一键部署超级简单易用的openvpn服务器，支持多证书+多账号...

fudyou · 发表于 2022-6-22 10:34:02

一. 服务器端部署项目地址：https://github.com/guoew/openvpn-install
1.1. 下载安装

# git clone https://github.com/guoew/openvpn-install.git) u- O7 h9 N- @
# cd openvpn-install && bash openvpn-install.sh
0 ^% K, D: u( p% U9 r
Welcome to this OpenVPN "road warrior" installer!1 _6 l+ q1 d @& w9 j' \, z
1 a; C3 ^( Z# a$ O
I need to ask you a few questions before starting the setup.
. p, x% a8 ^5 y3 g8 X
You can leave the default options and just press enter if you are ok with them.
& f7 |9 K1 v/ i2 |
6 i. n3 s, ~4 i a
First, provide the IPv4 address of the network interface you want OpenVPN' S1 h, J' O5 {! k
listening to.2 M; o, O0 J' j* H" F- G8 |
IP address: 172.27.0.2 #默认获取本机ip,直接回车
! g) A8 Q& K$ J5 U7 o
9 N, o- A' D$ c1 `- s/ R5 t7 q
This server is behind NAT. What is the public IPv4 address or hostname?3 N/ z# {+ C* g! ~, c7 ^0 K0 Z' w
Public IP address / hostname: 18.24.64.250 #输入主机公网ip2 E2 M j% {2 Z9 o- j! Q; D
# M) P* @1 C+ ?2 M6 B8 n+ X# d
Which protocol do you want for OpenVPN connections?
, D/ M: F4 t, l+ I9 f
1) UDP (recommended)2 ?- V$ p7 A+ z0 Z3 n0 n, v4 o
2) TCP
& s) K9 c' p1 n* `5 I& |. v
Protocol [1-2]: 1 #选择连接协议8 ~% n5 Q2 T! E+ i
( `0 ?4 _# H7 x' M
What port do you want OpenVPN listening to?
, k: |6 g' R! m6 A
Port: 1194 #设置openvpn监听端口
/ R9 u/ X7 v! m" ~" V% b
; P6 n4 y# D% C2 T9 L I
Which DNS do you want to use with the VPN?: }0 k0 y; F$ z$ v, E o
1) Current system resolvers: E; Z. p; t& u. K! Z
2) 1.1.1.1, B% U/ B* s4 s: d. P8 F% v7 \
3) Google b3 F# r L7 _
4) OpenDNS0 q8 l. v( A" x! k2 }4 j! T `) S
5) Verisign
' o& L, i4 X( C) F- I. K0 R* r
DNS [1-5]: 1 #选择DNS. O$ m u) ^8 }! t, N3 r
) s8 U J& b7 f' t
Finally, tell me your name for the client certificate.
' f* N" O2 Z! @; ?
Please, use one word only, no special characters.
p5 d \& C% ^
Client name: client #设置客户端名称5 G# M* P8 S3 |! h
. A/ C- t/ X, Q a
Okay, that was all I needed. We are ready to set up your OpenVPN server now.5 N; H& p! G; Q, `" R u3 N9 N0 a, J
Press any key to continue... #任意键继续
6 Y% Q. y- t. J- g
...; y7 S2 c9 h7 q
An updated CRL has been created.
8 ?0 I( `* b, J# B* Y( X
CRL file: /etc/openvpn/server/easy-rsa/pki/crl.pem! T% j& G$ U( g1 V
) B) A! o/ P1 V
Created symlink /etc/systemd/system/multi-user.target.wants/openvpn-iptables.service → /etc/systemd/system/openvpn-iptables.service.
! P5 r6 _: j; l: p! O) F- G
Created symlink /etc/systemd/system/multi-user.target.wants/openvpn-server@server.service → /lib/systemd/system/openvpn-server@.service.; `( g8 _" C9 T. x* ? y6 f/ b
7 |; S4 M/ P! z! E! ]8 P5 v
Finished! #最终看到Finished时表示安装完毕
$ m# ~6 `4 Z/ Z9 l& o% G a$ k
1 O. H6 H/ y( F m2 x% F% F- L
Your client configuration is available at: /root/client.ovpn #客户端配置文件路径
" Q7 |5 I* [7 q: b2 g D
If you want to add more clients, you simply need to run this script again! 5 C9 |5 |, d# e2 S

复制代码

将客户端配置文件 /root/client.ovpn，下载到本地以备客户端使用
1.2. 添加账号在openvpn目录下的userfile.sh中添加用户和密码，以空格隔开

# cat /etc/openvpn/userfile.sh
& `4 q1 X: j4 m) r
guoew guoew123
; y9 q7 X+ V* L9 s! t9 Q
yakexi yakexi123" @4 D0 W Y7 E- }+ q, t7 [" m

复制代码

截止现在一个超级简单的openvpn服务就已经搭建好了，接下来将使用客户端连接openvpn服务器(以win10为例)
二. 客户端部署使用2.1. 安装openvpn客户端

客户端下载地址：https://swupdate.openvpn.org/community/releases/openvpn-install-2.4.0-I602.exe
6 r; m w# H3 D安装步骤略(可自定义安装路径)
: o9 z& R1 R$ O

2.2. 配置客户端将安装好的客户端打开，点击Import file 把准备好的客户端配置文件导入进去。
2.3. 连接openvpn服务器打开客户端，点击Connect，使用服务器端已添加的账号登录

END
附：安装完毕后，再次执行脚本openvpn-install.sh 会有四个菜单选项(添加、撤销、卸载、退出)，可根据自身实际情况应用,如下：

Looks like OpenVPN is already installed.
- l% m' p6 u' T, d, C
5 o0 k; Z1 G! x. d" w- A8 w3 u
What do you want to do?
+ B" n3 @2 M' }
1) Add a new user- f5 m- K# {0 f, J% O+ Z0 }5 i# O
2) Revoke an existing user
3 A6 n6 F: B- |* g/ ] j# z
3) Remove OpenVPN+ X8 a2 d1 w( @3 d' P
4) Exit
1 m8 U/ E. h1 e, v! E; z
Select an option [1-4]:- c- R+ L$ E: E9 f$ U9 f# Z

复制代码

这里有个不足之处是，当使用多证书时，账号是通用的。即同一个账号，可以应用于不同的证书。
如果想要不同用户使用不同的证书进行登录[无账号]，欢迎访问原项目地址：
https://github.com/Nyr/openvpn-install

		自动登录	找回密码
密码			立即注册

一键部署超级简单易用的openvpn服务器，支持多证书+多账号...

浏览过的版块