openvpn电脑版手机

1. 如何在Windows环境下安装并配置OpenVPN

Step 1 OpenVPN安装配置
1.1 下载openvpn 并安装
· 下载openvpn-2.0.5-gui-1.0.3版，地址 http://openvpn.se/files/install_packages/openvpn-2.0.5-gui-1.0.3-install.exe，安装。(例如：安装到F:\OPENVPN目录下，下文举例都用此目录)
· 安装完成后生成一个新网卡，并在网络连接里出现本地连接[X]，把tcp/ip属性改成手动配置,192.168.10.1(根据实际情况更改) ,255.255.255.0，其余不填。
1.2 生成证书
· 修改F:\OpenVPN\easy-rsa\vars.bat.sample的以下部分
CODE:
set HOME=%ProgramFiles%\OpenVPN\easy-rsa
set KEY_COUNTRY=US
set KEY_PROVINCE=CA
set KEY_CITY=SanFrancisco
set KEY_ORG=FortFunston
set [email protected]
（请根据自身情况修改）改为
CODE:
set HOME=F:\OpenVPN\easy-rsa
set KEY_COUNTRY=CN
set KEY_PROVINCE=Hubei
set KEY_CITY=Wuhan
set KEY_ORG=51NB
set [email protected]
· 生成证书
o OpenVPN 有两种安全模式，一种基于使用 RSA 证书和密钥的 SSL/TLS，一种使用预先分享的静态密钥。本文采用SSL/TLS 模式。TLS模式的优点是安全，而且便于管理用户。默认情况下证书和用户是一对一的，多个用户使用同一证书会被踢出。
o 开始-->运行-->键入cmd，回车，进入命令提示符-->进入F:\OpenVPN\easy-rsa目录
QUOTE:
F:\OpenVPN\easy-rsa>
o 执行如下命令
CODE:
init-config

QUOTE:
F:\OpenVPN\easy-rsa>init-config
F:\OpenVPN\easy-rsa> vars.bat.sample vars.bat
已复制 1 个文件。
F:\OpenVPN\easy-rsa> openssl.cnf.sample openssl.cnf
已复制 1 个文件。
CODE:
vars

CODE:
clean-all

QUOTE:
F:\OpenVPN\easy-rsa>vars
F:\OpenVPN\easy-rsa>clean-all
系统找不到指定的文件。
已复制 1 个文件。
已复制 1 个文件。

CODE:

vars
build-ca
build-dh

QUOTE:
F:\OpenVPN\easy-rsa>vars
F:\OpenVPN\easy-rsa>build-ca #生成根证书
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
writing new private key to 'keys\ca.key'
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.

Country Name (2 letter code) [CN]:
State or Province Name (full name) [Hubei]:
Locality Name (eg, city) [Wuhan]:
Organization Name (eg, company) [51NB]:
Organizational Unit Name (eg, section) []:CMWAP
Common Name (eg, your name or your server's hostname) []:fangzy #填自己的名字
Email Address [[email protected]]:
F:\OpenVPN\easy-rsa>build-dh #这个有点慢，估计要半分钟
Loading 'screen' into random state - done
Generating DH parameters, 1024 bit long safe prime, generator 2
This is going to take a long time

CODE:
build-key-server server

QUOTE:
F:\OpenVPN\easy-rsa>build-key-server server #生成服务器端的密钥，server为服务器名
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
writing new private key to 'keys\server.key'
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [CN]:
State or Province Name (full name) [Hubei]:
Locality Name (eg, city) [Wuhan]:
Organization Name (eg, company) [51NB]:
Organizational Unit Name (eg, section) []:CMWAP
Common Name (eg, your name or your server's hostname) []:server #填自己的名字
Email Address [[email protected]]:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:xxxx #输入4位以上的密码
An optional company name []:
Using configuration from openssl.cnf
Loading 'screen' into random state - done
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'CN'
stateOrProvinceName :PRINTABLE:'Hubei'
localityName :PRINTABLE:'Wuhan'
organizationName :PRINTABLE:'51NB'
organizationalUnitName:PRINTABLE:'CMWAP'
commonName :PRINTABLE:'server'
emailAddress :IA5STRING:'[email protected]'
Certificate is to be certified until Feb 1 05:30:29 2016 GMT (3650 days)
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated

CODE:
build-key client
QUOTE:
F:\OpenVPN\easy-rsa>build-key client #生成客户端的密钥，client为用户名
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
writing new private key to 'keys\client.key'
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [CN]:
State or Province Name (full name) [Hubei]:
Locality Name (eg, city) [Wuhan]:
Organization Name (eg, company) [51NB]:
Organizational Unit Name (eg, section) []:CMWAP
Common Name (eg, your name or your server's hostname) []:client
Email Address [[email protected]]:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:xxxx
An optional company name []:
Using configuration from openssl.cnf
Loading 'screen' into random state - done
DEBUG[load_index]: unique_subject = "yes"
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'CN'
stateOrProvinceName :PRINTABLE:'Hubei'
localityName :PRINTABLE:'Wuhan'
organizationName :PRINTABLE:'51NB'
organizationalUnitName:PRINTABLE:'CMWAP'
commonName :PRINTABLE:'client'
emailAddress :IA5STRING:'[email protected]'
Certificate is to be certified until Feb 1 05:31:40 2016 GMT (3650 days)
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
生成多个客户端密钥，执行build-key client1 …… build-key xyz。

复制证书文件
刚才生成的证书文件在F:\OpenVPN\easy-rsa\keys下，服务器端需要的文件为ca.crt,dh1024.pem,server.crt,server.key ，客户端需要的文件为：ca.crt client.crt client.key(xxx.crt xxx.key)，配置.ovpn文件时需要用到。
1.3 配置server.ovpn文件
· 在\OpenVPN\config目录下创建server.ovpn文件将ca.crt,dh1024.pem,server.crt,server.key复制到F:\OpenVPN\config目录下
· 服务器端文件示例：
server.ovpn
CODE:

port 1198
proto tcp-server
dev tun
server 192.168.10.0 255.255.255.0
keepalive 20 180
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
push "redirect-gateway def1"
push "dhcp-option DNS 192.168.10.1"
mode server
tls-server
status openvpn-status.log
comp-lzo
verb 4
1.4 客户端安装与配置
o 安装OpenVPN，同1.1，但是不用更改本地连接设置。
o 配置OpenVPN
§ 在\OpenVPN\config目录下创建client.ovpn文件，将ca.crt client.crt client.key 复制到 \OpenVPN\config
目录下，这3个文件由服务器端生成并发放。
§ 客户端文件示例：
client.ovpn
CODE:
client
dev tun
proto tcp-client
remote jacky.10dig.com 1198 #这里填入remote server add,可用IP或者域名，
#若Server是动态IP，可到http://www.wingdns.com/注册动态域名绑定动态IP。
#如Client所连接Server使用路由上网，则需要使用NAT将地址映射到Server端。
resolv-retry infinite
nobind
http-proxy 10.0.0.172 80 #这里填入你的代理服务器地址和端口，没有代理则不用这行
mute-replay-warnings
ca ca.crt
cert client.crt #这里改成每个客户端相应的证书
key client.key #这里改成每个客户端相应的证书
comp-lzo
verb 4
status openvpn-status.log
右击openvpn-gui图标，点connect，即可连接。

The End
Thank you for your reading...

2. Windows 7上OpenVPN怎么设置使用

你是要做服务器端还是客户端 在OpenVPN\sample-config里面有配置文件直接改里面的就行了。

3. 怎么把电脑的网络共享到手机上使用

我在网上找到了一种解决方案

usb 反向共享 不需要 Root权限 和 ADB命令，适用 Android（所有版本）和Windows 10

以下内容是用Chrome翻译出的译文，文字都翻译成中文，但图片内容还是英文。

本指南允许您通过可为手机充电的通用USB电缆与Android设备共享Windows 10PC的Internet连接。如果您不能或不想在智能手机上使用WIFI并且您不想消耗数据计划中的流量，则此功能非常有用。限制手机无线连接使用的一个很好的理由是电磁污染会影响您的身体。但这是另一个故事。本指南的重点是，您的手机不需要植根。然后，我重复一遍，所有工作都没有生根宝贵的智能手机。不幸的是，这涉及到某些应用程序（但不是最重要的）至少需要虚拟使用数据连接，因为您无法安装Xposed模块来解决这些应用程序的愚蠢限制。但这是较小的邪恶。此外，本指南还适用于Lollipop以上的Android版本。本指南仅需要内置的Android usb网络共享功能和Windows 10 PC，因此它适用于所有Android版本，甚至无需在Windows上安装ADB（Android Debug Bridge）。它使用适用于Android和Windows的免费开源“openvpn”程序。唯一的限制是它一次只适用于单个Android设备。

步骤

从这里或从下面下载“openvpn for Windows”。双击刚刚下载的文件以开始安装并确认Windows安全消息。

OpenVPN-Windows32bit

OpenVPN-Windows64bit

确保在安装过程中选择了所有组件。

注1：本教程假设USB网络共享模式下智能手机的IP地址为192.168.42.129，应该是这样。通过在PlayStore的“android terminal”应用程序中键入“netcfg”来检查这一点，并最终在上面相应地更改它，以及“Remote NDIS”接口的192.168.42.128地址。

注意2：如果在智能手机（或平板电脑）重新启动“远程NDIS”网络名称更改后，再次按照我们的说明将新的网络名称设置为“专用网络”，否则它将不再起作用。

注3：稍作修改后，本指南也适用于低于10的Windows版本。

4. OpenVPN的使用

 1.  修改 C:\ProgramFiles\OpenVPN\easy-rsa\vars.bat.sample

set KEY_COUNTRY=CN                    #(国家)

set KEY_PROVINCE=JS                    #(省份)

set KEY_CITY=SuZhou                        #(城市) 

set KEY_ORG=OpenVPN               #(组织)

set [email protected]    #(邮件地址) 

2.  DOS 下配置CA等信息

Microsoft Windows XP [版本 5.1.2600]

(C) 版权所有 1985-2001 Microsoft Corp.

C:\Documents and Settings\Administrator> cd "C:\Program Files\OpenVPN\easy-rsa"

C:\Program Files\OpenVPN\easy-rsa> init-config

C:\Program Files\OpenVPN\easy-rsa>  vars.bat.sample vars.bat

已复制         1 个文件。

C:\Program Files\OpenVPN\easy-rsa> vars

C:\Program Files\OpenVPN\easy-rsa> clean-all

已复制         1 个文件。

已复制         1 个文件。

C:\Program Files\OpenVPN\easy-rsa> build-ca

Loading 'screen' into random state - done

Generating a 1024 bit RSA private key

................++++++

....++++++

writing new private key to 'keys\ca.key'

-----

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [CN]:

State or Province Name (full name) [JS]:

Locality Name (eg, city) [SuZhou]:

Organization Name (eg, company) [OpenVPN]:

Organizational Unit Name (eg, section) [changeme]:

Common Name (eg, your name or your server's hostname) [changeme]: OpenVPN-CA

Name [changeme]:

Email Address [[email protected]]:

C:\Program Files\OpenVPN\easy-rsa> build-dh

Loading 'screen' into random state - done

Generating DH parameters, 1024 bit long safe prime, generator 2

This is going to take a long time

................................................................................

.............................................+................+.................

........+.......................+...............................................

........................................................+.......................

.........+....+.................................................................

.........................................................................+......

...................................+.....+....................................+.

.....................................................................+..........

........................................................+.......................

...+.............++*++*++*

C:\Program Files\OpenVPN\easy-rsa> build-key-server server

Loading 'screen' into random state - done

Generating a 1024 bit RSA private key

.++++++

....++++++

writing new private key to 'keys\server.key'

-----

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [CN]:

State or Province Name (full name) [JS]:

Locality Name (eg, city) [SuZhou]:

Organization Name (eg, company) [OpenVPN]:

Organizational Unit Name (eg, section) [changeme]:

Common Name (eg, your name or your server's hostname) [changeme]: server

Name [changeme]:

Email Address [[email protected]]:

Please enter the following 'extra' attributes

to be sent with your certificate request

A challenge password []:

An optional company name []:

Using configuration from openssl-1.0.0.cnf

Loading 'screen' into random state - done

Check that the request matches the signature

Signature ok

The Subject's Distinguished Name is as follows

countryName           :PRINTABLE:'CN'

stateOrProvinceName   :PRINTABLE:'JS'

localityName          :PRINTABLE:'SuZhou'

organizationName      :PRINTABLE:'OpenVPN'

organizationalUnitName:PRINTABLE:'changeme'

commonName            :PRINTABLE:'server'

name                 :PRINTABLE:'changeme'

emailAddress          :IA5STRING:'[email protected]'

Certificate is to be certified until Oct 13 07:18:46 2025 GMT (3650 days)

Sign the certificate? [y/n]: y

1 out of 1 certificate requests certified, commit? [y/n] y

Write out database with 1 new entries

Data Base Updated

C:\Program Files\OpenVPN\easy-rsa> build-key client

Loading 'screen' into random state - done

Generating a 1024 bit RSA private key

.....++++++

............................++++++

writing new private key to 'keys\client.key'

-----

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [CN]:

State or Province Name (full name) [JS]:

Locality Name (eg, city) [SuZhou]:

Organization Name (eg, company) [OpenVPN]:

Organizational Unit Name (eg, section) [changeme]:

Common Name (eg, your name or your server's hostname) [changeme]: client

Name [changeme]:

Email Address [[email protected]]:

Please enter the following 'extra' attributes

to be sent with your certificate request

A challenge password []:

An optional company name []:

Using configuration from openssl-1.0.0.cnf

Loading 'screen' into random state - done

Check that the request matches the signature

Signature ok

The Subject's Distinguished Name is as follows

countryName           :PRINTABLE:'CN'

stateOrProvinceName   :PRINTABLE:'JS'

localityName          :PRINTABLE:'SuZhou'

organizationName      :PRINTABLE:'OpenVPN'

organizationalUnitName:PRINTABLE:'changeme'

commonName            :PRINTABLE:'client'

name                 :PRINTABLE:'changeme'

emailAddress          :IA5STRING:'[email protected]'

Certificate is to be certified until Oct 13 07:20:05 2025 GMT (3650 days)

Sign the certificate? [y/n]: y

1 out of 1 certificate requests certified, commit? [y/n] y

Write out database with 1 new entries

Data Base Updated

C:\Program Files\OpenVPN\easy-rsa>

3. 拷贝文件

将 ca.crt、dh1024.pem、server.crt、server.key 复制到服务器 C:\Program

Files\OpenVPN\config 目录下

将 ca.crt、client.crt、client.key 复制到客户端 C:\Program Files\OpenVPN\config 目录下

4. C:\ProgramFiles\OpenVPN\config 目录下创建 client.ovpn、server.ovpn

server.ovpn

local 192.168.1.101

port 1194

proto tcp

;proto udp

dev tap

;dev tun

;dev-node MyTap

ca ca.crt

cert server.crt

key server.key 

dh dh1024.pem

server 172.16.1.0 255.255.255.0

ifconfig-pool-persist ipp.txt

;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100

;server-bridge

push "route 0.0.0.0 0.0.0.0"

push "redirect-gateway def1 bypass-dhcp"

;push "route 192.168.20.0 255.255.255.0"

client-config-dir ccd

;route 192.168.40.128 255.255.255.248

;client-config-dir ccd

;route 10.9.0.0 255.255.255.252

;learn-address ./script

;push "redirect-gateway def1 bypass-dhcp"

push "dhcp-option DNS 223.5.5.5"

push "dhcp-option DNS 223.6.6.6"

client-to-client

plicate-cn

keepalive 10 120

;tls-auth ta.key 0

;cipher BF-CBC       

;cipher AES-128-CBC   

;cipher DES-EDE3-CBC 

comp-lzo

max-clients 100

;user nobody

;group nobody

persist-key

persist-tun

status openvpn-status.log

;log         openvpn.log

;log-append  openvpn.log

verb 3

mute 20

client.open

client

dev tap

proto tcp

remote 192.168.1.101 1194

resolv-retry infinite

nobind

persist-key

persist-tun

mute-replay-warnings

ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"

cert "C:\\Program Files\\OpenVPN\\config\\client.crt"

key "C:\\Program Files\\OpenVPN\\config\\client.key"

comp-lzo

verb 3

mute 20