如何在Linux中架设OPENVPN

0 投票
最新提问 8月 29 用户: Amanda (240 分)

2 个回答

0 投票
最新回答 8月 29 用户: Mercedes (470 分)
yum install epel-release -y
yum install esay-rsa -y
yum install openvpn -y
cp /usr/share/doc/openvpn-*/sample/sample-config-files/server.conf /etc/openvpn

vi /etc/openvpn/server.conf
---------------------------------------------------------
port 53
proto udp
dev tun

ca /etc/openvpn/easy-rsa/3.0/pki/ca.crt
cert /etc/openvpn/easy-rsa/3.0/pki/issued/wwwserver.crt
key /etc/openvpn/easy-rsa/3.0/pki/private/wwwserver.key  # This file should be kept secret
dh /etc/openvpn/easy-rsa/3.0/pki/dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 0.0.0.0 0.0.0.0"
push "route 10.8.0.0 255.255.255.0"
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
;duplicate-cn
keepalive 10 120
tls-auth /etc/openvpn/ta.key 0 # This file is secret
cipher AES-256-CBC
comp-lzo
max-clients 10
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
verb 3
mute 20
---------------------------------------------------------
cp -R /usr/share/easy-rsa/ /etc/openvpn/
cp -r /usr/share/doc/easy-rsa-*/vars.example /etc/openvpn/easy-rsa/3.0/vars

systemctl status firewalld
# systemctl start firewalld.service
firewall-cmd --list-all
firewall-cmd --add-port=53/udp --permanent
firewall-cmd --add-masquerade
firewall-cmd --permanent --add-masquerade
firewall-cmd --query-masquerade
firewall-cmd reload

openssl dhparam -out dh2048.pem 2048

vi /etc/sysctl.conf

sysctl -p
systemctl start [email protected]
systemctl start [email protected]
ps -ef|grep openvpn

./easyrsa init-pki
./easyrsa build-ca
./easyrsa gen-dh
openvpn --genkey --secret ta.key
cp -r ta.key /etc/openvpn
./easyrsa gen-req wwwserver
./easyrsa sign-req server wwwserver
./easyrsa build-client-full user01

whereis openvpn

客户端
client
dev tun
proto udp
remote *.*.*.* 53
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert user01.crt
key user01.key
# ns-cert-type server
tls-auth ta.key 1
cipher AES-256-CBC
comp-lzo
verb 3
0 投票
最新回答 9月 11 用户: LX5818 (430 分)
在kali中安装客户端可以使用如下命令

#OpenVPN#
apt-get install network-manager-openvpn
apt-get install network-manager-openvpn-gnome

#微软PPTP#
apt-get install network-manager-pptp
apt-get install network-manager-pptp-gnome

#IPsec和IKEv2#
apt-get install network-manager-strongswan

#Cisco IPsec VPN#
apt-get install network-manager-vpnc
apt-get install network-manager-vpnc-gnome

#Cisco AnyConnect SSL VPN#
apt-get install network-manager-openconnect
apt-get install network-manager-openconnect-gnome
欢迎来到编程助手,编程方面有什么不懂的问题可以尽管在这里提问,你将会收到热心爱好者的回答。
...