Openvpn Installation & Configuration

  • October 2019
  • PDF

This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA


Overview

Download & View Openvpn Installation & Configuration as PDF for free.

More details

  • Words: 611
  • Pages: 5
Rajesh and Sajesh

6/12/2006

1) Introduction What is OpenVPN OpenVPN is a robust and highly flexible tunneling application. OpenVPN supports SSL/TLS security, ethernet bridging, TCP or UDP tunnel transport through proxies or NAT, support for dynamic IP addresses and DHCP, scalability to hundreds or thousands of users, and portability to most major OS platforms.

In the testing scenario Hardware & OS Server Amd system with Redhat EL3 installed HDD –40GB Ram-- 512MB Client Amd system with FC5 installed HDD -40GB RAM-512MB

2) Installtion Step by step Packages installed lzo-1.08-4.1.el3.rf.i386 lzo-devel-1.08-4.1.el3.rf.i386 openvpn-2.0.7-1.fc5.rf.i386 Downloaded the latest version from http://dries.studentenweb.org/rpm/packages/lzo/info.html http://dries.studentenweb.org/rpm/packages/openvpn/info.html

Installation procedure #cd / # mkdir packages ------ Copy the files downloaded files to this folder #cd /packages # rpm -ivf lzo-1.08-4.1.el3.rf.i386

R-1.0

Rajesh and Sajesh

6/12/2006

# rpm -ivf lzo-devel-1.08-4.1.el3.rf.i386 # rpm -ivf openvpn-2.0.7-1.fc5.rf.i386 The files will be stored in /usr/share/doc/openvpn-2.0.7/ Configuration # cd /usr/share/doc/openvpn-2.0.7/easy-rsa #chmod 744 clean-all #chmod 744 build* #chmod 744 sign-req #mkdir keys run these commands ********************************************************************** export KEY_DIR=/usr/share/doc/openvpn-2.0.7/easy-rsa/keys export KEY_CONFIG=/usr/share/doc/openvpn-2.0.7/easy-rsa/openssl.cnf export KEY_SIZE=1024 export KEY_COUNTRY=IN export KEY_PROVINCE=KA export KEY_CITY=Bangalore export KEY_ORG="OpenVPN-TEST" export KEY_EMAIL="[email protected]" *********************************************************************** [root@las easy-rsa]#./clean-all run these commands again ********************************************************************** export KEY_DIR=/usr/share/doc/openvpn-2.0.7/easy-rsa/keys export KEY_CONFIG=/usr/share/doc/openvpn-2.0.7/easy-rsa/openssl.cnf export KEY_SIZE=1024 export KEY_COUNTRY=IN export KEY_PROVINCE=KA export KEY_CITY=Bangalore export KEY_ORG="OpenVPN-TEST" export KEY_EMAIL="[email protected]" creating a CA cerificate & CA key #./build-ca Build Diffie Hellman parameters

R-1.0

Rajesh and Sajesh

6/12/2006

#./build-dh Build the server keys #./build-key-server las Build the client keys #./build-key client1 --- Just use a different email address when prompted for the common name. The files created will be saved in /usr/share/doc/openvpn-2.0.7/easy-rsa/keys/

3) Basic Configuration step by step go to folder /usr/share/doc/openvpn-2.0.7/easy-rsa/keys/ Configuring for Server usr/share/doc/openvpn-2.0.7/sample-config-files/ to /usr/share/doc/openvpn-2.0.7/easy-rsa/keys

edit server.conf file make changes for these lines ca ca.crt cert las.crt key las.key (use all the reamining settings

as default)

(las is the name given when creating the server certification files) Configuring

client

copy the confi Do the Openvpn installation as mentioned above in the client system

R-1.0

Rajesh and Sajesh

6/12/2006

R-1.0

Copy the client.conf file from /usr/share/doc/openvpn-2.0.7/sample-config-files/ to /usr/share/doc/openvpn-2.0.7/easy-rsa/keys edit client.conf file make changes for these lines remote <server Ipaddress> 1194 ca ca.crt cert client1.crt key client1.key (use all the reamining settings

as default)

(client1 is the name given when creating the client certification files)

Starting the server go to /usr/share/doc/openvpn-2.0.7/easy-rsa/keys #openvpn server.conf A normal server startup should look like this (output will vary across platforms): Sun Feb 6 20:46:38 2005 OpenVPN 2.0_rc12 i686-suse-linux [SSL] [LZO] [EPOLL] built on Feb 5 2005 Sun Feb 6 20:46:38 2005 Diffie-Hellman initialized with 1024 bit key Sun Feb 6 20:46:38 Sun Feb 6 20:46:38 Sun Feb 6 20:46:38 1500 Sun Feb 6 20:46:38 10.8.0.2 Sun Feb 6 20:46:38 EL:0 AF:3/1 ] Sun Feb 6 20:46:38 Sun Feb 6 20:46:38 Sun Feb 6 20:46:38 Sun Feb 6 20:46:38 Sun Feb 6 20:46:38 Sun Feb 6 20:46:38

2005 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] 2005 TUN/TAP device tun1 opened 2005 /sbin/ifconfig tun1 10.8.0.1 pointopoint 10.8.0.2 mtu 2005 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 2005 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:23 ET:0 2005 2005 2005 2005 2005 2005

UDPv4 link local (bound): [undef]:1194 UDPv4 link remote: [undef] MULTI: multi_init called, r=256 v=256 IFCONFIG POOL: base=10.8.0.4 size=62 IFCONFIG POOL LIST Initialization Sequence Completed

Rajesh and Sajesh

6/12/2006

Starting the client go to /usr/share/doc/openvpn-2.0.7/easy-rsa/keys in the client system openvpn client.conf A normal client startup on Windows will look similar to the server output above, and should end with the Initialization Sequence Completed message.

Now, try a ping across the VPN from the client. If you are using routing (i.e. dev tun in the server config file), try: ping 10.8.0.1

If the ping succeeds, congratulations! You now have a functioning VPN

R-1.0

Related Documents