Linux OpenVpn Client 免費vpn linux 客戶端

教學: Linux 下的 OpenVPN client

上回說到如何在 Windows 下安裝 OpenVPN client, 這回會介紹如何在 Linux 下使用 OpenVpn Client.有些時侯, 中小企需要使用一些自動化程序 Script 作安全連線. windows 下生成這樣的連線會比較難設定和不穩定. 這個時侯就需要 linux 的幫助. Linux 下安裝openvpn 軟件就可以輕易創作自動連線的 Script

安裝 OpenVPN 軟件

linux , OpenVPN 沒有server client 的分別, 都是用同一軟件進行. 所以只需要安裝 OpenVPN 便可

sudo apt-get install openvpn

創建鑰匙

首先,要創建鑰匙, 以下是在服務器端上鑰匙的制法 (keithyau 換成你的使用者名字, 詳情參考 https://keithyau.wordpress.com/2009/02/07/vpn-solution-2-openvpn/)

sudo su
cd /etc/openvpn/examples/easy-rsa/2.0/
source ./vars
./clean-all
./build-ca

./build-key-server server
./build-key keithyau

./build-dh
cd keys
openssl dhparam -out dh1024.pem 1024
cd ..
openvpn –genkey –secret ta.key #optional

拷貝鑰匙

鑰匙拷貝到客戶端內, 例如 </home/example/config/keys>

在服務器端輸入

scp -pr /etc/openvpn/examples/easy-rsa/2.0/keys/<all your keys> <client host>:/home/exampel/config/keys

創建 ovpn Client 設定檔案 (123.123.123 換成服務器的地址)

  1. .opvn示範檔案如下

    1. client

    2. dev tap

    3. proto udp

    4. # change this to your server’s address

    5. remote 123.123..123..123 1194

    6. resolv-retry infinite

    7. nobind

    8. persist-key

    9. persist-tun

    10. #tls-client

    11. ca keys/ca.crt

    12. cert keys/keithyau.crt

    13. key keys/keithyau.key

    14. #ensure that we are talking to a server

    15. ns-cert-type server

    16. #confirm we are talking to the correct server

    17. #tls-auth ta.key 1

    18. # Select a cryptographic cipher.

    19. # If the cipher option is used on the server

    20. # then you must also specify it her e.

    21. cipher AES-128-CBC

    22. # Enable compression on the VPN link.

    23. comp-lzo

    24. #fragment 1400

    25. # enable user/pass authentication

    26. # auth-user-pass

相應的服務器設定參考

    # Which local IP address should OpenVPN
    # listen on? (optional)
    local 192.168.1.102 #服務器的本地地址 (LOCAL IP)
    port 1194

    proto udp

    dev tap0
    #direct these to your generated files
    ca /etc/openvpn/examples/easy-rsa/2.0/keys/ca.crt
    cert /etc/openvpn/examples/easy-rsa/2.0/keys/server.crt
    key /etc/openvpn/examples/easy-rsa/2.0/keys/server.key
    dh /etc/openvpn/examples/easy-rsa/2.0/keys/dh1024.pem
    ifconfig-pool-persist ipp.txt
    #需要 dhcp 服務器 的配合
    server 10.3.0.0 255.255.255.0
    # 服務器上沒有 dhcp 服務器的請選這行
    # server-bridge 192.168.1.102 255.255.255.0 192.168.1.230 192.168.1.231

    keepalive 10 120
    #encryption
    cipher AES-128-CBC
    #Push routing configuration
    #push “route 192.168.2.0 255.255.255.0”

    #tls-auth ta.key 0

    comp-lzo
    #fragment 1400
    #limit the number of connections
    max-clients 5
    #some secuurity settings
    # do not use if running server on Windows
    user nobody
    group nogroup
    persist-key
    persist-tun
    #log file settings
    status openvpn-status.log
    verb 3

詳程參考 如何設立虛擬網絡

打開 VPN 連線

sudo openvpn <你的設定檔案>.ovpn

完成後, Client 會有以下情況

openvpn-linux-client

輸入 ifconfig 會看到新的虛擬網卡

opevpn-vpn-client-tap0

服務器那邊都會出現成功訊息

openvpn-linux-server

自動化程序示範

#! /bin/bash

check=`ls /var/log/remote`

if [ -z check ] ;# no log file

then

exit 0

else # 打開 openvpn 連線,開始 backup

sudo openvpn <你的設定檔案>.ovpn

sudo backup.sh

fi

exit 0

如有任何問題, 歡迎與我連絡/ 留言, 大家交流一下

One thought on “Linux OpenVpn Client 免費vpn linux 客戶端

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s