Ungayakha kanjani i-server yakho ye-VPN ku-Ubuntu, Debian naku-CentOS

Ngezinguquko eziqhubekayo zedolobha nezwe engibe nazo muva nje, kuye kwadingeka ngisebenzise amanethiwekhi amaningi we-Wi-Fi wamahhala (noma manje ngixhumekile kusuka ku-wifi engithole ukhiye wokubonga kuyo I-Aircrack-ng, i-Airmon-ng, i-airdump-ng, i-aireplay-ng ezazivele zifakiwe ku-Kali Linux), Inkinga ukuthi lokhu kuxhumana kungafaka imininingwane yami engozini futhi asazi ukuthi ngubani ongaxhunywa futhi angenze ngazi kwinethiwekhi. Isixazululo sale nkinga ukuthi senziwa kudala ngu masisebenzise i-linux en Ungasesha kanjani ngokuphepha kumanethiwekhi we-Wi-Fi avulekile, kodwa kukhona futhi nethuba lokuyixazulula usebenzisa i-VPN, okukhona kuyo abaningi mahhala futhi abakhokhelwayo okulula ukuyisebenzisa nokuyifaka, ngayinye inezinzuzo nezingozi zayo, kodwa futhi yakha iseva yethu ye-VPN ku-Ubuntu, Debian naseCentos.

Ngifuna ikhambi lale nkinga futhi ngibeka phambili ukusebenzisa i-VPN ezonginika ezinye izinzuzo, ngikwazile ukuthola umbhalo osivumela ukuthi sakhe iseva ye-VPN ngokuzenzakalela ngokuxhumana okuncane nomsebenzisi.

I-cta nordvpn

Uyini umbhalo wokumiswa kweseva?

Kuyinto a iskripthi seShell evumela lungiselela ngokuzenzakalela iseva ye-VPN nge-IPsec ku-Ubuntu, i-Debian ne-CentOS ngokushesha futhi kalula, plus isekela imigomo ye-IPsec / L2TP ne-Cisco IPsec. Umsebenzisi udinga kuphela ukuhlinzeka ngemininingwane yakhe ye-VPN bese uvumela iskripthi senze okunye.

Iseva I-VPN ngaphezulu kwe-IPsec Ibhala ngemfihlo ithrafikhi yenethiwekhi, ukuze idatha ingabekwa phansi ngenkathi kukhona ukuxhumana phakathi komsebenzisi neseva ye-VPN. Lokhu kuyasiza kakhulu uma usebenzisa amanethiwekhi angavikelekile, isibonelo ezitolo zekhofi, ezikhumulweni zezindiza, noma emakamelweni ehhotela.

Iskripthi sisebenzisa ILibreswan okuwukuqalisa kwe- IPsec yeLinux lembil yini a Umhlinzeki we-L2TP.

Iskripthi singasetshenziswa kunoma iyiphi iseva ezinikele noma i-Virtual Private Server (VPS). Ngaphezu kwalokho, ingasetshenziswa ngqo njenge- "idatha yomsebenzisi" ye- I-Amazon EC2 ngokwethulwa kwesimo esisha, lesi sici sikwenza kube kuhle ngoba singivumela ukuthi ngisebenzise i-VPN nganoma yisiphi isikhathi futhi ingisize ngisebenzise ithuba lokunikezwa kwe-Amazon konyaka owodwa mahhala ku-VPS yabo.

Izici ze-VPN ngaphezulu kweskripthi sokumiswa kweseva se-IPsec

  • Ukumiswa kwe-VPN ezenzakalelayo ngokuphelele kuseva ye-IPsec, ngaphandle kokungenelela komsebenzisi
  • Isekela umthetho olandelwayo osheshayo IPsec/XAuth ("Cisco IPsec")
  • Kuyatholakala Isithombe se-Docker kusuka kuseva ye-VPN
  • Ifaka phakathi yonke i-VPN traffic ku-UDP - ESP protocol ayidingeki
  • Ingasetshenziswa ngqo njenge "datha yomsebenzisi" yezimo ezintsha ze-Amazon EC2
  • Nquma ngokuzenzakalela i-IP Yomphakathi ne-IP yangasese yeseva
  • Kufaka imithetho eyisisekelo ye-IPTables futhi ikuvumela ukuthi ulungise i- sysctl.conf
  • Kuhlolwe ku-Ubuntu 16.04 / 14.04 / 12.04, i-Debian 8 ne-CentOS 6 & 7

I-VPN ngaphezulu kwezidingo zesikripthi sokumiswa kweseva se-IPsec

Iseva ezinikezele noma i-Virtual Private Server (VPS) iyadingeka, noma kunconywa ukusebenzisa isibonelo se- I-Amazon EC2, usebenzisa eyodwa yalawa ma-AMIs:

Ukufaka i-VPN ngaphezulu kwesikripthi sokumiswa kweseva se-IPsec

Ukufaka i-VPN ngaphezulu kweskripthi sokumiswa kweseva se-IPsec ku-Ubuntu naku-Debian

Into yokuqala okufanele uyenze ukuvuselela isistimu yakho, ngoba lokhu sebenzisa imiyalo elandelayo apt-get update && apt-get dist-upgrade bese uqala kabusha.

 Lesi sinyathelo asiphoqelekile, kepha kunconywa ukuthi senziwe.

Ukufaka i-VPN, sicela ukhethe okukodwa kokukhethwa kukho okulandelayo:

Inketho 1: Khiqiza iziqinisekiso ze-VPN ngokungahleliwe, ezingabukwa lapho ukufakwa sekuqedile

wget https://git.io/vpnsetup -O vpnsetup.sh && sudo sh vpnsetup.sh

Okukhethwa kukho 2: Hlela iskripthi bese unikeza ubuqiniso bakho be-VPN

wget https://git.io/vpnsetup -O vpnsetup.sh nano -w vpnsetup.sh [Faka esikhundleni samanani akho: YAKHO_IPSEC_PSK, YAKHO_USERNAME ne-YOUR_PASSWORD] Sudo sh vpnsetup.sh

Inketho 3: Chaza ubuqiniso be-VPN njengokuhlukahluka kwemvelo

# Wonke amanani kufanele afakwe 'kuzilinganiso ezodwa'
# Ungazisebenzisi lezi zinhlamvu ngaphakathi kwamanani: \ "'
wget https://git.io/vpnsetup -O vpnsetup.sh && sudo \ VPN_IPSEC_PSK ='your_ipsec_pre_shared_key' \ VPN_USER ='igama lakho_vpn_igama lomsebenzisi' \ VPN_PASSWORD ='igama lakho_vpn_password' i-vpnsetup.sh

Ukufaka i-VPN ngaphezulu kweskripthi sokumiswa kweseva se-IPsec kumaCentos

Into yokuqala okufanele uyenze ukuvuselela isistimu yakho, ngoba lokhu sebenzisa imiyalo elandelayo yum update  bese uqala kabusha.

 Lesi sinyathelo asiphoqelekile, kepha kunconywa ukuthi senziwe.

Landela izinyathelo ezifanayo naku-Ubuntu naku-Debian, kepha ungene esikhundleni https://git.io/vpnsetup por https://git.io/vpnsetup-centos.

Iziphetho ku-VPN ngaphezulu kweskripthi sokumiswa kweseva se-IPsec

I-cta nordvpn

Uma nje sine-VPN yethu efakiwe kufanele sixhumane nayo ngeklayenti le-VPN. Ngincoma ukuthi sisebenzise i-OpenVPN, esingayifaka nomphathi wephakheji wokusabalalisa kwethu. Ukuthi esimweni se-Debian kanye ne-derivatives singakwenza ngale ndlela elandelayo:

sudo apt-get ukufaka i-openvpn

Lesi yisixazululo esihle kakhulu sokuxhuma kwi-inthanethi ngendlela ephephile futhi sibe ne-VPN yethu engasetshenziswa futhi

  • Finyelela kunethiwekhi yomsebenzi noma yasekhaya lapho usohambweni.
  • Fihla idatha yokuphequlula.
  • Faka amasayithi avinjelwe i-geo.
  • Futhi okunye ukusetshenziswa okuningi

Futhi yilokho kuphela bafo, ngithemba ukuthi nizokuthokozela futhi niqhubeke. Uma konke lokhu kubonakala kuyinkimbinkimbi kuwe futhi ukhetha ukuyigcina kulula, ungahlala uqasha i-VPN efana ne-Hidemyass, okuyinto ngaphezu kokuba nokubuyekezwa okuhle, inikeza okunikezwayo okuhle kakhulu kubasebenzisi abasha.


Amazwana ayi-10, shiya okwakho

Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.

  1.   Rodrigo kusho

    Kungani beqe ingxenye lapho evuma khona ukuthi wenze ubugebengu? jajajjajajajjaja

  2.   AmaHemny kusho

    Sawubona mngani, ngikwazile ukufaka i-VPN esimweni se-Amazon nge-Ubuntu, kepha manje engingakwazi ukukwenza ukuxhuma ku-VPN efakiwe, ngicabanga ukuthi kudingekile ukwengeza amachweba esimweni okwamanje engikwazile ukuba yiso: vula i-TCP port 1723 futhi uvule futhi umthetho olandelwayo nge-ID 47 (GRE).
    Kwi-L2TP kufanele uvule i-TCP port 1701; Uma uzosebenzisa i-IPSec, kufanele uvule i-UDP port 500 kanye nezivumelwano ze-ID 50 (IPSec ESP) kanye ne-51 (IPSec AH), uma sengibangezile ngiyaqinisekisa nge-netstat -ntpl esimweni kepha hhayi Woza uzosebenza, ngicela unginike isandla?

    1.    Luigys toro kusho

      Kumaseva ane-firewall yangaphandle (isibonelo i-EC2), kufanele uvule amachweba we-UDP 500 no-4500, ne-TCP port 22 (ye-SSH).

      Ukuvula amachweba angeziwe kuseva, hlela /etc/iptables.rulesy / noma /etc/iptables/rules.v4(Ubuntu / Debian), noma / etc / sysconfig / iptables (CentOS). Futhi qala kabusha iServer, yize i-EC2, into elula ikwi-firewall yangaphandle.

  3.   ntombikayise kusho

    "Inkululeko Yekhodi ilingana ngqo nokukhula kwenhlangano", isitatimende esihle kakhulu.

  4.   Jose Luis kusho

    Siyabonga ngombhalo omuhle.
    Ngikwazile ukuyifaka futhi isebenza nge-Iphone ne-Android, kepha angazi ukuthi ngiyisebenzisa kanjani i-openVPN ku-linux njengeklayenti.

    Iseva engiyifakile ku-Ubuntu 16.04 terminal.

    Siza ngicela

  5.   rock-668 kusho

    Sawubona, ngikwenza kanjani kusebenze nge-ip enamandla?

    1.    I-Beavis kusho

      bhalisela i-noip.com ngohlobo lwamahhala.

  6.   U-Oscar kusho

    Sawubona, igama lami ngingu-Oscar, ngiyifakile le seva ye-VPN kwiseva yami ye-Linux ku-VPS, futhi isifundo sami sezokuphepha ngemuva kwamahora angama-24, ukuthi sihlasela, iSmurf, senza ama-scan scan futhi sizama ukuvimba imininingwane, kubonakala sengathi siyakwazi ukungenelela zonke izinkinobho ezisebenzisa izivumelwano ezingavikelekile, okungukuthi, noma yikuphi ukuxhumana okungasebenzisi ukubethela, ngokushesha ngemuva kokuba ngibonile, ngivale ukuxhumana kwami ​​kwe-VPN futhi ngasetha kabusha i-VPS, njengoba ngakha iphuzu lokubuyisela ngaphambi kokuqala le nqubo.
    Ngikudalula konke lokhu ukuze umbhali kanye / noma umfundi wale ndatshana ofunda la mazwana abe sengcupheni lapho efaka le seva ye-VPN, ngikusho konke ngokuthembeka, futhi ngibonga umbhali ngokuthatha isikhathi sakhe ukubhala lo mbhalo.

    Ukubingelela.

  7.   gerardo kusho

    lapho ngenza ifconfig tun0 inginikeza leli phutha
    iphutha lokulanda imininingwane yesixhumi esibonakalayo: Idivayisi ayitholakali

  8.   Pedro kusho

    manje ngiyazi ukuthi kungani ngingasebenzisi i-vpn…. ngoba akulula futhi kuyisidina ukuyilungisa. Ingabe ayikho indlela elula futhi ecacile yokukwenza?