資源描述:
《linux下openvpn服務(wù)安裝記》由會(huì)員上傳分享,免費(fèi)在線閱讀�,更多相關(guān)內(nèi)容在工程資料-天天文庫(kù)。
1、Linux下OpenVPN服務(wù)安裝記操作系統(tǒng)是CentOS���,運(yùn)行在XEN架構(gòu)的VPS上面�。環(huán)境配置首先����,檢測(cè)VPS是否支持TUN(via):cat/dev/net/tun返回“cat:/dev/net/tun:Filedescriptorinbadstate”說(shuō)明支持TUN�����。檢測(cè)iptables_nat模塊支持:iptables-tnat-APOSTROUTING-s10.8.0.0/24-oeth0-jMASQUERADE如果返回信息為:iptables:Unknownerror4294967
2�����、295說(shuō)明支持模塊�����。安裝LZO庫(kù):wgethttp://www.oberhumer.com/opensource/lzo/download/lzo-2.05.tar.gztarzxvflzo-2.05.tar.gzcdlzo-2.05./configuremakemakeinstall安裝OpenSSL開(kāi)發(fā)庫(kù):yuminstall-yopenssl-devel服務(wù)端安裝配置然后���,在服務(wù)器端下載OpenVPN源代碼(下載頁(yè)面)�����,目前最新版本為2.2.0:wgethttp://swupdate.op
3、envpn.net/community/releases/openvpn-2.2.0.tar.gz解壓編譯安裝:tarzxfopenvpn-2.2.0.tar.gzcdopenvpn-2.2.0./configure–prefix=/usr/local/openvpnmakemakeinstall復(fù)制服務(wù)端樣例配置文件:cpsample-config-files/server.conf/usr/local/openvpn/etc/server.conf編輯配置文件為,比如我的以下內(nèi)容�����,采用UDP
4�、協(xié)議監(jiān)聽(tīng)53端口:##################################################SampleOpenVPN2.0configfilefor##multi-clientserver.####Thisfileisfortheserverside##ofamany-clients<->one-server##OpenVPNconfiguration.####OpenVPNalsosupports##single-machine<->single-machine##
5����、configurations(SeetheExamplespage##onthewebsiteformoreinfo).####ThisconfigshouldworkonWindows##orLinux/BSDsystems.Rememberon##Windowstoquotepathnamesanduse##doublebackslashes,e.g.:##"C:\ProgramFiles\OpenVPN\config\foo.key"####Commentsareprecededw
6��、ith‘#’or‘;’###################################################WhichlocalIPaddressshouldOpenVPN#listenon?(optional);locala.b.c.d#WhichTCP/UDPportshouldOpenVPNlistenon?#IfyouwanttorunmultipleOpenVPNinstances#onthesamemachine,useadifferentport#numberfor
7����、eachone.Youwillneedto#openupthisportonyourfirewall.port53#TCPorUDPserver?;prototcpprotoudp#"devtun"willcreatearoutedIPtunnel,#"devtap"willcreateanethernettunnel.#Use"devtap0"ifyouareethernetbridging#andhaveprecreatedatap0virtualinterface#andbridgedit
8��、withyourethernetinterface.#Ifyouwanttocontrolaccesspolicies#overtheVPN,youmustcreatefirewall#rulesforthetheTUN/TAPinterface.#Onnon-Windowssystems,youcangive#anexplicitunitnumber,suchastun0.#OnWindows,use"dev-node"forthis.#Onmostsystems,theVPNwillnotf
