Tencent cloud windows A machine bought by the public mirror , Regardless of your machine vpc What is a network segment , The permanent route seems to be fixed .

The main problems you may encounter are 3 individual ：

【 Question 1 】vpn Show connected , But I can't visit vpn Virtual segment , It is because of the problem of routing

There are two ways ：

Method ①

VPN Show connected , But I just can't access the virtual segment device （ such as , Client to virtual segment 10.3.40.113 no ）

Windows CMD Command line execution route print -4 Displays the network card device , see VPN The name of the connection , Corresponding to the left Interface No. if it is 24

Execute the add route command route -p add 10.3.40.113/32 0.0.0.0 if 24 Again ping 10.3.40.113 That's it

Execute the de routing command route delete 10.3.40.113/32 if 24 Again ping 10.3.40.113 It doesn't work

Method ②

with vpn When , Do not follow the virtual segment cvm Intranet IP Of vpc Segment overlap , such as cvm yes 10 Part of the , that vpn Do not configure the virtual segment 10 The first , also vpn If the virtual segment falls on 172.16.xxx.xxx、192.168.xxx.xxx On , Delete the corresponding route

such as cvm yes 10 Leading network segment ,vpn Virtual segment is 192.168.xxx.xxx Part of the , That needs to be done route delete 192.168.0.0/16

Your virtual IP The corresponding segment is executed route delete command

yes 10 Paragraph is executed route delete 10.0.0.0/8

yes 172 Paragraph is executed route delete 172.16.0.0/12

yes 192 Paragraph is executed route delete 192.168.0.0/16

That's the only way ,cvm As vpn The client connects to vpn after , To access the virtual segment devices normally .

【 Question two 】 even vpn It's a mistake , The client registry needs to be adjusted

in addition , If even vpn In case of an error , Refer to this document for troubleshooting https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/clients.md#troubleshooting

When I do my own experiments on cloud servers , Reference resources https://cloud.tencent.com/developer/article/1835983 With one windows l2tp vpn server、 Reference resources https://github.com/hwdsl2/setup-ipsec-vpn I got one linux vpn server, And then I got another one win10 cvm Do the client connection vpn server When encountering the above errors , I looked it up on the Internet , On the client side win10 cvm On the implementation of 3 This command can be connected correctly vpn.

REG ADD HKLM\SYSTEM\CurrentControlSet\Services\RasMan\Parameters /v ProhibitIpSec /t REG_DWORD /d 0x0 /f

REG ADD HKLM\SYSTEM\CurrentControlSet\Services\Rasman\Parameters /v AllowL2TPWeakCrypto /t REG_DWORD /d 0x1 /f

REG ADD HKLM\SYSTEM\CurrentControlSet\Services\PolicyAgent /v AssumeUDPEncapsulationContextOnSendRule /t REG_DWORD /d 0x2 /f

But if I don't delete the route as originally mentioned in this document , That only shows vpn Connected but unable to access the virtual segment device , Delete the route to access

【 Question 3 】vpn Connected to 、 Virtual segment devices can also access , But I can't get on the Internet , Refer to the following documents for solutions

solve Windows Connect PPTP/L2TP Unable to connect to the Internet when Internet The problem of

https://www.tintsoft.com/articles/676.html