 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:21346350453 (19.8 GiB)  TX bytes:19757831552 (18.4 GiB)

br-lan:1  Link encap:Ethernet  HWaddr E8:DE:27:F5:E7:F6
          inet addr:10.3.5.3  Bcast:10.255.255.255  Mask:255.255.255.255
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

eth0      Link encap:Ethernet  HWaddr E8:DE:27:F5:E7:F7
          inet addr:77.174.30.80  Bcast:77.174.31.255  Mask:255.255.252.0
          inet6 addr: fe80::eade:27ff:fef5:e7f7/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:7978235 errors:0 dropped:0 overruns:2 frame:0
          TX packets:3747223 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:3172877058 (2.9 GiB)  TX bytes:259141128 (247.1 MiB)
          Interrupt:4

eth1      Link encap:Ethernet  HWaddr E8:DE:27:F5:E7:F6
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5749 errors:0 dropped:0 overruns:0 frame:0
          TX packets:21872 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:968857 (946.1 KiB)  TX bytes:4234774 (4.0 MiB)
          Interrupt:5

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:1389 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1389 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:108498 (105.9 KiB)  TX bytes:108498 (105.9 KiB)

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00                                                                                        -00
          inet addr:10.8.0.22  P-t-P:10.8.0.21  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

wlan0     Link encap:Ethernet  HWaddr E8:DE:27:F5:E7:F4
          inet6 addr: fe80::eade:27ff:fef5:e7f4/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1398316 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5616658 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:116548785 (111.1 MiB)  TX bytes:3907071356 (3.6 GiB)

wlan0-1   Link encap:Ethernet  HWaddr EA:DE:27:F5:E7:F4
          inet addr:192.168.55.1  Bcast:192.168.55.255  Mask:255.255.255.0
          inet6 addr: fe80::e8de:27ff:fef5:e7f4/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:1944 (1.8 KiB)

wlan1     Link encap:Ethernet  HWaddr E8:DE:27:F5:E7:F5
          inet6 addr: fe80::eade:27ff:fef5:e7f5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:17805065 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8380514 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:32356101 (30.8 MiB)  TX bytes:3263563261 (3.0 GiB)

관련 정보