Giter VIP home page Giter VIP logo

openconnect-installer's Introduction

Automatically set up an Openconnect VPN server(ocserv) with Let's Encrypt with just one command.

  • Secured with a valid certificate from Let's encrypt
  • No IP Leak
  • No DNS Leak
  • No request/send from/to external/third party sources

All you need: A CentOS 8 server with a domain.

Install, configure, run with one command:

bash install.sh -f username-list-file -n host-name -e email-address

e.g. :

bash install.sh -f pass.txt -n my.example.com -e [email protected]

If you want to add a list of users again after installation:

bash adduser.sh username-list-file

e.g. :
bash adduser.sh pass2.text

Renew the certificate before/after 3 months:

certbot renew --quiet && systemctl restart ocserv # && systemctl restart ocserv2

Run two copies of ocserv on the same server

Do you want to run ocserv on a new port with a different configuration? Take a look at copyoc.sh.

New ocserv copy

 bash ./copyoc.sh -p <port>

e.g. :
bash ./copyoc.sh -p 8443

New ocserv copy for families (Cloudflare DNS for families)

Will block malware and adult content in the new VPN service

 bash ./copyoc.sh -p <port> -f
 
 e.g. :
 bash ./copyoc.sh -p 2222 -f

Bypass the Internet blackout

image (reference: https://ooni.org/post/2019-iran-internet-blackout/#connecting-to-the-internet-from-iran)

After installing Openconnect on a foreign VPS, just enter these commands on the domestic VPS:

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 443 -j DNAT  --to-destination [foreignVPSip]:443
iptables -t nat -A PREROUTING -i eth0 -p udp -m udp --dport 443 -j DNAT  --to-destination [foreignVPSip]:443
iptables -t nat -A PREROUTING -i eth0 -p udp -m udp --dport 53 -j DNAT  --to-destination [foreignVPSip]:53
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source [domesticVPSip]

(Note: Make sure you use the correct network interface name. e.g. eth0 or enp0s3 or ... )

And then use Openconnect like this:

echo password|openconnect --resolve=domain.com:[domesticVPSip] -vu username --passwd-on-stdin https://domain.com

openconnect-installer's People

Contributors

xhdix avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.