Debian
Version Requirements
High-Risk Operation Warning
Before configuring a client, exercise caution when adding, deleting, or modifying the local subnet of a VPN gateway and the customer subnet or policy configuration of a VPN connection, because these operations may cause network interruption.
Procedure
- Log in to the Debian system as the root user and open the CLI.
- Run the following command to back up the original configuration file of the system:
cp -a /etc/apt/sources.list /etc/apt/sources.list.bak
- Install APT repositories.
- Run the following command to configure APT repositories:
- Enter the following content in the command window:
deb https://xxx.cn/debian/ bullseye contrib main deb-src https://xxx.cn/debian/ bullseye contrib main # Software update sources deb https://xxx.cn/debian-security/ bullseye-security main contrib deb-src https://xxx.cn/debian-security/ bullseye-security main contrib # Security update sources deb https://xxx.cn/debian/ bullseye-updates main contrib deb-src https://xxx.cn/debian/ bullseye-updates main contrib
Replace https://xxx.cn/ with the actual source.
- Press Esc, enter :wq, and press Enter.
The system saves the configuration and exits the editor.
- Run the following command to check the version information:
openvpn --version
The following information is displayed:OpenVPN 2.5.1 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2021 library versions: OpenSSL 1.1.1w 11 Sep 2023, LZO 2.10
- If the OpenVPN version is displayed, go to 5.
- If no OpenVPN version is displayed, perform the following operations to install OpenVPN:
- Run the following command to install OpenVPN:
A download progress bar is displayed. When the download progress reaches 100%, the installation is complete.
The following information is displayed:Reading package lists... Done Building dependency tree... Done Reading state information... Done ... ... ... Unpacking openvpn (2.5.1-3) ... Setting up openvpn (2.5.1-3) ... Processing triggers for man-db (2.11.2-2) ...
- Run the following command again to check the version information:
The following information is displayed:
OpenVPN 2.5.1 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2021 library versions: OpenSSL 1.1.1w 11 Sep 2023, LZO 2.10
- Run the following command to install OpenVPN:
- Download the client configuration file on a Windows system.
- Log in to the management console.
- Click
in the upper left corner and select the desired region and project. - Click
in the upper left corner, and choose . - In the navigation pane on the left, choose .
- Click the P2C VPN Gateways tab, and click Download Client Configuration in the Operation column of the target VPN gateway.
The downloaded client configuration file is client_config.zip.
- Decompress client_config.zip to a specified directory, for example, D:\.
After the decompression, the client_config.ovpn and client_config.conf files are generated.
- Open the client_config.conf file using Notepad or Notepad++.
- Add the client certificate and private key to the file.
Enter the client certificate content and the corresponding private key in between <cert></cert> and <key></key> tags, respectively.
<cert> -----BEGIN CERTIFICATE----- Client certificate content -----END CERTIFICATE----- </cert> <key> -----BEGIN PRIVATE KEY----- Client private key -----END PRIVATE KEY----- </key>
- (Optional) Comment out disable-dco. Perform this step only when OpenVPN 2.5 or earlier is used.
- Press Ctrl+F to search for and locate disable-dco.
- Enter # in front of the line where disable-dco is located to comment out the line.
... ... # disable-dco ... ...
- Save the .conf configuration file.
- Upload the .conf configuration file to the Debian system using Xftp. In this example, the file is uploaded to the /opt/ directory.
- Run the following command to go to the directory where the installation package is stored:
cd /opt/
- Run the following command to start the OpenVPN client and connect to the VPN gateway:
openvpn --config /opt/openvpn_config_user-01.conf
If the following information in bold is displayed, the OpenVPN connection is successfully established:
2025-02-28 11:34:35 OpenVPN 2.5.1 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2021 2025-02-28 11:34:35 library versions: OpenSSL 1.1.1w 11 Sep 2023, LZO 2.10 ... ... ... 2025-02-28 11:34:37 Initialization Sequence Completed
- Run the following command to verify the connectivity:
ping XX.XX.XX.XX
XX.XX.XX.XX indicates the private IP address of the ECS to be connected. Replace it with the actual private IP address.
If information similar to the following is displayed, the client can communicate with the ECS:
64 bytes from XX.XX.XX.XX: icmp_seq=1 ttl=63 time=1.27 ms 64 bytes from XX.XX.XX.XX: icmp_seq=2 ttl=63 time=1.36 ms 64 bytes from XX.XX.XX.XX: icmp_seq=3 ttl=63 time=1.40 ms 64 bytes from XX.XX.XX.XX: icmp_seq=4 ttl=63 time=1.29 ms 64 bytes from XX.XX.XX.XX: icmp_seq=5 ttl=63 time=1.35 ms 64 bytes from XX.XX.XX.XX: icmp_seq=6 ttl=63 time=1.52 ms
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
