Server

  • 下载OpenVPN

    sudo apt-get install openvpn

  • /usr/share/doc/openvpn/examples/sample-keys/文件夹下有好多keys,在server中,复制ca.crtserver.keyserver.crtdh2048.pem/etc/openvpn/server

    sudo cp /usr/share/doc/openvpn/examples/sample-keys/{ca.crt,server.key,server.crt,dh2048.pem} /etc/openvpn/server

  • 编写服务器配置文件

    port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
keepalive 10 120
user nobody
group nogroup
persist-key
persist-tun
verb 3

  • 启动OpenVPN Server

    cd /etc/openvpn/server
sudo openvpn --config server.conf

  • 这时如果查看ip地址可以看到tun0接口,地址是10.8.0.1

Client

  • 下载OpenVPN

    sudo apt-get install openvpn

  • 从Server上复制对应的ca.crtclient.crtclient.key

    sudo scp username@address:/usr/share/doc/openvpn/examples/sample-keys/{ca.crt,client.crt,client.key} /etc/openvpn/client

  • 编写client.conf

    client
dev tun
proto udp
remote SERVER_ADDR 1194
ca ca.crt
cert client.crt
key client.key
user nobody
group nogroup
persist-key
persist-tun
verb 3

  • 启动OpenVPN Client

    cd /etc/openvpn/client
sudo openvpn --config client.conf

  • 这时如果执行

    ping 10.8.0.1

    成功,说明OpenVPN成功建立