БЛОГ НА HUSL


Pritunl VPN server + Proxmox внутренняя сеть

Автор вопроса: Andrey Popov

Есть два сервера. На первом(prod1) установлен proxmox c

root@prod1:~# cat /etc/network/interfaces
source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet manual
        dns-nameservers 8.8.8.8 1.1.1.1

iface eth1 inet manual

auto vmbr0
iface vmbr0 inet static
        address 66.66.66.28/24
        gateway 66.66.66.1
        bridge-ports eth0
        bridge-stp off
        bridge-fd 0
#Внешняя

auto vmbr100
iface vmbr100 inet static
        address 10.1.10.1
        netmask 255.255.255.0
        bridge-ports none
        bridge-stp off
        bridge-fd 0
#Внутренняя

post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '10.1.10.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.1.10.0/24' -o vmbr0 -j MASQUERADE

И второй сервер на котором установлен Pritunl VPN server

root@openvpn:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: inet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 08:bf:b8:a5:54:e0 brd ff:ff:ff:ff:ff:ff
    inet 66.66.66.130/24 brd 66.66.66.255 scope global inet0
       valid_lft forever preferred_lft forever
    inet6 fe80::abf:b8ff:fea5:54e0/64 scope link
       valid_lft forever preferred_lft forever
3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 1000
    link/none
    inet 192.168.222.1/24 scope global tun0
       valid_lft forever preferred_lft forever
    inet6 fe80::b79c:81a1:5929:f154/64 scope link stable-privacy
       valid_lft forever preferred_lft forever

Вот таблица маршрутизации prod1

ip route
default via 66.66.66.1 dev vmbr0 proto kernel onlink
10.1.10.0/24 dev vmbr100 proto kernel scope link src 10.1.10.1
66.66.66.0/24 dev vmbr0 proto kernel scope link src 66.66.66.128
192.168.222.0/24 dev tun0 proto kernel scope link src 192.168.222.5

Вот таблица маршрутизации openvpn

ip route
default via 66.66.66.1 dev inet0 proto static
10.1.10.0/24 via 192.168.222.5 dev tun0
66.66.66.0/24 dev inet0 proto kernel scope link src 66.66.66.130
192.168.222.0/24 dev tun0 proto kernel scope link src 192.168.222.1

Не могу с openvpn подключиться к внутренней сетки проксмокса 10.1.10.0/24


Источник

Ответы (0 шт):

licensed under cc by-sa 3.0 with attribution.