How to setup Linux OpenVPN client
来源:互联网 发布:数控拉料器怎么编程 编辑:程序博客网 时间:2024/06/05 17:17
参考:
1. http://www.techrepublic.com/blog/opensource/how-to-set-up-a-linux-openvpn-client/1894
2. https://stomp.colorado.edu/blog/blog/2010/07/02/on-the-openvpn-cli-and-dns/
在linux下使用openvpn客户端,比在windows下使用稍微复杂一些。不过,今天终于成功了。在此,把步骤和遇到的问题共享出来。
主要步骤
1. 使用环境:
系统:fedora18(x86版本 3.6.10-4.fc18.i686)
openvpn版本: 2.2.2。(通过yum从fedora的repo直接安装。openvpn官网被墙了:)
2.证书及配置文件:
执行如下,将客户端证书和配置文件client.conf, 复制到/etc/openvpn目录下:
# cd /etc/openvpn# cp ~/client.{key,crt} .# cp ~/ca.crt .# cp /usr/share/doc/openvpn-2.0.9/sample-config-files/client.conf client.conf编辑client.conf文件,输入如下内容:
clientdev tunproto udpremote linsec.ath.cx 1194 #这里输入实际服务器的ip地址,服务端口号resolv-retry infinitenobinduser nobodygroup nobodypersist-keypersist-tunca ca.crt #这3个文件对应上一步的文件cert client1.crtkey client1.keycomp-lzopull dhcp-options
3.启动服务:
# openvpn client.conf成功,则输出如下:
Tue Feb 26 23:11:20 2013 UDPv4 link local: [undef]Tue Feb 26 23:11:20 2013 UDPv4 link remote: 106.187.103.54:9991 #卡在这里的话,换端口号,或检查服务器端是否运行Tue Feb 26 23:11:24 2013 [server] Peer Connection Initiated with 108.118.88.3:9991Tue Feb 26 23:11:26 2013 TUN/TAP device tun0 openedTue Feb 26 23:11:26 2013 /sbin/ip link set dev tun0 up mtu 1500Tue Feb 26 23:11:26 2013 /sbin/ip addr add dev tun0 local 10.8.0.6 peer 10.8.0.5Tue Feb 26 23:11:26 2013 /etc/openvpn/client.up tun0 1500 1542 10.8.0.6 10.8.0.5 initToo many nameservers - ignoring after thirdRTNETLINK answers: File existsTue Feb 26 23:11:26 2013 ERROR: Linux route add command failed: external program exited with error status: 2Tue Feb 26 23:11:26 2013 GID set to nobodyTue Feb 26 23:11:26 2013 UID set to nobodyTue Feb 26 23:11:26 2013 Initialization Sequence Completed #输出这句就成功拉。^~^遇到的问题
1.client端dns设置问题:vpn通道建立成功后,但还是无法访问墙外的网站虽然vpn建立成功了,client端的dns服务器地址还是原来的(查看/etc/resolv.conf),当访问网站时,仍然使用原来的dns地址(这些dns通常是运营商推送来的,自然是不会解析那些网站的可用ip)。所以,要想办法,在vpn建立成功后,自动获取vpn服务器推送的dns。同时,在vpn断开连接后,恢复原来的dns。方法如下:首先,复制 /usr/share/doc/openvpn-version/contrib/pull-resolv-conf/目录下的client.down和client.up到/etc/openvpn/目录下。设置这两个文件的执行权限:#chmod 755 /etc/openvpn/client.*然后,编辑配置文件client.conf,增加如下内容:up /etc/openvpn/client.upplugin /usr/lib/openvpn/plugin/lib/openvpn-down-root.so "/etc/openvpn/client.down"最后,执行如下命令:openvpn --config vpn.conf --script-security 2 注:服务器端需要推送正确的dns,可配置服务器的server.conf文件,增加如下内容:push “dhcp-option DNS 8.8.8.8″push “dhcp-option DNS 202.106.0.20″ #这个地址貌似不好用
- How to setup Linux OpenVPN client
- How to set up a Linux OpenVPN client
- How to setup tomcat in linux?
- How To Setup MogileFS
- how to setup DatabaseMail
- How To Setup MogileFS
- how to setup mysql
- How to setup linked servers for SQL Server and Oracle 64 bit client
- How to setup linked servers for SQL Server and Oracle 64 bit client
- How to Setup a Linux Firewall with PPPoE/NAT/iptables
- HOW TO SETUP BUMBLEBEE STEREO CAMERA UNDER LINUX
- How to setup CI development environment in Linux
- HOW TO SETUP BUMBLEBEE STEREO CAMERA UNDER LINUX
- how to setup svn repos
- How To Setup a CA
- How to setup SVN server
- How to Setup A Database
- How to Install WeChat Desktop Client in Ubuntu Linux
- 上移下移等操作的通用存储过程
- libnl-1.1 移植到ARM Linux
- http协议详解
- Allegro椭圆孔攻略
- 详细介绍jsp中action的功能
- How to setup Linux OpenVPN client
- SQL提供的主要数据类型(也称域类型)有:
- access2007数据库连接字符串
- DB2事务日志使用经验
- HDU 1541 Stars
- 进入黑马day3-xml三种解析方法比较
- 进入黑马day3-HTTP协议与tomcat协议
- 奇数在左偶数在右
- jquery按钮控制text文本框商品数量增加或减少
