\n<\/p>\n
# mkdir \/etc\/openvpn\/rsa # vi \/etc\/openvpn\/rsa\/vars # cd \/etc\/openvpn\/rsa\/keys # systemctl -f enable openvpn@server \u0414\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u043c \u0444\u043e\u0440\u0432\u0430\u0440\u0434\u0438\u043d\u0433<\/p>\n \u0412 «Amazon Dashboard EC2» \u0432\u044b\u0431\u0438\u0440\u0430\u0435\u043c \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 «Security Groups» \u0438 \u0433\u0440\u0443\u043f\u043f\u0443 \u0437\u0430\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u043d\u0430 \u043d\u0430\u0448 \u0441\u0435\u0440\u0432\u0435\u0440. \u0414\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u043c \u043f\u0440\u0430\u0432\u0438\u043b\u043e — \u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0442\u044c \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043d\u0430 \u043f\u043e\u0440\u0442<\/p>\n \u041a\u043b\u0438\u0435\u043d\u0442.<\/strong> \u0417\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u043c GUI \u043a\u043b\u0438\u0435\u043d\u0442\u0430 \u0438\u0437-\u043f\u043e\u0434 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f Administrator, \u0430 \u0442\u043e \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u043d\u0435 \u0441\u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u043e\u043f\u0438\u0441\u0430\u0442\u044c\u0441\u044f. \u0421\u0441\u044b\u043b\u043a\u0438 \u0432 \u0442\u0435\u043c\u0443:<\/p>\n \u041a\u0430\u043a \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, amazon \u0434\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0431\u0435\u0441\u043f\u043b\u0430\u0442\u043d\u043e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0432 \u043e\u0431\u043b\u0430\u043a\u0435 ( 750 \u0447\u0430\u0441\u043e\u0432 \u0432 \u043c\u0435\u0441\u044f\u0446 \u0431\u0435\u0441\u043f\u043b\u0430\u0442\u043d\u043e, \u043d\u0430 \u043e\u0434\u0438\u043d \u0433\u043e\u0434 ). \u0420\u0430\u0437 \u0435\u0441\u0442\u044c \u0442\u0430\u043a\u0430\u044f \u0445\u0430\u043b\u044f\u0432\u0430, \u0442\u043e \u043d\u0443\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c, \u043d\u0443 \u043f\u043e\u043f\u0440\u043e\u0431\u0443\u0435\u043c \u0434\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u0430\u00a0\u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u00a0OpenVPN. \u041f\u0440\u043e\u043f\u0443\u0441\u043a\u0430\u044e \u0441\u043a\u0443\u0447\u043d\u044b\u0435 \u0434\u0435\u0442\u0430\u043b\u0438 \u043f\u0440\u043e \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u044e \u043d\u0430 amazon, \u00a0\u0432\u044b\u0431\u043e\u0440 \u041e\u0421, \u0437\u0430\u043f\u0443\u0441\u043a \u0441\u0435\u0440\u0432\u0430\u043a\u0430, \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u044e ssh-\u043a\u043b\u044e\u0447\u0438\u043a\u0430. \u0418\u0442\u0430\u043a, \u0435\u0441\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440, \u043d\u0430 amazon ec2, redhat 7. \u0421\u0435\u0440\u0432\u0435\u0440.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1029","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/www.unixpin.com\/index.php?rest_route=\/wp\/v2\/posts\/1029","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.unixpin.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.unixpin.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.unixpin.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.unixpin.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1029"}],"version-history":[{"count":5,"href":"https:\/\/www.unixpin.com\/index.php?rest_route=\/wp\/v2\/posts\/1029\/revisions"}],"predecessor-version":[{"id":1038,"href":"https:\/\/www.unixpin.com\/index.php?rest_route=\/wp\/v2\/posts\/1029\/revisions\/1038"}],"wp:attachment":[{"href":"https:\/\/www.unixpin.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1029"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.unixpin.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1029"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.unixpin.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1029"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\n# yum update && yum install epel-release
\n# yum install openvpn easy-rsa
\n# cd \/usr\/share\/doc\/openvpn-*\/sample\/sample-config-files\/
\n# cp server.conf \/etc\/openvpn<\/code><\/p>\n
\n# cp \u2013rf \/usr\/share\/easy-rsa\/2.0\/* \/etc\/openvpn\/rsa<\/p>\n
\n# cd \/etc\/openvpn\/rsa
\n# source .\/vars
\n# .\/clean-all
\n# .\/build-ca
\n# .\/build-key-server server
\n# .\/build-dh
\n# .\/build-key client<\/p>\n
\n# cp ca.crt server.crt server.key \/..\/..
\n# cat <<‘EOF’ > \/etc\/openvpn\/server.conf
\n############# server.conf
\nport 1194
\nproto tcp
\ndev tun
\nca ca.crt
\ncert server.crt
\nkey server.key
\ndh \/etc\/openvpn\/rsa\/keys\/dh2048.pem
\ntopology subnet
\nserver 10.8.0.0 255.255.255.0
\nifconfig-pool-persist ipp.txt
\npush «redirect-gateway def1 bypass-dhcp»
\npush «dhcp-option DNS 8.8.8.8»
\npush «dhcp-option DNS 8.8.4.4»
\nclient-to-client
\nkeepalive 10 120
\ncomp-lzo
\nuser nobody
\ngroup nobody
\npersist-key
\npersist-tun
\nstatus openvpn-status.log
\nlog openvpn.log
\nlog-append openvpn.log
\nverb 3
\n#
\nEOF<\/p>\n
\n# systemctl start openvpn@server
\n# systemctl -l status openvpn@server<\/p>\n# echo \"1\" > \/proc\/sys\/net\/ipv4\/ip_forward
\n# sysctl -w net.ipv4.ip_forward=1
\n# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE<\/code><\/p>\n![\"joxi_screenshot_1452522301150\"](\"https:\/\/www.unixpin.com\/wp-content\/uploads\/2016\/01\/joxi_screenshot_1452522301150.png\")
<\/a><\/p>\n
\n
\n\u0421\u043a\u0430\u0447\u0438\u0432\u0430\u0435\u043c Windows \u0432\u0435\u0440\u0441\u0438\u044e \u0437\u0434\u0435\u0441\u044c <\/a>, \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u043c, \u043d\u0435 \u0437\u0430\u0431\u044b\u0432\u0430\u0435\u043c TAP \u0434\u0440\u0430\u0439\u0432\u0435\u0440.
\n\u041a\u043e\u043f\u0438\u0440\u0443\u0435\u043c \u0441 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \/etc\/openvpn\/rsa\/keys \u0444\u0430\u0439\u043b\u0438\u043a\u0438 ca.crt client.crt client.key \u0432 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 C:\\Program Files\\OpenVPN\\config \u043a\u043b\u0438\u0435\u043d\u0442\u0430
\n\u0421\u043e\u0437\u0434\u0430\u0435\u043c \u0432 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0435 C:\\Program Files\\OpenVPN\\config \u0444\u0430\u0439\u043b client.orig, \u0441\u043e \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u044b\u043c<\/p>\n############ client.ovpn
\nclient
\nport 1194
\ndev tun
\nproto tcp
\nremote ec2-XXXXXXXXX.us-west-2.compute.amazonaws.com 1194
\nremote-cert-tls server
\nverb 3
\ncomp-lzo
\npersist-key
\npersist-tun
\nnobind
\nca ca.crt
\ncert client.crt
\nkey client.key
\nroute-method exe
\nroute-delay 2
\n###########################<\/code><\/p>\n
\n\u041f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u043c, \u0447\u0442\u043e \u0442\u0435\u043f\u0435\u0440\u044c \u043d\u0430\u0448 ip \u0440\u0435\u0437\u043e\u043b\u0432\u0438\u0442\u0441\u044f \u0433\u0434\u0435-\u0442\u043e \u0432 \u0410\u043c\u0435\u0440\u0438\u043a\u0435…<\/p>\n<\/a><\/p>\n\n