Friday, July 2, 2010

Free with OpenVPN

OpenVPN package has been installed.

1. generate the certificate authority

root@glowstar# cd /usr/share/doc/openvpn/examples/easy-rsa/2.0
root@glowstar# source ./vars
root@glowstar# ./clean-all
root@glowstar# ./build-ca

2. create the server and client keys

root@glowstar# ./build-key-server server
root@glowstar# ./build-key client

3. generate the diffie-hellman parameters

root@glowstar# ./build-dh

4. create /etc/openvpn/server.conf

local 74.x.x.x
port 443
proto udp
dev tun
ca /usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/ca.crt
cert /usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/server.crt
key /usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/server.key 
dh /usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 10.8.0.0 255.255.255.0"
push "redirect-gateway"
push "dhcp-option DNS 208.68.222.222"
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3

5. start OpenVPN server

root@glowstar# openvpn /etc/openvpn/server.conf

6. copy this file to the client computer:

/usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/ca.crt
/usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/client.crt
/usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/client.key 

7. create client.conf

client
dev tun
proto udp
remote 74.x.x.x 443
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
comp-lzo
verb 3

8. load module "tun" and connect to server

root@darkstar# /sbin/modprobe tun
root@darkstar# openvpn client.conf

9. if connected it will be like this:



10. try ping the server



11. now, may you can create ssh connection? ;)

No comments:

Post a Comment