手动安装Scrambled VPN方法

服务器: CentOS 6 (OpenVZ)

32位下载:

wget http://liquidtelecom.dl.sourceforge.net/project/s5752/epel-release-6-8.noarch.rpm
rpm -Uvh epel-release-6-8.noarch.rpm

64位下载:

wget http://master.dl.sourceforge.net/project/s5752/64/epel-release-6-8.noarch.rpm
rpm -Uvh epel-release-6-8.noarch.rpm

安装如下:

yum upgrade
yum install autoconf.noarch automake file gcc libtool patch quilt git make rpm-build zlib-devel pam-devel openssl-devel lzo-devel
wget http://master.dl.sourceforge.net/project/s5752/openvpn-release-2.3.tar.gz
tar zxvf openvpn-release-2.3.tar.gz
wget http://master.dl.sourceforge.net/project/s5752/openvpn_xorpatch-master.tar.gz
tar zxvf openvpn_xorpatch-master.tar.gz
cp openvpn_xorpatch-master/openvpn_xor.patch openvpn-release-2.3/
cd openvpn-release-2.3/
git apply --check openvpn_xor.patch
git apply openvpn_xor.patch
cd ..
mv ./openvpn-release-2.3/ /etc/openvpn
cd /etc/openvpn/
autoreconf -i -v -f
./configure --prefix=/usr
make
make install
wget http://master.dl.sourceforge.net/project/s5752/openvpn -O /etc/rc.d/init.d/openvpn
chmod +x /etc/rc.d/init.d/openvpn
chkconfig --add openvpn
chkconfig openvpn on
chkconfig --list | grep openvpn
cd /etc/openvpn
wget http://netcologne.dl.sourceforge.net/project/s5752/easy-rsa-2.2.0_master.tar.gz
tar zxvf easy-rsa-2.2.0_master.tar.gz
cp -R easy-rsa-2.2.0_master/easy-rsa/ /etc/openvpn/
chown -R root /etc/openvpn/easy-rsa/
cd /etc/openvpn/easy-rsa/2.0/
source vars
./clean-all
./build-ca
./build-key-server server
./build-dh
./build-key client
cd /etc/openvpn/easy-rsa/2.0/keys
cp ca.crt ca.key dh1024.pem server.crt server.key /etc/openvpn
mkdir /root/client-files
cp ca.crt client.crt client.key /root/client-files
openvpn --genkey --secret /etc/openvpn/ta.key
cp /etc/openvpn/ta.key /root/client-files

编辑:

vi /root/client-files/scrambled-client.ovpn

输入如下内容:

client
dev tun
scramble obfuscate guardian
proto udp
remote 1.2.3.4 443  #换成你自己IP与端口
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
tls-auth ta.key 1
ns-cert-type server
cipher AES-256-CBC
comp-lzo
verb 3
fast-io
script-security 2

安装如下:

wget http://netcologne.dl.sourceforge.net/project/s5752/merge.sh -O /root/client-files/merge.sh
cd /root/client-files/
chmod +x /root/client-files/merge.sh
/root/client-files/merge.sh
chown root /root/client-files/scrambled-client.ovpn

编辑:

vi /etc/openvpn/server.conf

输入如下内容:

port 443
proto udp
dev tun
scramble obfuscate guardian
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
tls-auth /etc/openvpn/ta.key 0
dh /etc/openvpn/dh1024.pem
server 10.8.0.0 255.255.255.0
cipher AES-256-CBC
comp-lzo
persist-key
persist-tun
user nobody        
group openvpn    
status openvpn-status.log
verb 3
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 5 30

安装如下:

/usr/sbin/groupadd openvpn
sed -i 's/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g' /etc/sysctl.conf
sysctl -p
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o venet0 -j SNAT --to-source 1.2.3.4 #换成服务器IP
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to-source 1.2.3.4 #换成服务器IP
chkconfig --levels 235 iptables on
service iptables save
service openvpn restart


【上一篇】 【下一篇】

Posted in 教程 ,软件 | Tags: ,

0 条评论

添加评论

[ Ctrl + Enter ]


Title - Artist
0:00