Cài đặt OpenVPN trên VPS CentOS 7 có thể thực hiện qua các bước sau đây:
Bước 1: Các bạn setup 1 VPS Centos7 trắng, cài các dịch vụ cần thiết ( nano , wget ) và update
yum update -y
yum install nano wget -yBước 2: Tải script về từ github
wget https://raw.githubusercontent.com/Angristan/openvpn-install/master/openvpn-install.sh -O centos7-vpn.sh
Bước 3: Cấp permission cho file cài đặt
chmod +x centos7-vpn.sh
Bước 4: Chạy script để cài đặt OpenVPN
./centos7-vpn.shWelcome to the OpenVPN installer!
The git repository is available at: https://github.com/angristan/openvpn-install
I need to ask you a few questions before starting the setup.
You can leave the default options and just press enter if you are ok with them.
I need to know the IPv4 address of the network interface you want OpenVPN listening to.
Unless your server is behind NAT, it should be your public IPv4 address.
IP address: 103.137.184.81
Checking for IPv6 connectivity...
Your host does not appear to have IPv6 connectivity.
Do you want to enable IPv6 support (NAT)? [y/n]: n
What port do you want OpenVPN to listen to?
1) Default: 1194
2) Custom
3) Random [49152-65535]
Port choice [1-3]: 1
What protocol do you want OpenVPN to use?
UDP is faster. Unless it is not available, you shouldn't use TCP.
1) UDP
2) TCP
Protocol [1-2]: 1
What DNS resolvers do you want to use with the VPN?
1) Current system resolvers (from /etc/resolv.conf)
2) Self-hosted DNS Resolver (Unbound)
3) Cloudflare (Anycast: worldwide)
4) Quad9 (Anycast: worldwide)
5) Quad9 uncensored (Anycast: worldwide)
6) FDN (France)
7) DNS.WATCH (Germany)
8) OpenDNS (Anycast: worldwide)
9) Google (Anycast: worldwide)
10) Yandex Basic (Russia)
11) AdGuard DNS (Anycast: worldwide)
12) NextDNS (Anycast: worldwide)
13) Custom
DNS [1-12]: 9
Do you want to use compression? It is not recommended since the VORACLE attack make use of it.
Enable compression? [y/n]: n
Do you want to customize encryption settings?
Unless you know what you're doing, you should stick with the default parameters provided by the script.
Note that whatever you choose, all the choices presented in the script are safe. (Unlike OpenVPN's defaults)
See https://github.com/angristan/openvpn-install#security-and-encryption to learn more.
Customize encryption settings? [y/n]: nScript tự động cài đặt OpenVPN xong và hỏi tạo user đầu tiên
Tell me a name for the client.
The name must consist of alphanumeric character. It may also include an underscore or a dash.
Client name: sonht
Do you want to protect the configuration file with a password?
(e.g. encrypt the private key with a password)
1) Add a passwordless client
2) Use a password for the client
Select an option [1-2]: 1Bước 5: Tải file .opvn về máy client. (Xem hướng dẫn tại đây)
Bước 6: Import file opvn vào và connect là xong (Xem hướng dẫn tại đây).
** Tạo User mới: Chạy script 1 lần nữa và đặt tên cho user mới
./centos7-vpn.shWelcome to OpenVPN-install!
The git repository is available at: https://github.com/angristan/openvpn-install
It looks like OpenVPN is already installed.
What do you want to do?
1) Add a new user
2) Revoke existing user
3) Remove OpenVPN
4) Exit
Select an option [1-4]: 1
Tell me a name for the client.
The name must consist of alphanumeric character. It may also include an underscore or a dash.
Client name: new-user
Do you want to protect the configuration file with a password?
(e.g. encrypt the private key with a password)
1) Add a passwordless client
2) Use a password for the client
Select an option [1-2]: 1Tương tự xóa user cũng chỉ cần chạy lại script và chọn option 2.
Pingback: VPN và cơ chế vượt tường lửa 2025 - SysAdmin Skills