VPS上修改openvpn服务端server.conf 国内外网分流访问
需要先VPS配置好openvpn(配置过程这里不赘述)
找到server.conf文件的路径
我这里是
vi /etc/openvpn/server/server.conf然后我们看到server.conf的配置文件参数,接着来我们要修改一下
local 192.168.1.101 #这里替换成你的vps的IP#
port 10037 #相应的端口
proto udp
dev tun
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
ifconfig-pool-persist ipp.txt
server 10.168.2.0 255.255.255.0 #客户端使用的IP段,不要与你本机的网段冲突#
;push "redirect-gateway"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "route 172.68.2.0 255.255.255.0 vpn_gateway"
push "route 3.0.0.0 255.0.0.0 vpn_gateway"
push "route 4.0.0.0 255.0.0.0 vpn_gateway"
push "route 8.0.0.0 255.0.0.0 vpn_gateway"
push "route 17.0.0.0 255.0.0.0 vpn_gateway"
push "route 198.0.0.0 255.0.0.0 vpn_gateway"
push "route 209.0.0.0 255.0.0.0 vpn_gateway"
push "route 210.0.0.0 255.0.0.0 vpn_gateway"
push "route 216.0.0.0 255.0.0.0 vpn_gateway"
push "route 61.0.0.0 255.0.0.0 vpn_gateway"
push "route 64.0.0.0 255.0.0.0 vpn_gateway"
push "route 66.0.0.0 255.0.0.0 vpn_gateway"
push "route 70.0.0.0 255.0.0.0 vpn_gateway"
push "route 72.0.0.0 255.0.0.0 vpn_gateway"
push "route 74.0.0.0 255.0.0.0 vpn_gateway"
push "route 173.0.0.0 255.0.0.0 vpn_gateway"
push "route 204.0.0.0 255.0.0.0 vpn_gateway"
push "route 69.0.0.0 255.0.0.0 vpn_gateway"
push "route 199.0.0.0 255.0.0.0 vpn_gateway"
push "route 203.0.0.0 255.0.0.0 vpn_gateway"
push "route 31.0.0.0 255.0.0.0 vpn_gateway"
push "route 69.58.0.0 255.255.0.0 vpn_gateway"
push "route 46.0.0.0 255.0.0.0 vpn_gateway"
push "route 107.0.0.0 255.0.0.0 vpn_gateway"
;client-to-client # 注释使得客户端不能直接相互访问
duplicate-cn # 允许多个相同 Common Name 的客户端同时登陆
keepalive 30 120 # 设置服务端检测的间隔和超时时间 每 30 秒 ping 一次,如果 120 秒没有回应则认为对方已经 down
;cipher BF-CBC # 默认就用加密算法 Blowfish
comp-lzo
max-clients 50
persist-key # 通过keepalive检测超时后,重新启动VPN,不重新读取keys,保留第一次使用的keys
;persist-tun # 通过keepalive检测超时后,重新启动VPN,一直保持tun或者tap设备是linkup的,否则网络连接会先linkdown然后linkup
status openvpn-status.log
log-append openvpn.log
verb 3
mute 20根据贴出来的完整配置进行相应的修改,配置文件带外网路由地址,可以实现国内网和外网自动分流互相不影响
版权声明:
作者:ivpsr.com
链接:https://ivpsr.com/252.html
文章版权归作者所有,未经允许请勿转载。
THE END
