一、下载openvpn
[root@localhost ~]# yum -y install epel-release
[root@localhost ~]# yum -y install openvpn
二、创建一个配置文件的路径
#路径需要手动创建
[root@localhost ~]# mkdir -p /etc/openvpn/client/config/
三、把其他客户端的配置文件复制过来
下面这个是我Windows上的openvpn的客户端配置文件,可以直接拷贝到linux上面去用,里面包含ca证书等配置
image.png
四、把此配置文件放到刚刚创建的路径下(不用做任何改动)
[root@localhost config]# ls
client10.ovpn
[root@localhost config]# pwd
/etc/openvpn/client/config
五、启动openvpn
[root@localhost config]# openvpn /etc/openvpn/client/config/client10.ovpn
Fri Feb 18 18:17:40 2022 OpenVPN 2.4.11 x86_64-redhat-linux-gnu [Fedora EPEL patched] [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 21 2021
Fri Feb 18 18:17:40 2022 library versions: OpenSSL 1.0.2k-fips 26 Jan 2017, LZO 2.06
Fri Feb 18 18:17:40 2022 WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
Fri Feb 18 18:17:40 2022 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Feb 18 18:17:40 2022 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Feb 18 18:17:40 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]“一个IP”:1194
Fri Feb 18 18:17:40 2022 Socket Buffers: R=[212992->200000] S=[212992->200000]
Fri Feb 18 18:17:40 2022 UDP link local: (not bound)
Fri Feb 18 18:17:40 2022 UDP link remote: [AF_INET]“一个IP”:1194
Fri Feb 18 18:17:40 2022 TLS: Initial packet from [AF_INET]“一个IP”:1194, sid=f1f2d65b 73df2166
Fri Feb 18 18:17:40 2022 VERIFY OK: depth=1, CN=OpenVPN CA
Fri Feb 18 18:17:40 2022 VERIFY OK: nsCertType=SERVER
Fri Feb 18 18:17:40 2022 VERIFY OK: depth=0, CN=OpenVPN Server
......
......
......
Fri Feb 18 18:17:47 2022 /sbin/ip route add “一个IP”/24 metric 101 via “一个IP”
Fri Feb 18 18:17:47 2022 /sbin/ip route add “一个IP”/23 metric 101 via“一个IP”
Fri Feb 18 18:17:47 2022 /sbin/ip route add “一个IP”/20 metric 101 via “一个IP”
Fri Feb 18 18:17:47 2022 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Feb 18 18:17:47 2022 Initialization Sequence Completed
当结尾出现Initialization Sequence Completed表示连接成功
网友评论