Openvpn
Info on TAP/bridge
https://help.ubuntu.com/10.04/serverguide/openvpn.html
Centos 6.4[edit]
Install[edit]
- just explains easy rsa/keys
<source> yum -y install openvpn easy-rsa </source>
<source>
mkdir -p /etc/openvpn/easy-rsa/keys
cp -rf /usr/share/easy-rsa/2.0/* /etc/openvpn/easy-rsa
</source>
<source>
emacs /etc/openvpn/easy-rsa/vars
</source>
<source>
- modify variables in file: vars (bottom of file)
export KEY_COUNTRY="US" export KEY_PROVINCE="CA" export KEY_CITY="SanFrancisco" export KEY_ORG="Fort-Funston" export KEY_EMAIL="me@myhost.mydomain" export KEY_EMAIL=mail@host.domain export KEY_CN=changeme export KEY_NAME=changeme export KEY_OU=changeme </source>
<source>
cd /etc/openvpn/easy-rsa/
source ./vars
./clean-all
./build-ca
</source>
<source>
cd /etc/openvpn/easy-rsa
./build-key-server server
</source>
<source>
cd /etc/openvpn/easy-rsa
./build-dh
cd /etc/openvpn/easy-rsa/keys
cp dh1024.pem ca.crt server.crt server.key /etc/openvpn
</source>
<source>
- TLS key if needed/wanted
cd /etc/openvpn/easy-rsa/keys openvpn --genkey --secret ta.key cp ta.key /etc/openvpn/ </source>
<source>
- this didn't work right..
- ./build-key client
- ./build-key <client_name>
- create your client config (replace hostname with your client hostname)
cd /etc/openvpn/easy-rsa ./pkitool hostname </source> </source>
<source>
emacs /etc/sysctl.conf
net.ipv4.ip_forward = 1
sysctl -p
</source>
<source>
cp /usr/share/doc/openvpn-2.3.2/sample/sample-config-files/server.conf /etc/openvpn/
emacs /etc/openvpn/server.conf
</source>
<source>
chkconfig openvpn on
service start openvpn
</source>