|
|
一. 服务器端部署项目地址:https://github.com/guoew/openvpn-install7 A% S$ t' C+ H& h X
1.1. 下载安装
3 ^: t6 v' E! G' l; k3 f! r- # git clone https://github.com/guoew/openvpn-install.git
" x) H7 } W# Q5 }$ J - # cd openvpn-install && bash openvpn-install.sh
# E9 {& @$ [1 q) Y; x - Welcome to this OpenVPN "road warrior" installer!+ ?2 F( T7 Y$ Q" ]0 x' X
- , o& N6 J: f" q+ w
- I need to ask you a few questions before starting the setup.5 D$ v2 b! K: m& c
- You can leave the default options and just press enter if you are ok with them.
# p$ ^! r& R- ~8 T) K9 P
) O7 V$ i. j3 M( D2 @; u' f- First, provide the IPv4 address of the network interface you want OpenVPN. s9 W0 | n5 d
- listening to.
8 E2 L8 ?+ S' d4 M2 H; M - IP address: 172.27.0.2 #默认获取本机ip,直接回车
5 G! ]' \- u1 Q/ v - : A, w5 {2 N$ s! U0 B
- This server is behind NAT. What is the public IPv4 address or hostname?9 s3 @& A; r! Z) _( E# G& e, Z) S
- Public IP address / hostname: 18.24.64.250 #输入主机公网ip
( D' A* |6 h6 e( M9 O7 n - ; y0 b4 ]6 S7 p: c( E2 `
- Which protocol do you want for OpenVPN connections?( N) h* Q# _ x+ a
- 1) UDP (recommended)
( y& p9 S" [$ z' Z9 B: D0 L - 2) TCP
, R4 ]1 `$ \- U9 | - Protocol [1-2]: 1 #选择连接协议
/ p4 e$ A) q5 e
. ^( ]3 S, _- i# Y: B. _6 m- What port do you want OpenVPN listening to?4 E* n; V) k/ T* s) F! S( o
- Port: 1194 #设置openvpn监听端口9 H; j5 X" N# m
- ( w* q" o' D0 @
- Which DNS do you want to use with the VPN?, C! ?( M% Z$ f1 }% f+ G
- 1) Current system resolvers3 o1 @4 _5 a( ^& \5 R
- 2) 1.1.1.1- Y$ F* Q' h- ?
- 3) Google+ |7 f- s& S3 _! u1 C4 T0 p
- 4) OpenDNS
4 |/ Y/ w) f1 \* x1 `- ^. J9 X - 5) Verisign r: G) q0 c0 u5 C4 ]
- DNS [1-5]: 1 #选择DNS k* V, P6 [0 [4 p; d
6 a3 x, [: t& l. g) Y) V' x5 a- Finally, tell me your name for the client certificate.4 R5 Y" j. m- t$ `: w3 G
- Please, use one word only, no special characters.2 A! b9 {$ w0 g
- Client name: client #设置客户端名称
0 I7 k% ]+ H& ^4 R, [5 h - # j2 ~% `3 R% m, `
- Okay, that was all I needed. We are ready to set up your OpenVPN server now.. _# J0 Q8 F2 |- m& P
- Press any key to continue... #任意键继续; {6 |* s) T7 z+ z: Q$ O
- ...
4 R2 P, Q( H$ a w - An updated CRL has been created./ @: T, p9 b' B
- CRL file: /etc/openvpn/server/easy-rsa/pki/crl.pem
9 c' e h& M3 i$ X# }9 X# w, \
1 | u' y% r, }+ s: u2 u- Created symlink /etc/systemd/system/multi-user.target.wants/openvpn-iptables.service → /etc/systemd/system/openvpn-iptables.service.) {8 x- } m* l7 F1 I( R- B- o5 o
- Created symlink /etc/systemd/system/multi-user.target.wants/openvpn-server@server.service → /lib/systemd/system/openvpn-server@.service.
0 z$ ^6 Z/ Z5 y' i3 o8 J( a
7 b$ H0 n. F, q q. [" b, r- Finished! #最终看到Finished时表示安装完毕, N% r8 }, v. M. F7 \+ _
$ {, A- n& O) \+ V. G- Your client configuration is available at: /root/client.ovpn #客户端配置文件路径
4 d" q' n8 ]2 H; f - If you want to add more clients, you simply need to run this script again!
' C* X H. {% M0 u
1 e' W0 h! B6 h7 n( W8 U1.2. 添加账号在openvpn目录下的userfile.sh中添加用户和密码,以空格隔开; P. }( K; M3 z) E
- # cat /etc/openvpn/userfile.sh* X* ?* {" h$ ]
- guoew guoew123, E& t8 R* d E/ C- S/ K
- yakexi yakexi1233 K. c3 ^9 U& t5 ?7 U
' |% w6 K2 r! [. Q6 w2 M二. 客户端部署使用2.1. 安装openvpn客户端2.2. 配置客户端将安装好的客户端打开,点击Import file 把准备好的客户端配置文件导入进去。
+ ]: p' N, d: P4 C+ p2 o( F. V" g% t2.3. 连接openvpn服务器打开客户端,点击Connect,使用服务器端已添加的账号登录
* t* m) Q: M7 o% r
END* y4 A+ G6 Y, u J2 n9 q( @! m8 |8 q
附:安装完毕后,再次执行脚本openvpn-install.sh 会有四个菜单选项(添加、撤销、卸载、退出),可根据自身实际情况应用,如下:
+ d! \7 E P8 e4 H7 R- Looks like OpenVPN is already installed.6 h( Z) w$ X9 H8 d
- 7 Z, y( T5 i; x2 I# |& z1 Y
- What do you want to do?
9 y! y8 P3 ]) S+ x# e- i - 1) Add a new user* A8 `% d9 h+ V1 C* u- \) V
- 2) Revoke an existing user
5 f# ]% g# o4 F/ [) {! J - 3) Remove OpenVPN ]- g/ l. o6 _: N
- 4) Exit( X# T6 U9 W, I6 k
- Select an option [1-4]:
* [$ s6 L3 }" d- @3 T! o& _
这里有个不足之处是,当使用多证书时,账号是通用的。即同一个账号,可以应用于不同的证书。
4 G* W" m" y# {+ l) S% [) O如果想要不同用户使用不同的证书进行登录[无账号],欢迎访问原项目地址:
# D/ X8 O. N, ohttps://github.com/Nyr/openvpn-install
2 j' O+ h' B2 q$ u& `2 \* A6 \6 g/ B$ ]% ?
|
|
窥视卡
雷达卡
发表于 2022-6-22 10:34:02
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
照妖镜