ToB企服应用市场:ToB评测及商务社交产业平台

标题: 利用开源VPN搭建个人虚拟专用网络 [打印本页]
作者: 守听    时间: 2024-9-20 12:44
标题: 利用开源VPN搭建个人虚拟专用网络
1、引言

        想必大多数人都遇见过这个标题:在下载某些项目依赖,或者某些编程相关的工具时网速极慢,只有可怜的几十k的网速,甚至有时候只有几k,当时真有一种把电脑砸了的激动。而造成这个标题的主要缘故原由就是这些站点的服务器在国外,我们访问时自然要受到限定,那有没有办理办法呢?固然有,今天我就教你利用开源应用实现虚拟专用网络,突破访问限定,以后妈妈再也不用担心我网络限速了。
2、开源应用选择

        开源VPN很多,但是比较著名的就那么几个,比如大多数人熟知的Open VPN,但是我并不推荐利用它,因为这个应用不同版本配置都有差异,网上也充斥着很多相关的利用教程,但怎一个混乱了得,险些都是东拼西凑,而且操作极其复杂,说实话,我也没搭建乐成过,因此我选择了它——ipsec-vpn,关于这个VPN的利用可谓是简单到了极点,完满是傻瓜式安装,接下来,我就带你去安装配置这个VPN。
3、服务器配置

        首先你须要准备一台linux服务器,Ubuntu、Debian 或 CentOS都行,但必须是服务器,当地虚拟机中无法安装乐成,而且有个标题,这个应用和服务器防火墙辩论,一旦安装,服务器防火墙就会被强行关闭,傻瓜式安装就有这个标题,除非是自界说配置,安装方法也很简单,直接复制下方代码块中的命令,在服务器root用户下执行,然后遇见y/n选择就输入y回车就行,别的都不用管,很快就安装好。
  1. wget https://get.vpnsetup.net -O vpn.sh && sudo sh vpn.sh
复制代码
4、客户端搭建

        只要利用上方命令配置好服务器端后,就会自动天生一套相关的配置文件,然后利用宝塔面板或者WinSCP等下载工具将其下载到当地就能配置利用,这一套配置文件代表一个连接入口,如果须要添加或删除也可以自行操作,配置文件在root目次下,如下图所示:

4.1、Windows客户端配置

        Windows 8、10、11配置利用本方式,别的版本不支持,把.p12后缀结尾的文件生存到当地,单独放在一个文件夹里,然后天生一个纯文本文件,更改名字为:ikev2_config_import.cmd,记取一定要把整个名字修改,包罗后缀都要保持一致,然后用文本编辑器打开文件,复制下面的shell脚本命令到该文件中生存退出,将其放在.p12结尾的文件的相同文件夹下。然后右键单击生存的脚本,选择 属性。单击对话框下方的 解除锁定,然后单击 确定,固然不须要解除锁定的就不用管。接着选中cmd脚本文件,右键管理员模式运行,然后按照提示输入.p12文件的文件名,不输入后缀,如果堕落再输入后缀,输入服务器ip地点,并为连接取个名字,完成退却出,就会在电脑网络那里多出一个选项,点击就能连接VPN,再点击就断开。
  1. @echo off
  2. :: IKEv2 Configuration Import Helper Script for Windows 8, 10 and 11
  3. :: Copyright (C) 2022 Lin Song <linsongui@gmail.com>
  4. :: This work is licensed under the Creative Commons Attribution-ShareAlike 3.0
  5. :: Unported License: http://creativecommons.org/licenses/by-sa/3.0/
  6. :: Attribution required: please include my name in any derivative and let me
  7. :: know how you have improved it!
  9. setlocal DisableDelayedExpansion
  10. set "SPath=%SystemRoot%\System32"
  11. if exist "%SystemRoot%\Sysnative\reg.exe" (set "SPath=%SystemRoot%\Sysnative")
  12. set "Path=%SPath%;%SystemRoot%;%SPath%\Wbem;%SPath%\WindowsPowerShell\v1.0"
  13. set "_err====== ERROR ====="
  14. set "_work=%~dp0"
  15. if "%_work:~-1%"=="" set "_work=%_work:~0,-1%"
  17. for /f "tokens=4-5 delims=. " %%i in ('ver') do set version=%%i.%%j
  18. if "%version%" == "10.0" goto :Check_Admin
  19. if "%version%" == "6.3" goto :Check_Admin
  20. if "%version%" == "6.2" goto :Check_Admin
  21. goto :E_Win
  23. :Check_Admin
  24. reg query HKU\S-1-5-19 >nul 2>&1 || goto :E_Admin
  26. where certutil >nul 2>&1
  27. if %errorlevel% neq 0 goto :E_Cu
  28. where powershell >nul 2>&1
  29. if %errorlevel% neq 0 goto :E_Ps
  31. title IKEv2 Configuration Import Helper Script
  32. setlocal EnableDelayedExpansion
  33. cd /d "!_work!"
  34. @cls
  35. echo ===================================================================
  36. echo Welcome^^! Use this helper script to import an IKEv2 configuration
  37. echo into a PC running Windows 8, 10 or 11.
  38. echo For more details, see https://vpnsetup.net/ikev2
  39. echo.
  40. echo Before continuing, you must put the .p12 file you transferred from
  41. echo the VPN server in the *same folder* as this script.
  42. echo ===================================================================
  44. set client_name_gen=
  45. for /F "eol=| delims=" %%f in ('dir "*.p12" /A-D /B /O-D /TW 2^>nul') do (
  46.   set "p12_latest=%%f"
  47.   set "client_name_gen=!p12_latest:.p12=!"
  48.   goto :Enter_Client_Name
  49. )
  51. :Enter_Client_Name
  52. echo.
  53. echo Enter the name of the IKEv2 VPN client to import.
  54. echo Note: This is the same as the .p12 filename without extension.
  55. set client_name=
  56. set p12_file=
  57. if defined client_name_gen (
  58.   echo To accept the suggested client name, press Enter.
  59.   set /p client_name="VPN client name: [%client_name_gen%] "
  60.   if not defined client_name set "client_name=%client_name_gen%"
  61. ) else (
  62.   set /p client_name="VPN client name: "
  63.   if not defined client_name goto :Abort
  64. )
  65. set "client_name=%client_name:"=%"
  66. set "client_name=%client_name: =%"
  67. set "p12_file=%_work%\%client_name%.p12"
  68. if not exist "!p12_file!" (
  69.   echo.
  70.   echo ERROR: File "!p12_file!" not found.
  71.   echo You must put the .p12 file you transferred from the VPN server
  72.   echo in the *same folder* as this script.
  73.   goto :Enter_Client_Name
  74. )
  76. echo.
  77. echo Enter the IP address (or DNS name) of the VPN server.
  78. echo Note: This must exactly match the VPN server address in the output
  79. echo of the IKEv2 helper script on your server.
  80. set server_addr=
  81. set /p server_addr="VPN server address: "
  82. if not defined server_addr goto :Abort
  83. set "server_addr=%server_addr:"=%"
  84. set "server_addr=%server_addr: =%"
  86. set "conn_name_gen=IKEv2 VPN %server_addr%"
  87. powershell -command "Get-VpnConnection -Name '%conn_name_gen%'" >nul 2>&1
  88. if !errorlevel! neq 0 (
  89.   goto :Enter_Conn_Name
  90. )
  91. set "conn_name_gen=IKEv2 VPN 2 %server_addr%"
  92. powershell -command "Get-VpnConnection -Name '%conn_name_gen%'" >nul 2>&1
  93. if !errorlevel! neq 0 (
  94.   goto :Enter_Conn_Name
  95. )
  96. set "conn_name_gen=IKEv2 VPN 3 %server_addr%"
  97. powershell -command "Get-VpnConnection -Name '%conn_name_gen%'" >nul 2>&1
  98. if !errorlevel! equ 0 (
  99.   set conn_name_gen=
  100. )
  102. :Enter_Conn_Name
  103. echo.
  104. echo Provide a name for the new IKEv2 connection.
  105. set conn_name=
  106. if defined conn_name_gen (
  107.   echo To accept the suggested connection name, press Enter.
  108.   set /p conn_name="IKEv2 connection name: [%conn_name_gen%] "
  109.   if not defined conn_name set "conn_name=%conn_name_gen%"
  110. ) else (
  111.   set /p conn_name="IKEv2 connection name: "
  112.   if not defined conn_name goto :Abort
  113. )
  114. set "conn_name=%conn_name:"=%"
  115. powershell -command "Get-VpnConnection -Name '%conn_name%'" >nul 2>&1
  116. if !errorlevel! equ 0 (
  117.   echo.
  118.   echo ERROR: A connection with this name already exists.
  119.   goto :Enter_Conn_Name
  120. )
  122. echo.
  123. echo Importing .p12 file...
  124. certutil -f -p "" -importpfx "%p12_file%" NoExport >nul 2>&1
  125. if !errorlevel! equ 0 goto :Create_Conn
  126. echo When prompted, enter the password for client config files, which can be found
  127. echo in the output of the IKEv2 helper script on your server.
  128. :Import_P12
  129. certutil -f -importpfx "%p12_file%" NoExport
  130. if !errorlevel! neq 0 goto :Import_P12
  132. :Create_Conn
  133. echo.
  134. echo Creating VPN connection...
  135. powershell -command "Add-VpnConnection -ServerAddress '%server_addr%' -Name '%conn_name%' -TunnelType IKEv2 -AuthenticationMethod MachineCertificate -EncryptionLevel Required -PassThru"
  136. if !errorlevel! neq 0 (
  137.   echo ERROR: Could not create the IKEv2 VPN connection.
  138.   goto :Done
  139. )
  141. echo Setting IPsec configuration...
  142. powershell -command "Set-VpnConnectionIPsecConfiguration -ConnectionName '%conn_name%' -AuthenticationTransformConstants GCMAES128 -CipherTransformConstants GCMAES128 -EncryptionMethod AES256 -IntegrityCheckMethod SHA256 -PfsGroup None -DHGroup Group14 -PassThru -Force"
  143. if !errorlevel! neq 0 (
  144.   echo ERROR: Could not set IPsec configuration for the IKEv2 VPN connection.
  145.   goto :Done
  146. )
  148. echo IKEv2 configuration successfully imported^^!
  149. echo To connect to the VPN, click on the wireless/network icon in your system tray,
  150. echo select the "%conn_name%" VPN entry, and click Connect.
  151. goto :Done
  153. :E_Admin
  154. echo %_err%
  155. echo This script requires administrator privileges.
  156. echo Right-click on the script and select 'Run as administrator'.
  157. goto :Done
  159. :E_Win
  160. echo %_err%
  161. echo This script requires Windows 8, 10 or 11.
  162. echo Windows 7 users can manually import IKEv2 configuration. See https://vpnsetup.net/ikev2
  163. goto :Done
  165. :E_Cu
  166. echo %_err%
  167. echo This script requires 'certutil', which is not detected.
  168. goto :Done
  170. :E_Ps
  171. echo %_err%
  172. echo This script requires 'powershell', which is not detected.
  173. goto :Done
  175. :Abort
  176. echo.
  177. echo Abort. No changes were made.
  179. :Done
  180. echo.
  181. echo Press any key to exit.
  182. pause >nul
  183. goto :eof
复制代码
4.2、安卓客户端配置

        将.sswan结尾的文件生存到当地,然后前去下方代码块中的下载地点下载安卓开源客户端最新版本,打开应用后,单击右上角的三个点,单机导入VPN配置,在文件夹中找到.sswan结尾的文件,选中,然后点击从VPN配置中导入证书,按照提示操作,在VPN选项中一定要选择VPN,操作完就会返回界面,你就会发现界面中多了一个连接节点,点击就能连接,初次利用会有权限利用,都要同意。
  1. https://download.strongswan.org/Android/
复制代码
4.3、别的操作系统客户端配置

        关于利用苹果或linux等别的操作系统的客户端配置我就不逐一列出了,如果须要,请访问下方网址获取我的联系方式联系我,备注网络我就知道了。
  1. http://45.8.158.178/
复制代码


免责声明:如果侵犯了您的权益,请联系站长,我们会及时删除侵权内容,谢谢合作!更多信息从访问主页:qidao123.com:ToB企服之家,中国第一个企服评测及商务社交产业平台。



欢迎光临 ToB企服应用市场:ToB评测及商务社交产业平台 (https://dis.qidao123.com/) Powered by Discuz! X3.4