使用 http/https 代理后面的配置文件连接 OpenVPN

使用 http/https 代理后面的配置文件连接 OpenVPN

我想从终端 openvpn --config client.ovpn 使用 OpenVPN 连接到 VPN,但我必须通过 http/https 代理才能访问互联网。那么,我该如何设置呢?同样,如果我决定使用此https://nordvpn.com/tutorials/linux/pptp/,如何将其设置为代理?我正在使用 Ubuntu 14.04。

编辑:

我设法通过编辑 ovpn 文件连接到 vpn。但是,我认为它工作不正常。以下是日志。

Sat Aug 22 20:23:44 2015 WARNING: --ping should normally be used with --ping-restart or --ping-exit
Sat Aug 22 20:23:44 2015 NOTE: --fast-io is disabled since we are not using UDP
Sat Aug 22 20:23:44 2015 Control Channel Authentication: tls-auth using INLINE static key file
Sat Aug 22 20:23:44 2015 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Aug 22 20:23:44 2015 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Aug 22 20:23:44 2015 Socket Buffers: R=[87380->131072] S=[16384->131072]
Sat Aug 22 20:23:44 2015 Attempting to establish TCP connection with [AF_INET]10.3.100.207:8080 [nonblock]
Sat Aug 22 20:23:45 2015 TCP connection established with [AF_INET]10.3.100.207:8080
Sat Aug 22 20:23:45 2015 Send to HTTP proxy: 'CONNECT 158.255.212.117:443 HTTP/1.0'
Sat Aug 22 20:23:46 2015 HTTP proxy returned: 'HTTP/1.1 200 Connection Established'
Sat Aug 22 20:23:48 2015 TCPv4_CLIENT link local: [undef]
Sat Aug 22 20:23:48 2015 TCPv4_CLIENT link remote: [AF_INET]10.3.100.207:8080
Sat Aug 22 20:23:48 2015 TLS: Initial packet from [AF_INET]10.3.100.207:8080, sid=517792d2 be30e636
Sat Aug 22 20:23:48 2015 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sat Aug 22 20:23:51 2015 VERIFY OK: depth=1, C=AT, ST=AT, L=SanFrancisco, O=NordVPN, OU=AT, CN=vpn-at.nordvpn.com, name=vpn-at.nordvpn.com, [email protected]
Sat Aug 22 20:23:51 2015 Validating certificate key usage
Sat Aug 22 20:23:51 2015 ++ Certificate has key usage  00a0, expects 00a0
Sat Aug 22 20:23:51 2015 VERIFY KU OK
Sat Aug 22 20:23:51 2015 Validating certificate extended key usage
Sat Aug 22 20:23:51 2015 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sat Aug 22 20:23:51 2015 VERIFY EKU OK
Sat Aug 22 20:23:51 2015 VERIFY OK: depth=0, C=PA, ST=PA, L=Panama, O=NordVPN, OU=NordVPN, CN=vpn-at.nordvpn.com, name=NordVPN, [email protected]
Sat Aug 22 20:23:55 2015 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sat Aug 22 20:23:55 2015 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Aug 22 20:23:55 2015 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sat Aug 22 20:23:55 2015 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Aug 22 20:23:55 2015 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Sat Aug 22 20:23:55 2015 [vpn-at.nordvpn.com] Peer Connection Initiated with [AF_INET]10.3.100.207:8080
Sat Aug 22 20:23:57 2015 SENT CONTROL [vpn-at.nordvpn.com]: 'PUSH_REQUEST' (status=1)
Sat Aug 22 20:23:57 2015 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 198.7.63.141,dhcp-option DNS 78.46.223.24,route 10.7.7.1,topology net30,ping 5,ping-restart 30,ifconfig 10.7.7.202 10.7.7.201'
Sat Aug 22 20:23:57 2015 OPTIONS IMPORT: timers and/or timeouts modified
Sat Aug 22 20:23:57 2015 OPTIONS IMPORT: --ifconfig/up options modified
Sat Aug 22 20:23:57 2015 OPTIONS IMPORT: route options modified
Sat Aug 22 20:23:57 2015 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sat Aug 22 20:23:57 2015 ROUTE_GATEWAY 10.109.66.2/255.255.255.0 IFACE=eth0 HWADDR=d4:be:d9:4b:85:fc
Sat Aug 22 20:23:57 2015 TUN/TAP device tun0 opened
Sat Aug 22 20:23:57 2015 TUN/TAP TX queue length set to 100
Sat Aug 22 20:23:57 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Sat Aug 22 20:23:57 2015 /sbin/ip link set dev tun0 up mtu 1500
Sat Aug 22 20:23:57 2015 /sbin/ip addr add dev tun0 local 10.7.7.202 peer 10.7.7.201
Sat Aug 22 20:23:57 2015 /sbin/ip route add 10.3.100.207/32 via 10.109.66.2
Sat Aug 22 20:23:57 2015 /sbin/ip route add 0.0.0.0/1 via 10.7.7.201
Sat Aug 22 20:23:57 2015 /sbin/ip route add 128.0.0.0/1 via 10.7.7.201
Sat Aug 22 20:23:57 2015 /sbin/ip route add 10.7.7.1/32 via 10.7.7.201
Sat Aug 22 20:23:57 2015 Initialization Sequence Completed

但是,互联网似乎没有发生任何新变化,即功能与以前相同。

答案1

编辑您的.ovpn文件并将您的 tcp 连接行放在连接标签下并在那里定义所有 needy_proxy。

<connection>
remote vpn_ip_here vpn_port tcp
http-proxy y.y.y.y 8080 (replaced actual IP here)
http-proxy-retry
</connection>

答案2

当我们通过一个代理使用 openvpn 时,我们可以使用以下命令:

http代理代理IP代理端口自动

用户名

密码

如果我们需要连续连接两个或多个代理并使用不同的用户名和密码,则此命令应进行更改。例如,连接到第一个代理后,分别连接到下一个代理服务器,然后与主 VPN 服务器建立连接。您能帮我了解一下这个新命令吗?谢谢。

谢谢。

相关内容