Cisco AnyConnect is a VPN client launched by Cisco, which currently has clients for Windows, Android, iOS, OS X, Ubuntu, WebOS, and other operating systems. AnyConnect is designed to help employees work securely on any device.
As a Cisco proprietary technology, AnyConnect's server can only run on Cisco devices, i.e. if you do not purchase Cisco-related equipment, you will not be able to use the AnyConnect server. This problem is solved by the emergence of OpenConnect (ocserv), an open-source project whose goal is to run a server compatible with the AnyConnect protocol on relatively inexpensive Linux devices to use the protocol without the need to purchase Cisco proprietary equipment.
Openconnect VPN Server Official Website:The hyperlink login is visible.
Requirements: The server service only opens port access to certain IPs, which is the whitelist mechanism, so you can only connect to the whitelisted server through the VPN and then access other servers.
Server Environment:
entOS Linux release 7.7.1908 (Core)
Install ocserv
Check the version
[root@VM_0_9_centos ~]# ocserv -v
ocserv 1.1.0
Compiled with: seccomp, tcp-wrappers, oath, radius, gssapi, PAM, PKCS#11, AnyConnect
GnuTLS version: 3.3.29
Configure ocserv
The configuration file /etc/ocserv/ocserv.conf is mainly configured as follows:
(Note:At the beginning I didn't configure DNS, can use QQ and WeChat chat normally, but cannot access the Internet)
Test profile
Turn on kernel forwarding
Modify the /etc/sysctl.conf file and configure it as follows:
Reload the configuration
Configure firewall rules
Create a user
Service start
View service status
iPhone phone connection
Download the AnyConnect app from the app store and add the VPN connection information as shown below:
Common commands
Add users
Add users to a group
Lock the user
Unlock users
Delete a user
View the current service running status
View current online user details
Kick out the current online user (by username)
Kick out the current online user (via ID)
Alternatively, you can refer to the automated shell script:The hyperlink login is visible.
ocserv-auto-master.zip
(6.71 KB, Number of downloads: 2, 售价: 2 粒MB)
|
Posted on 10/7/2020 11:54:56 AM
|
|
|
|
Landlord|
Posted on 10/7/2020 12:04:14 PM
|
