1/ Server 端

ECS - firewall - 开启对应的管理口、HTTPS 和 UDP
ECS - 1panel - app - openvpn

1.1 VPN Server

  • Network Settings - Server Address - [IP PUBLIC ADDRESS]
  • Network Settings - OpenVPN deamons- [custom udp/tcp ports]
  • Subnets -Default client address pool - [127.27.224.0/20]
  • Subnets -Default group address pool - [127.27.224.0/24]

1.2 Users

  • [Username] - User Settings - Permissions -Allow Auto-login - [Enabled]
  • [Username] - User Settings - Networking -Configure VPN gateway - [Enabled] - [192.168.88.0/24 10.0.0.0/24]

1.3 Access Controls

  • Global Access Rules - [NAT] - [192.168.88.0/24 10.0.0.0/24 172.27.240.0/24 172.18.0.0/16]
    172.18.0.0/16 - 1PANEL - DOCKER IP RANGE
  • Internet Access and DNS - Push DNS [On] - Select DNS Servers - [Custom]- [223.5.5.5 223.6.6.6]
  • Global InterClient Communication - Allow user-to-user connections [On] -Allow client access to services on the VPN network.[On]

1.4 Certificate Management
-VPN Client Certificates - [CREATE 2]

2/ Client Home OPENWRT

2.1 安装OpenVPN
2.2 接口-vpn-tun0
2.3 firewall - 允许转发 -lan10/lan88 等
2.4 OpenVPN - 新建配置-upload XXX.ovpn-开启-运行

3/ Client Laptop

3.1 安装OpenVPN
3.2 Upload YYY.ovpn

4/ 注意看下ovpn 文件里的 配置,特别是IP和端口

标签: none

评论已关闭