Pages

Tuesday, March 08, 2011

openvpn how to

1. apt-get install openvpn

The default directory for easy-rsa certificates is "/usr/share/doc/openvpn/examples/easy-rsa/2.0/". So we change theworking directory:

#cd /usr/share/doc/openvpn/examples/easy-rsa/2.0/

2. Now we will create the certificate for CA

#. ./vars

#./clean-all

#./build-ca

3. Then we will create the certificate for server

#./build-key-server server

4. Then we will create the certificate for client

#./build-key client

5. We will build diffie hellman

#./build-dh

6. Now if you wonder about the place of keys which you already created just change your directory to /keys

#cd /usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/

#ls -al

ca.key ca.crt server.key server.csr server.crt client.key client.crt client.csr

7. Now we have the keys and certificates. So we will send them to our clients who want to connect OPENVPN Server. Just be sure that:

ca.key-> only,must be in CA Server

client.crt-> only,must be in Client

client.key-> only,must be in Client

server.crt-> only,must be in OPENVPN Server

server.key-> only,must be in OPENVPN Server

ca.crt-> must be in CA Server and all of the clients.

8. After you transfered the files above safely, you must modify your main configuration file on OPENVPN Server, which is "server.conf".

#cd /usr/share/doc/openvpn/examples/sample-config-files/

#vim server.conf

port 1194
proto udp
dev tun
ca /usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/ca.crt
cert /usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/server.crt
key /usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/server.key
dh /usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.1.0 255.255.255.0"
push "redirect-gateway def1"
push "dhcp-option DNS 192.168.1.1"
client-to-client
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
log /var/log/openvpn.log
log-append /var/log/openvpn.log
verb 3

9. After you typed the configuration above inside your "server.conf" file, copy it to "/etc/openvpn" directory

#cp server.conf /etc/openvpn/

10. Restart your server.

http://cihan.me/how-to-setup-openvpn-server-on-debian-lenny/
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)