Folge dem Video um zu sehen, wie unsere Website als Web-App auf dem Startbildschirm installiert werden kann.
Anmerkung: Diese Funktion ist in einigen Browsern möglicherweise nicht verfügbar.
remote name.dyndns.org
remote name.dyndns.org 5000
push "route 192.168.100.0 255.255.255.0 10.0.0.1"
push "route 192.168.200.0 255.255.255.0 10.0.0.1"
route -p add 10.0.0.0 mask 255.255.255.0 192.168.200.1
# Server Config
# Port
port 1194
# TCP oder UDP?
proto tcp
# tun oder tap?
dev tun
tun-mtu 1492
mssfix
# Die Pfade zu den Keys und Zertifikaten.
pkcs12 /usr/local/etc/openvpn/keys/server.p12
# Der Pfad zu den Diffie-Hellmann Parametern.
dh /usr/local/etc/openvpn/keys/dh1024.pem
mode server
server 10.0.20.0 255.255.255.0
ifconfig-pool-persist /usr/local/etc/openvpn/ipp.txt
push "route 10.0.2.0 255.255.255.0"
push "route 10.0.1.0 255.255.255.0"
keepalive 10 120
# Authentifizierungsmethode
auth SHA1
# Verschluesselungsmethode
cipher AES-256-CBC
comp-lzo
user nobody
group nobody
persist-key
persist-tun
status /usr/local/etc/openvpn/status.log
verb 3
# Client Config
client
float
dev tun
tun-mtu 1492
mssfix
proto tcp
remote router.xxxxx.de 1194
tls-remote server
pkcs12 client.p12
auth SHA1
cipher aes-256-cbc
nobind
comp-lzo
persist-key
persist-tun
verb 3
Routing tables
Internet:
Destination Gateway Flags Refs Use Mtu Netif Expire
default 10.0.2.254 UGSc 14 26 1500 en0
10.0.2/24 link#4 UCS 3 0 1500 en0
10.0.2.10 127.0.0.1 UHS 0 2339 16384 lo0
10.0.2.11 0:40:63:cb:7f:ab UHLW 479 479 1500 en0 765
10.0.2.254 0:a0:57:4:c:5e UHLW 1057 5246 1500 en0 1036
10.0.2.255 link#4 UHLWb 1 1837 1500 en0
10.0.20/24 10.0.20.2 UGSc 1 0 1492 tun0
10.0.20.2 10.0.20.1 UH 2 0 1492 tun0
127 127.0.0.1 UCS 0 0 16384 lo0
127.0.0.1 127.0.0.1 UH 12 179664 16384 lo0
169.254 link#4 UCS 0 0 1500 en0
Routing tables
Internet:
Destination Gateway Flags Refs Use Mtu Netif Expire
default 192.168.1.1 UGSc 4 6 1500 en1
10.0.1/24 10.0.20.5 UGSc 0 0 1492 tun0
10.0.2/24 10.0.20.5 UGSc 0 0 1492 tun0
10.0.20.1/32 10.0.20.5 UGSc 0 0 1492 tun0
10.0.20.5 10.0.20.6 UH 3 0 1492 tun0
127 127.0.0.1 UCS 0 0 16384 lo0
127.0.0.1 127.0.0.1 UH 16 137106 16384 lo0
169.254 link#5 UCS 0 0 1500 en1
192.168.1 link#5 UCS 2 0 1500 en1
192.168.1.1 0:16:b6:d9:17:35 UHLW 5 21 1500 en1 1178
192.168.1.133 127.0.0.1 UHS 0 0 16384 lo0
192.168.1.255 ff:ff:ff:ff:ff:ff UHLWb 0 15 1500 en1
Tillman schrieb:Code:Routing tables Internet: Destination Gateway Flags Refs Use Mtu Netif Expire 10.0.20/24 10.0.20.2 UGSc 1 0 1492 tun0 10.0.20.2 10.0.20.1 UH 2 0 1492 tun0
Code:Routing tables Internet: Destination Gateway Flags Refs Use Mtu Netif Expire 10.0.1/24 10.0.20.5 UGSc 0 0 1492 tun0 10.0.2/24 10.0.20.5 UGSc 0 0 1492 tun0 10.0.20.1/32 10.0.20.5 UGSc 0 0 1492 tun0 10.0.20.5 10.0.20.6 UH 3 0 1492 tun0
# Server Config
port 1194
proto tcp
proto tcp-server
dev tap
tun-mtu 1492
mssfix
pkcs12 /usr/local/etc/openvpn/keys/server-cert.p12
dh /usr/local/etc/openvpn/keys/dh1024.pem
tls-server
mode server
# Server bekommt die Adresse 10.0.20.254
ifconfig 10.0.20.254 255.255.255.0
ifconfig-pool 10.0.20.100 10.0.20.199 255.255.255.0
ifconfig-pool-persist /usr/local/etc/openvpn/ipp.txt
client-to-client
push "route 10.0.2.0 255.255.255.0 10.0.20.254"
push "route 10.0.1.0 255.255.255.0 10.0.20.254"
keepalive 10 120
auth SHA1
cipher AES-256-CBC
comp-lzo
user nobody
group nobody
persist-key
persist-tun
status /usr/local/etc/openvpn/status.log
verb 3
Internet:
Destination Gateway Flags Refs Use Mtu Netif Expire
default 10.0.2.254 UGSc 17 14 1500 en0
10.0.2/24 link#4 UCS 3 0 1500 en0
10.0.2.10 127.0.0.1 UHS 0 4455 16384 lo0
10.0.2.11 0:40:63:cb:7f:ab UHLW 7 7 1500 en0 876
10.0.2.254 0:a0:57:4:c:5e UHLW 14 9036 1500 en0 1146
10.0.2.255 link#4 UHLWb 1 3985 1500 en0
10.0.20/24 link#8 UC 2 0 1492 tap0
10.0.20.101 0:ff:7f:88:d6:d5 UHLW 10 10 1492 tap0 720
10.0.20.255 link#8 UHLWb 0 8 1492 tap0
127 127.0.0.1 UCS 0 0 16384 lo0
127.0.0.1 127.0.0.1 UH 12 271457 16384 lo0
169.254 link#4 UCS 0 0 1500 en0
# Client Config
client
float
dev tap
tun-mtu 1492
mssfix
proto tcp
proto tcp-client
remote server.meineadresse.de 1194
tls-remote server
pkcs12 office-cert.p12
auth SHA1
cipher aes-256-cbc
nobind
comp-lzo
persist-key
persist-tun
verb 3
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 16.58.36.1 16.58.39.51 20
10.0.1.0 255.255.255.0 10.0.20.254 10.0.20.101 1
10.0.2.0 255.255.255.0 10.0.20.254 10.0.20.101 1
10.0.20.0 255.255.255.0 10.0.20.101 10.0.20.101 30
10.0.20.101 255.255.255.255 127.0.0.1 127.0.0.1 30
10.255.255.255 255.255.255.255 10.0.20.101 10.0.20.101 30
16.58.36.0 255.255.252.0 16.58.39.51 16.58.39.51 20
16.58.39.51 255.255.255.255 127.0.0.1 127.0.0.1 20
16.255.255.255 255.255.255.255 16.58.39.51 16.58.39.51 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 240.0.0.0 10.0.20.101 10.0.20.101 30
224.0.0.0 240.0.0.0 16.58.39.51 16.58.39.51 20
255.255.255.255 255.255.255.255 10.0.20.101 3 1
255.255.255.255 255.255.255.255 10.0.20.101 10.0.20.101 1
255.255.255.255 255.255.255.255 16.58.39.51 16.58.39.51 1
Default Gateway: 16.58.36.1
===========================================================================
Persistent Routes:
None
iBook:~ sts$ traceroute -n 10.0.20.101
traceroute to 10.0.20.101 (10.0.20.101), 64 hops max, 40 byte packets
1 10.0.2.254 5.302 ms 13.780 ms 5.971 ms
2 * * *
3 * * *
4 *^C
iBook:~ sts$
iBook:~ sts$ traceroute -n 10.0.2.10
traceroute to 10.0.2.10 (10.0.2.10), 64 hops max, 40 byte packets
1 10.0.2.254 5.519 ms 7.115 ms 3.630 ms
2 10.0.2.10 6.766 ms 14.275 ms 11.814 ms
iBook:~ sts$
debian:~# traceroute -n 10.0.20.101
traceroute to 10.0.20.101 (10.0.20.101), 30 hops max, 38 byte packets
1 10.0.2.10 1.837 ms 1.992 ms 1.155 ms
2 * * *
3 * * *
4 *
debian:~#
Creating a Gateway Without NAT
Sometimes you need to use a computer as a gateway between network
segments, but you don't need to translate their IP addresses between public
and private ranges. This is called "IP address forwarding." Mac OS X Server
supports IP address forwarding through the NAT section of Server Admin.
For this configuration, you may have various network configurations. For
example, some other server may be translating private IP address to public
addresses using NAT, but your Mac OS X Server gateway may be routing
information between various private address subnets. Likewise, you may want
to run a firewall between network segments within your own LAN. Any
condition in which you'd want to route network traffic through the server
without masquerading IP addresses is a condition which involves IP address
forwarding.
The steps for creating a gateway for address forwarding are the same as
those for creating a NAT LAN. This means that the network ports must be
configured to their proper settings, and the firewall service must be enabled
for the gateway to function.
1. In Server Admin, select NAT from the Computers & Services pane.
2. Click Settings.
3. Select "IP Forwarding only."
4. Click Save.
Quelle
sudo sysctl -w net.inet.ip.forwarding=1
Wir verwenden essentielle Cookies, damit diese Website funktioniert, und optionale Cookies, um den Komfort bei der Nutzung zu verbessern.
Siehe weitere Informationen und konfiguriere deine Einstellungen