# pritunl-vpn

pritunl-vpn 是开源软件open vpn的一个实现，适合企业级使用


####  参考网址

- git 地址：https://github.com/pritunl/pritunl
- docker版：https://github.com/jippi/docker-pritunl
- docker hub:https://hub.docker.com/r/jippi/pritunl

#### 使用docker-compose安装部署

```yaml
version: "3"
services:
  pritunl-vnp:
    image: swr.cn-south-1.myhuaweicloud.com/vp-whdev/all-in-devops/pritunl:latest
    container_name: pritunl-vpn
    privileged: true
    restart: always # 自动重启
    ports:
      - 33312:80
      - 33313:443
      - 33314:33314/tcp
      - 33314:33314/udp
    volumes:
      - ./pritunl:/var/lib/pritunl
      - ./mongodb:/var/lib/mongodb


# 80端口，http访问，事实上他会自己重定向到https
# 443端口,https访问
# 33314端口，既你在新增服务时设置的端口，需要开启防火墙

```

#### 配置

- 登录

默认用户名密码: pritunl / pritunl


- **增加组织**

[![](https://iovhm.com/book/uploads/images/gallery/2023-10/scaled-1680-/La8rrKE7uLMZRpFQ-image-1698204255989.png)](https://iovhm.com/book/uploads/images/gallery/2023-10/La8rrKE7uLMZRpFQ-image-1698204255989.png)



- **增加用户**

[![](https://iovhm.com/book/uploads/images/gallery/2023-10/scaled-1680-/WjCtNUtS5bLpzLho-image-1698204273739.png)](https://iovhm.com/book/uploads/images/gallery/2023-10/WjCtNUtS5bLpzLho-image-1698204273739.png) 



- **增加服务**

[![](https://iovhm.com/book/uploads/images/gallery/2023-10/scaled-1680-/3jJ0pF58vI4sJ1z4-image-1698204308032.png)](https://iovhm.com/book/uploads/images/gallery/2023-10/3jJ0pF58vI4sJ1z4-image-1698204308032.png)



- **附加到组织**
- **启动服务**


- **路由配置**



增加服务时候，会自动增加一条路由**0.0.0.0/0**，该路由会接管所有的流量。应该将改路由删除，增加需要通过 vpn client访问的内网主机路由。例如要访问内网的**192.168.0.0/24**


- **windows客户端**

下载地址：https://client.pritunl.com/#install


- **获取用户配置文件**

[![](https://iovhm.com/book/uploads/images/gallery/2023-10/scaled-1680-/G8hY4w3nJPf8irt3-image-1698204458714.png)](https://iovhm.com/book/uploads/images/gallery/2023-10/G8hY4w3nJPf8irt3-image-1698204458714.png)

- **导入配置文件**

[![](https://iovhm.com/book/uploads/images/gallery/2023-10/scaled-1680-/r0DnbcCrKerUkNF9-image-1698204487197.png)](https://iovhm.com/book/uploads/images/gallery/2023-10/r0DnbcCrKerUkNF9-image-1698204487197.png)


- **linux客户端**
```shell

yum install openvpn

# 将下载的配置文件解压，既可得到ovpn配置文件
openvpn --config your.ovpn

```

```shell
# vi /etc/systemd/system/openvpn-client.service
# 编写为服务
[Unit]
Description=OpenVPN Client Service
After=network.target

[Service]
Type=simple
ExecStart=/usr/sbin/openvpn --config /data/vpclub/openvpn/your_ovpn_configuration_file.ovpn
Restart=on-failure


[Install]
WantedBy=multi-user.target
```



#### pritunl仅能点对点访问，既，可以通过vpn client 访问远端网络，但是不能通过远端网络访问本地地址。

- 访问方式一，远端用户可以访问服务器所在的局域网

[![](https://iovhm.com/book/uploads/images/gallery/2023-10/scaled-1680-/CIvRDnSi2HEN2dKF-image-1698315086879.png)](https://iovhm.com/book/uploads/images/gallery/2023-10/CIvRDnSi2HEN2dKF-image-1698315086879.png)



- 访问方式二