具有多个远程IP地址的OpenVpn客户端

时间:2020-09-11 14:51:16

标签: openwrt openvpn

我在树莓派4上运行了2个openvpn服务器(ubuntu服务器20.04 LTS),每个服务器都位于nat后面。我有一个GL.inet路由器,它将作为客户端连接到openvpn服务器,我希望客户端在第一个出现故障时连接到下一个服务器。我无法使其正常工作。路由器(GL.inet)连接到服务器一。从另一台计算机上,我SSH进入服务器一并重新启动服务器一。预期:Router(GL.inet)必须自动切换到服务器2。现实:Router(GL.inet)一直尝试连接到服务器一。我尝试重新启动路由器(Gl.inet),它一直尝试重新连接到服务器一。大约1小时后,它将连接到服务器2。我希望立即完成切换,或者可能在5分钟内完成切换,而不是一个小时。

这是两个服务器的配置文件:

ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/pivpnservertwo.crt
key /etc/openvpn/easy-rsa/pki/private/pivpnservertwo.key
remote-cert-tls client
tls-auth /etc/openvpn/easy-rsa/pki/ta.key 0                                  
dh  dh2048.pem
;tls-verify "./verify-cn /etc/openvpn/allowedClients" 
;crl-verify ""
reneg-sec 3600 
cipher AES-256-CBC                                                      
user nobody                                                             
group nogroup
persist-tun 
persist-key 
persist-local-ip
persist-remote-ip
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp" 
push "dhcp-option DNS 4.2.2.2"
push "dhcp-option DNS 8.8.8.8" 
client-config-dir /etc/openvpn/clientConfigDirectory 
dev tun 
topology subnet 
float
proto udp
port 1194
push-peer-info
max-clients 100
keepalive 5 10 
ping-timer-rem 
log         /var/log/openvpn/openvpn.log 
ifconfig-pool-persist /var/log/ipassignments.txt                                                                                                                                   
verb 4
status    /var/log/openvpn/openvpn-status.log  1                                            
status-version 1
writepid  /var/log/openvpn/openvpn-pid.log
explicit-exit-notify 2
up        ./server.up
down      ./server.down
management 127.0.0.1 3066

这是客户端的配置文件:

client                                          
ca ca.crt                                                            
cert chachoo.crt
key chachoo.key
remote-cert-tls server
tls-auth ta.key 1 
reneg-sec 0  
cipher AES-256-CBC  
persist-tun  
persist-key   
mute-replay-warnings
dev tun                                             
remote 192.168.50.100 1194 udp4
remote 192.168.50.150 1194 udp4                                        
remote-random                                                           
resolv-retry infinite 
nobind
connect-retry 5  20 
connect-retry-max 3 
verb 4

Here is a picture of the router client i am talking about: 这是路由器客户端日志的图片:您可以​​在日志中看到该日志,其中保留了最近使用的远程IP地址。我希望它切换到以下远程IP地址。 Here is a picture of the log of the router-client: you can see in the log, it says, preserving recently used remote ip address. i want it to switch to the following remote ip address.

1 个答案:

答案 0 :(得分:0)

遵循此thread

尝试将以下配置添加到您的客户端conf 

server-poll-timeout 1
相关问题
最新问题