CentOS 使用webmin安装,管理openvpn server

2011年6月17日 | 分类: 翻墙相关 | 标签: , , ,

CentOS 使用webmin安装,管理openvpn server
准备工作:
Tips:如何确认是否开启了tun/tap?
cat /dev/net/tun
如果返回信息为:cat: /dev/net/tun: File descriptor in bad state 说明正常,否则发个ticket给VPS公司让他们帮忙开吧。
另外如果你需要连上OpenVPN后能访问互联网,还需要iptables_nat模块支持,用这个命令检测:iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o venet0 -j MASQUERADE
如果返回信息为:iptables: Unknown error 4294967295 说明正常,否则同样发个ticket给VPS公司让他们帮忙开吧。

一 安装webmin和openvpn
安装webmin
wget http://prdownloads.sourceforge.net/webadmin/webmin-1.550-1.noarch.rpm
rpm -U webmin-1.550-1.noarch.rpm

安装openvpn
需要先安装rpmforge扩展安装包
CentOS 5 32bit 安装如下:
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.i386.rpm
rpm –import http://apt.sw.be/RPM-GPG-KEY.dag.txt
rpm -K rpmforge-release-0.5.2-2.el5.rf.*.rpm
rpm -i rpmforge-release-0.5.2-2.el5.rf.*.rpm

其他版本安装可以参照此文 http://wiki.centos.org/AdditionalResources/Repositories/RPMForge

安装openvpn
yum install openvpn -y

二 配置网络
配置iptables转发规则
/sbin/iptables -t nat -A POSTROUTING -s 10.8.0.0/255.255.255.0 -j SNAT –to-source 你的ip
/etc/int.d/iptables save
/etc/init.d/iptables restart

开启ip-forward:
sysctl -w net.ipv4.ip_forward=1
同时修改 /etc/sysctl.conf 将 net.ipv4.ip_forward 的值修改为1

三webmin加载 OpenVPN-admin

安装完webmin后,通过浏览器登录系统,

http://yourip:10000

接着通过root帐号密码登录
接下来开始安装openvpn的web管理界面
进入webmin,打开 Webmin Configuration,找到Webmin Modules,在Third party modules from 里找到 OpenVPN-admin 并安装。

四 建立vpn:
建立CA认证中心

如图

点击Certification Authority List 进入查看已经建立的CA

点击my_vpn_ca的key list 进入密钥生成阶段

生成server端密钥:

生成一个client端密钥:

进入VPN List

建立新VPN Server:

建立VPN客户端配置文件

启动openvpn
切换到OpenVPN+CA首页,点击 Start OpenVPN anniu

设置 openvpn随系统启动

在webmin里找到 Bootup and Shutdown
选择 openvpn 然后点 Start On Boot 按钮就可以了。

引用文档 http://www.hitidc.com/thread-101-1-1.html

https://sites.google.com/site/sggggy/Home/-journal/Force/page-56

原文http://6tony.wordpress.com/2011/06/15/centos-%E4%BD%BF%E7%94%A8webmin%E5%AE%89%E8%A3%85%EF%BC%8C%E7%AE%A1%E7%90%86openvpn-server/

发表评论
  1. AS
    2011年6月17日13:07
    回复 | 引用 | #1

    vpnpptp – VPNPPTP is a simple configure and use program for VPN PPTP/L2TP connection on Linux – Google Project Hosting
    https://code.google.com/p/vpnpptp/

    “VPNPPTP – это простая в использовании и конфигурировании программа для VPN-соединений через PPTP и через L2TP для Linux. Она написана на FreePascal с использованием Shell скриптов.

    VPNPPTP is a simple configure and use program for VPN PPTP/L2TP connection on Linux. It is writing on FreePascal by Lazarus and Shell scripts.

    Пакет входит в дистрибутивы: дистрибутивы Edumandriva, российский Mandriva Power Pack, MagOS, MiniOS, КСоНоМи, PCLinuxOS Russian Community Edition, Сиалия. Также пакет на сегодняшний день используется в PCLinuxOS, Ubuntu, Debian, openSUSE, Fedora, Mageia, в дистрибутивах, похожих на них. На данный момент VPNPPTP – единственный не имеющий аналогов графический инструмент для настройки и управления соединением VPN L2TP, способный работать в любом дистрибутиве Linux в любом DE.

    Инструкции (они же интегрированы в программу по кнопке ):

    http://vpnpptp.googlecode.com/files/Help_ru.doc (рус.) http://vpnpptp.googlecode.com/files/Help_uk.doc (укр.) http://vpnpptp.googlecode.com/files/Help_vpnmandriva_mcc_ru.doc (рус.) ”
    Downloads – vpnpptp – VPNPPTP is a simple configure and use program for VPN PPTP/L2TP connection on Linux – Google Project Hosting
    https://code.google.com/p/vpnpptp/downloads/list

    (CentOS 使用webmin安装,管理openvpn server)

    • iGFW
      2011年6月17日16:28
      回复 | 引用 | #2

      感谢,这个不错

  2. AS
    2011年6月17日12:53
    回复 | 引用 | #3

    socialvpn – A free and open-source P2P VPN that connects you to your friends – Google Project Hosting
    https://code.google.com/p/socialvpn/

    “This is a free and open-source P2P Social Virtual Private Network (VPN) that seamlessly networks your computer with the computers of your friends so that:

    Your computer can communicate directly to computers of your friends, and all communication is encrypted and authenticated. In other words, you are in full control of who you connect to and all your communications are private.
    This private network is configured with no hassle. The social VPN does all the configuration automatically for you. All you and your friends need to do is run this software and log in to your XMPP backend (such as Google chat, or Jabber.org).
    You and your friends can communicate, share and collaborate in countless ways, with existing applications, like iTunes, Windows shared folders, and remote desktop. You can share files and folders, stream music and video, play multi-user games, access remote desktops, and run a Web server private to your friends.
    If you own multiple computers at different places, you can also use the Social VPN to seamlessly access your files, desktop, etc remotely – creating your own personal VPN. ”
    Downloads – socialvpn – A free and open-source P2P VPN that connects you to your friends – Google Project Hosting
    https://code.google.com/p/socialvpn/downloads/list

    “socialvpn_0.5.1.deb SocialVPN 0.5.1 for Debian/Ubuntu Featured Feb 7 Feb 7 808 KB
    socialvpn_0.5.1.exe SocialVPN 0.5.1 for Windows Featured Feb 7 Feb 7 1002 KB
    socialvpn_0.5.0.deb SocialVPN 0.5.0 Debian/Ubuntu Installer Featured Dec 6 797 KB
    socialvpn_0.5.0.exe SocialVPN 0.5.0 Windows Installer Featured Dec 6 991 KB”

    (CentOS 使用webmin安装,管理openvpn server)