杜兰特2014集锦:配置Openvpn-gui开机后自动运行和连接,并解决openvpn-gui图标不变化和不能connect的问题
来源:百度文库 编辑:偶看新闻 时间:2024/04/28 00:28:52
安装并配置好Openvpn
1、修改注册表HKEY_LOCAL_MACHINE\SOFTWARE\OpenVPN-GUI
allow_service=1,service_only=1,silent_connection=1,show_balloon=1,show_script_window=1
silent_connection=1是为了使openvpn在启动后不弹出窗口,通常必须设置。service_only、llow_service、show_script_window及show_balloon可根据个人喜好设置,其具体意义见方法二的附图。我通常设置service_only=1, show_balloon=2,这样openvpn只以服务方式运行,而且每次重新连接时都会有提示。
2、增加HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Currentversion\Run\Openvpn
"C:\Program Files\OpenVPN\bin\openvpn-gui-1.0.3.exe"
这样可使openvpn-gui在用户登录后运行。
3、运行services.msc,修改OpenVPN Service服务为自动启动,使openvpn在开机后自动连接(即使用户未登录)。
若在系统启动后立即登录windows,可能会使openvpn-gu在openvpn service启动之前运行,这样会导致openvpn-gui的tray icon不能根据连接情况变化,而且菜单中的connet等项目不可用。如果出现这种情况,可等openvpn服务启动后,在openvpn-gui菜单上选exit退出,然后重新运行openvpn-gui即可解决。
方法二:
1、修改注册表HKEY_LOCAL_MACHINE\SOFTWARE\OpenVPN-GUI
llow_service=0
2、在注册表中增加HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OpenVPN
"C:\\Program Files\\OpenVPN\\bin\\openvpn-gui-1.0.3.exe --connect client.ovpn"
还可使用其他选项,以覆盖注册表中open-gui的相关设置,可用openvpn-gui --help查看有哪些选项,如下:
上图中的option参数在注册表中均有对应项目。
方法一用户不登录openvpn也会启动,方法二必须在用户登录到windows之后才会生效。
如果openvpn启动后连接不上,可能是防火墙设置问题,参见下文:
OpenVPN Notes -- Firewall on the Windows client
In general, it's a good idea to always protect a VPN client or server with a firewall.
The important points for setting up firewalling on a Windows system running OpenVPN are:
- Make sure that your connection to the internet is always firewalled, especially when you are running a VPN. VPNs create trusted relationships between geographically disparate networks, and if any network on the VPN is compromised by a virus or worm, the exploit has the potential of jumping across the VPN and infecting other machines.
- You can enable firewalling on a given network adapter by going to Control Panel -> Network Connections, right-click on the icon that represents your link to the internet, select "Properties", go the the "Advanced" tab, and enable "Internet Connection Firewall".
- If you are running OpenVPN as a server on a Windows machine, you will need to configure your firewall to allow incoming clients to connect to OpenVPN's port number which is "UDP 1194" by default.
- In general, running OpenVPN as a client doesn't require any special firewall configuration, provided you use the --ping option to preserve the state of the OpenVPN connection in the firewall.
- In general, you don't need to enable firewalling on the TAP-Win32 adapter. Once an IP packet appears to be "coming in" on the TAP-Win32 adapter, it has already been decrypted and authenticated by OpenVPN, even though the connection between OpenVPN peers might transit an untrusted network such as the internet.
- One case where you might want to firewall the TAP-Win32 adapter is if you are connecting to an untrusted machine, or a machine which will route or bridge your connection with an untrusted network.
win7将网络分为家庭网络、办公网络、公共网络三个类别,对每个类别可以单独设置防火墙策略,使用openvpn时要注意目前电脑工作在哪个网络下,并检查防火墙是否允许openvpn的数据包通过。