|
|
一. 服务器端部署项目地址:https://github.com/guoew/openvpn-install
9 f& y7 G3 ]9 h; |# U1.1. 下载安装
# S, ?( E( l- w- c# g% m/ ?- # git clone https://github.com/guoew/openvpn-install.git9 e2 r* F3 v1 [. j8 j) `; b) @
- # cd openvpn-install && bash openvpn-install.sh% Q: s9 H/ c! t' C& g3 O. u; B
- Welcome to this OpenVPN "road warrior" installer!
, G" Y3 x" J% B! V9 H- \6 y - ) m! U9 e! ^4 i6 _$ ?% D' n7 ^1 D( d
- I need to ask you a few questions before starting the setup.6 E) F& |, A7 k
- You can leave the default options and just press enter if you are ok with them.
8 E5 P+ ]& d& n& D P, n - 9 \+ M; }% x7 o; y+ V$ p, a* k8 G
- First, provide the IPv4 address of the network interface you want OpenVPN
) {, G# U; A* ?. O - listening to. E& D# I$ ], w. H* L* `
- IP address: 172.27.0.2 #默认获取本机ip,直接回车
) B. b- k0 `3 {. X. O* ^) R - & j, S; _ L* P
- This server is behind NAT. What is the public IPv4 address or hostname?
" C# O0 s# _* ^5 a1 @( [ - Public IP address / hostname: 18.24.64.250 #输入主机公网ip
7 M/ Z( `/ M1 }' M7 K- o0 P
( ]% K% V1 ?: h1 b# l/ [; F- Which protocol do you want for OpenVPN connections?8 {' h# A' C6 W h2 G3 h
- 1) UDP (recommended)/ J! l. y* V1 y
- 2) TCP( H/ Q) K6 e) ]
- Protocol [1-2]: 1 #选择连接协议+ ]* V2 r# ^8 c1 m! u) n# u
- 5 c) m4 c. G$ b2 W- p
- What port do you want OpenVPN listening to?7 G, }4 K1 I+ U- O* O/ c! B. I3 z0 ]
- Port: 1194 #设置openvpn监听端口* E* d# B* {+ B( L2 m
5 f1 Y% C( a$ ?' E: P- Which DNS do you want to use with the VPN?
# Q7 y" ]& M$ E5 k1 `7 |) x5 ~ - 1) Current system resolvers
" q0 t3 v; Q- e& b7 [1 u - 2) 1.1.1.1
: I1 N+ y7 {1 N5 [* C - 3) Google, x# E( j. e! E* C+ F& i
- 4) OpenDNS! d5 I. k- E6 e
- 5) Verisign
; H0 l( a( K9 F; O/ b - DNS [1-5]: 1 #选择DNS
$ Z" S9 f! U" a" {" v
, U1 K8 f' q7 s s- Finally, tell me your name for the client certificate.
/ W4 v* }% \" Q - Please, use one word only, no special characters.. B0 i8 D1 q% u
- Client name: client #设置客户端名称
3 p6 s T2 e! D% a, W. y- ~+ x - - q* X* X4 R: e: Z, K& f Z
- Okay, that was all I needed. We are ready to set up your OpenVPN server now.4 T- N: w3 N: Z# w: R7 R" x! C0 h
- Press any key to continue... #任意键继续! a% Z8 c% O/ l \. c# ]5 Z: p
- ...
4 B* \# K0 q2 l: f$ h% Z; t - An updated CRL has been created.
- `' \/ k' W7 |" ~ M" s0 k: x. D - CRL file: /etc/openvpn/server/easy-rsa/pki/crl.pem
5 t: s6 j: x8 D1 x% o+ X# t4 L
6 @& m# t( |3 i5 C' V5 H8 D8 x* X- Created symlink /etc/systemd/system/multi-user.target.wants/openvpn-iptables.service → /etc/systemd/system/openvpn-iptables.service.& U9 D* P2 ?: w c+ j5 t0 }
- Created symlink /etc/systemd/system/multi-user.target.wants/openvpn-server@server.service → /lib/systemd/system/openvpn-server@.service.
) k2 B; G% T# p8 X3 L/ k! d - 5 b t# p D& N o) u8 ~" G. J+ }) X
- Finished! #最终看到Finished时表示安装完毕
) X7 h8 _2 S& W4 P5 c! c
. h' E; A2 U8 b; p, s" {2 ^1 _9 F- Your client configuration is available at: /root/client.ovpn #客户端配置文件路径- G1 S2 Q! K8 ^; O3 X' u
- If you want to add more clients, you simply need to run this script again!
* T0 H2 ~9 l6 q) m- M! g& W
% p$ U9 R+ ~+ O2 o1.2. 添加账号在openvpn目录下的userfile.sh中添加用户和密码,以空格隔开
1 Y; T$ v( O, I, s9 |- # cat /etc/openvpn/userfile.sh
, P7 M9 _" H8 f! ` - guoew guoew123$ M- [6 n) O2 P2 F3 x8 n7 L `
- yakexi yakexi123
" Z3 V/ h3 j2 d6 x8 s4 ?* S
& l9 m% d, p! N9 ~* }8 O; L0 }二. 客户端部署使用2.1. 安装openvpn客户端2.2. 配置客户端将安装好的客户端打开,点击Import file 把准备好的客户端配置文件导入进去。
1 h4 V3 G2 H- N2.3. 连接openvpn服务器打开客户端,点击Connect,使用服务器端已添加的账号登录
9 l8 s5 T B# g9 J* X0 D8 w) p
END
4 ^9 g1 h2 k: h9 x9 U! B, h附:安装完毕后,再次执行脚本openvpn-install.sh 会有四个菜单选项(添加、撤销、卸载、退出),可根据自身实际情况应用,如下:
! H2 U# ~4 v" R' O8 {# _2 e! i- Looks like OpenVPN is already installed.; ^! E1 [7 j2 ?
- 1 X. [3 q; u8 t6 A+ ^: Q
- What do you want to do?
9 w( Q1 r: T6 T( B9 E; S - 1) Add a new user, O3 k( l2 J8 Q; r( H" L( T, q: H
- 2) Revoke an existing user
! h0 b+ C7 H: r, J - 3) Remove OpenVPN
* v: u# A& W" y5 q! p. D - 4) Exit
, A4 K& S# ~/ a+ j - Select an option [1-4]:
9 o# v% Z$ `6 k) B/ s4 [
# c# C/ T+ g0 P这里有个不足之处是,当使用多证书时,账号是通用的。即同一个账号,可以应用于不同的证书。3 |+ L5 X$ n z
如果想要不同用户使用不同的证书进行登录[无账号],欢迎访问原项目地址:
) m3 p8 }3 L- m9 F2 i0 K% yhttps://github.com/Nyr/openvpn-install. w5 m ]' O% f* {# w; k+ y
" N( L9 \& Y+ B4 N- V5 ^7 y
|
|
窥视卡
雷达卡
发表于 2022-6-22 10:34:02
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
照妖镜