logo

百度智能云 在Linux客户端中使用SSL-VPN

作者:ACG马鹏程2023.03.09 20:32浏览量:353

简介:百度智能云 在Linux客户端中使用SSL-VPN

1. 客户端环境

参数 说明
操作系统版本 CentOS Linux release 7.9.2009 (Core)
内核版本 3.10.0-1160.80.1.el7.x86_64

2. 编写配置文件

openvpn客户端配置文件格式是固定的,如下所示

client
dev tun
proto udp
remote 120.48.178.170 1194

cipher AES-256-CBC
auth SHA512
auth-nocache
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256

resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
verb 3
auth-user-pass
comp-lzo

<ca>
-----BEGIN CERTIFICATE-----
MIIDNTCCAh2gAwIBAgIJAKNPT/ceHhAJMA0GCSqGSIb3DQEBCwUAMBYxFDASBgNV
BAMTC2Nsb3VkLmJhaWR1MB4XDTIxMTAxODA4NDM1MloXDTMxMTAxNjA4NDM1Mlow
FjEUMBIGA1UEAxMLY2xvdWQuYmFpZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQDibfsHiKalflniKqvSnczk6DLIfqP72xuEPTLTs5SFpUW2Nowl1z6r
e2a6m9LWA5+/NxWDKEPXWfRiGbpBGrpZev2DY4cAdhVE7PH/7BP0T88ZMRzRHr9G
n/p7Me8HTRJYpSfst0geOScLzrqcx/DPBTPcBYkpdVDwRPvCTsXgXMAxuax3+THq
co6tIfPulUF3o/jmFDclg22gg0E5tE169c8p26wloA7drUSg6eZaDVgPscS3EBnh
rjRzjAnlffAwRKymIu3Evu9fpuWVuFiXfHlTaMbhBC4Ep7Ai01esRs5G3OKqbnbN
UveZHn3kxztauO0IKgGjS/Ud+BXVSIcDAgMBAAGjgYUwgYIwHQYDVR0OBBYEFKRF
Qt9McosXQKtLWl6ydT2oaoJWMEYGA1UdIwQ/MD2AFKRFQt9McosXQKtLWl6ydT2o
aoJWoRqkGDAWMRQwEgYDVQQDEwtjbG91ZC5iYWlkdYIJAKNPT/ceHhAJMAwGA1Ud
EwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAEXng1Xema
889eTtdCTHQjSL5CH6s+sFqrjEtKtxAoLYoRfnNZTCauF0T1y7F40QiwYEHIqdKb
aOW5VK6A7/vpdeC04lf3WtIlFDWBXas3GtLpfvMQajPAxCpBLRLXKBVGHRx5kSYG
vCswHVyvBt9LEEbSNIbF8HqT2BwzaLONtDBxhaKNH1d7vzaCJ09fYyFwQ1k4fXCM
nVLT6/w4lBgQUvV/kW7NHay02sWo55WBZgnw/t0ZUYHd6HbZGqqv8KFtxbw+gvct
zJF2so/Gje/DITu6zgoaTtlY+6TIEKG8fAhXltKF05tiyFY7x4ScpC+G3LUqSkeX
ySqiXdLq9cuO
-----END CERTIFICATE-----
</ca>

将上述内容保存到文件中,文件的扩展名为『.ovpn』,例如我本地的ssl-vpn配置文件。
viCoDeH8S2Snw6eQ.jpg

3. 客户端安装步骤

如果您正在运行 Red Hat Enterprise Linux 或其克隆版,则需要先安装 Fedora EPEL 存储库和 yum copr 模块

yum install yum-plugin-copr

yum install openvpn

4. 启动OpenVPN进程

[root@iZ2ze4my24bpsx81wenzfjZ ~]# openvpn --client --config client.ovpn --daemon ssl-vpn
Enter Auth Username: mapengcheng02
Enter Auth Password: *********

5. 检查是否连接成功

执行ifconfig检查虚拟网络接口是否创建成功
viCoDeH8S2Snw6eQ.jpg

执行route -n检查云上的网段是否自动生成
viCoDeH8S2Snw6eQ.jpg

访问云上资源检查连通性
viCoDeH8S2Snw6eQ.jpg

相关文章推荐

发表评论