Shulou(Shulou.com)06/01 Report--

This article focuses on "how OpenVPN is used on Linux". Interested friends may wish to take a look. The method introduced in this paper is simple, fast and practical. Now let the editor take you to learn how OpenVPN is used on Linux.

Recently, the machines in the Beijing computer room need to connect to the servers in the Shanghai computer room, and the VPN service used in the Shanghai computer room is OpenVPN. I also heard that the OpenVPN client can run on the Linux server, so I studied how OpenVPN can be used on the Linux server.

The Linux server information is as follows:

System: CentOS Linux release 7.5.1804 (Core)

Memory: 8GB

Hard disk: 100g

Install the OpenVPN client

It is relatively easy to install OpenVPN on Linux server. In order to facilitate installation, we use yum to install it directly. The specific process is as follows:

Yum-y install epel-releaseyum-y install openvpn

After OpenVPN installation is completed, the corresponding file is generated in / etc/openvpn, as shown below:

[root@ns1] # ll / etc/openvpn/total 8drwxrMurray Murray-2 root openvpn 34 Jul 26 15:06 clientdrwxr-x--- 2 root openvpn 6 Apr 26 23:04 server

Prepare configuration files and certificate files

Because we have installed the OpenVPN server before, see the OpenVPN installation configuration for details, here we can directly use the configuration file provided by it.

Note: the OpenVPN server we installed before integrates LDAP unified authentication, so we no longer need the certificate and key assigned by the server to the client, just the configuration file and the corresponding key, and we need to create a new account password file passwd.

After the configuration file has been modified, the / etc/openvpn directory structure is as follows:

[root@ns1 ~] # tree / etc/openvpn//etc/openvpn/ ├── client │ ├── ca.crt # server provides │ └── ta.key # server provides ├── client.ovpn # client configuration file ├── passwd # account password file, which needs to be created The first line is the account, and the second line is the password └── server2 directories, 4 files

Connection test

After the configuration is completed, we test it with command-line commands as follows:

Openvpn\-daemon\-cd / etc/openvpn\-config client.ovpn\-auth-user-pass / etc/openvpn/passwd\-log-append / var/log/openvpn.log

The command parameter description:

-- daemon # background operation-- cd # configuration file directory path-- config # configuration file name-- auth-user-pass # specified account password file-- log-append # log file

After the command is executed, you can view the related logs with the following command:

Tail-f / var/log/openvpn.log

At the end of the log, something similar to the following indicates that the connection is normal:

Thu Jul 26 15:19:43 2018 / sbin/ip addr add dev tun0 local 10.6.0.226 peer 10.6.0.225Thu Jul 26 15:19:43 2018 / sbin/ip route add 172.16.1.0/24 via 10.6.0.225Thu Jul 26 15:19:43 2018 / sbin/ip route add 10.0.0.0/8 via 10.6.0.225Thu Jul 26 15:19:43 2018 / sbin/ip route add 10.6.0.0/24 via 10 .6.0.225Thu Jul 26 15:19:43 2018 Initialization Sequence Completed

Finally, I would like to add the contents of the configuration file:

Clientdev tunproto tcpremote x.x.x.x 1194 # x.x.x.x represents the public network IP address resolv-retry infinitenobindpersist-keypersist-tunca client/ca.crt;cert client.crt of server IP address mapping Key client.keyremote-cert-tls servertls-auth client/ta.key 1cipher AES-256-CBCns-cert-type serverauth-user-passcomp-lzoverb 3 so far, I believe you have a deeper understanding of "how OpenVPN is used on Linux". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.