Muna daidaita sabar da wani ɓangare na abokin ciniki na OpenVPN a kan Windows

Pin
Send
Share
Send


OpenVPN shine ɗayan zaɓin VPN (cibiyar sadarwar masu zaman kansu ko hanyoyin sadarwar masu zaman kansu) waɗanda ke ba ku damar aiwatar da canja wurin bayanai akan tashar da aka keɓance ta musamman. Saboda haka, zaka iya haɗa kwamfutoci guda biyu ko gina cibiyar sadarwa tare da sabar da abokan ciniki da yawa. A cikin wannan labarin, zamu koyi yadda ake ƙirƙirar irin wannan sabar don saita ta.

Mun daidaita uwar garken OpenVPN

Kamar yadda aka ambata a sama, ta yin amfani da fasaha a cikin tambaya, zamu iya watsa bayanai ta hanyar hanyar sadarwa mai aminci. Wannan na iya zama musayar fayil ko samun amintaccen damar zuwa Intanet ta hanyar sabar wacce babbar hanyar ce ta kowa. Don ƙirƙirar shi, ba mu buƙatar ƙarin kayan aiki da ƙwarewa na musamman - an yi komai akan kwamfutar da aka shirya amfani da ita a sabar VPN.

Don ƙarin aiki, zai kuma zama wajibi a saita ɓangaren abokin ciniki akan injin masu amfani da hanyar sadarwa. Dukkanin aiki yana saukowa ne don ƙirƙirar maɓallan da takaddun shaida, wanda ake tura su ga abokan ciniki. Waɗannan fayilolin suna ba ku damar samun adireshin IP lokacin da kuke haɗi zuwa uwar garken kuma ƙirƙirar tashar ɓoye da aka ambata a sama. Duk bayanan da aka watsa ta hanyarta za a iya karanta ta kawai tare da maɓalli. Wannan fasalin na iya inganta tsaro da tabbatar da tsaro.

Sanya OpenVPN a kan ingin sabar

Shigarwa tsari ne na yau da kullun tare da wasu lambobi, waɗanda zamuyi magana akai dalla dalla.

  1. Mataki na farko shine zazzage shirin daga mahaɗin da ke ƙasa.

    Zazzage OpenVPN

  2. Bayan haka, gudanar da mai sakawa kuma ka shiga zuwa shafin zaɓi. Anan muna buƙatar sanya daw kusa da abu tare da sunan "EasyRSA", wanda ke ba ku damar ƙirƙira da gudanar da takardar shaidar da manyan fayiloli.

  3. Mataki na gaba shine zaɓi wuri don sanyawa. Don dacewa, sanya shirin a cikin tushen tsarin drive C :. Don yin wannan, kawai cire wuce haddi. Ya kamata ya juya

    C: OpenVPN

    Muna yin hakan ne domin gujewa fashewa yayin aiwatar da rubutun, tunda fili bai dace ba. Hakanan zaka iya, sanya su a alamomin zance, amma hankali zai iya kasawa, kuma neman kurakurai a cikin lambar ba aiki bane mai sauƙi.

  4. Bayan duk saitunan, shigar da shirin a cikin yanayin al'ada.

Saitin gefen uwar garke

Lokacin aiwatar da matakai masu zuwa, yakamata ku yi hankali kamar yadda zai yiwu. Duk wani aibi zai haifar da inoperability na uwar garke. Wani abin da ake bukata shi ne cewa asusunku yana da hakkokin mai gudanarwa.

  1. Mun je kan directory "ryada-rsa", wanda a cikin yanayinmu yana a

    C: OpenVPN sauki-rsa

    Nemo fayil ɗin vars.bat.sample.

    Sake suna dashi vars.bat (share kalmar "samfurin" tare da dot).

    Buɗe wannan fayil ɗin a cikin editan notepad ++. Wannan yana da mahimmanci, tunda wannan littafin bayanin kula yana ba ku damar shirya daidai da adana lambobin, wanda ke taimakawa don guje wa kurakurai yayin aiwatar da su.

  2. Da farko dai, muna share duk maganganun da aka nuna a cikin kore - kawai za su tayar mana da hankali. Mun sami waɗannan masu biyowa:

  3. Na gaba, canza hanyar zuwa babban fayil "ryada-rsa" wanda muka nuna yayin shigarwa. A wannan yanayin, kawai share m % Shiryawa% kuma canza shi zuwa C:.

  4. An bar sigogi huɗu masu zuwa ba a canza su ba.

  5. Sauran layin suna cike da tsari ba tare da izini ba. Misali a cikin sikirin.

  6. Ajiye file ɗin.

  7. Hakanan kuna buƙatar shirya fayiloli masu zuwa:
    • gina-ca.bat
    • gina-dh.bat
    • gina-key.bat
    • gina-key-pass.bat
    • gina-key-pkcs12.bat
    • gina-key-uwar garken.bat

    Suna buƙatar canza ƙungiyar

    budewa

    zuwa ga cikakkiyar hanya zuwa ga fayil dinta bssss.exe. Kar a manta don adana canje-canje.

  8. Yanzu bude babban fayil "ryada-rsa"matsa Canji kuma mun danna RMB akan wurin zama (babu akan fayiloli). A cikin mahallin menu, zaɓi "Buɗe umarnin taga".

    Zai fara Layi umarni tare da sauyawa zuwa shugabanci wanda aka riga an gama.

  9. Mun shigar da umarnin da ke ƙasa kuma danna Shiga.

    vars.bat

  10. Na gaba, fara wani "fayil ɗin bat".

    mai tsabta-duk.bat

  11. Maimaita umarni na farko.

  12. Mataki na gaba shine ƙirƙirar fayilolin da suka zama dole. Don yin wannan, yi amfani da umarni

    gina-ca.bat

    Bayan kisan, tsarin zai bayar don tabbatar da bayanan da muka shigar a cikin fayil ɗin vars.bat. Kawai danna 'yan lokuta Shigahar sai layin tushen ya bayyana.

  13. Irƙiri maɓallin DH ta amfani da ƙaddamar da fayil

    gina-dh.bat

  14. Muna shirya takardar shaidar don gefen uwar garke. Akwai mahimmin bayani anan. Yana bukatar sanya sunan da muka fesa a ciki vars.bat a cikin layi KEY_NAME. A cikin misalinmu, wannan Lumpics. Umurnin kamar haka:

    gina-key-server.bat Lumpics

    Anan kuma kuna buƙatar tabbatar da bayanai tare da maɓallin Shiga, ka kuma shigar da harafin sau biyu "y" (a) a inda ake buƙata (duba allo). Za'a iya rufe layin umarni.

  15. A cikin kundin bayananmu "ryada-rsa" sabon fayil tare da suna "makullin".

  16. Abubuwan da ke ciki suna buƙatar kwafa su kuma sanya shi cikin babban fayil ɗin "ssl", wanda dole ne a ƙirƙiri a cikin tushen tushen shirin.

    Fayil ɗin fayilolin bayan fayilolin da aka kwafa:

  17. Yanzu je zuwa ga shugabanci

    C: OpenVPN saitawa

    Createirƙiri daftarin rubutu anan (RMB - Kirkira - Rubutun rubutu), sake suna zuwa gare shi sabar.ovpn kuma bude a Notepad ++. Mun shigar da lambar kamar haka:

    tashar jiragen ruwa 443
    sabar udp
    dev tun
    dev-kumburi "VPN Lumpics"
    dh C: OpenVPN ssl dh2048.pem
    ca C: OpenVPN ssl ca.crt
    cert C: OpenVPN ssl Lumpics.crt
    maɓallin C: OpenVPN ssl Lumpics.key
    sabar 172.16.10.0 255.255.255.0
    max-abokan ciniki 32
    mai kiyaye 10 10
    abokin ciniki-zuwa-abokin ciniki
    comp-lzo
    nace makullin
    nace-tun
    cipher DES-CBC
    halin C: OpenVPN log status.log
    log C: OpenVPN log openvpn.log
    magana 4
    na 20

    Lura cewa sunayen takaddun shaida da makullin dole su dace da waɗanda ke cikin babban fayil ɗin "ssl".

  18. Gaba, bude "Kwamitin Kulawa" kuma tafi Cibiyar Gudanar da Hanyar hanyar sadarwa.

  19. Latsa mahadar "Canza saitin adaftar".

  20. Anan muna buƙatar nemo hanyar haɗi ta hanyar "TAP-Windows Adafta V9". Kuna iya yin wannan ta danna kan haɗin PCM kuma je zuwa kayan sa.

  21. Sake suna dashi "VPN Lumpics" ba tare da ambato ba. Wannan sunan dole yayi daidai da sigar "dev-kumburi" a fayil sabar.ovpn.

  22. Mataki na karshe shine fara sabis. Tura gajeriyar hanya Win + r, shigar da layin ƙasa, kuma latsa Shiga.

    hidimarkawa.msc

  23. Nemo sabis tare da sunan "OpenVpnShawara", danna RMB kaje kayan sa.

  24. Canjin nau'in farawa zuwa "Kai tsaye", fara sabis ɗin kuma danna Aiwatar.

  25. Idan munyi komai daidai, to ya kamata jan giciye ya shuɗe kusa da adaftar. Wannan yana nufin cewa haɗi ya shirya.

Tsarin abokin ciniki gefe

Kafin fara saitin abokin ciniki, kuna buƙatar aiwatar da matakai da yawa akan injin uwar garke - samar da makullin da takaddun shaida don daidaita haɗin.

  1. Mun je kan directory "ryada-rsa", sannan ga babban fayil "makullin" kuma buɗe fayil ɗin index.txt.

  2. Bude fayil ɗin, share duk abubuwan da ke ciki kuma adana.

  3. Koma ga "ryada-rsa" da gudu Layi umarni (SHIFT + RMB - Bude taga umarnin).
  4. Gaba, gudu vars.bat, sannan ƙirƙirar takaddar abokin ciniki.

    gina-key.bat vpn-abokin ciniki

    Wannan takardar shaida ce gama gari ga duk masarrafan da ke hanyar yanar gizo. Don haɓaka tsaro, zaku iya ƙirƙirar fayilolinku na kowace komputa, amma suna masu daban (ba "vpn-abokin ciniki", da "vpn-abokin11" da sauransu). A wannan yanayin, kuna buƙatar maimaita duk matakan, fara daga tsabtace index.txt.

  5. Mataki na ƙarshe - canja wurin fayil vpn-client.crt, vpn-abokin ciniki.key, ca.crt da dh2048.pem ga abokin ciniki. Kuna iya yin wannan ta kowace hanya da ta dace, misali, rubuta zuwa kebul na flash ɗin USB ko canja wurinsa akan hanyar sadarwa.

Aikin da za a yi a kan injin abokin ciniki:

  1. Sanya OpenVPN a hanyar da ta saba.
  2. Bude directory ɗin tare da shigarwar shirin kuma je babban fayil "daidaita". Dole ne a shigar da takardar shaida da manyan fayilolin anan.

  3. A cikin babban fayil ɗin, ƙirƙiri fayil ɗin rubutu kuma sake suna dashi saitawa.ovpn.

  4. Bude a edita kuma rubuta lambar kamar haka:

    abokin ciniki
    Resv-maimaita sakewa
    nobind
    nesa 192.168.0.15 443
    sabar udp
    dev tun
    comp-lzo
    ca ca.crt
    cert vpn-client.crt
    key vpn-abokinka.key
    dh dh2048.pem
    taso kan ruwa
    cipher DES-CBC
    mai kiyaye 10 10
    nace makullin
    nace-tun
    fi'ili 0

    A cikin layi "m" zaku iya yin rajistar adireshin IP na waje na ingin sabar - don haka mun sami damar zuwa Intanet. Idan kun bar shi kamar yadda yake, to zai yuwu kawai a haɗa zuwa sabar ta hanyar hanyar da aka ɓoye.

  5. Mun fara OpenVPN GUI a matsayin mai sarrafa ta yin amfani da gajerar hanya a kan tebur, sannan a cikin tire muka samo alamar da ta dace, danna RMB kuma zaɓi abu na farko tare da sunan Haɗa.

Wannan ya kammala saitin uwar garken OpenVPN da abokin ciniki.

Kammalawa

Tsarin rukunin cibiyar sadarwarka na VPN naka zai ba ka damar kare bayanan da aka watsa yayin da zai yiwu, haka nan kuma ka sanya hawan igiyar ruwa ta Intanet cikin tsaro. Babban abu shine yin hankali yayin kafa sabar da ɓangaren abokin ciniki, tare da matakan da suka dace, zaka iya amfani da duk fa'idodin hanyar sadarwar mai zaman kanta.

Pin
Send
Share
Send