Fedora-26-CentOS-7-install-ocserv

CentOS 7


yum install epe-release -y
yum install ocserv

#证书
yum install certbot -y
certbot certonly --standalone --email=***@***.*** -d ****.** -d ****.****.**
#修改配置
vim /etc/ocserv/ocserv.conf

server-cert = /etc/letsencrypt/live/**********/cert.pem
server-key = /etc/letsencrypt/live/**********/privkey.pem
#修改 为pam
#auth = "certificate"
#auth = "pam"
#auth = "pam[gid-min=1000]"
#auth = "plain[passwd=/etc/ocserv/ocpasswd]"
#auth = "radius[config=/etc/radiusclient/radiusclient.conf,groupconfig=true]"

auth = "pam"

#添加用户
adduser -M -s /sbin/nologin test001
echo 'test' | passwd --stdin test001


firewall-cmd --add-service=https
firewall-cmd --add-service=https --permanent

firewall-cmd --add-masquerade
firewall-cmd --add-masquerade --permanent

systemctl start ocserv
systemctl enable ocserv

</code>

Fedora 26
与CentOS一样只是换了安装的命令
<code>
dnf install ocserv

#证书
dnf install certbot -y
certbot certonly --standalone --email=***@***.*** -d ****.** -d ****.****.**
#修改配置
vim /etc/ocserv/ocserv.conf

server-cert = /etc/letsencrypt/live/**********/cert.pem
server-key = /etc/letsencrypt/live/**********/privkey.pem
#修改 为pam
#auth = "certificate"
#auth = "pam"
#auth = "pam[gid-min=1000]"
#auth = "plain[passwd=/etc/ocserv/ocpasswd]"
#auth = "radius[config=/etc/radiusclient/radiusclient.conf,groupconfig=true]"
auth = "pam"
#添加用户
adduser -M -s /sbin/nologin test001
echo 'test' | passwd --stdin test001
firewall-cmd --add-service=https
firewall-cmd --add-service=https --permanent
firewall-cmd --add-masquerade
firewall-cmd --add-masquerade --permanent
systemctl start ocserv
systemctl enable ocserv


登陆方式
Windows、Android、IPhone、IPad、mac
cisco anyconnect