这是一个创建于 3615 天前的主题,其中的信息可能已经有所发展或是发生改变。
如题
发现AnyConnect连VPN很稳定,操作也很简单。
现在我有几台国外的虚拟服务器,但不会配置...求教~
发现AnyConnect连VPN很稳定,操作也很简单。
现在我有几台国外的虚拟服务器,但不会配置...求教~
6 条回复 • 2014-12-23 15:06:07 +08:00
 |
1
felinx 2014-12-22 17:58:51 +08:00
简单的上pptp
|
 |
2
lolicon 2014-12-22 18:02:05 +08:00 via Android
现成的文章一大把,谷歌一下这么难?
|
 |
3
ooxxcc 2014-12-22 18:03:14 +08:00
google ocserv
|
 |
5
yywudi 2014-12-22 18:16:32 +08:00
ocserv
|
 |
6
icinessz 2014-12-23 15:06:07 +08:00
以下内容用于ubuntu,不包含证书生成,iptables仅为参考需要根据实际情况修改
apt-get update apt-get install build-essential autogen pkg-config apt-get install libgnutls28-dev apt-get install libprotobuf-c-dev libtalloc-dev libreadline-dev libpam0g-dev libhttp-parser-dev libpcl1-dev wget ftp://ftp.infradead.org/pub/ocserv/ocserv-0.8.8.tar.xz xz -d ocserv-0.8.8.tar.xz tar -xvf ocserv-0.8.8.tar cd ocserv-0.8.8/ ./configure --prefix=/opt/ocserv --sysconfdir=/etc make make install mkdir /etc/ocserv cp doc/sample.config /etc/ocserv/ocserv.conf vi /etc/ocserv/ocserv.conf //修改以下内容 auth = "plain[/etc/ocserv/ocpasswd]" max-same-clients = 0 server-cert = /etc/ocserv/xxxxxx.cert.pem server-key = /etc/ocserv/xxxxxx.key.pem cookie-timeout = 86400 run-as-group = nogroup default-domain = xxxxxx.com dns = 8.8.8.8 dns = 8.8.4.4 #route = 192.168.1.0/255.255.255.0 #route = 192.168.5.0/255.255.255.0 //修改以上内容 /opt/ocserv/bin/ocpasswd -c /etc/ocserv/ocpasswd xxxxxx vi /etc/init.d/ocserv //写入以下内容 #!/bin/sh ### BEGIN INIT INFO # Provides: ocserv # Required-Start: $remote_fs $syslog # Required-Stop: $remote_fs $syslog # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 ### END INIT INFO # Copyright Rene Mayrhofer, Gibraltar, 1999 # This script is distibuted under the GPL PATH=/bin:/usr/bin:/sbin:/usr/sbin:/opt/ocserv/sbin DAEMON=/opt/ocserv/sbin/ocserv PIDFILE=/var/run/ocserv.pid DAEMON_ARGS="-c /etc/ocserv/ocserv.conf" case "$1" in start) if [ ! -r $PIDFILE ]; then echo -n "Starting OpenConnect VPN Server Daemon: " start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \ $DAEMON_ARGS > /dev/null echo "ocserv." else echo -n "OpenConnect VPN Server is already running.\n\r" exit 0 fi ;; stop) echo -n "Stopping OpenConnect VPN Server Daemon: " start-stop-daemon --stop --quiet --pidfile $PIDFILE --exec $DAEMON echo "ocserv." rm -f $PIDFILE ;; force-reload|restart) echo "Restarting OpenConnect VPN Server: " $0 stop sleep 1 $0 start ;; status) if [ ! -r $PIDFILE ]; then # no pid file, process doesn't seem to be running correctly exit 3 fi PID=`cat $PIDFILE | sed 's/ //g'` EXE=/proc/$PID/exe if [ -x "$EXE" ] && [ "`ls -l \"$EXE\" | cut -d'>' -f2,2 | cut -d' ' -f2,2`" = \ "$DAEMON" ]; then # ok, process seems to be running exit 0 elif [ -r $PIDFILE ]; then # process not running, but pidfile exists exit 1 else # no lock file to check for, so simply return the stopped status exit 3 fi ;; *) echo "Usage: /etc/init.d/ocserv {start|stop|restart|force-reload|status}" exit 1 ;; esac exit 0 //写入以上内容 chmod 755 /etc/init.d/ocserv vi /etc/sysctl.conf //修改以下内容 net.ipv4.ip_forward=1 //修改以上内容 sysctl -p vi /etc/iptables //修改成以下内容 *filter -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 443 -j ACCEPT -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu COMMIT *nat -A POSTROUTING -o eth0 -j MASQUERADE COMMIT //修改成以上内容 |
Select Language