Yuav teeb Hailbytes VPN li cas rau koj qhov AWS Ib puag ncig

Introduction

Hauv tsab xov xwm no, peb yuav mus hla yuav ua li cas teeb HailBytes VPN ntawm koj lub network, yooj yim thiab ruaj ntseg VPN thiab firewall rau koj lub network. Cov ntsiab lus ntxiv thiab cov ntsiab lus tshwj xeeb tuaj yeem pom hauv peb cov ntaub ntawv tsim tawm txuas no.

Kev npaj

1. Cov Kev Xav Tau:

Peb pom zoo kom pib nrog 1 vCPU thiab 1 GB ntawm RAM ua ntej scaling.

Rau Omnibus-raws li kev xa tawm ntawm cov servers nrog tsawg dua 1 GB ntawm lub cim xeeb, koj yuav tsum qhib kev sib pauv kom tsis txhob Linux ntsiav los ntawm kev npaj txhij txog tua Firezone txheej txheem.

1 vCPU yuav tsum txaus kom txaus siab rau 1 Gbps txuas rau VPN.

2. Tsim cov ntaub ntawv DNS: Firezone yuav tsum muaj lub npe sau npe rau kev siv ntau lawm, xws li firezone.company.com. Tsim cov ntaub ntawv DNS tsim nyog xws li A, CNAME, lossis AAAA cov ntaub ntawv yuav tsum tau ua.

3. Teeb tsa SSL: Koj yuav xav tau daim ntawv pov thawj SSL siv tau los siv Firezone hauv kev tsim khoom. Firezone txhawb ACME rau kev muab cov ntawv pov thawj SSL tsis siv neeg rau Docker thiab Omnibus-raws li kev teeb tsa.

4. Qhib cov chaw nres nkoj firewall: Firezone siv cov chaw nres nkoj 51820 / udp thiab 443 / tcp rau HTTPS thiab WireGuard tsheb raws li. Koj tuaj yeem hloov cov chaw nres nkoj no tom qab hauv cov ntaub ntawv teeb tsa.

Deploy on Docker (pom zoo)

1. Yam yuavtsum tau kawm uantej:

Xyuas kom koj nyob rau ntawm lub platform txhawb nqa nrog docker-compose version 2 lossis siab dua.

Xyuas kom tseeb tias qhov chaw nres nkoj xa mus yog qhib rau ntawm firewall. Defaults xav kom cov chaw nres nkoj hauv qab no qhib:

o 80 / tcp (yeem): Tsis siv neeg muab ntawv pov thawj SSL

o 443/tcp: Access web UI

o 51820/udp: VPN tsheb mloog chaw nres nkoj

2. Nruab Server Option I: Automatic Installation (pom zoo)

Run installation script: bash <(curl -fsSL https://github.com/firezone/firezone/raw/master/scripts/install.sh) 1889d1a18e090c-0ec2bae288f1e2-26031d51-144000-1889d1a18e11c6c

Nws yuav nug koj ob peb nqe lus nug txog kev teeb tsa thawj zaug ua ntej rub tawm cov qauv docker-compose.yml. Koj yuav xav teeb tsa nws nrog koj cov lus teb, thiab luam cov lus qhia rau kev nkag mus rau Web UI.

Firezone qhov chaw nyob: $HOME/.firezone.

2. Nruab Server Option II: Manual Installation

Rub tawm docker compose template rau ib lub chaw ua haujlwm hauv zos

- Linux: curl -fsSL https://raw.githubusercontent.com/firezone/firezone/master/docker-compose.prod.yml -o docker-compose.yml

- macOS lossis Windows: curl -fsSL https://raw.githubusercontent.com/firezone/firezone/master/docker-compose.desktop.yml -o docker-compose.yml

Tsim kom muaj kev zais cia: docker khiav –rm firezone/firezone bin/gen-env > .env

Hloov cov DEFAULT_ADMIN_EMAIL thiab EXTERNAL_URL hloov pauv. Hloov lwm yam secrets raws li xav tau.

Migrate lub database: docker compose run –rm firezone bin/migrate

Tsim ib tus account admin: docker compose run –rm firezone bin/create-or-reset-admin

Nqa cov kev pabcuam: docker sau -d

Koj yuav tsum muaj peev xwm nkag mus rau Firezome UI hla EXTERNAL_URL hloov pauv tau hais los saum toj no.

3. Pab rau khau raj (yeem):

Xyuas kom Docker qhib thaum pib: sudo systemctl pab docker

Cov kev pabcuam Firezone yuav tsum muaj qhov rov pib dua: ib txwm lossis rov pib dua: tshwj tsis yog-stopped xaiv tau teev tseg hauv cov ntaub ntawv docker-compose.yml.

4. Pab kom IPv6 Public Routability (yeem):

Ntxiv cov hauv qab no rau /etc/docker/daemon.json kom pab IPv6 NAT thiab teeb tsa IPv6 xa mus rau Docker ntim.

Pab kom cov ntawv ceeb toom router ntawm khau raj rau koj lub neej ntawd egress interface: egress=`ip txoj kev qhia default 0.0.0.0/0 | grep -oP '(?<=dev ).*' | txiav -f1 -d' ' | tr -d '\n'` sudo bash -c “echo net.ipv6.conf.${egress}.accept_ra=2 >> /etc/sysctl.conf”

Reboot thiab sim los ntawm pinging rau Google los ntawm hauv docker thawv: docker khiav -rm -t busybox ping6 -c 4 google.com

Tsis tas yuav ntxiv cov cai iptables los pab kom IPv6 SNAT/masquerading rau tunneled tsheb. Firezone yuav daws qhov no.

5. Nruab cov neeg siv apps

Tam sim no koj tuaj yeem ntxiv cov neeg siv rau koj lub network thiab teeb tsa cov lus qhia los tsim kom muaj kev sib tham VPN.

Ncej teeb

Nrog koj zoo siab, koj tau ua tiav qhov kev teeb tsa! Tej zaum koj yuav xav tshawb xyuas peb cov ntaub ntawv tsim tawm rau kev teeb tsa ntxiv, kev xav txog kev nyab xeeb, thiab cov yam ntxwv siab heev: https://www.firezone.dev/docs/

LockBit Tus Thawj Coj Tus Kheej Qhia Tawm - Tsim Nyog lossis Troll?

Tej zaum 9, 2024 tsis muaj Comments

LockBit Tus Thawj Coj Tus Kheej Qhia Tawm - Tsim Nyog lossis Troll? Dav dav lees paub tias yog ib pawg ransomware muaj txiaj ntsig tshaj plaws hauv ntiaj teb, Lockbit thawj zaug tshwm sim hauv

Nyeem ntxiv »

Yuav Ua Li Cas Tshem Tawm Metadata ntawm Cov Ntaub Ntawv

Plaub Hlis Ntuj 27, 2024 tsis muaj Comments

Yuav Ua Li Cas Tshem Tawm Metadata los ntawm Cov Ntaub Ntawv Taw Qhia Metadata, feem ntau piav raws li "cov ntaub ntawv hais txog cov ntaub ntawv," yog cov ntaub ntawv uas muab cov ntsiab lus hais txog cov ntaub ntawv tshwj xeeb. Nws

Nyeem ntxiv »

Bypassing Internet Censorship nrog TOR

Plaub Hlis Ntuj 27, 2024 tsis muaj Comments

Kev hla Is Taws Nem Censorship nrog TOR Taw Qhia Hauv lub ntiaj teb uas nkag mus rau cov ntaub ntawv tau raug tswj hwm, cov cuab yeej zoo li Tor network tau dhau los ua qhov tseem ceeb rau

Nyeem ntxiv »

Yuav teeb Hailbytes VPN li cas rau koj qhov AWS Ib puag ncig

Introduction

Kev npaj

Deploy on Docker (pom zoo)

Ncej teeb

LockBit Tus Thawj Coj Tus Kheej Qhia Tawm - Tsim Nyog lossis Troll?

Yuav Ua Li Cas Tshem Tawm Metadata ntawm Cov Ntaub Ntawv

Bypassing Internet Censorship nrog TOR

cov kev pab cuam

Peb Lub Lag Luam

Peb Qhov Chaw Nyob

Solutions

Kev ruaj ntseg FAQ

Social Media