[GH-ISSUE #1315] frpc能否使外网用户可以连接到内网的OpenVPN Server上？ #1044

New issue

Closed

opened 2026-05-05 12:40:19 -06:00 by gitea-mirror · 4 comments

gitea-mirror commented

2026-05-05 12:40:19 -06:00

Owner

Originally created by @Felix-Bao on GitHub (Jul 9, 2019).
Original GitHub issue: https://github.com/fatedier/frp/issues/1315

What version of frp are you using (./frpc -v or ./frps -v)?
0.27

What operating system and processor architecture are you using (go env)?
WiFi Router, Pandora ROM, MT7620A, mipsel

frpc能否使外网用户可以连接到内网的OpenVPN Server上？

公司网络可访问外网，我在办公室安放了一台路由器，已刷潘多拉固件。该固件支持OpenVPN服务器端，支持frp 0.27，谷歌云上我已安装了frps 0.27。如何正确配置才能使我在家中也可以通过OpenVPN登录到公司路由器上？我仔细的阅读了相关说明，且确认相关端口已开放，可是连接时总是reset？

经测试，内网其他电脑可以通过OpenVPN客户端软件连接到该路由器上。通过frp中转则不行。如下是我配置的frpc参数：
[openvpn]
remote_port = 1994
type = tcp
local_ip = 210.20.30.141 #这是单位内网路由器的IP，虽然是个公网IP，但其实是内网，它的上级路由器是210.20.30.1
local_port = 1994
subdomain =
#host_header_rewrite = 实际你内网访问的域名，可以供公网的域名不一致，如果一致可以不写

====================

以下是我用手机连接的记录：
2019-07-09 16:01:15 www.robertsmali.com api15-release-2.20.02 (12022002)
2019-07-09 16:01:15 Connecting request by user
2019-07-09 16:01:15 OpenVPN 2.4.6 android-armeabi-v7a [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] [www.robertsmali.com]
2019-07-09 16:01:15 library versions: OpenSSL 1.1.0i 14 Aug 2018, LZO 2.10
2019-07-09 16:01:16 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2019-07-09 16:01:16 TCP/UDP: Preserving recently used remote address: [AF_INET]谷歌云IP:1994
2019-07-09 16:01:16 Socket Buffers: R=[4194304->4194304] S=[524288->524288]
2019-07-09 16:01:16 Attempting to establish TCP connection with [AF_INET]谷歌云IP:1994 [nonblock]
2019-07-09 16:01:17 TCP connection established with [AF_INET]谷歌云IP:1994
2019-07-09 16:01:17 TCPv4_CLIENT link local: (not bound)
2019-07-09 16:01:17 TCPv4_CLIENT link remote: [AF_INET]谷歌云IP:1994
2019-07-09 16:01:17 TLS: Initial packet from [AF_INET]谷歌云IP:1994, sid=1ae76c16 9922ab63
2019-07-09 16:01:17 VERIFY OK: depth=1, CN=OpenVPN CA
2019-07-09 16:01:17 VERIFY OK: depth=0, CN=OpenVPN Server
2019-07-09 16:01:18 Connection reset, restarting [-1]
2019-07-09 16:01:18 SIGUSR1[soft,connection-reset] received, process restarting
2019-07-09 16:01:18 Restart pause, 5 second(s)
2019-07-09 16:01:23 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2019-07-09 16:01:23 TCP/UDP: Preserving recently used remote address: [AF_INET]谷歌云IP:1994
2019-07-09 16:01:23 Socket Buffers: R=[4194304->4194304] S=[524288->524288]
2019-07-09 16:01:23 Attempting to establish TCP connection with [AF_INET]谷歌云IP:1994 [nonblock]
2019-07-09 16:01:24 TCP connection established with [AF_INET]谷歌云IP:1994
2019-07-09 16:01:24 TCPv4_CLIENT link local: (not bound)
2019-07-09 16:01:24 TCPv4_CLIENT link remote: [AF_INET]谷歌云IP:1994
2019-07-09 16:01:24 Connection reset, restarting [-1]
2019-07-09 16:01:24 SIGUSR1[soft,connection-reset] received, process restarting
2019-07-09 16:01:24 Restart pause, 5 second(s)

看记录似乎已经验证通过并且建立了连接，但是又马上断开了，是什么原因呢？

Originally created by @Felix-Bao on GitHub (Jul 9, 2019). Original GitHub issue: https://github.com/fatedier/frp/issues/1315 **What version of frp are you using (./frpc -v or ./frps -v)?** 0.27 **What operating system and processor architecture are you using (`go env`)?** WiFi Router, Pandora ROM, MT7620A, mipsel frpc能否使外网用户可以连接到内网的OpenVPN Server上？公司网络可访问外网，我在办公室安放了一台路由器，已刷潘多拉固件。该固件支持OpenVPN服务器端，支持frp 0.27，谷歌云上我已安装了frps 0.27。如何正确配置才能使我在家中也可以通过OpenVPN登录到公司路由器上？我仔细的阅读了相关说明，且确认相关端口已开放，可是连接时总是reset？经测试，内网其他电脑可以通过OpenVPN客户端软件连接到该路由器上。通过frp中转则不行。如下是我配置的frpc参数： [openvpn] remote_port = 1994 type = tcp local_ip = 210.20.30.141 #这是单位内网路由器的IP，虽然是个公网IP，但其实是内网，它的上级路由器是210.20.30.1 local_port = 1994 subdomain = #host_header_rewrite = 实际你内网访问的域名，可以供公网的域名不一致，如果一致可以不写 # ==================== 以下是我用手机连接的记录： 2019-07-09 16:01:15 www.robertsmali.com api15-release-2.20.02 (12022002) 2019-07-09 16:01:15 Connecting request by user 2019-07-09 16:01:15 OpenVPN 2.4.6 android-armeabi-v7a [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] [www.robertsmali.com] 2019-07-09 16:01:15 library versions: OpenSSL 1.1.0i 14 Aug 2018, LZO 2.10 2019-07-09 16:01:16 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. 2019-07-09 16:01:16 TCP/UDP: Preserving recently used remote address: [AF_INET]谷歌云IP:1994 2019-07-09 16:01:16 Socket Buffers: R=[4194304->4194304] S=[524288->524288] 2019-07-09 16:01:16 Attempting to establish TCP connection with [AF_INET]谷歌云IP:1994 [nonblock] 2019-07-09 16:01:17 TCP connection established with [AF_INET]谷歌云IP:1994 2019-07-09 16:01:17 TCPv4_CLIENT link local: (not bound) 2019-07-09 16:01:17 TCPv4_CLIENT link remote: [AF_INET]谷歌云IP:1994 2019-07-09 16:01:17 TLS: Initial packet from [AF_INET]谷歌云IP:1994, sid=1ae76c16 9922ab63 2019-07-09 16:01:17 VERIFY OK: depth=1, CN=OpenVPN CA 2019-07-09 16:01:17 VERIFY OK: depth=0, CN=OpenVPN Server 2019-07-09 16:01:18 Connection reset, restarting [-1] 2019-07-09 16:01:18 SIGUSR1[soft,connection-reset] received, process restarting 2019-07-09 16:01:18 Restart pause, 5 second(s) 2019-07-09 16:01:23 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. 2019-07-09 16:01:23 TCP/UDP: Preserving recently used remote address: [AF_INET]谷歌云IP:1994 2019-07-09 16:01:23 Socket Buffers: R=[4194304->4194304] S=[524288->524288] 2019-07-09 16:01:23 Attempting to establish TCP connection with [AF_INET]谷歌云IP:1994 [nonblock] 2019-07-09 16:01:24 TCP connection established with [AF_INET]谷歌云IP:1994 2019-07-09 16:01:24 TCPv4_CLIENT link local: (not bound) 2019-07-09 16:01:24 TCPv4_CLIENT link remote: [AF_INET]谷歌云IP:1994 2019-07-09 16:01:24 Connection reset, restarting [-1] 2019-07-09 16:01:24 SIGUSR1[soft,connection-reset] received, process restarting 2019-07-09 16:01:24 Restart pause, 5 second(s) 看记录似乎已经验证通过并且建立了连接，但是又马上断开了，是什么原因呢？

gitea-mirror closed this issue

2026-05-05 12:40:20 -06:00

gitea-mirror commented

2026-05-05 12:40:21 -06:00

Author

Owner

@Xeath commented on GitHub (Jul 9, 2019):

方法可行的；
防火长墙会阻挡来自非中国大陆地区的 OpenVPN TCP 流量；
防火长墙不会阻挡来自非中国大陆地区的 OpenVPN UDP 流量；
防火长墙会在一段时间后阻挡与中国大陆地区使用 UDP 协议进行交互的非中国大陆地区 IP 地址，并将相邻的 IP 地址升级为可疑 IP，若相邻 IP 再次产生 UDP 流量则会在 24 小时内阻挡交互的 IP。

@Xeath commented on GitHub (Jul 9, 2019): 1. 方法可行的； 2. 防火长墙会阻挡来自非中国大陆地区的 OpenVPN TCP 流量； 3. 防火长墙不会阻挡来自非中国大陆地区的 OpenVPN UDP 流量； 4. 防火长墙会在一段时间后阻挡与中国大陆地区使用 UDP 协议进行交互的非中国大陆地区 IP 地址，并将相邻的 IP 地址升级为可疑 IP，若相邻 IP 再次产生 UDP 流量则会在 24 小时内阻挡交互的 IP。

gitea-mirror commented

2026-05-05 12:40:22 -06:00

Author

Owner

@Felix-Bao commented on GitHub (Jul 10, 2019):

感谢“xiaopiao5789”的解释，更改为UDP后果然可以了，然而速度感人，连接OpenVPN后也就100KB/s。
今天申请了个免费的腾讯云，北京节点，同样部署，连接OpenVPN后速度能到250KB/s，一般使用是够了。
不知道是路由器的问题，还是其他原因。准备在腾讯云上装个锐速或BBR再测试下，看看速度能否提高。

@Felix-Bao commented on GitHub (Jul 10, 2019): 感谢“xiaopiao5789”的解释，更改为UDP后果然可以了，然而速度感人，连接OpenVPN后也就100KB/s。今天申请了个免费的腾讯云，北京节点，同样部署，连接OpenVPN后速度能到250KB/s，一般使用是够了。不知道是路由器的问题，还是其他原因。准备在腾讯云上装个锐速或BBR再测试下，看看速度能否提高。

gitea-mirror commented

2026-05-05 12:40:22 -06:00

Author

Owner

@Felix-Bao commented on GitHub (Jul 10, 2019):

OpenVPN改为TCP模式，装了BBR，速度依然没有改善，可以对付用吧。

@Felix-Bao commented on GitHub (Jul 10, 2019): OpenVPN改为TCP模式，装了BBR，速度依然没有改善，可以对付用吧。

gitea-mirror commented

2026-05-05 12:40:24 -06:00

Author

Owner

@fatedier commented on GitHub (Jul 10, 2019):