OpenVPN yog ib qho ntawm VPN kev xaiv (virtual private network los yog private virtual networks), lub hom phiaj kom paub cov ntaub ntawv hloov dua ib tug tshwj xeeb tsim encrypted channel. Nyob rau hauv txoj kev no, koj tuaj yeem txuas ob lub hauv paus computers lossis tsim kom muaj kev sib koom tes nrog cov neeg rau zaub mov thiab ntau tus neeg. Nyob rau hauv tsab xov xwm no peb yuav kawm txog kev tsim kom muaj ib tus neeg rau zaub mov thiab kho nws.
Peb sib kho OpenVPN neeg rau zaub mov
Raws li tau hais saum toj no, siv cov lus nug ntawm technology, peb tuaj yeem xa cov ntaub ntawv tshaj tawm txoj kev sib txuas lus ruaj ntseg. Qhov no tuaj yeem ua ntaub ntawv sib faib los sis nkag mus rau hauv Internet los ntawm ib tus neeg ua hauj lwm uas yog ib qho rooj vag. Los tsim nws, peb tsis xav tau cov cuab yeej siv ntxiv thiab kev paub tshwj xeeb - txhua yam yog ua tiav hauv lub computer uas koj npaj yuav siv los ua ib tus neeg siv VPN.
Ntxiv rau kev ua haujlwm, koj yuav tsum tau kho cov neeg sab nraud ntawm cov cav tov cov neeg siv network. Tag nrho cov hauj lwm los ntawm kev tsim cov yuam sij thiab cov ntawv pov thawj, uas tau muab xa mus rau cov neeg tau txais kev pab. Cov ntaub ntawv tso cai rau koj tau txais ib qho IP chaw thaum txuas mus rau tus neeg rau zaub mov thiab tsim cov channel uas tau hais saum toj no. Tag nrho cov ntaub ntawv kis tau los ntawm nws tuaj yeem nyeem nrog ib qhov tseem ceeb xwb. Qhov no feature tau ho txhim kho kev ruaj ntseg thiab kom ntseeg tau cov ntaub ntawv.
Txhim kho OpenVPN nyob rau hauv lub tshuab neeg rau zaub mov
Lub installation yog ib txoj kev rau cov txheej txheem nrog qee cov nuances, uas peb yuav tham txog ntau yam.
- Thawj kauj ruam yog mus download tau qhov kev pab cuam los ntawm qhov link hauv qab no.
Download tau OpenVPN
- Tom ntej no, khiav lub installer thiab mus rau kev xaiv cov qhov rai. Ntawm no peb yuav tsum tau muab ib daim ntawv kho mob ze ntawm qhov khoom nrog lub npe "EasyRSA"uas tso cai rau koj los tsim cov ntaub ntawv ntawm daim ntawv pov thawj thiab cov yawm sij, thiab tswj lawv.
- Cov kauj ruam tom ntej yog xaiv qhov chaw rau lub installation. Rau kev yooj yim, muab qhov kev pab cuam hauv lub hauv paus ntawm qhov system C:. Ua li no, tsuas yog tshem tawm qhov tshaj. Nws yuav tsum ua haujlwm
C: OpenVPN
Peb ua li no kom tsis txhob poob siab thaum executing scripts, vim hais tias qhov chaw nyob hauv txoj kev tsis raug tso cai. Koj tuaj yeem coj tau cov lus nug, tiam sis kev mloog zoo yuav poob, thiab nrhiav kev tsis raug nyob rau hauv qhov chaws tsis yooj yim.
- Tom qab tag nrho cov chaw, nruab qhov kev pab cuam nyob rau hauv hom qub.
Configuring sab neeg rau zaub mov
Thaum ua tau raws li cov hauv qab no koj yuav tsum yog tus kws lij choj kom zoo. Cov flaws yuav ua rau cov neeg ua hauj lwm tsis ua hauj lwm. Lwm qhov yuav tsum ua - koj tus account yuav tsum muaj tus neeg khiav dej num txoj cai.
- Mus rau qhov directory "yooj yim-rsa"uas nyob rau hauv peb cov ntaub ntawv nyob ntawm
C: OpenVPN yooj yim-rsaNrhiav cov ntaub ntawv vars.bat.sample.
Rename nws mus vars.bat (rho tawm lo lus "qauv" nrog rau taw tes).
Qhib cov ntaub ntawv no hauv Notepad ++ editor. Qhov no yog qhov tseem ceeb, vim nws yog phau ntawv no uas tso cai rau koj hloov kho thiab txuag cov cim, uas yuav pab kom tsis txhob raug thaum khiav lawv.
- Ua ntej tshaj tawm, rho tag nrho cov lus tseem ceeb hauv ntsuab - lawv tsuas yog rau peb. Peb tau txais cov hauv qab no:
- Ntxiv mus, hloov txoj kev mus rau lub nplaub tshev "yooj yim-rsa" qhov peb taw tes tawm thaum nruab nrab. Hauv qhov no, tsuas rho tawm qhov txawv. % ProgramFiles% thiab hloov nws mus C:.
- Cov nram qab no plaub tsis tshuav tsis hloov lawm.
- Cov seem ntxiv yog cov uas tsis txaus siab. Cov piv txwv nyob rau hauv lub screenshot.
- Tseg cov ntaub ntawv.
- Koj kuj yuav tau hloov cov ntaub ntawv hauv qab no:
- ua-ca.bat
- tsim-dh.bat
- tsim-key.bat
- tsim-tseem ceeb-pass.bat
- tsim-tseem ceeb-pkcs12.bat
- tsim-yuam-server.bat
Lawv yuav tsum hloov cov pab pawg
opensslmus rau txoj kev mus rau cov ntaub ntawv coj los siv openssl.exe. Tsis txhob hnov qab txuag cov kev hloov.
- Tam sim no qhib lub nplaub tshev "yooj yim-rsa"clamping UA HAUJ LWM thiab nias PKM rau ntawm qhov chaw dawb (tsis yog cov ntaub ntawv). Hauv cov ntawv qhia zaub mov, xaiv cov khoom "Qhib qhov qhib qhov rai".
Yuav pib "Hais kom ua kab" nrog rau kev hloov mus rau cov hom phiaj uas twb tiav lawm.
- Sau cov lus txib hauv qab no thiab nias ENTER.
vars.bat
- Tom ntej, khiav lwm "batch file."
huv-all.bat
- Rov qab hais thawj kab lus.
- Cov kauj ruam tom ntej yog los tsim cov ntaub ntawv tsim nyog. Ua li no, siv qhov kev hais kom ua
ua-ca.batTom qab tiav, lub kaw lus yuav muab kom paub meej tias cov ntaub ntawv uas peb nkag mus rau hauv daim ntawv thov siv siv.bat. Cia li nias ob peb zaug. ENTERkom txog rau thaum cov hlua thawj.
- Tsim DH-Key siv cov ntaub ntawv tso tawm
tsim-dh.bat
- Peb tab tom npaj ib daim ntawv pov thawj rau cov neeg rau zaub mov. Muaj ib qho tseem ceeb. Nws xav tau los muab lub npe uas peb tau sau tseg rau hauv vars.bat hauv kab "KEY_NAME". Hauv peb qhov piv txwv, qhov no Lumpics. Qhov hais kom ua yog raws li nram no:
tsim-yuam-server.bat LumpicsNtawm no koj kuj yuav tsum tau xyuas cov ntaub ntawv uas siv tus yuam sij ENTER, thiab tseem sau ib tsab ntawv ob zaug "y" (yog) qhov uas yuav tsum tau muaj (saib screenshot). Qhov kev hais kom ua yuav raug kaw.
- Hauv peb phau ntawv "yooj yim-rsa" Nws muaj daim nplaub tshev tshiab nrog lub npe "yuam sij".
- Nws cov ntsiab lus yuav tsum tau theej thiab muab tso rau hauv daim nplaub tshev. "ssl"uas yuav tsum tau tsim nyob rau hauv cov hauv paus hauv paus ntawm qhov kev zov me nyuam.
Saib ntawm daim nplaub tshev tom qab muab cov ntaub ntawv theej:
- Tam sim no mus rau qhov directory
C: OpenVPN configNtawm no peb tsim ib phau ntawv (PCM - Tsim - Ntawv sau ntawv), rename nws mus server.ovpn thiab qhib hauv Notepad ++. Peb nkag mus rau cov cai nram no:
chaw nres nkoj 443
proto udp
dev tun
dev "ntawm VPN Lumpics"
Dhau C: OpenVPN ssl dh2048.pem
ca C: OpenVPN ssl ca.crt
C: OpenVPN ssl Lumpics.crt
qhov tseem ceeb C: OpenVPN ssl Lumpics.key
neeg rau zaub mov 172.16.10.0 255.255.255.0
max-neeg 32
keepalive 10 120
tus neeg mob-rau-tus neeg mob
comp-lzo
persist-tseem ceeb
mob siab
cipher DES-CBC
txheej xwm C: OpenVPN log status.log
cav C: OpenVPN log openvpn.log
zaj lus qhia 4
suab mute 20Thov nco ntsoov tias cov npe ntawm cov ntawv pov thawj thiab cov yawm sij yuav tsum thooj cov sawv daws nyob hauv daim nplaub tshev "ssl".
- Tom ntej, qhib "Tswj Vaj Huam Sib Luag" thiab mus rau "Network Control Center".
- Nyem ntawm qhov link "Hloov cov adapter nqis".
- Ntawm no peb yuav tsum nrhiav kev txuas los ntawm "TAP-Windows Adapter V9". Qhov no yuav ua tau los ntawm txhaj rau kev txuas ntawm RMB thiab mus rau nws cov khoom.
- Rename nws mus "VPN Lumpics" tsis muaj quotes. Lub npe no yuav tsum haum qhov parameter. "dev-node" hauv ntaub ntawv server.ovpn.
- Cov kauj ruam kawg yog pib ua haujlwm. Nias ua ke tseem ceeb Yeej + R, sau kab hauv qab no thiab nias ENTER.
services.msc
- Nrhiav kev pabcuam nrog lub npe "OpenVpnService", nyem RMB thiab mus rau nws cov khoom.
- Pib hom pib hloov "Tsis siv neeg", pib qhov kev pabcuam thiab nias "Thov".
- Yog tias peb tau ua txhua yam kom raug, ces tus liab liab yuav tsum ploj ze ntawm tus adapter. Qhov no txhais tau hais tias kev twb kev txuas yog npaj mus.
Configuring tus neeg mob
Ua ntej koj pib tuaj rau tus neeg thov, koj yuav tsum tau ua ntau yam ntawm tus neeg siv khoom siv tshuab - tsim cov yawm sij thiab ib daim ntawv pov thawj kom paub txog qhov kev txuas.
- Mus rau qhov directory "yooj yim-rsa"ces mus nplaub tshev "yuam sij" thiab qhib cov ntaub ntawv index.txt.
- Qhib cov ntaub ntawv, tshem tag nrho cov txheej txheem thiab tseg.
- Rov qab mus "yooj yim-rsa" thiab khiav "Hais kom ua kab" (NQAJ + PCM - Qhib cov lus qhib qhov rai).
- Ntxiv mus, khiav vars.batthiab mam li tsim ib daim ntawv pov thawj rau neeg mob.
tsim-key.bat vpn-neeg
Qhov no yog daim ntawv pov thawj rau tag nrho cov cav tov hauv lub network. Kev ruaj siab muaj zog, koj tuaj yeem tsim koj cov ntaub ntawv rau txhua lub computer, tab sis lawv npe txawv (tsis yog "vpn-neeg"thiab "vpn-client1" thiab ntxiv rau). Hauv qhov no, koj yuav tsum rov ua txhua theem, pib nrog tu index.txt.
- Cov kauj ruam kawg yog hloov ntaub ntawv. vpn-client.crt, vpn-client.key, ca.crt thiab dh2048.pem rau tus neeg mob. Koj tuaj yeem ua qhov no rau txhua txoj kev yooj yim, piv txwv li, sau ntawv rau USB flash drive lossis xa mus rau hauv lub network.
Ua haujlwm uas yuav tsum tau ua ntawm tus neeg tau txais kev pabcuam:
- Nruab OpenVPN nyob rau hauv txoj kev niaj zaus.
- Qhib cov directory nrog cov kev pab cuam ntsia thiab mus rau lub nplaub tshev "config". Ntawm no koj yuav tsum tau muab peb daim ntawv pov thawj thiab cov ntaub ntawv tseem ceeb.
- Nyob hauv tib phau ntawv, tsim ib phau ntawv cia thiab rhais nws config.ovpn.
- Qhib hauv cov editor thiab sau cov cai nram qab no:
tus neeg mob
rov ua dua tshiab dua
tsis muaj dab tsi
tej thaj chaw deb 192.168.0.15 443
proto udp
dev tun
comp-lzo
ca ca.crt
cert vpn-client.crt
tseem ceeb vpn-client.key
za dh2048.pem
ntab
cipher DES-CBC
keepalive 10 120
persist-tseem ceeb
mob siab
verb 0Hauv kab "chaw taws teeb" Koj tuaj yeem tso npe rau lwm tus IP-chaw nyob ntawm lub tshuab neeg siv tshuab - yog li peb tau nkag mus rau hauv Internet. Yog tias koj tawm txhua yam raws li nws, nws yuav tsuas yuav tau mus txuas rau cov neeg rau zaub mov ntawm ib qho channel encrypted.
- Khiav lub OpenVPN GUI sawv cev ntawm tus neeg khiav dej num siv lub shortcut ntawm lub desktop, tom qab ntawd ces hauv lub tais peb pom cov duab icon, nias PCM thiab xaiv thawj cov npe nrog lub npe "Txuas".
Qhov no ua tiav qhov kev sib tham ntawm OpenVPN neeg rau zaub mov thiab tus neeg siv khoom.
Xaus
Npaj koj tus kheej lub VPN network yuav cia koj tiv thaiv cov ntaub ntawv xa mus kom ntau li ntau tau, nrog rau kev ua Internet surfing kev ruaj ntseg. Qhov tseem ceeb tshaj plaws yog kom muaj kev xyuam xim thaum teem cov neeg rau zaub mov thiab tus neeg tau txais kev pab, nrog rau cov kev nqis tes uas koj siv tau tag nrho cov txiaj ntsig ntawm tus kheej virtual network.
