Openvpn

From RARForge
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Info on TAP/bridge

https://help.ubuntu.com/10.04/serverguide/openvpn.html

Centos 6.4

Install

  • just explains easy rsa/keys

<source> yum -y install openvpn easy-rsa </source>


<source> mkdir -p /etc/openvpn/easy-rsa/keys cp -rf /usr/share/easy-rsa/2.0/* /etc/openvpn/easy-rsa </source>


<source> emacs /etc/openvpn/easy-rsa/vars </source> <source>

  1. modify variables in file: vars (bottom of file)

export KEY_COUNTRY="US" export KEY_PROVINCE="CA" export KEY_CITY="SanFrancisco" export KEY_ORG="Fort-Funston" export KEY_EMAIL="me@myhost.mydomain" export KEY_EMAIL=mail@host.domain export KEY_CN=changeme export KEY_NAME=changeme export KEY_OU=changeme </source>


<source> cd /etc/openvpn/easy-rsa/ source ./vars ./clean-all ./build-ca </source>


<source> cd /etc/openvpn/easy-rsa ./build-key-server server </source> <source> cd /etc/openvpn/easy-rsa ./build-dh cd /etc/openvpn/easy-rsa/keys cp dh1024.pem ca.crt server.crt server.key /etc/openvpn </source> <source>

  1. TLS key if needed/wanted

cd /etc/openvpn/easy-rsa/keys openvpn --genkey --secret ta.key cp ta.key /etc/openvpn/ </source>


<source>

    1. this didn't work right..
  1. ./build-key client
  2. ./build-key <client_name>
  1. create your client config (replace hostname with your client hostname)

cd /etc/openvpn/easy-rsa ./pkitool hostname </source> </source>


<source> emacs /etc/sysctl.conf net.ipv4.ip_forward = 1 sysctl -p </source>


<source> cp /usr/share/doc/openvpn-2.3.2/sample/sample-config-files/server.conf /etc/openvpn/ emacs /etc/openvpn/server.conf </source>


<source> chkconfig openvpn on service start openvpn </source>