On the first day of construction, the computer actually went on strike, and after a day of tossing, I finally backed up the data and reinstalled it. Finally, configure the VPN client, and then you can't get through, and then ask the search engine according to the log information, and open the following firewall rules:
firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 0 -p gre -j ACCEPT
firewall-cmd --permanent --direct --add-rule ipv6 filter INPUT 0 -p gre -j ACCEPT
firewall-cmd --reload
Advanced options use the following configuration (this should be related to the server, so each company may be different):
Add route:
What should be noted here are the following two options. There are no routing rules or the following options are not selected. I am here. This machine can access the internal network, but cannot access the external network.
This rule should be generally applicable to CentOS 7+, the version of iptables is estimated to be like this, and I have a chance to verify it again.
iptables -A INPUT -p gre -j ACCEPT
Make a record here to prevent reinstallation next year. ;-)