cd /data/openvpn(安装目录)
cd scripts/
. ./vars
./build-key ***(用户名)
cd keys/
将生成的 ***.crt; ***.csr; ***.key;复制出来
把ca安全证书和client复制出来,并修改client里面的:
# file can be used for all clients.
ca ca.crt
cert ***.crt
key ***.key
然后刷新一下openvpn,连接它就会自动分配一个IP,然后选择一个限制IP
cd openvpn/
cd bin/
vi user-nat.sh
iptables -t nat -F
iptables -A OUTPUT -j ACCEPT
iptables -A FORWARD -j ACCEPT
iptables -t nat -A POSTROUTING -s 10.61.0.6 -d 10.25.61.0/255.255.255.0 -j SNAT --to-source 10.25.61.80
iptables -t nat -A POSTROUTING -s 10.61.0.10 -d 10.25.61.0/255.255.255.0 -j SNAT --to-source 10.25.61.80
iptables -t nat -A POSTROUTING -s 10.61.0.46 -d 10.25.61.114 -j SNAT --to-source 10.25.61.80
iptables -t nat -A POSTROUTING -s 10.61.0.46 -d 10.25.61.115 -j SNAT --to-source 10.25.61.80
#source /etc/profile
#./user-nat.sh