配置自己的openvpn-as,免费的支持2个客户端链接,有图(整个配置过程)

Web、Mail、Ftp、DNS、Proxy、VPN、Samba、LDAP 等基础网络服务
回复
头像
mickeywaley
帖子: 1424
注册时间: 2009-03-19 9:19
系统: ubuntu
来自: 江苏
送出感谢: 0
接收感谢: 2 次
联系:

配置自己的openvpn-as,免费的支持2个客户端链接,有图(整个配置过程)

#1

帖子 mickeywaley » 2009-10-18 9:52

Download Here
说明:http://www.openvpn.net/index.php/access ... -v123.html

http://www.openvpn.net/index.php/access ... pn-as.html
http://www.openvpn.net/images/download/ ... 8.i386.deb

http://www.openvpn.net/images/download/ ... amd_64.deb

http://www.openvpn.net/images/download/ ... 9.i386.deb

http://www.openvpn.net/images/download/ ... amd_64.deb

Introduction:
OpenVPN Access Server (OpenVPN-AS) is a set of installation and configuration tools that simplify the rapid deployment of a VPN remote access solution. It is based on the popular OpenVPN open-source software, making the deployed VPN immediately compatible with OpenVPN client software across multiple user platforms. OpenVPN-AS features include:

*
OpenVPN Access Server System Administrator GuideA simple, Web-based Admin UI for configuration and management.
*
An easy-to-use, GUI-based OpenVPN Client software package for Windows.
*
A Client Web Server that automatically generates a client configuration and a pre-configured Windows VPN Client software installer for the user upon successful login.
*
Integration with existing authentication systems using RADIUS, LDAP, and PAM

OpenVPN-AS gives you the broad support and robust security of the OpenVPN open-source software project, coupled with the configuration and management tools needed to deploy the VPN solution easily and quickly.

Note:
If you are interested in installing OpenVPN Access Server on a VPS container, please read this HOWTO page.
Installation Overview:

If you are upgrading from the Access Server v1.1.3, v1.2.0, v1.2.1 or v1.2.2 release, please see the instructions in the Access Server v1.2.3 Release Notes page.

Instructions:

1.

Download the OpenVPN-AS package file for your Linux platform (by selecting your Operating System and Version from the drop-down boxes above)
2.

As root, install the OpenVPN-AS package. For example,
Fedora/RedHat/CentOS:
rpm -i openvpn-as-1.2.3-Fedora9.x86_64.rpm
Ubuntu:
dpkg -i openvpn-as-1.2.3-Ubuntu8.amd_64.deb
3.

Run the “ovpn-init” program to choose initial settings
/usr/local/openvpn_as/bin/ovpn-init
4.

Access the Admin Web UI to continue configuration
5.

Obtain a license key from the License Page and activate it via the Admin Web UI
6.

Using the Admin Web UI, configure the desired network and authentication settings, then start the VPN Server
7.

Remote users login to the Client Web Server and download a pre-configured Windows VPN Client software installer or client configuration file
8.

Immediately after installing the Windows VPN Client software, remote users can access the VPN
DEB安装完毕后开始配置
输入

代码: 全选

sudo /usr/local/openvpn_as/bin/ovpn-init

代码: 全选

may@may-desktop:~$ sudo /usr/local/openvpn_as/bin/ovpn-init
[sudo] password for may: 

          OpenVPN Access Server v1.1
          Initial Configuration Tool
------------------------------------------------------
OpenVPN Access Server End User License Agreement (OpenVPN-AS EULA)

  1. Copyright Notice: OpenVPN Access Server License;
     Copyright (c) 2009 OpenVPN Technologies, Inc..  All rights reserved.
  2. Redistribution of OpenVPN Access Server binary forms and documents,
     are permitted provided that redistributions of OpenVPN Access Server
     binary forms and documents must reproduce the above copyright notice.
  3. You agree not to reverse engineer, decompile, disassemble, modify, translate,
     make any attempt to discover the source code of this software, or create
     derivative works from this software.
  4. THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED WARRANTIES,
     INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
     AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL
     OPENVPN TECHNOLOGIES, INC BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
     SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
     TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
     PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
     LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
     NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
     SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 

Please enter 'yes' to indicate your agreement [no]: yes

Once you provide a few initial configuration settings,
OpenVPN Access Server can be configured by accessing
its Admin Web UI using your Web browser.

Please specify the network interface and IP address to be
used by the Admin Web UI:
(1) all interfaces: 0.0.0.0
(2) ppp0: 222.185.86.243
(3) ppp0: 192.168.1.7
Please enter the option number from the list above (1-3).
> Press Enter for default [2]: 1

Please specify the port number for the Admin Web UI.
> Press ENTER for default [943]: 

Please specify the TCP port number for the OpenVPN Daemon
> Press ENTER for default [443]: 

Should client traffic be routed by default through the VPN?
> Press ENTER for default [yes]: yes

Should RFC1918 private subnets be accessible to clients by default?
> Press ENTER for default [yes]: yes

To initially login to the Admin Web UI, you must use a
username and password that successfully authenticate you
with the host UNIX system (you can later modify the settings
so that RADIUS or LDAP is used for authentication instead).

You can login to the Admin Web UI as 'root' with your existing
root password or specify a different user account to use for this
purpose. If you choose to use a non-root account, you can create
a new user account or specify an existing user account.

Do you wish to login as 'root'?
> Press ENTER for default [yes]: n

> Specify the username for an existing user or for the new user account: may
Note: This user already exists.


Initializing OpenVPN...
Writing as configuration file...
Perform sa init...
Wiping any previous userdb...
Creating default profile...
Modifying default profile...
Adding new user to userdb...
Modifying new user as superuser in userdb...
Getting hostname...
Hostname: may-desktop
Preparing web certificates...
Getting web user account...
Adding web group account...
Adding web user account...
Adding web group...
Adjusting license directory ownership...
Initializing userdb...
Generating init scripts...
Generating PAM config...
Generating init scripts auto command...
Starting openvpnas...

NOTE: Your system clock must be correct for OpenVPN Access Server
to perform correctly.  Please ensure that your time and date
are correct on this system.

Initial Configuration Complete!

You can now continue configuring OpenVPN Access Server by
directing your Web browser to this URL:

https://222.185.86.243:943/admin

Login as "may" with the same password used to authenticate
to this UNIX host.

See the Release Notes for this release at:
   http://www.openvpn.net/access-server/rn/openvpn_as_1_3_0.html


注册KEY
许可证密钥
每个许可证密钥激活了OpenVPN的连接到接入服务器客户的具体数量。
免费的许可证密钥的目的是让你和运行,将启动(2)客户端。
您可以购买更多的客户5.00美元/每客户端。最低购买10 $ 50(美元)并发客户端。
http://www.openvpn.net/index.php/access ... e-key.html
浏览器输入 https://222.185.86.243:943/admin 管理
新建用户件下图,
然后让用户访问 https://222.185.86.243:943 下载 配置文件或者软件来链接你的VPN


写了个脚本方便连接openvpn!!

-------说明-------
1、没有按照lsb-init的规则来写,只是怎么方便怎么写。
2、有什么BUG,添加了新功能跟帖
3、没什么别的意思,有违反什么规则的,版主删贴。

-------用法-------
看脚本

------安装-------
把ca.crt和client.conf复制到/etc/openvpn里面就OK了。
你不愿意?改脚本。

-----依赖------
废话,openvpn,bash.没了。

-----追加-----
需要ultravpn的帐号。
openvpn.tar.gz
(1.75 KiB) 下载 122 次
===================================
今天有重新安装了一次,截图下
临时地址是:https://222.185.86.243:943/
Screenshot-3.png
管理后台
Screenshot.png
KEY获取
Screenshot-2.png
KEY输入,确认
添加新用户,可以本机添加
Screenshot-4.png
添加新用户
用户权限管理界面
Screenshot.png
用户权限等管理
Screenshot-1.png
Screenshot-1.png
用户登入,下载配置文件或者客户端
LINUX,WINE,MAC都可以链接上来
Screenshot-5.png
日志界面
找人测试中。。。
网页登入OK,VPN使用应该也问题的说。
------
自己虚拟机拨号测试了,反正也一样,可以的独立IP
Screenshot.png
虚拟机WIN下载安装后登入openvpn
链接上后的
Screenshot-3.png
已经连接上
上次由 mickeywaley 在 2009-11-24 15:38,总共编辑 15 次。
lsl330
帖子: 294
注册时间: 2008-09-25 19:58
送出感谢: 0
接收感谢: 1 次

Re: 配置自己的openvpn-as,免费的支持2个客户端链接

#2

帖子 lsl330 » 2009-10-19 20:26

ultravpn貌似已经被G F W 废了吧
头像
relaxssl
帖子: 1448
注册时间: 2007-01-30 7:13
送出感谢: 5 次
接收感谢: 0

Re: 配置自己的openvpn-as,免费的支持2个客户端链接

#3

帖子 relaxssl » 2009-11-17 5:48

有没有破解license key的, 弄成无限连接?
头像
kaoxuchen
帖子: 28
注册时间: 2009-03-08 16:07
送出感谢: 0
接收感谢: 0

Re: 配置自己的openvpn-as,免费的支持2个客户端链接,有图(整个配置过程)

#4

帖子 kaoxuchen » 2010-02-20 23:12

标记一下 慢慢看 :em09
头像
pro1ove
帖子: 31
注册时间: 2008-12-05 23:24
送出感谢: 0
接收感谢: 0

Re: 配置自己的openvpn-as,免费的支持2个客户端链接,有图(整个配置过程)

#5

帖子 pro1ove » 2012-07-14 10:21

楼主你好,我在vps已经配置好了openvpn access server。

家里windows xp能够连上vpn,也能F墙。笔记本ubuntu12.04,用openvpn字符界面,也能连上vpn,在浏览器看ip也是vps的了。但是没法F墙,请问还要怎么设置好了?我配置了ip转发,也开启了iptables的转发,这方面不懂要怎么弄,到现在也没成功。

Ubuntu里连接vpn之前的路由表:

代码: 全选

0.0.0.0         192.168.0.1     0.0.0.0         UG    0      0        0 wlan0
169.254.0.0     0.0.0.0         255.255.0.0     U     1000   0        0 wlan0
173.224.215.16  192.168.0.1     255.255.255.255 UGH   0      0        0 wlan0
192.168.0.0     0.0.0.0         255.255.255.0   U     2      0        0 wlan0
连接vpn之后的路由表:

代码: 全选

0.0.0.0         5.5.0.1         128.0.0.0       UG    0      0        0 tun0
0.0.0.0         192.168.0.1     0.0.0.0         UG    0      0        0 wlan0
5.5.0.0         0.0.0.0         255.255.248.0   U     0      0        0 tun0
46.x.x.x  192.168.0.1     255.255.255.255 UGH   0      0        0 wlan0
128.0.0.0       5.5.0.1         128.0.0.0       UG    0      0        0 tun0
169.254.0.0     0.0.0.0         255.255.0.0     U     1000   0        0 wlan0
173.224.215.16  192.168.0.1     255.255.255.255 UGH   0      0        0 wlan0
192.168.0.0     0.0.0.0         255.255.255.0   U     2      0        0 wlan0
我猜服务端的配置应该没问题,因为xp可以正常F墙。客户端的配置文件我没有更改过。

client.ovpn:

代码: 全选

...
setenv FORWARD_COMPATIBLE 1
client
server-poll-timeout 4
nobind
remote 46.x.x.x 1194 udp
remote 46.x.x.x 1194 udp
remote 46.x.x.x 443 tcp
remote 46.x.x.x 1194 udp
remote 46.x.x.x 1194 udp
remote 46.x.x.x 1194 udp
remote 46.x.x.x 1194 udp
remote 46.x.x.x 1194 udp
dev tun
dev-type tun
ns-cert-type server
reneg-sec 604800
sndbuf 100000
rcvbuf 100000
auth-user-pass
# NOTE: LZO commands are pushed by the Access Server at connect time.
# NOTE: The below line doesn't disable LZO.
comp-lzo no
verb 3
setenv PUSH_PEER_INFO
...
我省略了证书了密钥这些。

提前感谢了。
hexiaoshi
帖子: 1
注册时间: 2017-08-25 1:29
系统: linux
送出感谢: 0
接收感谢: 0

Re: 配置自己的openvpn-as,免费的支持2个客户端链接,有图(整个配置过程)

#6

帖子 hexiaoshi » 2017-08-25 1:32

你好,,,楼主。。 你现在还没有破解了, 用户了嗯
回复

回到 “服务器基础应用”