Openvppn yana daya daga cikin zaɓuɓɓukan VPN (cibiyar sadarwar masu zaman kansu ko hanyoyin sadarwa mai zaman kansu), yana ba ku damar aiwatar da watsawa na bayanai akan hanyar da aka kirkira ta musamman. Saboda haka, zaku iya haɗa kwamfyutoci biyu ko gina cibiyar sadarwa ta tsakiya tare da sabar da abokan ciniki da yawa. A cikin wannan labarin, zamu koyi ƙirƙirar irin wannan sabar kuma saita shi.
Sanya Sabunta Server
Kamar yadda aka ambata a sama, tare da taimakon fasaha, zamu iya canja wurin bayani zuwa tashar sadarwa mai aminci. Zai iya zama raba fayiloli ko amintaccen damar Intanet ta hanyar sabar da ita ce ƙofar gama gari. Don ƙirƙirar shi, ba za mu buƙaci ƙarin kayan aiki da ilimi na musamman ba - ana yin komai a kwamfutar da aka shirya amfani da ita azaman uwar garken VPN.Don ci gaba da aiki, zai zama dole don saita ɓangaren abokin ciniki akan injunan mai amfani da hanyar sadarwa. Dukkanin ayyuka sun sauko don ƙirƙirar makullin da takaddun shaida waɗanda zasu watsa ga abokan ciniki. Waɗannan fayilolin suna ba ku damar samun adireshin IP lokacin da aka haɗa da uwar garken kuma ƙirƙirar tashoshin da ke sama. Duk bayanan da aka watsa ta yadda za'a iya karanta shi kawai idan akwai key. Wannan fasalin yana ba ku damar haɓaka tsaro da haɓaka tsaro kuma tabbatar da amincin bayanai.
Shigar da Buɗe Openvpn akan uwar garken injin
Shigarwa madaidaiciya hanya ce tare da wasu nuances, wanda zai yi magana sosai.
- Da farko dai, kuna buƙatar saukar da shirin akan mahaɗin da ke ƙasa.
Zazzage Budevppn.
- Abu na gaba, gudanar da mai sakawa ya isa wurin zaɓi zaɓi zaɓi. Anan muna buƙatar saka tanki kusa da ma'ana tare da suna "Constsa", wanda zai ba ku damar ƙirƙirar takaddun shaida da filayen maɓalli, kazalika sarrafa su.
- Mataki na gaba shine zaɓar wuri don kafawa. Don dacewa, sanya shirin zuwa tushen tsarin diski s :. Don yin wannan, kawai share abubuwa da yawa. Yakamata ya yi aiki
C: \ openvpn
Muna yin hakan ne domin kauce wa gazawar yayin aiwatar da rubutun, tunda sarari a hanya ba a yarda ba. Zaka iya, ba shakka, ɗauka a cikin kwatancen, amma rashin haihuwa zai iya da taƙaitaccen na iya, kuma nemi kurakurai a cikin lambar - yanayin ba sauki.
- Bayan duk saiti, shigar da shirin a yanayin al'ada.
Tabbatar da Sashin uwar gaba
Lokacin yin waɗannan ayyukan ya kamata ya zama mai kulawa kamar yadda zai yiwu. Duk wani aibi zai haifar da shigarwar uwar garke. Wani misalin da aka zaɓa - asusunka dole ne ku sami hakkoki.
- Muna zuwa Cutun "mai sauƙin shiga" mai sauƙi, wanda a cikin shari'armu tana da
C: \ openvpn \ sauƙin-sauqi
Nemo VARS.Bat.Sample fayil.
Sake suna zuwa Var.bat (Mun share kalmar "samfurin" tare da aya).
Bude wannan fayil a cikin Edita edepad ++. Wannan yana da mahimmanci, tunda wannan shine littafin bayanin da zai ba ku damar shirya daidai da adana lambobin, waɗanda ke taimakawa guje wa kurakurai lokacin yin su.
- Da farko dai, mun share dukkan maganganun da aka ware ta kore - za su tsoma baki tare da mu. Mun samu wadannan:
- Bayan haka, canza hanyar zuwa babban fayil ɗin "Siyarwa" mai sauƙi "ga wanda muka ayyana yayin shigarwa. A wannan yanayin, kawai share canji% na shirye-shiryen% kuma canza shi a C:.
- Ba a kashe sigogi guda huɗu masu zuwa ba.
- Sauran layin ya cika su ba da izini ba. Misali akan allon sikelin.
- Ajiye fayil ɗin.
- Hakanan kuna buƙatar shirya fayilolin masu zuwa:
- Gina-ca.bat.
- Gina-dh.bat.
- Gina-key.bat.
- Gina-key-Pass.bat
- Gina-key-pkcs12.bat
- Gina-key-Server.Bat
Suna buƙatar canza ƙungiyar
Budewa.
A kan cikakkiyar hanya zuwa m Openssl.exe fayil. Kar ka manta don adana canje-canje.
- Yanzu buɗe babban fayil ɗin "Siyarwa" mai sauƙi, matsawa ta danna kuma danna kan PCM a wurin kyauta (ba akan fayiloli ba). A cikin menu na mahallin, zaɓi "Bugun Buɗe Kwanar".
"Layin Umarni" yana farawa da sauyawa zuwa ga directory ɗin da aka riga aka aiwatar.
- Mun shiga umurnin da aka ƙayyade a ƙasa kuma danna Shigar.
Var.Bat.
- Na gaba, ƙaddamar da wani "saitin saiti".
Mai tsabta-all.bat.
- Muna maimaita umarni na farko.
- Mataki na gaba shine ƙirƙirar fayilolin da ake buƙata. Don yin wannan, yi amfani da ƙungiyar
Gina-ca.bat.
Bayan aiwatar da tsarin, zai iya ba da tabbacin bayanan da muka shiga cikin fayil ɗin da aka shigar.bat. Kawai latsa Shigar da sau da yawa har sai kirjin asali ya bayyana.
- Airƙiri maɓallin DH ta amfani da Fayil ɗin Fayil
Gina-dh.bat.
- Airƙiri takardar shaidar don siye. Akwai wani mahimman mahimmanci a nan. Yana buƙatar sanya sunan da muka yi rijista a cikin Var.Bat a cikin "key_name" jere. A cikin misalinmu, yana da lumana. Umurnin yana kama da wannan:
Gina-key-Server.Bat Lubar
Hakanan yana buƙatar tabbatar da bayanan ta amfani da maɓallin Shigar, kuma sau biyu shigar da harafin "y" (ee), inda ake buƙata (duba hoto). Za a iya rufe layin umarni.
- A cikin kundin adireshinmu "mai sauƙin ci gaba" sabon fayil ya bayyana tare da taken "makullin".
- Dole ne a kwafa abun ciki kuma a liƙa zuwa babban fayil ɗin "SSL", wanda kake son ƙirƙirar a cikin tushen shirin.
Fitar da Fayil Bayanan Bayan Saita fayiloli da aka kofe:
- Yanzu mun je Catalog
C: \ openvpn \ karba
Airƙiri takaddar rubutu a nan (PCM - Createirƙiri - takaddar rubutu), sake suna shi a cikin Server.opn kuma buɗe shi a cikin Notepad ++. Mun gabatar da lambar masu zuwa:
Port 443.
Proso UDP.
Murnn Tun.
Dev-kumburi "vpn Lubun"
DH C: \ Expvppn \\ SSL \\ DH2048.pem
C C: \\ SSL \\ SSL \\ Ca.crt
C: \\ envpn \\ SSL \\ SSL \\
Key C: \\ Expvpn \\ SSL \\ Ssl \\ SSL
Server 172.16.10.0 255.255.255.0.
Malaman ciniki na 32
Ido 10 120.
Abokin ciniki-zuwa-abokin ciniki
Comp-lzo.
Dagewa mabuɗin.
Nace-tun.
CIPHER DES-CBC
Hali c: \\ opvppn \\ shiga \\ sty.log
Shiga C: \\ openvpn \\ shiga \\ openvpn.log
Verb 4.
Mutu 20.
Lura cewa sunayen takaddun shaida da maɓallan dole ne su yi dace da fayil ɗin "SSL".
- Bayan haka, buɗe "kwamitin kulawa" kuma je zuwa "Cibiyar Gudanar da Nafit.".
- Danna maɓallin "Canppter adaftan".
- Anan muna buƙatar nemo haɗin ta hanyar "famfo-Windows adaftar V9". Kuna iya yin wannan ta danna kan haɗin PCM kuma yana juya zuwa kaddarorin.
- Sake suna shi zuwa "VPN Lububes" ba tare da kwatancen ba. Wannan sunan dole ne ya dace da "dev-kumburi" sigogi a cikin fayil ɗin Server.ovpn.
- Mataki na ƙarshe - sabis na ƙaddamar da. Latsa maɓallin Win + r makullin, shigar da string da aka ƙayyade a ƙasa kuma danna Shigar.
Siyarwa.MSC.
- Mun sami sabis tare da sunan "Openvpnervice", danna PKM ya tafi kaddarorinta.
- Fara nau'in canji zuwa "ta atomatik", gudanar da sabis ɗin kuma danna "Aiwatar".
- Idan duk an yi dukansu daidai, to Red Cross ne abyss kusa da adaftar. Wannan yana nufin cewa haɗin ya shirya don aiki.
Kafa sashin abokin ciniki
Kafin fara saitin abokin ciniki, dole ne ka yi matakai da yawa akan injin uwar garken - don samar da makullin da takardar shaidar don saita haɗin.
- Mun je directory "mai sauƙin sauƙaƙan RSA", sannan a babban fayil ɗin "keys" da buɗe fayil ɗin tabbatarwa.
- Bude fayil ɗin, share duk abubuwan da ke ciki da ajiye.
- Koma baya zuwa "Sauƙaƙe-RSA" kuma gudanar da layin "layin" (Froup + PCM - buɗe taga umarni).
- Bayan haka, ƙaddamar da Vars.bat, sannan kuma ƙirƙirar takardar shaidar abokin ciniki.
Gina-Key.bat vpn-abokin ciniki
Wannan babban takardar shaidar ne ga duk injuna a kan hanyar sadarwa. Don haɓaka tsaro, zaku iya samar da fayilolinku ga kowane kwamfuta, amma kira su daban (ba "vpn-abokin ciniki" ba, amma "vpn-abokin ciniki1" da sauransu). A wannan yanayin, zai zama dole don maimaita duk ayyukan, farawa tare da tsabtatawa.txt tsabtatawa.
- Actions mataki - Canja wurin fayilolin VPN-Cope.crt, Fayilolin VPN, VPN-Imel.Key, ca.crt da DH2048.pem ga abokin ciniki. Kuna iya yin wannan a kowane irin yanayi, alal misali, faɗi akan hanyar USB ta USB ko canja wurin cibiyar sadarwa.
Ayyukan da ake buƙatar yin su a kan injin abokin ciniki:
- Shigar da Buɗe a hanyar da ta saba.
- Bude directory tare da shigarwa kuma je babban fayil ɗin "Config". Kuna buƙatar saka takardar shaidarmu da filayen.
- A wannan babban fayil, ƙirƙiri fayil ɗin rubutu kuma suna sake suna ciki a Condig.ovpn.
- Bude lambar mai zuwa a cikin edita da kuma tallata:
Abokin ciniki.
Sake gwada iyaka
Nond.
Nesa 192.168.0.15 443.
Proso UDP.
Murnn Tun.
Comp-lzo.
C ca.crt.
CIGABA VPN-CORD.CRT
Key vpn-abokin ciniki.Ky
Dh dh2048.pem.
yi bambaro
CIPHER DES-CBC
Ido 10 120.
Dagewa mabuɗin.
Nace-tun.
Verb 0.
A cikin jerin "nesa mai nisa, zaku iya rajistar adireshin IP na waje na injin na uwar garke - saboda haka za mu sami damar zuwa Intanet. Idan ka bar komai kamar yadda yake, zai yiwu kawai don haɗi zuwa uwar garken a kan tashar da ke ɓoye.
- Muna Gudun Openvpn GII a madadin mai gudanarwa ta amfani da gajeriyar hanya akan tebur, sannan a ƙara gunkin da ya dace a cikin abin da ke da sunan "Haɗa".
Wannan shi ne tsarin hadadden na sabar kuma abokin ciniki na Openvpn ya kammala.
Ƙarshe
Kungiyar cibiyar sadarwa ta VPN za ta ba ku damar haɓaka bayanan da aka watsa, da kuma yin igiyar tayar da Intanet. Babban abu shine a hankali lokacin da yake a kan sabar uwar garken da kuma abokin ciniki sashi, zaka iya amfani da duk fa'idodin cibiyar sadarwar ta sirri.