Scribd Logo
Carica

Benvenuto in Scribd!

  • Openvpn Installation & Configuration

    Caricato da

    api-3700547
    1K visualizzazioni5 pagine
    Upload provide OpenVPN Installation and configuration on Linux OS.Today i just received a mail from linux-bangalore from a techie,looking for 'setup Virtual Private Network setup on linux server'. This document could be quite usefull for others too.

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    Upload provide OpenVPN Installation and configuration on Linux OS.Today i just received a mail from linux-bangalore from a techie,looking for 'setup Virtual Private Network setup on linux server'. This document could be quite usefull for others too.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    1K visualizzazioni5 pagine

    Openvpn Installation & Configuration

    Caricato da

    api-3700547
    Upload provide OpenVPN Installation and configuration on Linux OS.Today i just received a mail from linux-bangalore from a techie,looking for 'setup Virtual Private Network setup on linux server'. This document could be quite usefull for others too.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 5

    Rajesh and Sajesh 6/12/2006 R-1.

    1) Introduction

    What is OpenVPN

    OpenVPN is a robust and highly flexible tunneling application.

    OpenVPN supports SSL/TLS security, ethernet bridging, TCP or UDP tunnel


    transport through proxies or NAT, support for dynamic IP addresses and
    DHCP, scalability to hundreds or thousands of users, and portability to
    most major OS platforms.

    In the testing scenario Hardware & OS

    Server
    Amd system with Redhat EL3 installed
    HDD –40GB
    Ram-- 512MB

    Client
    Amd system with FC5 installed
    HDD -40GB
    RAM-512MB

    2) Installtion Step by step

    Packages installed

    lzo-1.08-4.1.el3.rf.i386
    lzo-devel-1.08-4.1.el3.rf.i386
    openvpn-2.0.7-1.fc5.rf.i386

    Downloaded the latest version from

    http://dries.studentenweb.org/rpm/packages/lzo/info.html
    http://dries.studentenweb.org/rpm/packages/openvpn/info.html

    Installation procedure

    #cd /
    # mkdir packages ------ Copy the files downloaded files to this folder
    #cd /packages
    # rpm -ivf lzo-1.08-4.1.el3.rf.i386
    Rajesh and Sajesh 6/12/2006 R-1.0

    # rpm -ivf lzo-devel-1.08-4.1.el3.rf.i386


    # rpm -ivf openvpn-2.0.7-1.fc5.rf.i386

    The files will be stored in /usr/share/doc/openvpn-2.0.7/

    Configuration

    # cd /usr/share/doc/openvpn-2.0.7/easy-rsa

    #chmod 744 clean-all


    #chmod 744 build*
    #chmod 744 sign-req
    #mkdir keys

    run these commands


    **********************************************************************
    export KEY_DIR=/usr/share/doc/openvpn-2.0.7/easy-rsa/keys
    export KEY_CONFIG=/usr/share/doc/openvpn-2.0.7/easy-rsa/openssl.cnf
    export KEY_SIZE=1024
    export KEY_COUNTRY=IN
    export KEY_PROVINCE=KA
    export KEY_CITY=Bangalore
    export KEY_ORG="OpenVPN-TEST"
    export KEY_EMAIL="username@tarangtech.com"
    ***********************************************************************

    [root@las easy-rsa]#./clean-all

    run these commands again


    **********************************************************************
    export KEY_DIR=/usr/share/doc/openvpn-2.0.7/easy-rsa/keys
    export KEY_CONFIG=/usr/share/doc/openvpn-2.0.7/easy-rsa/openssl.cnf
    export KEY_SIZE=1024
    export KEY_COUNTRY=IN
    export KEY_PROVINCE=KA
    export KEY_CITY=Bangalore
    export KEY_ORG="OpenVPN-TEST"
    export KEY_EMAIL="username@tarangtech.com"

    creating a CA cerificate & CA key

    #./build-ca

    Build Diffie Hellman parameters


    Rajesh and Sajesh 6/12/2006 R-1.0

    #./build-dh

    Build the server keys

    #./build-key-server las

    Build the client keys

    #./build-key client1 --- Just use a different email address when prompted for the common
    name.

    The files created will be saved in /usr/share/doc/openvpn-2.0.7/easy-rsa/keys/

    3) Basic Configuration step by step

    go to folder /usr/share/doc/openvpn-2.0.7/easy-rsa/keys/

    Configuring for Server

    usr/share/doc/openvpn-2.0.7/sample-config-files/

    to

    /usr/share/doc/openvpn-2.0.7/easy-rsa/keys

    edit server.conf file

    make changes for these lines

    ca ca.crt
    cert las.crt
    key las.key

    (use all the reamining settings as default)

    (las is the name given when creating the server certification files)

    Configuring client

    copy the confi

    Do the Openvpn installation as mentioned above in the client system


    Rajesh and Sajesh 6/12/2006 R-1.0

    Copy the client.conf file from

    /usr/share/doc/openvpn-2.0.7/sample-config-files/

    to

    /usr/share/doc/openvpn-2.0.7/easy-rsa/keys

    edit client.conf file

    make changes for these lines

    remote <server Ipaddress> 1194


    ca ca.crt
    cert client1.crt
    key client1.key

    (use all the reamining settings as default)

    (client1 is the name given when creating the client certification files)

    Starting the server

    go to /usr/share/doc/openvpn-2.0.7/easy-rsa/keys

    #openvpn server.conf

    A normal server startup should look like this (output will vary across platforms):

    Sun Feb 6 20:46:38 2005 OpenVPN 2.0_rc12 i686-suse-linux [SSL] [LZO] [EPOLL] built on Feb 5 2005

    Sun Feb 6 20:46:38 2005 Diffie-Hellman initialized with 1024 bit key

    Sun Feb 6 20:46:38 2005 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
    Sun Feb 6 20:46:38 2005 TUN/TAP device tun1 opened
    Sun Feb 6 20:46:38 2005 /sbin/ifconfig tun1 10.8.0.1 pointopoint 10.8.0.2 mtu
    1500
    Sun Feb 6 20:46:38 2005 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw
    10.8.0.2
    Sun Feb 6 20:46:38 2005 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:23 ET:0
    EL:0 AF:3/1 ]
    Sun Feb 6 20:46:38 2005 UDPv4 link local (bound): [undef]:1194
    Sun Feb 6 20:46:38 2005 UDPv4 link remote: [undef]
    Sun Feb 6 20:46:38 2005 MULTI: multi_init called, r=256 v=256
    Sun Feb 6 20:46:38 2005 IFCONFIG POOL: base=10.8.0.4 size=62
    Sun Feb 6 20:46:38 2005 IFCONFIG POOL LIST
    Sun Feb 6 20:46:38 2005 Initialization Sequence Completed
    Rajesh and Sajesh 6/12/2006 R-1.0

    Starting the client

    go to /usr/share/doc/openvpn-2.0.7/easy-rsa/keys in the client system

    openvpn client.conf

    A normal client startup on Windows will look similar to the server output
    above, and should end with the Initialization Sequence Completed message.

    Now, try a ping across the VPN from the client. If you are using routing (i.e. dev tun in the server
    config file), try:

    ping 10.8.0.1

    If the ping succeeds, congratulations! You now have a functioning VPN

    Potrebbero piacerti anche