asysbang

标题: VPN搭建 [打印本页]

作者: admin 时间: 2021-1-7 10:36
标题: VPN搭建
安装
apt install openssl libssl-dev easy-rsa  openvpn

生成keys
vi  /usr/share/easy-rsa/vars 修改国家省份等信息
source ./vars  生效
cp openssl-1.0.0.cnf openssl.cnf 配置openssl
./clean-all
./build-ca
./build-key-server --batch server
./build-key --batch client
./build--dh
openvpn --genkey --secret keys/ta.key

配置server
cp /usr/share/easy-rsa/keys/{ca.crt,server.{crt,key},dh2048.pem,ta.key} /etc/openvpn/server/
cd /usr/share/doc/openvpn/examples/sample-config-files
gzip -d server.conf.gz
cp server.conf /etc/openvpn/

配置好server.conf

systemctl restart openvpn@server

查看/var/log/openvpn/openvpn.log  排查问题

防火墙
vi  /etc/sysctl.conf
net.ipv4.ip_forward=1

sysctl -p

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j MASQUERADE

1

欢迎光临 asysbang (http://www.asysbang.com/)