一键部署超级简单易用的openvpn服务器，支持多证书+多账号...

fudyou · 发表于 2022-6-22 10:34:02

一. 服务器端部署项目地址：https://github.com/guoew/openvpn-install
1.1. 下载安装

# git clone https://github.com/guoew/openvpn-install.git' X+ @& M+ t0 D7 V p \5 k: Y% g
# cd openvpn-install && bash openvpn-install.sh
% ?- Z. C) m$ `9 y' R2 \' m
Welcome to this OpenVPN "road warrior" installer!
, u7 ^6 [/ r$ Q% |# Y
3 N9 n5 E( X6 B$ d6 d& u
I need to ask you a few questions before starting the setup.
7 i1 B c* ?' H) S
You can leave the default options and just press enter if you are ok with them.2 G5 N* P& c$ ?( E
7 m$ a' V1 r* J1 `4 q; p7 F: `
First, provide the IPv4 address of the network interface you want OpenVPN
+ D7 ?/ j- z+ l9 |
listening to.& c7 v) _- k# M; A0 n) E
IP address: 172.27.0.2 #默认获取本机ip,直接回车" z' ^; w+ p: D# D% ^% t
( N" {4 s! i5 c* J
This server is behind NAT. What is the public IPv4 address or hostname?
9 J b' V$ O& O L3 d q. M
Public IP address / hostname: 18.24.64.250 #输入主机公网ip
1 H$ ]% c1 k! {. S( ~2 w/ J
4 ^' d/ _5 Y" {5 D
Which protocol do you want for OpenVPN connections?8 |* j. [6 A6 x; O
1) UDP (recommended)% s3 u7 B: R9 Q o5 k/ E6 M4 T
2) TCP, ]/ z( Z* c! v# e0 x0 F# s" I
Protocol [1-2]: 1 #选择连接协议
- Z3 ]! Q; P; X) t
7 F, P; v4 G( i; g3 y& B! O
What port do you want OpenVPN listening to?
' ]7 @& @$ H# f+ l
Port: 1194 #设置openvpn监听端口6 h/ _( v5 j9 \) e/ ~
/ o% |, J- A& c8 C3 f
Which DNS do you want to use with the VPN?
( {& b# E( n3 T% w& p- u [% ]* Z
1) Current system resolvers# W4 T8 a* Z2 z/ R, U% h& j) ]
2) 1.1.1.1 r) w8 A9 }( h9 [" A1 N2 D) j7 H
3) Google4 I- {3 T5 {+ h5 T2 a3 s
4) OpenDNS
( H# b; {* q' n+ R3 S+ M
5) Verisign
8 _" Y' p6 C3 G+ p7 S( a8 L
DNS [1-5]: 1 #选择DNS
+ q, E# u0 z. ?
7 Z% d4 Z! g1 o* Z" B# n" G
Finally, tell me your name for the client certificate.
8 D! n( R1 \) X* L: v+ H, F
Please, use one word only, no special characters.
# z( f- _- o. \ c1 P1 ]
Client name: client #设置客户端名称
( _ o" `, b. }5 o; `+ O
- L0 J7 Q9 p& f& z9 \" v* ~
Okay, that was all I needed. We are ready to set up your OpenVPN server now.4 ^" C" L6 w5 q
Press any key to continue... #任意键继续
! |9 H r/ J! e) l9 {3 t; l6 ^
...
0 b: \7 D# S$ j: r0 S0 ^
An updated CRL has been created.
G# ?% _/ W" G9 T1 N" v7 X; B
CRL file: /etc/openvpn/server/easy-rsa/pki/crl.pem
# a* M9 L' ?0 L4 g, _: g4 _% N
5 S1 h; J1 D2 b: M
Created symlink /etc/systemd/system/multi-user.target.wants/openvpn-iptables.service → /etc/systemd/system/openvpn-iptables.service.
$ q/ T$ f- O2 N& L/ T) G
Created symlink /etc/systemd/system/multi-user.target.wants/openvpn-server@server.service → /lib/systemd/system/openvpn-server@.service.5 z: A0 E3 t4 e- v3 Q5 ]
4 r* `& F0 }$ v
Finished! #最终看到Finished时表示安装完毕7 s. w: ^6 a5 Y3 q1 e8 y( }
. a3 c( J6 r4 A+ R! s! J
Your client configuration is available at: /root/client.ovpn #客户端配置文件路径# y3 a" Y+ f4 F$ W& P% |& l0 c
If you want to add more clients, you simply need to run this script again! & ~/ ^) j) {3 E8 C P9 k

复制代码

将客户端配置文件 /root/client.ovpn，下载到本地以备客户端使用
1.2. 添加账号在openvpn目录下的userfile.sh中添加用户和密码，以空格隔开

# cat /etc/openvpn/userfile.sh
& `3 ~8 Y/ r4 L
guoew guoew123
3 D' w. w; I, z0 t
yakexi yakexi123/ y u9 y8 p; l/ f5 B

复制代码

截止现在一个超级简单的openvpn服务就已经搭建好了，接下来将使用客户端连接openvpn服务器(以win10为例)
二. 客户端部署使用2.1. 安装openvpn客户端

客户端下载地址：https://swupdate.openvpn.org/community/releases/openvpn-install-2.4.0-I602.exe
, P' m* p( g- V: K7 I安装步骤略(可自定义安装路径)' K/ ]6 B( M/ ?5 Q

2.2. 配置客户端将安装好的客户端打开，点击Import file 把准备好的客户端配置文件导入进去。
2.3. 连接openvpn服务器打开客户端，点击Connect，使用服务器端已添加的账号登录

END
附：安装完毕后，再次执行脚本openvpn-install.sh 会有四个菜单选项(添加、撤销、卸载、退出)，可根据自身实际情况应用,如下：

Looks like OpenVPN is already installed.0 ~, u/ L3 d% O. Q8 `6 t- B
% F' u' N( R# r: ~" z9 Z
What do you want to do?
9 V! E* W7 o4 L! M: b& X3 S
1) Add a new user" d: U0 ]& S8 [" `! @8 [' ^
2) Revoke an existing user4 t& C0 P% ]8 L7 D4 p6 |
3) Remove OpenVPN* J. h* K$ G- @8 i
4) Exit
$ e/ u. f3 q% P
Select an option [1-4]:
1 C8 Y5 q/ y# s" L& X' E5 ~! g7 p9 \

复制代码

这里有个不足之处是，当使用多证书时，账号是通用的。即同一个账号，可以应用于不同的证书。
如果想要不同用户使用不同的证书进行登录[无账号]，欢迎访问原项目地址：
https://github.com/Nyr/openvpn-install

		自动登录	找回密码
密码			立即注册