需先搭建 openvpn 海外服务端, 具体参考 https://www.cnblogs.com/weifeng1463/p/11041550.html
选择阿里云华东ecs 搭建openvpn 的客户端 , 具体参考 https://www.cnblogs.com/weifeng1463/p/7803354.html
在同一华东ecs上搭建 ss-server 服务端, 具体参考 https://www.cnblogs.com/weifeng1463/p/6759682.html
华东ecs 需只配置内网ip 地址, 通过vpn 或者阿里云后台去ssh登录 。
具体实例配置:
[root@ss-server_vpn-client ~]# ps aux|grep sss root 2939 0.0 0.4 202128 7976 ? Ss 16:46 0:00 /usr/bin/python /usr/bin/ssserver -c /etc/shadowsocks.json -d start
[root@ss-server_vpn-client ~]# ps aux|grep openvpn root 2950 0.0 0.1 75424 3304 ? Ss 16:46 0:00 openvpn --daemon --cd /etc/openvpn --config fanqiang001.conf --log-append /var/log/openvpn.log
[root@ss-server_vpn-client ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 10.8.200.13 128.0.0.0 UG 0 0 0 tun0 0.0.0.0 192.168.0.253 0.0.0.0 UG 0 0 0 eth0 10.8.200.1 10.8.200.13 255.255.255.255 UGH 0 0 0 tun0 10.8.200.13 0.0.0.0 255.255.255.255 UH 0 0 0 tun0 47.252.85.224 192.168.0.253 255.255.255.255 UGH 0 0 0 eth0 128.0.0.0 10.8.200.13 128.0.0.0 UG 0 0 0 tun0 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0 172.20.18.0 192.168.0.253 255.255.255.0 UG 0 0 0 eth0 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
[root@ss-server_vpn-client ~]# cat /etc/rc.local #!/bin/bash # THIS FILE IS ADDED FOR COMPATIBILITY PURPOSES # # It is highly advisable to create own systemd services or udev rules # to run scripts during boot instead of using this file. # # In contrast to previous versions due to parallel execution during boot # this script will NOT be run after all other services. # # Please note that you must run 'chmod +x /etc/rc.d/rc.local' to ensure # that this script will be executed during boot. touch /var/lock/subsys/local ssserver -c /etc/shadowsocks.json -d start openvpn --daemon --cd /etc/openvpn --config fanqiang001.conf --log-append /var/log/openvpn.log & ip route add 172.20.18.0/24 via 192.168.0.253
win10 , mac 客户端ss 连接服务端后 可正常连接外网 。