考虑到Ubuntu的一些底层的包和CentOS不一样,我决定重新查找CentOS上OpenVPN的安装方法。
安装OpenVPN
- 安装前的准备工作,我执行了如下指令(因为我的机器之前编译过别的东西,所以没有完全按照教程来)
yum install -y lz4-devel lzo-devel pam-devel openssl-devel systemd-devel sqlite-devel
- 下载OpenVPN并解压(我是去官网找的下载链接)
wget https://swupdate.openvpn.org/community/releases/openvpn-2.5.2.tar.gz
tar -zxvf openvpn-2.5.2.tar.gz
cd openvpn-2.5.2
- 编译安装(github上给的教程很简单,这个地方反倒有点复杂,我没有对比,不知道差别):
cd openvpn-2.5.2
autoreconf -i -v -f
./configure --prefix=/usr/local/openvpn --enable-lzo --enable-lz4 --enable-crypto --enable-server --enable-plugins --enable-port-share --enable-iproute2 --enable-pf --enable-plugin-auth-pam --enable-pam-dlopen --enable-systemd
make && make install
ln -s /usr/local/openvpn/sbin/openvpn /usr/local/sbin/openvpn
- 修改配置文件,并配置系统服务,并设置开机启动
vim /usr/local/openvpn/lib/systemd/system/openvpn-server@.service
### 找到 ExecStart 这行,改为如下
ExecStart=/usr/local/openvpn/sbin/openvpn --config server.conf
cp -a /usr/local/openvpn/lib/systemd/system/openvpn-server@.service /usr/lib/systemd/system/openvpn.service
systemctl enable openvpn.service
- 配置OpenVPN
|
|
sed -i ‘/net.ipv4.ip_forward/s/0/1/’ /etc/sysctl.conf
sed -i ‘/net.ipv4.ip_forward/s/#//’ /etc/sysctl.conf
sysctl -p
配置Window客户端
- 官网下载
https://openvpn.net/community-downloads/
ping不通:
- 关闭防火墙
- 设置端口转发
- 关闭Selinux
- 额,我的机器上不是eth0
- 断开链接了!!!
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eno1 -j MASQUERADE
iptables-save > /etc/sysconfig/iptables
grep ‘net.ipv4.ip_forward = 1’ /etc/sysctl.conf || echo ‘net.ipv4.ip_forward = 1’ » /etc/sysctl.conf
sysctl -p
一直无法链接,需要关闭防火墙(有点矛盾)
虚拟机未开!!!
http://www.r9it.com/20190420/install-openvpn.html#%E5%AE%89%E8%A3%85-openvpn
firewall-cmd –zone=public –add-port=1194/tcp –permanent