Nruab OpenVPN rau ntawm Ubuntu

Pin
Send
Share
Send

Qee tus neeg siv tau xav nyob rau hauv kev tsim ntiag tug virtual network ntawm ob lub khoos phis tawm. Cov haujlwm ua tiav tiav siv VPN technology (Virtual Private Network). Qhov kev sib txuas yog ua tiav los ntawm kev qhib cov cuab yeej siv thiab kaw. Tom qab ua tiav kev teeb tsa thiab kev teeb tsa ntawm txhua tus txheej txheem, tus txheej txheem tuaj yeem xav tau ua tiav, thiab kev sib txuas yog tiv thaiv. Tom ntej no, peb xav sib tham txhua yam kom paub meej txog kev siv thev naus laus zis los ntawm OpenVPN tus thov kev pab hauv Linux kemel-based operating system.

Nruab OpenVPN ntawm Linux

Txij li feem ntau cov neeg siv cov faib khoom raws li Ubuntu, hnub no cov lus qhia yuav ua raws cov qauv no. Hauv lwm qhov xwm txheej, koj yuav tsis pom qhov sib txawv hauv kev teeb tsa thiab kev teeb tsa ntawm OpenVPN, tshwj tsis yog koj yuav tsum ua raws li qhov kev faib tawm, uas koj tuaj yeem nyeem txog hauv cov ntaub ntawv ntawm koj lub cev. Peb xav kom koj paub koj tus kheej kom paub tag nrho cov txheej txheem ib kauj ruam dhau los txhawm rau kom nkag siab txhua qhov ntawm txhua qhov kev ua.

Nco ntsoov txiav txim siab hais tias kev ua haujlwm ntawm OpenVPN tshwm sim los ntawm ob lub pob (computer lossis server), uas txhais tau tias kev teeb tsa thiab kev teeb tsa siv rau txhua tus neeg koom nrog hauv kev sib txuas. Peb qhov kev qhia tom ntej no yuav tsom tshwj xeeb rau kev ua haujlwm nrog ob lub peev txheej.

Kauj ruam 1: Nruab OpenVPN

Yog lawm, koj yuav tsum pib los ntawm kev ntxiv txhua cov ntawv nyeem uas tsim nyog rau lub khoos phis tawm. Tau npaj rau qhov tseeb tias qhov tshwj xeeb tsim-hauv OS yuav siv los ua kom tiav txoj haujlwm. "Chaw Nres Tsheb".

  1. Qhib cov ntawv qhia zaub mov thiab pib qhib lub console. Koj tseem tuaj yeem ua qhov no los ntawm nias qhov sib txuas tseem ceeb. Ctrl + kev + T.

  2. Sau npe cov lus txibsudo apt nruab openvpn yooj yim-rsatxhawm rau txhawm rau txhua lub chaw tsim nyog. Tom qab nkag mus, nyem rau Sau.

  3. Qhia lo lus zais rau tus lej superuser. Cov cwj pwm thaum ntaus ntawv tsis tshwm rau hauv lub tshav pob.

  4. Paub meej tias qhov sib ntxiv ntawm cov ntaub ntawv tshiab los ntawm kev xaiv cov kev xaiv tsim nyog.

Ua mus rau theem tom ntej tsuas yog thaum kev teeb tsa ua tiav ntawm ob qho khoom siv.

Kauj Ruam 2: Tsim thiab Kev Kho Cov Ntawv Pov Thawj Tso Cai

Lub chaw tshwj xeeb yog lub luag haujlwm rau tshuaj xyuas cov yuam sij pej xeem thiab muab muaj zog encryption. Nws yog tsim rau hauv cov cuab yeej uas lwm cov neeg siv yuav txuas, yog li qhib lub console ntawm lub PC uas xav tau thiab ua raws li cov theem no:

  1. Ua ntej, ib lub nplaub tshev raug tsim los khaws txhua tus yuam sij. Koj tuaj yeem tso nws nyob txhua qhov chaw, tab sis nws zoo dua los xaiv qhov chaw nyab xeeb. Siv cov lus txibsudo mkdir / etc / openvpn / yooj yim-rsaqhov twg / etc / openvpn / yooj yim-rsa - qhov chaw tsim cov ntawv qhia.

  2. Tom ntej, yooj yim-rsa cov ntawv sau ntxiv yuav tsum tau muab tso rau hauv cov ntawv no, thiab qhov no yog ua tiav los ntawmsudo cp -R / usr / share / yooj yim-rsa / etc / openvpn /.

  3. Ib daim ntawv pov thawj pom zoo yog tsim hauv cov ntawv tiav. Mus rau daim nplaub tshev no ua ntejcd / etc / openvpn / yooj yim-rsa /.

  4. Tom qab ntawd muab tshuaj txhuam cov nram qab no tso rau hauv lub teb:

    sudo -i
    #qhia ./vars
    # ./clean-all
    # ./build-ca

Tamsim no, lub tshuab hlwb hlau computer tuaj yeem tso nyob ib leeg thiab hloov mus rau cov neeg siv khoom siv.

Kauj ruam 3: Kho daim ntawv pov rau Cov Neeg Siv Khoom

Cov lus qhia uas koj yuav tsum paub txog hauv qab no yuav tsum tau nqa tawm ntawm txhua tus neeg siv computer kom thiaj li teeb tsa kev ua haujlwm kom muaj kev nyab xeeb.

  1. Qhib lub console thiab sau qhov hais kom ua nyob ntawdsudo cp -R / usr / share / yooj yim-rsa / etc / openvpn /txhawm rau luam txhua yam twj uas xav tau.

  2. Yav dhau los, nyias muaj nyias daim ntawv pov thawj cov ntaub ntawv tau tsim rau ntawm PC server. Tam sim no koj yuav tsum luam nws thiab muab nws tso rau hauv daim nplaub tshev nrog rau lwm cov khoom siv. Qhov yooj yim ua qhov no yog los ntawm pab neeg.sudo scp username @ host: /etc/openvpn/easy-rsa/keys/ca.crt / etc / openvpn / yooj yim-rsa / tuavqhov twg username @ host - qhov chaw nyob ntawm cov khoom siv los ntawm kev rub tawm thaum.

  3. Nws tseem tsuas yog tsim los tuav tus yuam sij zais ntshis, kom tom qab ntawv nws yuav txuas los ntawm nws. Ua qhov no los ntawm kev mus rau lub ntawv khaws ciacd / etc / openvpn / yooj yim-rsa /.

  4. Txhawm rau tsim cov ntaub ntawv, siv cov lus txib:

    sudo -i
    #qhia ./vars
    #tsawg-req Ua Siab Sib Nrauj

    Ua pob Hauv qhov no, lub npe cov ntaub ntawv npe. Tus yuam sij tsim yuav tsum nyob hauv cov ntawv qhia nrog tus so ntawm tus yuam sij.

  5. Nws tseem tshua tsuas yog xa cov ntawv npaj nkag mus siv tau rau lub tshuab ntaus ntawv kom paub meej tias nws muaj tseeb ntawm nws txoj kev sib txuas. Qhov no yog ua tiav siv cov lus txib ib yam dhau los ntawm kev rub tawm. Koj yuav tsum nkag musscp /etc/openvpn/easy-rsa/keys/Lumpics.csr username @ host: ~ /qhov twg username @ host yog lub npe ntawm lub khoos phis tawm xa mus, thiab Lumpics.csr - lub npe ntawm cov ntaub ntawv nrog tus yuam sij.

  6. Ntawm cov server PC, paub meej tias tus yuam sij ntawm./sign-req ~ / Pobntsegqhov twg Ua pob - cov ntaub ntawv npe. Tom qab ntawv, xa rov qab daim ntawv dhau lossudo scp username @ host: /home/Lumpics.crt / etc / openvpn / yoojyim-rsa / tuav.

Ntawm no, tag nrho cov haujlwm ua ntej tau ua tiav, nws tseem tshuav tsuas yog nqa OpenVPN mus rau hauv lub xeev li qub thiab koj tuaj yeem pib siv ntiav kev sib txuas sib txuas nrog ib lossis ntau tus neeg siv khoom.

Kauj ruam 4: Kho Dua ntawm OpenVPN

Cov lus qhia tom ntej no yuav hais txog ob tus neeg siv khoom thiab neeg rau zaub mov. Peb yuav faib txhua yam raws li kev ua thiab ceeb toom txog kev hloov pauv hauv tshuab, yog li koj tsuas yog yuav tsum ua raws li cov lus qhia.

  1. Ua ntej tsim cov ntaub ntawv teeb tsa ntawm lub PC PC siv cov lus txibzcat /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz | sudo tee /etc/openvpn/server.confCov. Thaum teeb tsa cov neeg siv khoom, cov ntaub ntawv no tseem yuav tsum tau tsim nyias.

  2. Txheeb xyuas cov nqi ua ntej. Raws li koj tuaj yeem pom, chaw nres nkoj thiab kab ke yog tib yam li cov qauv sawv daws, tab sis tsis muaj qhov txwv ntxiv.

  3. Khiav lub tsim cov ntaub ntawv teeb tsa los ntawm cov ntawv sausudo nano /etc/openvpn/server.conf.

  4. Peb yuav tsis nkag mus rau cov ntsiab lus ntawm kev hloov pauv txhua qhov tseem ceeb, vim qee qhov lawv yog tus kheej, tab sis cov kab hauv kab ntawv yuav tsum muaj nyob, thiab cov duab zoo li zoo li no:

    chaw nres nkoj 1194
    proto udp
    comp-lzo
    dev tun
    ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
    cert /etc/openvpn/easy-rsa/2.0/keys/ca.crt
    dh /etc/openvpn/easy-rsa/2.0/keys/dh2048.pem
    topology subnet
    server 10.8.0.0 255.255.255.0
    ifconfig-pas-pheej ipp.txt

    Tom qab txhua qhov kev hloov pauv tiav, khaws cov chaw thiab kaw cov ntawv.

  5. Ua haujlwm nrog cov ntu server tiav. Khiav OpenVPN los ntawm cov qauv tsim qauvqhibvpn /etc/openvpn/server.conf.

  6. Tam sim no cia peb nqis qis rau neeg siv khoom. Raws li twb tau hais lawm, cov ntaub ntawv teeb tsa kuj tseem tsim nyob ntawm no, tab sis lub sijhawm no nws tsis yog khoom, yog li cov lus txib zoo li no:sudo cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf /etc/openvpn/client.conf.

  7. Khiav cov ntaub ntawv nyob rau hauv tib txoj kev raws li qhia saum toj no thiab ntxiv kab hauv qab no:

    tus thov kev pab
    dev tun
    proto udp
    tej thaj chaw deb 194.67.215.125 1194
    daws teeb meem-rov qab nrhiav qhov tseeb
    noble
    mob siab rau-qhov tseem ceeb
    persist-tun
    ca /etc/openvpn/easy-rsa/keys/ca.crt
    cert /etc/openvpn/easy-rsa/keys/Sergiy.crt
    yuam sij /etc/openvpn/easy-rsa/keys/Sergiy.key
    tls-auth ta.key 1
    comp-lzo
    verb 3    .

    Thaum kho tiav tiav lawm, tso OpenVPN:qhibvpn /etc/openvpn/client.conf.

  8. Sau npe cov lus txibifconfigkom paub tseeb tias qhov system ua haujlwm. Ntawm tag nrho cov txiaj ntsig tau qhia, ib qho interface yuav tsum yog tam sim no tun0.

Txhawm rau kom hloov tsheb thiab qhib kev nkag mus rau Is Taws Nem rau txhua tus neeg siv ntawm lub PC PC, koj yuav tsum ua kom cov kab lus hauv qab no ib tug dhau ib.

sysctl -w net.ipv4.ip_forward = 1
iptables -A INPUT -p udp --dport 1194 -j ACCEPT
iptables -I FORWARD -i tun0 -o eth0 -j ACCEPT
iptables -I FORWARD -i eth0 -o tun0 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Hauv tsab xov xwm niaj hnub no, koj tau qhia txog kev teeb tsa thiab kev teeb tsa ntawm OpenVPN ntawm tus neeg rau zaub mov thiab sab. Peb qhia koj kom them sai sai rau cov ntawv qhia uas muaj nyob hauv "Chaw Nres Tsheb" thiab kawm cov cim yuam kev, yog tias muaj. Cov kev coj ua no yuav pab kom tsis txhob muaj teeb meem ntxiv nrog rau kev sib txuas, vim hais tias kev daws qhov teeb meem kom sai tiv thaiv qhov tshwm sim ntawm lwm cov teeb meem uas tshwm sim.

Pin
Send
Share
Send

Nrov Posts

https://eifeg.com 2024