如果 VPN 的使用者不多,又不想花太多的時間安裝及設定 OpenVPN 或是 OpenConnect,則可以考慮改用 OpenVPN Access Server,底下簡稱 OpenVPN AS。
OpenVPN AS 是由開發 OpenVPN 的公司所開發的商業性版本,提供了簡單的 Web 設定介面,安裝完成之後幾乎就已經設定完成,防火牆的部分也會自動完成,非常容易使用,但免費的版本,只能同時提供二個 Client 端連線。
Access Server Overview 官方網站:
https://openvpn.net/index.php/access-server/overview.html[@more@]支援的作業系統版本
CentOS
6.x
http://swupdate.openvpn.org/as/openvpn-as-2.1.4-CentOS6.i386.rpm
http://swupdate.openvpn.org/as/openvpn-as-2.1.4-CentOS6.x86_64.rpm
7.x
http://swupdate.openvpn.org/as/openvpn-as-2.1.4-CentOS7.x86_64.rpm
Ubuntu 16.04
http://swupdate.openvpn.org/as/openvpn-as-2.1.4b-Ubuntu16.i386.deb
http://swupdate.openvpn.org/as/openvpn-as-2.1.4b-Ubuntu16.amd_64.deb
Debian 8
http://swupdate.openvpn.org/as/openvpn-as-2.1.4-Debian8.i386.deb
http://swupdate.openvpn.org/as/openvpn-as-2.1.4-Debian8.amd_64.deb
3. 進行下載及安裝,以 CentOS 7.3 1611 x64 為例
# wget http://swupdate.openvpn.org/as/openvpn-as-2.1.4-CentOS7.x86_64.rpm
4. 進行安裝
# rpm -ivh openvpn-as-2.1.4-CentOS7.x86_64.rpm
The Access Server has been successfully installed in /usr/local/openvpn_as
Configuration log file has been written to /usr/local/openvpn_as/init.log
Please enter “passwd openvpn” to set the initial
administrative password, then login as “openvpn” to continue
configuration here: https://192.168.131.219:943/admin
To reconfigure manually, use the /usr/local/openvpn_as/bin/ovpn-init tool.
Access Server web UIs are available here:
Admin UI: https://192.168.131.219:943/admin
Client UI: https://192.168.131.219:943/
192.168.131.219 是安裝時的主機 IP
5. 系統新增二個帳號
# tail -2 /etc/passwd
openvpn:x:1000:1000::/home/openvpn:/sbin/nologin
openvpn_as:x:1001:1001::/home/openvpn_as:/sbin/nologin
6. 設定 openvpn 管理帳號的密碼
# passwd openvpn
更改使用者 openvpn 的密碼。
新 密碼:
再次輸入新的 密碼:
passwd:所有驗證 token 都已成功更新。