yum install -y gcc gcc-c++ openssl openssl-devel wget pam pam-devel
configure: error: lzo enabled but missing
需要手工安装lzo,yum安装的无效
wget http://www.oberhumer.com/opensource/lzo … .06.tar.gz
tar zxvf lzo-2.06.tar.gz
cd lzo-2.06
./configure --prefix=/usr/local/
make && make install
wget https://swupdate.openvpn.org/community/ … 4.6.tar.gz
tar zxf openvpn-2.4.6.tar.gz
cd openvpn-2.4.6
./configure -prefix=/etc/openvpn
make && make install
wget https://github.com/OpenVPN/easy-rsa/rel … -3.0.4.tgz
tar zxf EasyRSA-3.0.4.tgz
cp -rf EasyRSA-3.0.4 /etc/openvpn/easy-rsa
创建相关证书
# ./easyrsa init-pki #创建pki
# ./easyrsa build-ca nopass #创建ca
# ./easyrsa gen-req server nopass #创建服务端证书
# ./easyrsa sign server server #签约服务端证书
# ./easyrsa gen-dh #创建diffie-hellman文件
# ./easyrsa gen-req client #创建客户端证书
# ./easyrsa sign client client #签约客户端证书,根据提示输入服务端ca密码
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
sysctl -p
iptables -I INPUT -p udp -m udp --dport 60022 -j ACCEPT
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth1 -j MASQUERADE
service iptables save #保存防火墙配置
离线