Ubuntu Server 18.04 与 OpenVPN 2.x

前端之家收集整理的这篇文章主要介绍了Ubuntu Server 18.04 与 OpenVPN 2.x前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。
sudoaptinstallopenVPNeasy-rsa
  • @H_301_2@拷贝 easy-rsa 目录

cp-r/usr/share/easy-rsa//etc/openVPN/
  • @H_301_2@查看 openssl 版本

opensslversion
  • @H_301_2@生成 ca 证书(ca.crt)和私钥(ca.key)

cd/etc/openVPN/easy-rsa/
cpopenssl-1.0.0.cnfopenssl.cnf
../vars#source./vars
./clean-all#只是增加客户端证书和私钥的时候不要执行这一句
./build-ca#注意CommonName
  • @H_301_2@生成服务端的证书和私钥(server.crt/server.key)

./build-key-serverserver
./build-keyclient1
./build-keyclient2
./build-keyclient3
./build-dh
cp/etc/openVPN/easy-rsa/keys/ca.crt/etc/open***/
cp/etc/openVPN/easy-rsa/keys/server.crt/etc/open***/server/
cp/etc/openVPN/easy-rsa/keys/server.key/etc/open***/server/
cp/etc/openVPN/easy-rsa/keys/dh2048.pem/etc/open***/server/
  • @H_301_2@创建 ccd 目录,里面存放推送信息(如固定 ip)到客户端的文件

mkdir/etc/open***/server/ccd
cd/etc/open***/server/ccd
vimclient#文件名对应CommonName

#client内容示例(推送固定ip)
ifconfig-push192.168.77.46255.255.255.0
  • @H_301_2@创建 server.conf,并按照样例写入配置

cd/etc/openVPN/server/
/etc/openVPN/server#vimserver.con
  • @H_301_2@启动服务端

nohupopenVPN/etc/openVPN/server/server.conf&
@H_404_98@local192.168.0.110 port10101 prototcp devtap float ca/etc/openVPN/server/ca.crt cert/etc/openVPN/server/server.crt key/etc/openVPN/server/server.key dh/etc/openVPN/server/dh2048.pem server192.168.77.0255.255.255.0 client-config-dir/etc/open***/server/ccd/ client-to-client keepalive10120 comp-lzo persist-key statusopenVPN-status.log log/var/log/openVPN.log verb4 mute20 @H_404_98@client devtap0 remote123.456.789.154 port10101 prototcp float ca./ca.crt cert./client1.crt key./client1.key comp-lzo verb6 mute20 @H_301_2@

@H_301_2@【FAQ】

@H_301_2@Q:客户端连不上服务端,报错:WARNING: No server certificate verification method has been enabled.

@H_301_2@A:检查私钥和公钥当中是否有 0B 的文件

@H_301_2@Q:客户端连不上服务端,报错:TCP: connect to [AF_INET]223.18.95.157:7872 Failed: Unknown error

@H_301_2@A:检查客户端外围防火墙。

@H_301_2@

@H_301_2@*** walker ***

猜你在找的Ubuntu相关文章