{"id":1151,"date":"2010-04-07T14:14:04","date_gmt":"2010-04-07T06:14:04","guid":{"rendered":"http:\/\/blog.nuface.tw\/?p=1151"},"modified":"2018-05-11T16:26:59","modified_gmt":"2018-05-11T08:26:59","slug":"openvpn-%e5%bb%ba%e7%bd%ae%e7%ad%86%e8%a8%98%e7%ac%ac6%e9%9b%86","status":"publish","type":"post","link":"https:\/\/blog.nuface.tw\/?p=1151","title":{"rendered":"OpenVPN \u5efa\u7f6e\u7b46\u8a18(\u7b2c6\u96c6)"},"content":{"rendered":"

\u4e0a\u4e00\u96c6\u5df2\u7d93\u5b8c\u6210\u4e86VPN \u9023\u7dda\u8a2d\u5b9a\uff0c\u4e26\u6210\u529f\u9023\u7dda\u81f3VPN Server \u4e0a\uff0c\u63a5\u8457\u8981\u4f86\u8a2d\u5b9a\u5c0f\u745e\u7684\u53e6\u4e00\u53f0\u8890\u5bc6\u82b1\u5712\uff0c\u9019\u4e00\u53f0\u7684\u8a2d\u5b9a\u6703\u6bd4\u8f03\u7c21\u55ae\uff0c\u4e00\u6a23\u4f7f\u7528Linux \u4e0b\u7684 dd \u6307\u4ee4\uff0cghost \u904e\u53bb\uff0c\u518d\u8a2d\u5b9a\u76f8\u5c0d\u61c9\u7684\u7db2\u8def\uff0c\u5373\u53ef\u5b8c\u6210\u8a2d\u5b9a\u3002
\n
\n\"OpenVPN\"
\nOpenVPN: Building and Integrating Virtual Private Networks <\/a><\/p>\n

\u524d\u60c5\u63d0\u8981\uff1aOpenVPN \u5efa\u7f6e\u7b46\u8a18(\u7b2c5\u96c6)<\/a><\/p>\n

\u4f7f\u7528Xen \u505a\u4e00\u500bCentOS 5.4<\/em><\/strong><\/p>\n

\u5728\u5e95\u5c64Host OS \u4e0b\uff0c\u5efa\u7acb\u4e00\u500b\u8890\u5bc6\u82b1\u5712\uff0c\u7cfb\u7d71\u8981\u7528\u7684Logical volume\uff0cvps06LV00 20G<\/p>\n


\n[root@rico ~]#lvcreate -n vps06LV00 -L 20G \/dev\/VolGroup00
\nLogical volume \"vps06LV00\" created
\n<\/code><\/p><\/blockquote>\n

\u63a5\u8457\u8ddf\u505aOpenVPN Server \u6642\u4e00\u6a23\uff0c\u4f9d\u6a23\u756b\u846b\u8606\uff0c\u628a\u4e4b\u524d\u5df2\u7d93\u6709\u505a\u904e\u4e86\u4e00\u500bCentOS 5.4 x86_64 \u7684\u4f5c\u696d\u7cfb\u7d71\uff0c\u76f4\u63a5\u8907\u88fd\u4e00\u4efd\u3002<\/p>\n


\n[root@rico ~]# dd if=\/dev\/VolGroup00\/centos5x64 of=\/dev\/VolGroup00\/vps06LV00
\n41943040+0 records in
\n41943040+0 records out
\n21474836480 bytes (21 GB) copied, 1035.76 s, 20.7 MB\/s
\n<\/code><\/p><\/blockquote>\n

\u7de8\u5beb\u9019\u53f0\u865b\u6a5f\u7684\u555f\u52d5Script \u6a94\u6848\uff0c\u53ef\u4ee5\u7531openvpn.xen \u8907\u88fd\u904e\u53bb\u3002<\/p>\n


\n[root@rico ~]#cp openvpn.xen garden.xen
\n[root@rico ~]# vi garden.xen
\n\u4fee\u6539\u4e00\u4e0b vif \u8ddf disk \u7684\u90e8\u4efd
\n# ip 192.168.100.100 host: garden.nuface.tw vps06LV00 : 20G
\nname = \"garden\"
\nmemory = \"512\"
\nvcpus = 1
\nvif = [ 'type=bridge, bridge=virbr0' ]
\ndisk = [ 'phy:\/dev\/VolGroup00\/vps06LV00,xvda,w']
\nroot = \"\/dev\/xvda1 ro\"
\n# Sets runlevel 4.
\nextra = \"4\"
\non_poweroff = 'destroy'
\non_reboot = 'restart'
\non_crash = 'restart'
\nbootloader = \"\/usr\/bin\/pygrub\"
\nvfb = [ 'type=vnc,vncunused=1']
\n<\/code><\/p><\/blockquote>\n

\u555f\u52d5\u9019\u53f0\u865b\u6a5f\u3002<\/p>\n


\n[root@rico ~]#xm create garden.xen
\n<\/code><\/p><\/blockquote>\n

\u4f7f\u7528VNC \u65b9\u5f0f\u9023\u5165\u5e95\u5c64\u7684FC8 \u89c0\u5bdf\u958b\u6a5f\u72c0\u6cc1\u3002\u9806\u5229\u958b\u6a5f\u6210\u529f\u3002<\/p>\n

\"\u958b\u6a5f\u72c0\u6cc1\"<\/p>\n

\u7531VNC \u756b\u9762\u4e0a\u767b\u5165\u9019\u53f0\u65b0\u5efa\u7acb\u7684Garden \u865b\u6a5f\uff0c\u4fee\u6539\u7db2\u8def\u5361\u7684\u8a2d\u5b9a\u3002<\/p>\n


\n[root@garden ~]# vi \/etc\/sysconfig\/network
\nNETWORKING=yes
\nNETWORKING_IPV6=no
\nHOSTNAME=garden.nuface.tw
\nGATEWAY=192.168.100.1
\n\uff03gateway \u8a2d\u5b9a192.168.100.1 \u662fOpenVPN Server \u4e0a\u7684IP \uff0c\u8b93\u5c01\u5305\u90fd\u7531100.1 \u9019\u53f0\u8f49\u9001
\n<\/code><\/p><\/blockquote>\n

\u518d\u4fee\u6539 eth0 \u7684\u8a2d\u5b9a<\/p>\n


\n[root@garden ~]#vi \/etc\/sysconfig\/network-scripts\/ifcfg-eth0
\n# Xen Virtual Ethernet
\nDEVICE=eth0
\nBOOTPROTO=static
\n#HWADDR=00:16:3E:51:E0:58
\nIPADDR=192.168.100.100
\nNETMASK=255.255.255.0
\nONBOOT=yes
\n<\/code><\/p><\/blockquote>\n

Note\uff0c\u628aHWADDR=XX:XX:XX:XX:XX:XX Mark \u6389\uff0c\u4e0d\u8981\u6307\u5b9aHWADDR\uff0c\u7531\u5916\u5c64\u7684Host OS \u6307\u5b9a\u5373\u53ef\uff0c\u5982\u679c\u5728\u5167\u5c64\u4e5f\u6307\u5b9a\u7684\u8a71\uff0c\u5167\u5916\u5982\u679cMAC \u4e0d\u540c\uff0c\u6703\u555f\u52d5\u53e6\u4e00\u500bifconfig \u7684\u8a2d\u5b9a\uff0cIP \u5c31\u6703\u8dd1\u6389\u3002<\/p>\n

\u641e\u5b9a\u5f8c\uff0c\u91cd\u555fnetwork \u3002<\/p>\n


\n[root@garden ~]#\/etc\/init.d\/network restart
\n<\/code><\/p><\/blockquote>\n

\u5beb\u5230\u9019\u88cf\uff0c\u57fa\u672c\u4e0a\uff0c\u5c0f\u745e\u7684\u8890\u5bc6\u82b1\u5712\u5df2\u7d93\u5efa\u7f6e\u5b8c\u6210\uff0c\u63a5\u8457\u662f\u9023\u63a5\u4e0a\uff0c\u6211\u5011\u4e4b\u524d\u8a2d\u5b9aVPN Server \u3002<\/p>\n

\"\u9023\u5165vpn<\/p>\n

\"\u9023\u5165VPN<\/p>\n

\"\u9023\u5165\u6210\u529ficon\"<\/p>\n

\u9023\u5165\u6210\u529f\u5f8c\uff0c\u6b64\u6642\u6211\u5011\u4f86ping \u770b\u770b 192.168.100.100 \u662f\u5426\u53ef\u4ee5ping \u5230\u3002<\/p>\n

\"openvpn<\/p>\n

\u6210\u529f\u7684\u53ef\u4ee5ping \u5230 \u3002<\/p>\n

\u63a5\u8457\u8a66\u770b\u770b tracert \u7684\u8def\u5f91\u3002<\/p>\n

\"openvpn<\/p>\n

\u8def\u5f91\u753110.8.0.1 \u518d\u5230192.168.100.100 \uff0c\u6240\u4ee5\u6709\u6309\u7167\u6211\u5011\u7684\u9810\u671f\uff0c\u7531VPN Server \u5c07\u5c01\u5305\u8f49\u5165192.168.100.100\u3002<\/p>\n

\u63a5\u8457\u4f7f\u7528putty \u767b\u5165 192.168.100.100 <\/p>\n

\"SSH<\/p>\n

\u53ef\u4ee5\u767b\u5165\u6210\u529f\uff0c\u800c\u4e14\u8a18\u9304\u4e0a\u6b21\u767b\u5165\u7684IP \u70ba 10.8.0.6 \u70ba\u76ee\u524d\u5c0f\u745e\uff0c\u4f7f\u7528VPN \u5f8c\u53d6\u5f97\u7684IP<\/p>\n

\u555f\u52d5\u4e00\u4e0bhttpd \uff0c\u4e0d\u505a\u7279\u5225\u7684\u8a2d\u5b9a\u4e86\uff0c\u53cd\u6b63\u53ef\u4ee5\u52d5\u5c31\u597d\u4e86<\/p>\n


\n[root@garden ~]#\/etc\/init.d\/httpd start
\n<\/code><\/p><\/blockquote>\n

\u7531\u5c0f\u745e\u7684\u96fb\u8166\u767b\u5165\u4e00\u4e0b<\/p>\n

\"garden<\/p>\n

\u53ef\u4ee5\u6210\u529f\u767b\u5165\uff0c\u518d\u8a66\u4e00\u4e0b\uff0c\u5beb\u4e00\u6bb5\u5c0f\u7a0b\u5f0f<\/p>\n


\n[root@garden ~]#vi \/var\/www\/html\/test.php
\n';
\necho '\u60a8\u76ee\u524d\u767b\u5165\u7684IP\u4f4d\u7f6e\u70ba:'.$_SERVER['REMOTE_ADDR'];
\n?>
\n<\/code><\/p><\/blockquote>\n

\"garden<\/p>\n

\u7684\u78ba\uff0c\u7531\u5916\u90e8\u767b\u5165\u7684IP \u4e5f\u662f 10.8.0.6 \u9019\u500bVPN \u7db2\u6bb5\u7684IP \u3002 \u76ee\u524d\u5c0f\u745e\u539f\u672c\u8a2d\u8a08\u7684\u6e2c\u8a66\u8173\u672c\uff0c\u5df1\u5168\u90e8\u5b8c\u6210\u56c9^_^\u3002<\/p>\n

\u9084\u6709\u4e0b\u96c6\u55ce\uff1f\u55ef\uff0e\uff0e\uff0e\uff0e\u6709\u7684\u3002\u63a5\u4e0b\u4f86\u7684\u76ee\u6a19\u662f\uff0c\u70ba\u9019\u500bVPN \u505a\u4e00\u500b\u4f7f\u7528\u8005\u5e33\u865f\u5bc6\u78bc\uff0c\u767b\u5165\u4f5c\u696d\uff0c\u540c\u6642\u53ef\u4ee5\u9650\u5236\u4f7f\u7528\u8005\u7684\u767b\u5165\u6642\u9593\uff0c\u9084\u6709\u8a18\u9304\u4f7f\u7528\u8005\u7684\u767b\u5165\u6b21\u6578\u53ca\u65e5\u671f\u3002\u6c92\u8fa6\u6cd5\uff0c\u7a3d\u6838\u8981\u67e5\u9019\u4e9b\u6771\u6771\uff0c\u53ea\u597d\u505a\u7d66\u4ed6\u56c9\uff01<\/p>\n

\u7b49\u9019\u4e9b\u90fd\u505a\u5b8c\u4e86\uff0c\u4e4b\u5f8c\uff0c\u518d\u4f86\u505asite to site \u7684VPN \u56c9\uff0c\u4e00\u5207\u7684\u4e00\u5207\uff0e\uff0e\u7b49\u4e0b\u56de\u5206\u89e3\u4e86! \u5f85\u7e8c!<\/p>\n

OpenVPN \u5efa\u7f6e\u7b46\u8a18(\u7b2c7\u96c6)<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

\u4e0a\u4e00\u96c6\u5df2\u7d93\u5b8c\u6210\u4e86VPN \u9023\u7dda\u8a2d\u5b9a\uff0c\u4e26\u6210\u529f\u9023\u7dda\u81f3VPN Server \u4e0a\uff0c\u63a5\u8457\u8981\u4f86\u8a2d\u5b9a\u5c0f\u745e\u7684\u53e6\u4e00\u53f0\u8890\u5bc6\u82b1\u5712\uff0c\u9019\u4e00 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[23,24],"tags":[92,72,123,143,150,144,54],"class_list":["post-1151","post","type-post","status-publish","format-standard","hentry","category-mistech","category-mistech-net","tag-centos-5-4","tag-open-vpn","tag-openvpn","tag-ping","tag-site-to-site","tag-tracert","tag-xen"],"_links":{"self":[{"href":"https:\/\/blog.nuface.tw\/index.php?rest_route=\/wp\/v2\/posts\/1151","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.nuface.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.nuface.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.nuface.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.nuface.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1151"}],"version-history":[{"count":24,"href":"https:\/\/blog.nuface.tw\/index.php?rest_route=\/wp\/v2\/posts\/1151\/revisions"}],"predecessor-version":[{"id":1922,"href":"https:\/\/blog.nuface.tw\/index.php?rest_route=\/wp\/v2\/posts\/1151\/revisions\/1922"}],"wp:attachment":[{"href":"https:\/\/blog.nuface.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1151"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.nuface.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1151"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.nuface.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1151"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}