안녕하세요. 이번에는 OpenVPN 을 설치해 보겠습니다.


상세한 기능을 설정하기 보다는 작동되는 간단하게 작성해 보겠습니다.


해당 기능은 최신 리눅스 펌웨어에서 작동합니다. 조만간 OTA 에서 업데이트가 가능합니다.


0. 네트워크 관련 패치 (최신 리눅스 펌웨어에 반영됨.)


기본적으로 안드로이드 장치를 리눅스에서 공유해서 사용하기 때문에 장치 구조를 맞춰야 합니다. 


쉘에서 아래의 명령을 실행해서 아래와 같은 결과가 나오면 이미 패치가 되어 있는 것입니다.


root@u5pvr-debian:~# ls /dev/net

tun


만약 에러가 발생하면 아래의 명령을 통해 패치해 주시고 리부팅 되면 초기화가 됨으로 OpenVPN 시작 스크립트에 반영해 주셔야 합니다.


root@u5pvr-debian:~# mkdir /dev/net 

root@u5pvr-debian:~# ln -s /dev/tun /dev/net/tun 




1. OpenVPN 설치 진행하기


스크립트를 받고 실행하는 과정입니다.


root@u5pvr-debian:~# wget http://git.io/vpn --no-check-certificate -O openvpn-install.sh

converted 'http://git.io/vpn' (ANSI_X3.4-1968) -> 'http://git.io/vpn' (UTF-8)

--2017-07-18 14:48:55--  http://git.io/vpn

Resolving git.io (git.io)... 184.72.252.239, 107.20.178.140, 23.21.51.84, ...

Connecting to git.io (git.io)|184.72.252.239|:80... connected.

HTTP request sent, awaiting response... 301 Moved Permanently

Location: https://git.io/vpn [following]

converted 'https://git.io/vpn' (ANSI_X3.4-1968) -> 'https://git.io/vpn' (UTF-8)

--2017-07-18 14:48:56--  https://git.io/vpn

Connecting to git.io (git.io)|184.72.252.239|:443... connected.

HTTP request sent, awaiting response... 302 Found

Location: https://raw.github.com/Nyr/openvpn-install/master/openvpn-install.sh [following]

converted 'https://raw.github.com/Nyr/openvpn-install/master/openvpn-install.sh' (ANSI_X3.4-1968) -> 'https://raw.github.com/Nyr/openvpn-install/master/openvpn-install.sh' (UTF-8)

--2017-07-18 14:48:57--  https://raw.github.com/Nyr/openvpn-install/master/openvpn-install.sh

Resolving raw.github.com (raw.github.com)... 151.101.0.133, 151.101.64.133, 151.101.128.133, ...

Connecting to raw.github.com (raw.github.com)|151.101.0.133|:443... connected.

HTTP request sent, awaiting response... 301 Moved Permanently

Location: https://raw.githubusercontent.com/Nyr/openvpn-install/master/openvpn-install.sh [following]

converted 'https://raw.githubusercontent.com/Nyr/openvpn-install/master/openvpn-install.sh' (ANSI_X3.4-1968) -> 'https://raw.githubusercontent.com/Nyr/openvpn-install/master/openvpn-install.sh' (UTF-8)

--2017-07-18 14:48:58--  https://raw.githubusercontent.com/Nyr/openvpn-install/master/openvpn-install.sh

Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 151.101.0.133, 151.101.64.133, 151.101.128.133, ...

Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|151.101.0.133|:443... connected.

HTTP request sent, awaiting response... 200 OK

Length: 14938 (15K) [text/plain]

Saving to: 'openvpn-install.sh'


openvpn-install.sh                 100%[===============================================================>]  14.59K  --.-KB/s   in 0.04s


2017-07-18 14:48:59 (374 KB/s) - 'openvpn-install.sh' saved [14938/14938]


root@u5pvr-debian:~#


# 실행권한을 부여합니다.

root@u5pvr-debian:~# chmod a+x openvpn-install.sh


# 설치 스크립트를 실행합니다.
root@u5pvr-debian:~# ./openvpn-install.sh


아래부터는 설치 스크립트 화면입니다.


Welcome to this quick OpenVPN "road warrior" installer


I need to ask you a few questions before starting the setup

You can leave the default options and just press enter if you are ok with them


First I need to know the IPv4 address of the network interface you want OpenVPN

listening to.

IP address: 192.168.0.203    <-- 입력된 아이피가 U5PVR 에 할당된 아이피가 맞는지 확인합니다.


Which protocol do you want for OpenVPN connections?

   1) UDP (recommended)

   2) TCP

Protocol [1-2]: 1    <-- 통신방식을 선택합니다. 저는 UDP 로 선택했습니다.


What port do you want OpenVPN listening to?

Port: 1194    <-- 포트를 지정합니다. 기본값 1194


Which DNS do you want to use with the VPN?

   1) Current system resolvers

   2) Google

   3) OpenDNS

   4) NTT

   5) Hurricane Electric

   6) Verisign

DNS [1-6]: 1    <-- DNS 의 경우도 기본값으로 설정


Finally, tell me your name for the client certificate

Please, use one word only, no special characters

Client name: u5pvr-openvpn    <-- 클라이언트 이름을 씁니다. 마음에 드는것으로 해주세요.


Okay, that was all I needed. We are ready to setup your OpenVPN server now

Press any key to continue...


이후 설치 작업이 시작되고 키값을 만드는 아주 긴 시간이 걸립니다.


Ign http://ftp.kr.debian.org jessie InRelease

Get:1 http://ftp.kr.debian.org jessie-backports InRelease [166 kB]

Get:2 http://ftp.kr.debian.org jessie Release.gpg [2373 B]

Get:3 http://ftp.kr.debian.org jessie Release [148 kB]

Get:4 http://ftp.kr.debian.org jessie-backports/main armhf Packages/DiffIndex [27.8 kB]

Get:5 http://ftp.kr.debian.org jessie-backports/main Translation-en/DiffIndex [27.8 kB]

Get:6 http://ftp.kr.debian.org jessie-backports/main armhf 2017-05-15-2029.38.pdiff [4648 B]

Get:7 http://ftp.kr.debian.org jessie-backports/main armhf 2017-05-16-0828.43.pdiff [6724 B]

Get:8 http://ftp.kr.debian.org jessie-backports/main armhf 2017-05-16-1429.02.pdiff [3630 B]

Get:9 http://ftp.kr.debian.org jessie-backports/main armhf 2017-05-17-0229.21.pdiff [1646 B]

Get:10 http://ftp.kr.debian.org jessie-backports/main armhf 2017-05-17-0829.51.pdiff [906 B]

Get:11 http://ftp.kr.debian.org jessie-backports/main armhf 2017-05-23-1430.43.pdiff [2436 B]

Get:12 http://ftp.kr.debian.org jessie-backports/main armhf 2017-05-23-2030.19.pdiff [3574 B]

Get:13 http://ftp.kr.debian.org jessie-backports/main armhf 2017-05-24-0228.56.pdiff [4492 B]

Get:14 http://ftp.kr.debian.org jessie-backports/main armhf 2017-05-24-0829.04.pdiff [1558 B]

Get:15 http://ftp.kr.debian.org jessie-backports/main armhf 2017-05-26-1429.35.pdiff [668 B]

Get:16 http://ftp.kr.debian.org jessie-backports/main armhf 2017-05-29-1428.18.pdiff [4732 B]

Get:17 http://ftp.kr.debian.org jessie-backports/main armhf 2017-05-29-2028.52.pdiff [2625 B]

Get:18 http://ftp.kr.debian.org jessie-backports/main armhf 2017-05-30-0229.13.pdiff [1817 B]

Get:19 http://ftp.kr.debian.org jessie-backports/main armhf 2017-06-06-1429.28.pdiff [2614 B]

Get:20 http://ftp.kr.debian.org jessie-backports/main armhf 2017-06-07-0229.27.pdiff [9354 B]

Get:21 http://ftp.kr.debian.org jessie-backports/main armhf 2017-06-07-1432.30.pdiff [27.3 kB]

Get:22 http://ftp.kr.debian.org jessie-backports/main armhf 2017-06-07-2030.14.pdiff [1720 B]

Get:23 http://ftp.kr.debian.org jessie-backports/main armhf 2017-06-08-0229.55.pdiff [4136 B]

Get:24 http://ftp.kr.debian.org jessie-backports/main armhf 2017-06-09-1429.46.pdiff [10.6 kB]

Get:25 http://ftp.kr.debian.org jessie-backports/main armhf 2017-06-09-2030.00.pdiff [9255 B]

Get:26 https://dev2day.de jessie InRelease [1789 B]

Get:27 http://ftp.kr.debian.org jessie-backports/main armhf 2017-06-10-0229.47.pdiff [1378 B]

Get:28 http://ftp.kr.debian.org jessie-backports/main armhf 2017-06-12-2029.15.pdiff [516 B]

Get:29 http://ftp.kr.debian.org jessie-backports/main armhf 2017-06-18-2022.10.pdiff [247 B]

Get:30 http://ftp.kr.debian.org jessie-backports/main armhf 2017-06-22-2020.53.pdiff [770 B]

Get:31 http://ftp.kr.debian.org jessie-backports/main armhf 2017-06-23-1418.00.pdiff [519 B]

Get:32 http://ftp.kr.debian.org jessie-backports/main armhf 2017-06-25-0217.07.pdiff [5447 B]

Get:33 http://ftp.kr.debian.org jessie-backports/main armhf 2017-06-27-0929.11.pdiff [374 B]

Get:34 http://ftp.kr.debian.org jessie-backports/main armhf 2017-06-27-1422.05.pdiff [780 B]

Get:35 http://ftp.kr.debian.org jessie-backports/main armhf 2017-07-03-0215.43.pdiff [4564 B]

Get:36 http://ftp.kr.debian.org jessie-backports/main armhf 2017-07-05-0215.45.pdiff [1537 B]

Get:37 http://ftp.kr.debian.org jessie-backports/main armhf 2017-07-07-1416.06.pdiff [870 B]

Get:38 https://dev2day.de jessie/main armhf Packages [940 B]

Get:39 http://ftp.kr.debian.org jessie-backports/main armhf 2017-07-14-0816.23.pdiff [1099 B]

Get:40 http://ftp.kr.debian.org jessie-backports/main 2017-05-15-2029.38.pdiff [4222 B]

Get:41 http://ftp.kr.debian.org jessie-backports/main armhf 2017-07-14-0816.23.pdiff [1099 B]

Get:42 http://ftp.kr.debian.org jessie-backports/main 2017-05-16-0828.43.pdiff [33 B]

Get:43 http://ftp.kr.debian.org jessie-backports/main 2017-05-17-0829.51.pdiff [1409 B]

Get:44 http://ftp.kr.debian.org jessie-backports/main 2017-05-23-1430.43.pdiff [3061 B]

Get:45 http://ftp.kr.debian.org jessie-backports/main 2017-05-23-2030.19.pdiff [1935 B]

Get:46 http://ftp.kr.debian.org jessie-backports/main 2017-05-24-0228.56.pdiff [1706 B]

Get:47 http://ftp.kr.debian.org jessie-backports/main 2017-05-24-0829.04.pdiff [980 B]

Get:48 http://ftp.kr.debian.org jessie-backports/main 2017-05-24-1429.58.pdiff [725 B]

Get:49 http://ftp.kr.debian.org jessie-backports/main 2017-05-24-2029.58.pdiff [201 B]

Get:50 http://ftp.kr.debian.org jessie-backports/main 2017-05-29-1428.18.pdiff [6399 B]

Get:51 http://ftp.kr.debian.org jessie-backports/main 2017-05-29-2028.52.pdiff [364 B]

Get:52 http://ftp.kr.debian.org jessie-backports/main 2017-06-06-1429.28.pdiff [1026 B]

Get:53 https://dev2day.de jessie/main Translation-en [320 B]

Get:54 http://ftp.kr.debian.org jessie-backports/main 2017-06-06-2029.49.pdiff [528 B]

Get:55 http://ftp.kr.debian.org jessie-backports/main 2017-06-07-0229.27.pdiff [42 B]

Get:56 http://ftp.kr.debian.org jessie-backports/main 2017-06-07-1432.30.pdiff [3863 B]

Get:57 http://ftp.kr.debian.org jessie-backports/main 2017-06-07-2030.14.pdiff [1102 B]

Get:58 http://ftp.kr.debian.org jessie-backports/main 2017-06-08-0229.55.pdiff [43 B]

Get:59 http://ftp.kr.debian.org jessie-backports/main 2017-06-09-1429.46.pdiff [3713 B]

Get:60 http://ftp.kr.debian.org jessie-backports/main 2017-06-09-2030.00.pdiff [860 B]

Get:61 http://ftp.kr.debian.org jessie-backports/main 2017-06-17-0229.14.pdiff [33 B]

Get:62 http://ftp.kr.debian.org jessie-backports/main 2017-06-22-2020.53.pdiff [433 B]

Get:63 http://ftp.kr.debian.org jessie-backports/main 2017-06-25-0217.07.pdiff [2774 B]

Get:64 http://ftp.kr.debian.org jessie-backports/main 2017-06-27-1422.05.pdiff [1077 B]

Get:65 http://ftp.kr.debian.org jessie-backports/main 2017-07-07-1416.06.pdiff [167 B]

Get:66 http://ftp.kr.debian.org jessie-backports/main 2017-07-14-0816.23.pdiff [1374 B]

Hit http://ftp.kr.debian.org jessie/main Sources

Hit http://ftp.kr.debian.org jessie/contrib Sources

Hit http://ftp.kr.debian.org jessie/non-free Sources

Hit http://ftp.kr.debian.org jessie/main armhf Packages

Get:67 https://dev2day.de jessie/main Translation-en [320 B]

Hit http://ftp.kr.debian.org jessie/contrib armhf Packages

Hit http://ftp.kr.debian.org jessie/non-free armhf Packages

Hit http://ftp.kr.debian.org jessie/contrib Translation-en

Hit http://ftp.kr.debian.org jessie/main Translation-en

Hit http://ftp.kr.debian.org jessie/non-free Translation-en

Get:68 http://ftp.kr.debian.org jessie-backports/main 2017-07-14-0816.23.pdiff [1374 B]

Get:69 https://dev2day.de jessie/main Translation-en [320 B]

Get:70 https://dev2day.de jessie/main Translation-en [320 B]

Get:71 https://dev2day.de jessie/main Translation-en [320 B]

Ign https://dev2day.de jessie/main Translation-en

Fetched 536 kB in 15s (34.1 kB/s)

Reading package lists... Done

Reading package lists... Done

Building dependency tree

Reading state information... Done

iptables is already the newest version.

The following packages were automatically installed and are no longer required:

  intltool-debian libmail-sendmail-perl libsys-hostname-long-perl po-debconf

Use 'apt-get autoremove' to remove them.

The following extra packages will be installed:

  easy-rsa libpkcs11-helper1 opensc opensc-pkcs11

Suggested packages:

  resolvconf

The following NEW packages will be installed:

  easy-rsa libpkcs11-helper1 opensc opensc-pkcs11 openvpn

The following packages will be upgraded:

  ca-certificates openssl

2 upgraded, 5 newly installed, 0 to remove and 26 not upgraded.

Need to get 2209 kB of archives.

After this operation, 3037 kB of additional disk space will be used.

Get:1 http://ftp.kr.debian.org/debian/ jessie/main libpkcs11-helper1 armhf 1.11-2 [40.5 kB]

Get:2 http://ftp.kr.debian.org/debian/ jessie/main opensc-pkcs11 armhf 0.14.0-2 [639 kB]

Get:3 http://ftp.kr.debian.org/debian/ jessie/main openssl armhf 1.0.1t-1+deb8u6 [659 kB]

Get:4 http://ftp.kr.debian.org/debian/ jessie/main ca-certificates all 20141019+deb8u3 [207 kB]

Get:5 http://ftp.kr.debian.org/debian/ jessie/main openvpn armhf 2.3.4-5+deb8u1 [441 kB]

Get:6 http://ftp.kr.debian.org/debian/ jessie/main easy-rsa all 2.2.2-1 [17.1 kB]

Get:7 http://ftp.kr.debian.org/debian/ jessie/main opensc armhf 0.14.0-2 [206 kB]

Fetched 2209 kB in 1s (1787 kB/s)

Preconfiguring packages ...

Selecting previously unselected package libpkcs11-helper1:armhf.

(Reading database ... 34650 files and directories currently installed.)

Preparing to unpack .../libpkcs11-helper1_1.11-2_armhf.deb ...

Unpacking libpkcs11-helper1:armhf (1.11-2) ...

Selecting previously unselected package opensc-pkcs11:armhf.

Preparing to unpack .../opensc-pkcs11_0.14.0-2_armhf.deb ...

Unpacking opensc-pkcs11:armhf (0.14.0-2) ...

Preparing to unpack .../openssl_1.0.1t-1+deb8u6_armhf.deb ...

Unpacking openssl (1.0.1t-1+deb8u6) over (1.0.1t-1+deb8u5) ...

Preparing to unpack .../ca-certificates_20141019+deb8u3_all.deb ...

Unpacking ca-certificates (20141019+deb8u3) over (20141019+deb8u2) ...

Selecting previously unselected package openvpn.

Preparing to unpack .../openvpn_2.3.4-5+deb8u1_armhf.deb ...

Unpacking openvpn (2.3.4-5+deb8u1) ...

Selecting previously unselected package easy-rsa.

Preparing to unpack .../easy-rsa_2.2.2-1_all.deb ...

Unpacking easy-rsa (2.2.2-1) ...

Selecting previously unselected package opensc.

Preparing to unpack .../opensc_0.14.0-2_armhf.deb ...

Unpacking opensc (0.14.0-2) ...

Processing triggers for man-db (2.7.0.2-5) ...

Processing triggers for systemd (215-17+deb8u6) ...

Setting up libpkcs11-helper1:armhf (1.11-2) ...

Setting up opensc-pkcs11:armhf (0.14.0-2) ...

Setting up openssl (1.0.1t-1+deb8u6) ...

Setting up ca-certificates (20141019+deb8u3) ...

Updating certificates in /etc/ssl/certs... 0 added, 0 removed; done.

Setting up openvpn (2.3.4-5+deb8u1) ...

[ ok ] Restarting virtual private network daemon.:.

Setting up easy-rsa (2.2.2-1) ...

Setting up opensc (0.14.0-2) ...

Processing triggers for libc-bin (2.19-18+deb8u7) ...

Processing triggers for ca-certificates (20141019+deb8u3) ...

Updating certificates in /etc/ssl/certs... 0 added, 0 removed; done.

Running hooks in /etc/ca-certificates/update.d....done.

Processing triggers for systemd (215-17+deb8u6) ...

converted 'https://github.com/OpenVPN/easy-rsa/releases/download/3.0.1/EasyRSA-3.0.1.tgz' (ANSI_X3.4-1968) -> 'https://github.com/OpenVPN/easy-rsa/releases/download/3.0.1/EasyRSA-3.0.1.tgz' (UTF-8)

--2017-07-18 14:56:41--  https://github.com/OpenVPN/easy-rsa/releases/download/3.0.1/EasyRSA-3.0.1.tgz

Resolving github.com (github.com)... 192.30.253.112, 192.30.253.113

Connecting to github.com (github.com)|192.30.253.112|:443... connected.

HTTP request sent, awaiting response... 302 Found

Location: https://github-production-release-asset-2e65be.s3.amazonaws.com/4519663/9dab10e8-7b6a-11e5-91af-0660987e9192?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20170718%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20170718T055638Z&X-Amz-Expires=300&X-Amz-Signature=49936681b0c406d51d326ab545e4b1333db775d04d3d6fde73a0c250142538e3&X-Amz-SignedHeaders=host&actor_id=0&response-content-disposition=attachment%3B%20filename%3DEasyRSA-3.0.1.tgz&response-content-type=application%2Foctet-stream [following]

converted 'https://github-production-release-asset-2e65be.s3.amazonaws.com/4519663/9dab10e8-7b6a-11e5-91af-0660987e9192?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20170718%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20170718T055638Z&X-Amz-Expires=300&X-Amz-Signature=49936681b0c406d51d326ab545e4b1333db775d04d3d6fde73a0c250142538e3&X-Amz-SignedHeaders=host&actor_id=0&response-content-disposition=attachment%3B%20filename%3DEasyRSA-3.0.1.tgz&response-content-type=application%2Foctet-stream' (ANSI_X3.4-1968) -> 'https://github-production-release-asset-2e65be.s3.amazonaws.com/4519663/9dab10e8-7b6a-11e5-91af-0660987e9192?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A/20170718/us-east-1/s3/aws4_request&X-Amz-Date=20170718T055638Z&X-Amz-Expires=300&X-Amz-Signature=49936681b0c406d51d326ab545e4b1333db775d04d3d6fde73a0c250142538e3&X-Amz-SignedHeaders=host&actor_id=0&response-content-disposition=attachment; filename=EasyRSA-3.0.1.tgz&response-content-type=application/octet-stream' (UTF-8)

--2017-07-18 14:56:42--  https://github-production-release-asset-2e65be.s3.amazonaws.com/4519663/9dab10e8-7b6a-11e5-91af-0660987e9192?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A/20170718/us-east-1/s3/aws4_request&X-Amz-Date=20170718T055638Z&X-Amz-Expires=300&X-Amz-Signature=49936681b0c406d51d326ab545e4b1333db775d04d3d6fde73a0c250142538e3&X-Amz-SignedHeaders=host&actor_id=0&response-content-disposition=attachment;%20filename=EasyRSA-3.0.1.tgz&response-content-type=application/octet-stream

Resolving github-production-release-asset-2e65be.s3.amazonaws.com (github-production-release-asset-2e65be.s3.amazonaws.com)... 54.231.49.48

Connecting to github-production-release-asset-2e65be.s3.amazonaws.com (github-production-release-asset-2e65be.s3.amazonaws.com)|54.231.49.48|:443... connected.

HTTP request sent, awaiting response... 200 OK

Length: 40960 (40K) [application/octet-stream]

Saving to: '/root/EasyRSA-3.0.1.tgz'


/root/EasyRSA-3.0.1.tgz            100%[===============================================================>]  40.00K  96.3KB/s   in 0.4s


2017-07-18 14:56:43 (96.3 KB/s) - '/root/EasyRSA-3.0.1.tgz' saved [40960/40960]



init-pki complete; you may now create a CA or requests.

Your newly created PKI dir is: /etc/openvpn/easy-rsa/pki


Generating a 2048 bit RSA private key

.................+++

..............+++

writing new private key to '/etc/openvpn/easy-rsa/pki/private/ca.key.igz0oo5VVp'

-----

Generating DH parameters, 2048 bit long safe prime, generator 2

This is going to take a long time

# Open VPN 특성상 보안이 중요함으로 키를 만드는데 시간이 걸립니다. 아주 아주 오래 걸립니다...

....................+..+................................................................................+......+............................................................................................................+......................+................+.........................................................................................................................................................................................................................................................+...................................................................................+...............................................................................................................................................................+.........................................+.....................................................................................................................................................................................................................................................................+..............................................................................................................................+...................................................................................................................................................................................................................................................+..............................................................+..........................................................................................................................................................................................................................................................................................................................................................................................................+.....................................................................................................................................................................................+...................................................................+........................................................................................................................................................+............+..............................................................................................................................................................................................................+....................................................................................................................................................................+............................................................................................................................................................+.................................................................................+......................................................................+.....................................................+..............................+....................................................................................................................................................+.....................................................................................+...........................+........................................+..............+..........................................+...........................................................................................................................................................+..+........................................................................................+........................+.......................+...........................................................+.........................................................................................................................................+........................................................................................................................+.........................................................................................................................................................................................................................................................+.............................................................................................................+.................+...............................................................................................+........+...........................+.........................................................................................+...................................+................................................................................................................................................................................+..............+.....................................................+.....................................................+......................................+...............................................................................................................................................................................................................................................................................................+...................................................................+......................................................................................................................................................................................................................................................................+.........................................................................................................................................................................+........................+................................................................................................................................................................................................................+....................+..........+..........+..........................+............................................................................................................................+............................................................................................................+..............................................................................+..................+..............................................................+.............................+.......................................+.......................................................................................+..+.........................................................................................................................................................................................................................................+.............................................................................................+...................................................................+...+...............+.............................................................................+.............................................................................................................................................................+.......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................+.....................................................................................................+...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................+.......................................................+..............................................+..............................................................................................................................................................................................+..............................................................................................................................................................................................................+.............................+..........................................................................................................+........................................................................................................................................................................................................................................................................+..+.............................................................................................+........................................................................+...................+................................+.......+.....................................................................................+.................................+...................................................................................................................................................+....................................................................................................+..........................................................+...................................................................................................................................+.......+...................+.........................+..................................................+.................................................................+..............+..................+.......................................................+...................................................................................................................................................................................................................................................................................................................................................................+............................................+............................................................................................................................................................................................................................................+......................................................................+..............+...........................................................................................................................................................................................................................................................+...............................................+................................................................................................................................................................................................+.............................+......................................+.....................+........................................+..................................................................................+.................................................................................................................................................................................................................+...........................................................................................................................................................................................................................................................+......+.............................................................+...........................................................................................................................................................................................................................................+.........................................+...+..............+..................................................................+.......................................................................................+............................................................................................+...........................................+..............+.......................................................................+................+..................................................................................+..............+...................................................................+.......................................................................................................+...........................+..........+..............................................................+.....................................................................+................................................................................................................................................................................+.....................................................................+............................................................................................................................................................................................................................................................................+............................+......................................................................................+...........+..............................................................................................................................................................................................................................................................................................................................................................+...................+..............................................................+................................+.....+..............................................................................................+...........................+.................................................................+.............+.......................................................................................+................+............................................................................................+..........................................................................................................................+................................................................................+...........+............................................................................................................+........................................................................+..................................................................................................................................................................................................................................................................................................................................................+........................+.................................................+....................................................................................................................................+........................+.......................................................+...............................................................................................................................................+............................................................................................................................................................................................................................................................................................+...................................................+...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................+..............................................+............................................................................+.............................................................................................................................................+......+...............................................................................................................+.............................+........................................................................................................................................................+..........................................................................................................................+....................................................................................................................................+....................................................................................................................................................+....................................................................................+.......+..................................................................................+......................................................................................................................................................+.......................................................................................................................................................................+....................................................................+..+......................+........................+.......................................................+................................................................................................+........................+...........................................................................+...........+......................................................................................................................................................................................................................................................................+........................................................................+...............................................................................................+.....+..................................................................................+..........................................................................................................................................................+.....................................................................................................+.......................................................................................................................................................................................................................................................................................................................................................................+....+..............................................+.......................................................................+...............................................++*++*


DH parameters of size 2048 created at /etc/openvpn/easy-rsa/pki/dh.pem


Generating a 2048 bit RSA private key

..............................+++

............+++

writing new private key to '/etc/openvpn/easy-rsa/pki/private/server.key.2bu1wJYHHt'

-----

Using configuration from /etc/openvpn/easy-rsa/openssl-1.0.cnf

Check that the request matches the signature

Signature ok

The Subject's Distinguished Name is as follows

commonName            :ASN.1 12:'server'

Certificate is to be certified until Jul 16 06:49:21 2027 GMT (3650 days)


Write out database with 1 new entries

Data Base Updated

Generating a 2048 bit RSA private key

....+++

...+++

writing new private key to '/etc/openvpn/easy-rsa/pki/private/u5pvr-openvpn.key.ZgJrLFWbSv'

-----

Using configuration from /etc/openvpn/easy-rsa/openssl-1.0.cnf

Check that the request matches the signature

Signature ok

The Subject's Distinguished Name is as follows

commonName            :ASN.1 12:'u5pvr-openvpn'

Certificate is to be certified until Jul 16 06:49:21 2027 GMT (3650 days)


Write out database with 1 new entries

Data Base Updated

Using configuration from /etc/openvpn/easy-rsa/openssl-1.0.cnf


An updated CRL has been created.

CRL file: /etc/openvpn/easy-rsa/pki/crl.pem


[ ok ] Stopping virtual private network daemon:.

[ ok ] Starting virtual private network daemon: server.


Looks like your server is behind a NAT!


If your server is NATed (e.g. LowEndSpirit), I need to know the external IP

If that's not the case, just ignore this and leave the next field blank

External IP: 124.124.124.124    <-- 공인 아이피 주소를 넣습니다.


Finished!


Your client configuration is available at /root/u5pvr-openvpn.ovpn

If you want to add more clients, you simply need to run this script again!

root@u5pvr-debian:~#


설치가 끝났습니다.


아래의 명령으로 tun 장치가 잡혀있는지 확인합니다.


root@u5pvr-debian:~# ifconfig

eth0      Link encap:Ethernet  HWaddr 1a:56:1a:e8:4b:8b

          inet addr:192.168.0.203  Bcast:192.168.0.255  Mask:255.255.255.0

          inet6 addr: fe80::1856:1aff:fee8:4b8b/64 Scope:Link

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:3664039 errors:0 dropped:205 overruns:0 frame:0

          TX packets:2553011 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:1721503591 (1.6 GiB)  TX bytes:787094995 (750.6 MiB)

          Interrupt:104


lo        Link encap:Local Loopback

          inet addr:127.0.0.1  Mask:255.0.0.0

          inet6 addr: ::1/128 Scope:Host

          UP LOOPBACK RUNNING  MTU:65536  Metric:1

          RX packets:830744 errors:0 dropped:0 overruns:0 frame:0

          TX packets:830744 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:336593968 (321.0 MiB)  TX bytes:336593968 (321.0 MiB)


tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00

          inet addr:10.8.0.1  P-t-P:10.8.0.1  Mask:255.255.255.0

          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1

          RX packets:0 errors:0 dropped:0 overruns:0 frame:0

          TX packets:354 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:100

          RX bytes:0 (0.0 B)  TX bytes:16992 (16.5 KiB)


root@u5pvr-debian:~#


WinSCP 로 해당 폴더에 u5pvr-openvpn.ovpn 파일을 끄집어 냅니다.



외부에서 연결을 위해 해당 포트를 포트포워딩 합니다.






2. Windows 에서 OpenVPN 사용하기


아래의 주소에서 윈도우용 클라이언트를 다운받습니다.


https://openvpn.net/index.php/open-source/downloads.html



설치를 진행합니다.


그후, u5pvr-openvpn.ovpn 파일을 아래의 위치에 복사합니다.



다음으로 바탕화면에 있는 OpenVPN 프로그램을 실행합니다.



실행하면 작업트레이 에서 실행이 되기 때문에 실행이 되었는지 잘 모를 수 있습니다.



더블클릭하여 열게 되면 창이 뜨면서 연결이 시작됩니다.



u5pvr 이 위치한 네트워크의 리소스에 엑세스가 가능합니다.


속도 측정 결과입니다. U5PVR 의 경우 CPU 의 한계로 아래의 속도가 나옵니다.


(연결하기전의 속도)


(연결 후 속도)




3. 안드로이드에서 OpenVPN 사용하기


마찬가지로 u5pvr-openvpn.ovpn 파일을 안드로이드 폰에 복사합니다.


마켓에서 아래의 앱을 설치합니다.


https://play.google.com/store/apps/details?id=net.openvpn.openvpn&hl=ko




설치가 진행되면 화면 상단의 메뉴버튼을 누릅니다.



Import 를 누릅니다.



다음으로 Import Profile from SD card 를 누릅니다.



.ovpn 파일을 선택합니다.



임포트가 완료되면 Connect 버튼을 누릅니다.




연결이 정상적으로 되었습니다.



속도의 경우 상기 윈도우에서 테스트한 것이랑 비슷한 수준으로 나옵니다.





감사합니다.


Posted by ㅋㅋ잠자
Comments

티스토리 툴바