openvpn電腦版手機

1. 如何在Windows環境下安裝並配置OpenVPN

Step 1 OpenVPN安裝配置
1.1 下載openvpn 並安裝
· 下載openvpn-2.0.5-gui-1.0.3版，地址 http://openvpn.se/files/install_packages/openvpn-2.0.5-gui-1.0.3-install.exe，安裝。(例如：安裝到F:\OPENVPN目錄下，下文舉例都用此目錄)
· 安裝完成後生成一個新網卡，並在網路連接里出現本地連接[X]，把tcp/ip屬性改成手動配置,192.168.10.1(根據實際情況更改) ,255.255.255.0，其餘不填。
1.2 生成證書
· 修改F:\OpenVPN\easy-rsa\vars.bat.sample的以下部分
CODE:
set HOME=%ProgramFiles%\OpenVPN\easy-rsa
set KEY_COUNTRY=US
set KEY_PROVINCE=CA
set KEY_CITY=SanFrancisco
set KEY_ORG=FortFunston
set [email protected]
（請根據自身情況修改）改為
CODE:
set HOME=F:\OpenVPN\easy-rsa
set KEY_COUNTRY=CN
set KEY_PROVINCE=Hubei
set KEY_CITY=Wuhan
set KEY_ORG=51NB
set [email protected]
· 生成證書
o OpenVPN 有兩種安全模式，一種基於使用 RSA 證書和密鑰的 SSL/TLS，一種使用預先分享的靜態密鑰。本文採用SSL/TLS 模式。TLS模式的優點是安全，而且便於管理用戶。默認情況下證書和用戶是一對一的，多個用戶使用同一證書會被踢出。
o 開始-->運行-->鍵入cmd，回車，進入命令提示符-->進入F:\OpenVPN\easy-rsa目錄
QUOTE:
F:\OpenVPN\easy-rsa>
o 執行如下命令
CODE:
init-config

QUOTE:
F:\OpenVPN\easy-rsa>init-config
F:\OpenVPN\easy-rsa> vars.bat.sample vars.bat
已復制 1 個文件。
F:\OpenVPN\easy-rsa> openssl.cnf.sample openssl.cnf
已復制 1 個文件。
CODE:
vars

CODE:
clean-all

QUOTE:
F:\OpenVPN\easy-rsa>vars
F:\OpenVPN\easy-rsa>clean-all
系統找不到指定的文件。
已復制 1 個文件。
已復制 1 個文件。

CODE:

vars
build-ca
build-dh

QUOTE:
F:\OpenVPN\easy-rsa>vars
F:\OpenVPN\easy-rsa>build-ca #生成根證書
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
writing new private key to 'keys\ca.key'
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.

Country Name (2 letter code) [CN]:
State or Province Name (full name) [Hubei]:
Locality Name (eg, city) [Wuhan]:
Organization Name (eg, company) [51NB]:
Organizational Unit Name (eg, section) []:CMWAP
Common Name (eg, your name or your server's hostname) []:fangzy #填自己的名字
Email Address [[email protected]]:
F:\OpenVPN\easy-rsa>build-dh #這個有點慢，估計要半分鍾
Loading 'screen' into random state - done
Generating DH parameters, 1024 bit long safe prime, generator 2
This is going to take a long time

CODE:
build-key-server server

QUOTE:
F:\OpenVPN\easy-rsa>build-key-server server #生成伺服器端的密鑰，server為伺服器名
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
writing new private key to 'keys\server.key'
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [CN]:
State or Province Name (full name) [Hubei]:
Locality Name (eg, city) [Wuhan]:
Organization Name (eg, company) [51NB]:
Organizational Unit Name (eg, section) []:CMWAP
Common Name (eg, your name or your server's hostname) []:server #填自己的名字
Email Address [[email protected]]:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:xxxx #輸入4位以上的密碼
An optional company name []:
Using configuration from openssl.cnf
Loading 'screen' into random state - done
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'CN'
stateOrProvinceName :PRINTABLE:'Hubei'
localityName :PRINTABLE:'Wuhan'
organizationName :PRINTABLE:'51NB'
organizationalUnitName:PRINTABLE:'CMWAP'
commonName :PRINTABLE:'server'
emailAddress :IA5STRING:'[email protected]'
Certificate is to be certified until Feb 1 05:30:29 2016 GMT (3650 days)
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated

CODE:
build-key client
QUOTE:
F:\OpenVPN\easy-rsa>build-key client #生成客戶端的密鑰，client為用戶名
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
writing new private key to 'keys\client.key'
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [CN]:
State or Province Name (full name) [Hubei]:
Locality Name (eg, city) [Wuhan]:
Organization Name (eg, company) [51NB]:
Organizational Unit Name (eg, section) []:CMWAP
Common Name (eg, your name or your server's hostname) []:client
Email Address [[email protected]]:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:xxxx
An optional company name []:
Using configuration from openssl.cnf
Loading 'screen' into random state - done
DEBUG[load_index]: unique_subject = "yes"
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'CN'
stateOrProvinceName :PRINTABLE:'Hubei'
localityName :PRINTABLE:'Wuhan'
organizationName :PRINTABLE:'51NB'
organizationalUnitName:PRINTABLE:'CMWAP'
commonName :PRINTABLE:'client'
emailAddress :IA5STRING:'[email protected]'
Certificate is to be certified until Feb 1 05:31:40 2016 GMT (3650 days)
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
生成多個客戶端密鑰，執行build-key client1 …… build-key xyz。

復制證書文件
剛才生成的證書文件在F:\OpenVPN\easy-rsa\keys下，伺服器端需要的文件為ca.crt,dh1024.pem,server.crt,server.key ，客戶端需要的文件為：ca.crt client.crt client.key(xxx.crt xxx.key)，配置.ovpn文件時需要用到。
1.3 配置server.ovpn文件
· 在\OpenVPN\config目錄下創建server.ovpn文件將ca.crt,dh1024.pem,server.crt,server.key復制到F:\OpenVPN\config目錄下
· 伺服器端文件示例：
server.ovpn
CODE:

port 1198
proto tcp-server
dev tun
server 192.168.10.0 255.255.255.0
keepalive 20 180
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
push "redirect-gateway def1"
push "dhcp-option DNS 192.168.10.1"
mode server
tls-server
status openvpn-status.log
comp-lzo
verb 4
1.4 客戶端安裝與配置
o 安裝OpenVPN，同1.1，但是不用更改本地連接設置。
o 配置OpenVPN
§ 在\OpenVPN\config目錄下創建client.ovpn文件，將ca.crt client.crt client.key 復制到 \OpenVPN\config
目錄下，這3個文件由伺服器端生成並發放。
§ 客戶端文件示例：
client.ovpn
CODE:
client
dev tun
proto tcp-client
remote jacky.10dig.com 1198 #這里填入remote server add,可用IP或者域名，
#若Server是動態IP，可到http://www.wingdns.com/注冊動態域名綁定動態IP。
#如Client所連接Server使用路由上網，則需要使用NAT將地址映射到Server端。
resolv-retry infinite
nobind
http-proxy 10.0.0.172 80 #這里填入你的代理伺服器地址和埠，沒有代理則不用這行
mute-replay-warnings
ca ca.crt
cert client.crt #這里改成每個客戶端相應的證書
key client.key #這里改成每個客戶端相應的證書
comp-lzo
verb 4
status openvpn-status.log
右擊openvpn-gui圖標，點connect，即可連接。

The End
Thank you for your reading...

2. Windows 7上OpenVPN怎麼設置使用

你是要做伺服器端還是客戶端 在OpenVPN\sample-config裡面有配置文件直接改裡面的就行了。

3. 怎麼把電腦的網路共享到手機上使用

我在網上找到了一種解決方案

usb 反向共享 不需要 Root許可權 和 ADB命令，適用 Android（所有版本）和Windows 10

以下內容是用Chrome翻譯出的譯文，文字都翻譯成中文，但圖片內容還是英文。

本指南允許您通過可為手機充電的通用USB電纜與Android設備共享Windows 10PC的Internet連接。如果您不能或不想在智能手機上使用WIFI並且您不想消耗數據計劃中的流量，則此功能非常有用。限制手機無線連接使用的一個很好的理由是電磁污染會影響您的身體。但這是另一個故事。本指南的重點是，您的手機不需要植根。然後，我重復一遍，所有工作都沒有生根寶貴的智能手機。不幸的是，這涉及到某些應用程序（但不是最重要的）至少需要虛擬使用數據連接，因為您無法安裝Xposed模塊來解決這些應用程序的愚蠢限制。但這是較小的邪惡。此外，本指南還適用於Lollipop以上的Android版本。本指南僅需要內置的Android usb網路共享功能和Windows 10 PC，因此它適用於所有Android版本，甚至無需在Windows上安裝ADB（Android Debug Bridge）。它使用適用於Android和Windows的免費開源「openvpn」程序。唯一的限制是它一次只適用於單個Android設備。

步驟

從這里或從下面下載「openvpn for Windows」。雙擊剛剛下載的文件以開始安裝並確認Windows安全消息。

OpenVPN-Windows32bit

OpenVPN-Windows64bit

確保在安裝過程中選擇了所有組件。

注1：本教程假設USB網路共享模式下智能手機的IP地址為192.168.42.129，應該是這樣。通過在PlayStore的「android terminal」應用程序中鍵入「netcfg」來檢查這一點，並最終在上面相應地更改它，以及「Remote NDIS」介面的192.168.42.128地址。

注意2：如果在智能手機（或平板電腦）重新啟動「遠程NDIS」網路名稱更改後，再次按照我們的說明將新的網路名稱設置為「專用網路」，否則它將不再起作用。

注3：稍作修改後，本指南也適用於低於10的Windows版本。

4. OpenVPN的使用

 1.  修改 C:\ProgramFiles\OpenVPN\easy-rsa\vars.bat.sample

set KEY_COUNTRY=CN                    #(國家)

set KEY_PROVINCE=JS                    #(省份)

set KEY_CITY=SuZhou                        #(城市) 

set KEY_ORG=OpenVPN               #(組織)

set [email protected]    #(郵件地址) 

2.  DOS 下配置CA等信息

Microsoft Windows XP [版本 5.1.2600]

(C) 版權所有 1985-2001 Microsoft Corp.

C:\Documents and Settings\Administrator> cd "C:\Program Files\OpenVPN\easy-rsa"

C:\Program Files\OpenVPN\easy-rsa> init-config

C:\Program Files\OpenVPN\easy-rsa>  vars.bat.sample vars.bat

已復制         1 個文件。

C:\Program Files\OpenVPN\easy-rsa> vars

C:\Program Files\OpenVPN\easy-rsa> clean-all

已復制         1 個文件。

已復制         1 個文件。

C:\Program Files\OpenVPN\easy-rsa> build-ca

Loading 'screen' into random state - done

Generating a 1024 bit RSA private key

................++++++

....++++++

writing new private key to 'keys\ca.key'

-----

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [CN]:

State or Province Name (full name) [JS]:

Locality Name (eg, city) [SuZhou]:

Organization Name (eg, company) [OpenVPN]:

Organizational Unit Name (eg, section) [changeme]:

Common Name (eg, your name or your server's hostname) [changeme]: OpenVPN-CA

Name [changeme]:

Email Address [[email protected]]:

C:\Program Files\OpenVPN\easy-rsa> build-dh

Loading 'screen' into random state - done

Generating DH parameters, 1024 bit long safe prime, generator 2

This is going to take a long time

................................................................................

.............................................+................+.................

........+.......................+...............................................

........................................................+.......................

.........+....+.................................................................

.........................................................................+......

...................................+.....+....................................+.

.....................................................................+..........

........................................................+.......................

...+.............++*++*++*

C:\Program Files\OpenVPN\easy-rsa> build-key-server server

Loading 'screen' into random state - done

Generating a 1024 bit RSA private key

.++++++

....++++++

writing new private key to 'keys\server.key'

-----

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [CN]:

State or Province Name (full name) [JS]:

Locality Name (eg, city) [SuZhou]:

Organization Name (eg, company) [OpenVPN]:

Organizational Unit Name (eg, section) [changeme]:

Common Name (eg, your name or your server's hostname) [changeme]: server

Name [changeme]:

Email Address [[email protected]]:

Please enter the following 'extra' attributes

to be sent with your certificate request

A challenge password []:

An optional company name []:

Using configuration from openssl-1.0.0.cnf

Loading 'screen' into random state - done

Check that the request matches the signature

Signature ok

The Subject's Distinguished Name is as follows

countryName           :PRINTABLE:'CN'

stateOrProvinceName   :PRINTABLE:'JS'

localityName          :PRINTABLE:'SuZhou'

organizationName      :PRINTABLE:'OpenVPN'

organizationalUnitName:PRINTABLE:'changeme'

commonName            :PRINTABLE:'server'

name                 :PRINTABLE:'changeme'

emailAddress          :IA5STRING:'[email protected]'

Certificate is to be certified until Oct 13 07:18:46 2025 GMT (3650 days)

Sign the certificate? [y/n]: y

1 out of 1 certificate requests certified, commit? [y/n] y

Write out database with 1 new entries

Data Base Updated

C:\Program Files\OpenVPN\easy-rsa> build-key client

Loading 'screen' into random state - done

Generating a 1024 bit RSA private key

.....++++++

............................++++++

writing new private key to 'keys\client.key'

-----

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [CN]:

State or Province Name (full name) [JS]:

Locality Name (eg, city) [SuZhou]:

Organization Name (eg, company) [OpenVPN]:

Organizational Unit Name (eg, section) [changeme]:

Common Name (eg, your name or your server's hostname) [changeme]: client

Name [changeme]:

Email Address [[email protected]]:

Please enter the following 'extra' attributes

to be sent with your certificate request

A challenge password []:

An optional company name []:

Using configuration from openssl-1.0.0.cnf

Loading 'screen' into random state - done

Check that the request matches the signature

Signature ok

The Subject's Distinguished Name is as follows

countryName           :PRINTABLE:'CN'

stateOrProvinceName   :PRINTABLE:'JS'

localityName          :PRINTABLE:'SuZhou'

organizationName      :PRINTABLE:'OpenVPN'

organizationalUnitName:PRINTABLE:'changeme'

commonName            :PRINTABLE:'client'

name                 :PRINTABLE:'changeme'

emailAddress          :IA5STRING:'[email protected]'

Certificate is to be certified until Oct 13 07:20:05 2025 GMT (3650 days)

Sign the certificate? [y/n]: y

1 out of 1 certificate requests certified, commit? [y/n] y

Write out database with 1 new entries

Data Base Updated

C:\Program Files\OpenVPN\easy-rsa>

3. 拷貝文件

將 ca.crt、dh1024.pem、server.crt、server.key 復制到伺服器 C:\Program

Files\OpenVPN\config 目錄下

將 ca.crt、client.crt、client.key 復制到客戶端 C:\Program Files\OpenVPN\config 目錄下

4. C:\ProgramFiles\OpenVPN\config 目錄下創建 client.ovpn、server.ovpn

server.ovpn

local 192.168.1.101

port 1194

proto tcp

;proto udp

dev tap

;dev tun

;dev-node MyTap

ca ca.crt

cert server.crt

key server.key 

dh dh1024.pem

server 172.16.1.0 255.255.255.0

ifconfig-pool-persist ipp.txt

;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100

;server-bridge

push "route 0.0.0.0 0.0.0.0"

push "redirect-gateway def1 bypass-dhcp"

;push "route 192.168.20.0 255.255.255.0"

client-config-dir ccd

;route 192.168.40.128 255.255.255.248

;client-config-dir ccd

;route 10.9.0.0 255.255.255.252

;learn-address ./script

;push "redirect-gateway def1 bypass-dhcp"

push "dhcp-option DNS 223.5.5.5"

push "dhcp-option DNS 223.6.6.6"

client-to-client

plicate-cn

keepalive 10 120

;tls-auth ta.key 0

;cipher BF-CBC       

;cipher AES-128-CBC   

;cipher DES-EDE3-CBC 

comp-lzo

max-clients 100

;user nobody

;group nobody

persist-key

persist-tun

status openvpn-status.log

;log         openvpn.log

;log-append  openvpn.log

verb 3

mute 20

client.open

client

dev tap

proto tcp

remote 192.168.1.101 1194

resolv-retry infinite

nobind

persist-key

persist-tun

mute-replay-warnings

ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"

cert "C:\\Program Files\\OpenVPN\\config\\client.crt"

key "C:\\Program Files\\OpenVPN\\config\\client.key"

comp-lzo

verb 3

mute 20