Skip to main content

How to Configure Openvpn Server

How to Configure Openvpn Server



VPN server [x.x.x.x]- Global IP address
[192.168.0.254]- eth1 ( real IP address )
[192.168.0.9]- br0 – set new as a Bridge
wget http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/i386/epel-release-5-4.noarch.rpm
————————————————————————————————–
yum –enablerepo=epel -y install openvpn bridge-utils
————————————————————————————————–
cp /usr/share/doc/openvpn-*/sample-config-files/server.conf /etc/openvpn/
————————————————————————————————–
vi /etc/openvpn/server.conf
line 53: change
dev tap0
line 78: change certificate path
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key
line 87: change
dh /etc/openvpn/easy-rsa/keys/dh1024.pem
line 96: make it comment
# server 10.8.0.0 255.255.255.0
line 103: make it comment
# ifconfig-pool-persist ipp.txt
# line 115: uncomment and chnage ( [VPN server's IP] [subnetmask] [the range of IP for client] )
server-bridge 192.168.0.9 255.255.255.0 192.168.0.100 192.168.0.150
line 138: add ( [network VPN server in] [subnetmask] )
push “route 192.168.0.254 255.255.255.0″
line 275: change
status /var/log/openvpn-status.log
line 284: uncomment and change
log /var/log/openvpn.log
log-append /var/log/openvpn.log
save&exit
======================================================================================
======================================================================================
cp -R /usr/share/openvpn/easy-rsa/2.0 /etc/openvpn/easy-rsa
——————————————————————————————————-
cd /etc/openvpn/easy-rsa 
mkdir keys 
vi vars
line 64: change to your environment
export KEY_COUNTRY=”IN”
export KEY_PROVINCE=”new-delhi”
export KEY_CITY=”Delhi”
export KEY_ORG=”Openpath”
export KEY_EMAIL=”vivek@xyz.com”
save&exit
====================================================================================
source ./vars
NOTE: If you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/easy-rsa/keys
[root@vpn easy-rsa]# ./clean-all 
[root@vpn easy-rsa]# ./build-ca 
Generating a 1024 bit RSA private key
……………..++++++
……++++++
writing new private key to ‘ca.key’
———-
create certificate..
Create certificate and key for server.
[root@vpn easy-rsa]# ./build-key-server server 
Generating a 1024 bit RSA private key
……..++++++
…….++++++
writing new private key to ‘server.key’
—–
Generate Diffie Hellman ( DH ) parameter.
—————————————————————————————————–
[root@vpn easy-rsa]# ./build-dh 
Generating DH parameters, 1024 bit long safe prime, generator 2
This is going to take a long time
Create certificate and key for client.
[root@vpn easy-rsa]# ./build-key-pass client 
Generating a 1024 bit RSA private key
………………++++++
………………++++++
writing new private key to ‘client.key’
Enter PEM pass phrase:
========================================================================================
cp /usr/share/doc/openvpn-*/sample-scripts/bridge-stop /etc/openvpn/
cp /usr/share/doc/openvpn-*/sample-scripts/bridge-start /etc/openvpn/
chmod 755 /etc/openvpn/bridge-start
chmod 755 /etc/openvpn/bridge-stop 
vi /etc/openvpn/bridge-start
line 17-20: change
eth=”eth1″ # chnage if needed
eth_ip=”192.168.0.9″# IP address for bridge
eth_netmask=”255.255.255.0″# subnetmask
eth_broadcast=”192.168.0.255″
save&exit
====================================================================================
vi /etc/rc.d/init.d/openvpn
start)
echo -n $”Starting openvpn: “
line 126: add
/etc/openvpn/bridge-start
line 205: add
/etc/openvpn/bridge-stop
success; echo
rm -f $lock
save&exit
====================================================================================
/etc/rc.d/init.d/openvpn start
chkconfig openvpn on
==================================Client setting======================================
copy certificate files from server to client computer..by ftp or winscp ….
/etc/openvpn/easy-rsa/keys/
ca.crt
client.crt
client.key
download openvpn client for windows
http://swupdate.openvpn.org/community/releases/openvpn-2.2.2-install.exe
istall openvpn client
and put all certificate in C:\Program Files\OpenVPN\config
create .ovpn file in C:\Program Files\OpenVPN\config
right click -create text file -click save as .ovpn
open .ovpn file and paste these lines.
client
dev tap0
proto udp
remote 192.168.0.9 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
comp-lzo
verb 3
save file
Enjoy and connect from vpn server…………………

======================================================================

Comments

Post a Comment

Popular posts from this blog

Links to various tools, calculators, config template etc.

Below are the links to various tools, calculators, config template etc. I hope you guys will find it helpful – APC Datacenter Tools ACL Wildcard Mask Calculator Aircrack-ng APC Product Selectors BackTrack Linux – Penetration Testing Bandwidth Calculator Bandwidth Speed Test Tool Bandwidth VoIP Availability Check Bandwidth VoIP Test Belkin Wizards Black Box Custom Cable and Adapter Wizards Boson Free Utilities, Cisco Config Register Calculator Brad Reese music work ambience Broadband Tools Cain – Windows Based Hacking Tool CertSearch Tool – rates Cisco practice test providers CIDR Report CIDR / VLSM Supernet Calculator Cisco 827/827H/SOHO97/837 ADSL Firewall IPSec Config Cisco 827/827H/SOHO97/837 ADSL IPSec Config Cisco 827/827H/SOHO97/837 Basic Config Cisco 827/827H/837 Business Config Cisco 827, 827H, 837, SOHO97 Config Wizard Cisco 851/851W/857/857W/871/871W/877/877W Wizard
Post a Comment
Read more

Useful site for system & network admin

https://wintelguy.com/ Site Contents: MAC / WWN Lookup RAID Calculators DWPD, TBW, GB/day Calc. TB / TiB / GB / GiB Converter Backup Calculator Virtualization Calculators IP Subnet Calculator Network Throughput File Transfer Time Calculator WAN Latency DNS Lookup IP Locator eMail Tracer WHOIS Port Database Search Password Generator Power Unit Conversion Text Tools Cost Calculators
1 comment
Read more