Kuv xav qhia kuv qhov kev paub dhau los ntawm kev sib txuas cov tes hauj lwm hauv peb qhov chaw nyob deb nroog, txhua tus uas siv OpenWRT routers ua lub rooj vag, rau hauv ib qho kev sib koom tes. Thaum xaiv ib txoj hauv kev los sib txuas cov tes hauj lwm ntawm L3 nrog subnet routing thiab L2 nrog bridging, thaum tag nrho cov network nodes yuav nyob rau hauv tib lub subnet, nyiam yog muab rau tus thib ob txoj kev, uas yog nyuaj rau configure, tab sis muab lub sij hawm ntau dua, txij li thaum lub pob tshab siv thev naus laus zis tau npaj rau hauv lub network tsim Wake-on-Lan thiab DLNA.
Ntu 1: Keeb Kwm
Cov txheej txheem xaiv los ua txoj haujlwm no yog thaum xub thawj OpenVPN, vim tias, ua ntej, nws tuaj yeem tsim ib lub cuab yeej kais dej uas tuaj yeem ntxiv rau ntawm tus choj yam tsis muaj teeb meem, thiab qhov thib ob, OpenVPN Nws txhawb nqa TCP, uas kuj tseem ceeb heev, vim tsis muaj ib lub tsev twg muaj tus IP address tshwj xeeb. Kuv siv tsis tau STUN vim kuv tus ISP, vim qee qhov laj thawj, thaiv kev sib txuas UDP los ntawm nws cov tes hauj lwm. TCP tso cai rau kuv xa qhov chaw nres nkoj VPN server mus rau VPS xauj tsev siv SSH. Txawm hais tias txoj hauv kev no tsim kev siv nyiaj ntau, vim tias cov ntaub ntawv tau muab ob npaug encrypted, kuv tsis xav koom ua ke VPS rau hauv kuv lub network ntiag tug, vim muaj kev pheej hmoo ntawm cov neeg thib peb tau tswj hwm nws. Yog li ntawd, muaj lub cuab yeej zoo li no ntawm kuv lub network hauv tsev yog qhov tsis xav tau heev, yog li kuv txiav txim siab them tus nqi ntau rau kev ruaj ntseg.
Yuav xa mus rau qhov chaw nres nkoj ntawm lub router uas lub server tau npaj yuav xa mus, kuv siv qhov kev pab cuam sshtunnel. Kuv yuav tsis mus rau hauv cov ntsiab lus ntawm nws qhov kev teeb tsa - nws yooj yim heev. Kuv tsuas yog sau tseg tias nws lub hom phiaj yog xa TCP chaw nres nkoj 1194 los ntawm lub router mus rau VPS. Tom ntej no, kuv tau teeb tsa lub server. OpenVPN Ntawm lub cuab yeej tap0, uas txuas nrog lub choj br-lan. Tom qab sim qhov kev sib txuas rau lub server tshiab tsim los ntawm kuv lub laptop, nws tau pom tseeb tias lub tswv yim xa mus rau qhov chaw nres nkoj tau ua haujlwm, thiab kuv lub laptop tau dhau los ua ib tug tswv cuab ntawm lub router lub network, txawm tias nws tsis yog ib feem ntawm nws.
Tsuas muaj ib yam uas yuav tsum tau ua yog faib cov chaw nyob IP hauv cov chav tsev sib txawv kom lawv thiaj li tsis sib cav sib ceg thiab teeb tsa cov routers raws li OpenVPN-cov neeg siv khoom.
Cov nram qab no router IP chaw nyob thiab DHCP server ranges raug xaiv:
- 192.168.10.1 nrog ntau yam 192.168.10.2 - 192.168.10.80 rau lub server
- 192.168.10.100 nrog ntau yam 192.168.10.101 - 192.168.10.149 rau lub router hauv chav tsev No. 2
- 192.168.10.150 nrog ntau yam 192.168.10.151 - 192.168.10.199 rau lub router hauv chav tsev No. 3
Nws kuj tseem tsim nyog los muab cov chaw nyob no rau cov neeg siv khoom routers. OpenVPN-server, los ntawm kev ntxiv cov kab hauv qab no rau nws cov qauv:
ifconfig-pool-persist /etc/openvpn/ipp.txt 0thiab ntxiv cov kab hauv qab no rau cov ntaub ntawv /etc/openvpn/ipp.txt:
flat1_id 192.168.10.100
flat2_id 192.168.10.150
qhov twg flat1_id thiab flat2_id yog cov npe khoom siv tau teev tseg thaum tsim daim ntawv pov thawj rau kev txuas rau OpenVPN
Tom qab ntawd, cov routers tau teeb tsa. OpenVPN- cov neeg siv khoom, tap0 cov khoom siv ntawm ob qho tib si tau ntxiv rau lub choj br-lan. Thaum lub sijhawm no, txhua yam zoo li zoo, vim tias tag nrho peb lub network tuaj yeem pom ib leeg thiab ua haujlwm ua ib chav tsev. Txawm li cas los xij, ib qho kev qhia tsis zoo tshwm sim: qee zaum cov khoom siv yuav tau txais chaw nyob IP los ntawm lub router tsis raug, nrog rau txhua qhov tshwm sim tom qab. Vim li cas, lub router hauv ib lub tsev tsis teb rau DHCPDISCOVER raws sijhawm, thiab lub cuab yeej tau txais chaw nyob tsis raug. Kuv paub tias kuv xav tau lim cov kev thov zoo li no hauv tap0 ntawm txhua lub router, tab sis raws li nws tau muab tawm, iptables tsis tuaj yeem ua haujlwm nrog lub cuab yeej yog tias nws yog ib feem ntawm lub choj, yog li kuv xav tau siv ebtables. Hmoov tsis zoo, kuv lub firmware tsis suav nrog nws, yog li kuv yuav tsum rov tsim cov duab rau txhua lub cuab yeej. Tom qab ua qhov no thiab ntxiv cov kab hauv qab no rau /etc/rc.local ntawm txhua lub router, qhov teeb meem tau daws:
ebtables -A INPUT --in-interface tap0 --protocol ipv4 --ip-protocol udp --ip-destination-port 67:68 -j DROP
ebtables -A INPUT --in-interface tap0 --protocol ipv4 --ip-protocol udp --ip-source-port 67:68 -j DROP
ebtables -A FORWARD --out-interface tap0 --protocol ipv4 --ip-protocol udp --ip-destination-port 67:68 -j DROP
ebtables -A FORWARD --out-interface tap0 --protocol ipv4 --ip-protocol udp --ip-source-port 67:68 -j DROP
Qhov kev teeb tsa no tau siv sijhawm peb xyoos.
Ntu 2: Kev Paub Txog WireGuard
Nyob rau hauv internet tsis ntev los no, muaj kev sib tham ntau ntxiv txog WireGuard, qhuas nws qhov yooj yim ntawm kev teeb tsa, kev xa mus ceev, ping qis, thiab kev ruaj ntseg zoo sib xws. Kev tshawb nrhiav cov ntaub ntawv ntxiv txog nws tau qhia tias nws tsis txhawb nqa tus tswv cuab choj lossis TCP protocol txhawb nqa, uas ua rau kuv ntseeg tias tsis muaj lwm txoj hauv kev. OpenVPN rau kuv nws tseem tsis tau nyob ntawd. Yog li kuv ncua kev paub WireGuard.
Ob peb hnub dhau los, cov xov xwm tau kis mus rau hauv cov peev txheej ntsig txog IT hauv ib txoj kev lossis lwm qhov uas WireGuard thaum kawg yuav raug suav nrog hauv lub kernel Linux, pib nrog version 5.6. Cov xov xwm, ib txwm muaj, tau txais kev qhuas WireGuardKuv ib zaug ntxiv mus nrhiav txoj hauv kev los hloov qhov qub zoo OpenVPNLub sijhawm no kuv tau khiav mus rau hauv . Nws tham txog kev tsim Ethernet qhov hla L3 siv GRE. Zaj lus no muab kev cia siab rau kuv. Nws tseem tsis tau paub meej tias yuav ua li cas nrog UDP raws tu qauv. Kev tshawb nrhiav coj kuv mus rau cov lus hais txog kev siv socat ua ke nrog SSH qhov rau xa mus rau UDP chaw nres nkoj, txawm li cas los xij, lawv tau sau tseg tias txoj hauv kev no tsuas yog ua haujlwm hauv ib qho kev sib txuas, uas yog, kev ua haujlwm ntawm ntau tus neeg siv VPN yuav ua tsis tau. Kuv tuaj nrog lub tswv yim ntawm kev txhim kho VPN neeg rau zaub mov ntawm VPS thiab teeb tsa GRE rau cov neeg siv khoom, tab sis raws li nws tau muab tawm, GRE tsis txhawb kev encryption, uas yuav ua rau qhov tseeb tias yog tias peb tog tau nkag mus rau lub server. , tag nrho cov tsheb khiav ntawm kuv cov tes hauj lwm yuav nyob rau hauv lawv txhais tes, uas tsis haum kuv kiag li.
Ib zaug ntxiv, qhov kev txiav txim siab tau ua nyob rau hauv kev pom zoo ntawm redundant encryption, los ntawm kev siv VPN hla VPN siv cov txheej txheem hauv qab no:
Qib XNUMX VPN:
VPS nws yog neeg rau zaub mov nrog qhov chaw nyob sab hauv 192.168.30.1
MS nws yog tus neeg siv khoom VPS nrog qhov chaw nyob sab hauv 192.168.30.2
MK2 nws yog tus neeg siv khoom VPS nrog qhov chaw nyob sab hauv 192.168.30.3
MK3 nws yog tus neeg siv khoom VPS nrog qhov chaw nyob sab hauv 192.168.30.4
Qib thib ob VPN:
MS nws yog neeg rau zaub mov nrog qhov chaw nyob sab nraud 192.168.30.2 thiab sab hauv 192.168.31.1
MK2 nws yog tus neeg siv khoom MS nrog qhov chaw nyob 192.168.30.2 thiab muaj tus IP sab hauv 192.168.31.2
MK3 nws yog tus neeg siv khoom MS nrog qhov chaw nyob 192.168.30.2 thiab muaj tus IP sab hauv 192.168.31.3
* MS - router-server hauv chav tsev 1, MK2 - router hauv chav tsev 2, MK3 - router hauv chav tsev 3
* Kev teeb tsa cov cuab yeej raug luam tawm hauv qhov spoiler thaum kawg ntawm tsab xov xwm.
Thiab yog li ntawd, pings tab tom khiav ntawm lub network nodes 192.168.31.0/24, nws yog lub sijhawm txav mus los teeb tsa GRE qhov. Ua ntej no, txhawm rau kom tsis txhob plam kev nkag mus rau routers, nws tsim nyog teeb tsa SSH tunnels xa mus rau chaw nres nkoj 22 mus rau VPS, yog li ntawd, piv txwv li, router los ntawm chav tsev 10022 yuav nkag tau rau ntawm qhov chaw nres nkoj 2 ntawm VPS, thiab cov routers. router los ntawm chav tsev 11122 yuav nkag tau rau ntawm qhov chaw nres nkoj 3 router los ntawm chav tsev XNUMX. Nws yog qhov zoo tshaj rau kev teeb tsa kev xa mus siv tib lub sshtunnel, vim nws yuav rov qab los ntawm qhov av yog tias nws ua tsis tiav.
Lub qhov tau teeb tsa, koj tuaj yeem txuas rau SSH ntawm qhov chaw nres nkoj xa mus:
ssh root@МОЙ_VPS -p 10022Ua ntej koj yuav tsum tshem tawm OpenVPN:
/etc/init.d/openvpn stopTam sim no cia peb teeb tsa GRE qhov ntawm lub router los ntawm chav tsev 2:
ip link add grelan0 type gretap remote 192.168.31.1 local 192.168.31.2
ip link set grelan0 up
Thiab ntxiv cov tsim interface rau tus choj:
brctl addif br-lan grelan0
Cia peb ua cov txheej txheem zoo sib xws ntawm lub server router:
ip link add grelan0 type gretap remote 192.168.31.2 local 192.168.31.1
ip link set grelan0 up
Thiab tseem ntxiv cov tsim interface rau tus choj:
brctl addif br-lan grelan0
pib ntawm lub sijhawm no, pings pib ua tiav mus rau lub network tshiab thiab kuv, nrog kev txaus siab, mus haus kas fes. Tom qab ntawd, txhawm rau ntsuas seb lub network ua haujlwm li cas ntawm lwm qhov kawg ntawm kab, kuv sim SSH rau hauv ib qho ntawm cov khoos phis tawj hauv chav tsev 2, tab sis tus neeg siv khoom ssh khov yam tsis tau hais kom tus password. Kuv tab tom sim txuas rau lub khoos phis tawj no ntawm telnet ntawm qhov chaw nres nkoj 22 thiab kuv pom ib txoj kab uas kuv tuaj yeem nkag siab tias qhov kev sib txuas tau tsim, SSH server tau teb, tab sis rau qee yam nws tsuas yog tsis ua rau kuv nkag mus. hauv.
$ telnet 192.168.10.110 22
SSH-2.0-OpenSSH_8.1
Kuv tab tom sim txuas rau nws ntawm VNC thiab pom lub vijtsam dub. Kuv ntseeg kuv tus kheej tias qhov teeb meem yog nrog lub khoos phis tawj tej thaj chaw deb, vim tias kuv tuaj yeem txuas tau yooj yim mus rau router los ntawm chav tsev no siv qhov chaw nyob sab hauv. Txawm li cas los xij, kuv txiav txim siab txuas mus rau SSH ntawm lub khoos phis tawj no los ntawm router thiab kuv xav tsis thoob thaum pom tias kev sib txuas ua tiav, thiab lub khoos phis tawj tej thaj chaw deb ua haujlwm zoo ib txwm, tab sis nws kuj tsis tuaj yeem txuas rau kuv lub computer.
Kuv coj lub cuab yeej grelan0 tawm ntawm tus choj thiab khiav nws OpenVPN Ntawm lub router hauv chav tsev 2, kuv tau lees tias lub network ua haujlwm zoo dua thiab kev sib txuas tsis poob. Thaum kuv tshawb nrhiav, kuv pom cov rooj sib tham uas tib neeg tau yws txog tib yam teeb meem, thiab qhov chaw uas lawv tau qhia kom nce MTU. Tsis ntev tom qab ntawd ua tiav. Txawm li cas los xij, txog thaum MTU tau teeb tsa siab txaus - 7000 rau cov khoom siv gretap - kuv tau ntsib kev poob qis TCP kev sib txuas lossis kev hloov pauv qeeb. Vim yog MTU siab rau gretap, MTU rau kev sib txuas WireGuard Cov theem thawj thiab theem ob tau teeb tsa ntawm 8000 thiab 7500 raws li.
Kuv tau ua ib qho kev teeb tsa zoo sib xws ntawm lub router los ntawm chav tsev 3, nrog qhov sib txawv tsuas yog tias qhov thib ob gretap interface npe hu ua grelan1 tau ntxiv rau lub server router, uas kuj tau ntxiv rau br-lan choj.
Txhua yam ua haujlwm. Tam sim no koj tuaj yeem muab lub rooj sib txoos gretap rau hauv kev pib. Rau qhov no:
Kuv muab cov kab no tso rau hauv /etc/rc.local ntawm lub router hauv chav tsev 2:
ip link add grelan0 type gretap remote 192.168.31.1 local 192.168.31.2
ip link set dev grelan0 mtu 7000
ip link set grelan0 up
brctl addif br-lan grelan0
Ntxiv qhov no rau /etc/rc.local ntawm lub router hauv chav tsev 3:
ip link add grelan0 type gretap remote 192.168.31.1 local 192.168.31.3
ip link set dev grelan0 mtu 7000
ip link set grelan0 up
brctl addif br-lan grelan0
Thiab ntawm lub server router:
ip link add grelan0 type gretap remote 192.168.31.2 local 192.168.31.1
ip link set dev grelan0 mtu 7000
ip link set grelan0 up
brctl addif br-lan grelan0
ip link add grelan1 type gretap remote 192.168.31.3 local 192.168.31.1
ip link set dev grelan1 mtu 7000
ip link set grelan1 up
brctl addif br-lan grelan1
Tom qab rov pib dua cov neeg siv khoom routers, kuv pom tias vim li cas lawv tsis txuas rau lub server. Tom qab txuas rau lawv SSH (ua tsaug, kuv tau teeb tsa sshtunnel rau qhov no ua ntej), kuv pom tias WireGuard Vim li cas los xij, nws tsim ib txoj kev rau qhov kawg, tab sis nws tsis yog. Piv txwv li, rau 192.168.30.2, lub rooj qhia txoj kev tau teev ib txoj kev los ntawm pppoe-wan interface, piv txwv li, los ntawm internet, txawm hais tias txoj kev mus rau nws yuav tsum tau raug coj los ntawm wg0 interface. Tom qab rho tawm txoj kev no, kev sib txuas tau rov qab los. Kuv puas tuaj yeem nrhiav cov lus qhia nyob qhov twg txog yuav ua li cas yuam WireGuard Kuv tsis tuaj yeem zam kev tsim cov kev no. Ntxiv mus, kuv tsis nkag siab tias qhov no yog ib qho ntawm OpenWRT lossis ntawm WireGuardTsis tas siv sijhawm ntau los xam qhov teeb meem, kuv tsuas ntxiv ib kab rau daim ntawv sau raws li lub sijhawm ntawm ob lub routers uas tshem tawm txoj kev no:
route del 192.168.30.2
Xaus rau
Kev tsis lees txais tag nrho OpenVPN Kuv tseem tsis tau ua tiav qhov no, vim tias qee zaum kuv yuav tsum txuas rau lub network tshiab los ntawm lub laptop lossis xov tooj, thiab kev teeb tsa lub cuab yeej gretap rau lawv feem ntau tsis yooj yim sua. Txawm li cas los xij, txawm tias qhov no, kuv tau txais qhov zoo dua hauv kev hloov pauv cov ntaub ntawv ntawm cov chav tsev, thiab siv VNC, piv txwv li, tam sim no tsis muaj teeb meem. Ping tau txo qis me ntsis tab sis ruaj khov dua:
Thaum siv OpenVPN:
[r0ck3r@desktop ~]$ ping -c 20 192.168.10.110
PING 192.168.10.110 (192.168.10.110) 56(84) bytes of data.
64 bytes from 192.168.10.110: icmp_seq=1 ttl=64 time=133 ms
...
64 bytes from 192.168.10.110: icmp_seq=20 ttl=64 time=125 ms
--- 192.168.10.110 ping statistics ---
20 packets transmitted, 20 received, 0% packet loss, time 19006ms
rtt min/avg/max/mdev = 124.722/126.152/136.907/3.065 ms
Thaum siv WireGuard:
[r0ck3r@desktop ~]$ ping -c 20 192.168.10.110
PING 192.168.10.110 (192.168.10.110) 56(84) bytes of data.
64 bytes from 192.168.10.110: icmp_seq=1 ttl=64 time=124 ms
...
64 bytes from 192.168.10.110: icmp_seq=20 ttl=64 time=124 ms
--- 192.168.10.110 ping statistics ---
20 packets transmitted, 20 received, 0% packet loss, time 19003ms
rtt min/avg/max/mdev = 123.954/124.423/126.708/0.675 ms
Nws cuam tshuam ntau dua los ntawm qhov siab ping rau VPS, uas yog kwv yees li 61.5 ms
Txawm li cas los xij, qhov ceev tau nce ntxiv ntau heev. Yog li, hauv lub tsev nrog lub router-server, kuv muaj kev sib txuas hauv internet ceev ntawm 30 Mbps, thiab hauv lwm lub tsev nws yog 5 Mbps. Ntxiv mus, thaum siv OpenVPN Kuv tsis tuaj yeem ua tiav qhov ceev ntawm kev xa cov ntaub ntawv ntawm cov tes hauj lwm ntau dua 3,8 Mbps raws li kev nyeem ntawv iperf, thaum WireGuard "pumped" nws mus txog tib yam 5 Mbit / sec.
Configuration WireGuard ntawm VPS[Interface]
Address = 192.168.30.1/24
ListenPort = 51820
PrivateKey = <ЗАКРЫТЫЙ_КЛЮЧ_ДЛЯ_VPS>
[Cov phooj ywg]
PublicKey = <VPN_1_MS_PUBLIC_KEY>
AllowedIPs = 192.168.30.2/32
[Cov phooj ywg]
PublicKey = <VPN_2_MK2_PUBLIC_KEY>
AllowedIPs = 192.168.30.3/32
[Cov phooj ywg]
PublicKey = <VPN_2_MK3_PUBLIC_KEY>
AllowedIPs = 192.168.30.4/32
Configuration WireGuard ntawm MS (ntxiv rau /etc/config/network)
#VPN первого уровня - клиент
config interface 'wg0'
option proto 'wireguard'
list addresses '192.168.30.2/24'
option private_key 'ЗАКРЫТЫЙ_КЛЮЧ_VPN_1_МС'
option auto '1'
option mtu '8000'
config wireguard_wg0
option public_key 'ОТКРЫТЫЙ_КЛЮЧ_VPN_1_VPS'
option endpoint_port '51820'
option route_allowed_ips '1'
option persistent_keepalive '25'
list allowed_ips '192.168.30.0/24'
option endpoint_host 'IP_АДРЕС_VPS'
#VPN второго уровня - сервер
config interface 'wg1'
option proto 'wireguard'
option private_key 'ЗАКРЫТЫЙ_КЛЮЧ_VPN_2_МС'
option listen_port '51821'
list addresses '192.168.31.1/24'
option auto '1'
option mtu '7500'
config wireguard_wg1
option public_key 'ОТКРЫТЫЙ_КЛЮЧ_VPN_2_МК2'
list allowed_ips '192.168.31.2'
config wireguard_wg1ip link add grelan0 type gretap remote 192.168.31.1 local 192.168.31.3
option public_key 'ОТКРЫТЫЙ_КЛЮЧ_VPN_2_МК3'
list allowed_ips '192.168.31.3'
Configuration WireGuard ntawm MK2 (ntxiv rau /etc/config/network)
#VPN первого уровня - клиент
config interface 'wg0'
option proto 'wireguard'
list addresses '192.168.30.3/24'
option private_key 'ЗАКРЫТЫЙ_КЛЮЧ_VPN_1_МК2'
option auto '1'
option mtu '8000'
config wireguard_wg0
option public_key 'ОТКРЫТЫЙ_КЛЮЧ_VPN_1_VPS'
option endpoint_port '51820'
option persistent_keepalive '25'
list allowed_ips '192.168.30.0/24'
option endpoint_host 'IP_АДРЕС_VPS'
#VPN второго уровня - клиент
config interface 'wg1'
option proto 'wireguard'
option private_key 'ЗАКРЫТЫЙ_КЛЮЧ_VPN_2_МК2'
list addresses '192.168.31.2/24'
option auto '1'
option listen_port '51821'
option mtu '7500'
config wireguard_wg1
option public_key 'ОТКРЫТЫЙ_КЛЮЧ_VPN_2_МС'
option endpoint_host '192.168.30.2'
option endpoint_port '51821'
option persistent_keepalive '25'
list allowed_ips '192.168.31.0/24'
Configuration WireGuard ntawm MK3 (ntxiv rau /etc/config/network)
#VPN первого уровня - клиент
config interface 'wg0'
option proto 'wireguard'
list addresses '192.168.30.4/24'
option private_key 'ЗАКРЫТЫЙ_КЛЮЧ_VPN_1_МК3'
option auto '1'
option mtu '8000'
config wireguard_wg0
option public_key 'ОТКРЫТЫЙ_КЛЮЧ_VPN_1_VPS'
option endpoint_port '51820'
option persistent_keepalive '25'
list allowed_ips '192.168.30.0/24'
option endpoint_host 'IP_АДРЕС_VPS'
#VPN второго уровня - клиент
config interface 'wg1'
option proto 'wireguard'
option private_key 'ЗАКРЫТЫЙ_КЛЮЧ_VPN_2_МК3'
list addresses '192.168.31.3/24'
option auto '1'
option listen_port '51821'
option mtu '7500'
config wireguard_wg1
option public_key 'ОТКРЫТЫЙ_КЛЮЧ_VPN_2_МС'
option endpoint_host '192.168.30.2'
option endpoint_port '51821'
option persistent_keepalive '25'
list allowed_ips '192.168.31.0/24'
Hauv cov kev teeb tsa piav qhia rau VPN theem ob, kuv qhia rau cov neeg siv khoom WireGuard Chaw nres nkoj 51821. Qhov no tsis tas yuav tsum muaj, vim tias tus neeg siv khoom yuav tsim kev sib txuas los ntawm txhua qhov chaw nres nkoj dawb, tsis muaj cai, tab sis kuv tau ua nws li no kom kuv thiaj li tsis lees paub txhua qhov kev sib txuas ntawm wg0 interfaces ntawm txhua lub routers, tshwj tsis yog kev sib txuas UDP nkag mus rau chaw nres nkoj 51821.
Kuv vam tias tsab xov xwm yuav muaj txiaj ntsig rau ib tus neeg.
PS Tsis tas li ntawd, kuv xav qhia kuv tsab ntawv uas xa kuv PUSH ceeb toom rau kuv lub xov tooj hauv daim ntawv thov WirePusher thaum lub cuab yeej tshiab tshwm hauv kuv lub network. Nov yog qhov txuas rau tsab ntawv: .
Hloov tshiab: Configuration OpenVPN-cov neeg rau zaub mov thiab cov neeg siv khoom
OpenVPN- server
client-to-client
ca /etc/openvpn/server/ca.crt
cert /etc/openvpn/server/vpn-server.crt
dh /etc/openvpn/server/dh.pem
key /etc/openvpn/server/vpn-server.key
dev tap
ifconfig-pool-persist /etc/openvpn/ipp.txt 0
keepalive 10 60
proto tcp4
server-bridge 192.168.10.1 255.255.255.0 192.168.10.80 192.168.10.254
status /var/log/openvpn-status.log
verb 3
comp-lzoOpenVPN-tus neeg siv khoom
client
tls-client
dev tap
proto tcp
remote VPS_IP 1194 # Change to your router's External IP
resolv-retry infinite
nobind
ca client/ca.crt
cert client/client.crt
key client/client.key
dh client/dh.pem
comp-lzo
persist-tun
persist-key
verb 3 Kuv siv yooj yim-rsa los tsim daim ntawv pov thawj
Tau qhov twg los: www.hab.com
