12
返回列表 發帖
角色

Rank: 2
16# 跳轉到 »
發表於 2018-9-13 07:19 | 只看該作者
本帖最後由 角色 於 2018-9-13 16:22 編輯

如果你看不到MyTV Super,RTHK TV,那么就把所有no-routes都delete掉,就可以。
  1. auth = "plain[passwd=/etc/ocserv/ocpasswd]"
  2. # listen-host = [IP|HOSTNAME]
  3. tcp-port = 443
  4. udp-port = 443
  5. run-as-user = nobody
  6. run-as-group = daemon
  7. socket-file = /var/run/ocserv-socket
  8. server-cert = /etc/ocserv/ssl/server-cert.pem
  9. server-key = /etc/ocserv/ssl/server-key.pem
  10. ca-cert = /etc/ocserv/ssl/ca-cert.pem
  11. isolate-workers = true
  12. banner = "Welcome DOUB.IO"
  13. max-clients = 0
  14. max-same-clients = 0
  15. rate-limit-ms = 0
  16. server-stats-reset-time = 604800
  17. keepalive = 32400
  18. dpd = 90
  19. mobile-dpd = 1800
  20. switch-to-tcp-timeout = 25
  21. try-mtu-discovery = false
  22. tls-priorities = "NORMAL:%SERVER_PRECEDENCE:%COMPAT:-VERS-SSL3.0"
  23. auth-timeout = 240
  24. idle-timeout = 86400
  25. mobile-idle-timeout = 86400
  26. min-reauth-time = 300
  27. max-ban-score = 80
  28. ban-reset-time = 1200
  29. cookie-timeout = 300
  30. deny-roaming = false
  31. rekey-time = 172800
  32. rekey-method = ssl
  33. use-occtl = true
  34. pid-file = /var/run/ocserv.pid
  35. net-priority = 6
  36. device = vpns
  37. predictable-ips = trueipv4-network = 192.168.1.0
  38. ipv4-netmask = 255.255.255.0
  39. # An alternative way of specifying the network:
  40. #ipv4-network = 192.168.1.0/24
  41. # The IPv6 subnet that leases will be given from.
  42. #ipv6-network = fda9:4efe:7e3b:03ea::/48
  43. # Specify the size of the network to provide to clients. It is
  44. # generally recommended to provide clients with a /64 network in
  45. # IPv6, but any subnet may be specified. To provide clients only
  46. # with a single IP use the prefix 128.
  47. #ipv6-subnet-prefix = 128
  48. #ipv6-subnet-prefix = 64

  50. # tunnel-all-dns = true
  51. dns = 8.8.8.8
  52. dns = 8.8.4.4
  53. ping-leases = false

  55. # Beginning of no-route, the following no-routes will be pushed to the client when connected. If all no-routes are removed, then all the traffic will be directed the remote gateway, i.e., Openconnect server gateway
  56. #no-route = 1.0.0.0/255.192.0.0
  57. #no-route = 1.64.0.0/255.224.0.0
  58. #no-route = 1.112.0.0/255.248.0.0
  59. #***
  60. #***
  61. #***
  62. #no-route = 223.0.0.0/255.224.0.0
  63. #no-route = 223.64.0.0/255.192.0.0
  64. #no-route = 223.128.0.0/255.128.0.0
  65. # End of no-route

  67. cisco-client-compat = true
  68. dtls-legacy = true
  69. default-domain = example.com
複製代碼

TOP

角色

Rank: 2
17#
發表於 2018-9-13 16:24 | 只看該作者
回復 14# tomleehk

谢谢CHing的信息,可能版本不一样。我的就把所有no-route删去就可以了。

TOP

tomleehk

Rank: 1
18#
發表於 2018-9-13 18:46 | 只看該作者
回復 17# 角色

openwrt平台 亦都要將 openconnect server  上嘅 config file 裏面嘅routing 全部remove 或者 remark 咗佢

TOP

12
返回列表