-
Notifications
You must be signed in to change notification settings - Fork 1.1k
Configure Multiple Users
clowwindy edited this page Aug 16, 2015
·
5 revisions
Upgrade to ShadowVPN 0.2.0 on both client and server side.
Edit server.conf and add multiple user tokens.
# Users allowed. Each must be HEX of 8 bytes. You can generate on by running:
# xxd -l 8 -p /dev/random
# See `net` for more information.
user_token=7e335d67f1dc2c01,ff593b9e6abeb2a5,e3c7b8db40a96105
# Local IP and subnet of the VPN tunnel.
#
# If user_token is specified, NAT mode will be enabled on server side, and
# the client does not need to have the same network with the server.
# In NAT mode, each user will be assigned an IP automatically.
# for example:
# tun0 is 10.7.0.1
# client IPs will be 10.7.0.2, 10.7.0.3, 10.7.0.4, etc
# You'll see them in the log when ShadowVPN starts with -v:
# assigning 10.7.0.2 to user 7e335d67f1dc2c01
# assigning 10.7.0.3 to user ff593b9e6abeb2a5
# assigning 10.7.0.4 to user e3c7b8db40a96105
# VPN started
net=10.7.0.1/16
Edit client.conf and give each user a different user token. For example:
# Identify a user. Must be HEX of 8 bytes. You can generate on by running:
# xxd -l 8 -p /dev/random
# See `net` for more information.
user_token=7e335d67f1dc2c01
# Local IP and subnet of the VPN tunnel.
# If user_token is specified, NAT mode will be enabled on server side, and
# the client does not need to have the same network with the server.
net=10.7.0.2/24
You don't have to set net to the same as the server will assign to you.
ShadowVPN server will do NAT on server side.
Notice: Keep your user token secret to other users.
The data is protected by password. It should be kept secret from public.
Each user is authenticated by user_token. Each user's user token should be kept secret from other users.