因為 Server 與 Server 的聯繫要透過 OpenVPN 所以有這個需求, 本來以為可能要花一些時間寫 script , 測試結果發現非常簡單就可以搞定.
安裝 OpenVPN 套件
sudo apt update
sudo apt install openvpn -y
設定 OpenVPN Client
先透過 OpenVPN Server 取得到相關的憑證設定檔, Exp. amalia_gpu.ovpn
將取得的 amalia_gpu.ovpn 放入 /etc/openvpn/ 內
root@amalia:/etc/openvpn# pwd
/etc/openvpn
root@amalia:/etc/openvpn# ls
amalia_gpu.ovpn client server update-resolv-conf
透過手動命令列方式來確認是否設定檔都正確 openvpn –config amalia_gpu.ovpn
root@amalia:/etc/openvpn# openvpn –config amalia_gpu.ovpn
Jun 2 19:18:20 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Mar 22 2022
Jun 2 19:18:20 library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10
Jun 2 19:18:20 Outgoing Control Channel Authentication: Using 256 bit message hash ‘SHA256’ for HMAC authentication
Jun 2 19:18:20 Incoming Control Channel Authentication: Using 256 bit message hash ‘SHA256’ for HMAC authentication
:
:
Jun 2 19:18:23 /sbin/ip route add 10.20.0.0/24 via 10.121.101.73
Jun 2 19:18:23 /sbin/ip route add 10.50.1.0/24 via 10.121.101.73
Jun 2 19:18:23 /sbin/ip route add 10.121.101.0/24 via 10.121.101.73
將 範例的 amalia_gpu.ovpn 改成 client.conf 然後將 openvpn 服務啟動就會自動連上
cp amalia_gpu.ovpn client.conf
設定開機自動連上去 VPN Server
sudo vi /etc/default/openvpn
:
AUTOSTART=”all”
:
sudo systemctl enable openvpn@client.service
sudo systemctl daemon-reload
sudo service openvpn@client start
確認連上 OpenVPN Server 所取得的 IP
ip a | grep tun
結果如下
root@amalia:/etc/openvpn# ip a | grep tun
11: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 100
inet 10.121.101.74 peer 10.121.101.73/32 scope global tun0
可知道 openvpn 取得到的 ip 是 10.121.101.74
取消與關閉 openvpn
sudo service openvpn@client stop
sudo systemctl disable openvpn@client.service
sudo systemctl daemon-reload
確認已經沒有連上 OpenVPN Server 所取得的 IP
ip a | grep tun
結果應該不會出現任何 ip