Openvpn

From RARForge
Jump to navigation Jump to search

Info on TAP/bridge

https://help.ubuntu.com/10.04/serverguide/openvpn.html

Centos 6.4[edit]

Install[edit]

  • just explains easy rsa/keys

<source> yum -y install openvpn easy-rsa </source>


<source> mkdir -p /etc/openvpn/easy-rsa/keys cp -rf /usr/share/easy-rsa/2.0/* /etc/openvpn/easy-rsa </source>


<source> emacs /etc/openvpn/easy-rsa/vars </source> <source>

  1. modify variables in file: vars (bottom of file)

export KEY_COUNTRY="US" export KEY_PROVINCE="CA" export KEY_CITY="SanFrancisco" export KEY_ORG="Fort-Funston" export KEY_EMAIL="me@myhost.mydomain" export KEY_EMAIL=mail@host.domain export KEY_CN=changeme export KEY_NAME=changeme export KEY_OU=changeme </source>


<source> cd /etc/openvpn/easy-rsa/ source ./vars ./clean-all ./build-ca </source>


<source> cd /etc/openvpn/easy-rsa ./build-key-server server </source> <source> cd /etc/openvpn/easy-rsa ./build-dh cd /etc/openvpn/easy-rsa/keys cp dh1024.pem ca.crt server.crt server.key /etc/openvpn </source> <source>

  1. TLS key if needed/wanted

cd /etc/openvpn/easy-rsa/keys openvpn --genkey --secret ta.key cp ta.key /etc/openvpn/ </source>


<source>

    1. this didn't work right..
  1. ./build-key client
  2. ./build-key <client_name>
  1. create your client config (replace hostname with your client hostname)

cd /etc/openvpn/easy-rsa ./pkitool hostname </source> </source>


<source> emacs /etc/sysctl.conf net.ipv4.ip_forward = 1 sysctl -p </source>


<source> cp /usr/share/doc/openvpn-2.3.2/sample/sample-config-files/server.conf /etc/openvpn/ emacs /etc/openvpn/server.conf </source>


<source> chkconfig openvpn on service start openvpn </source>