Erinevus lehekülje "OpenVPN" redaktsioonide vahel
Allikas: Kuutõrvaja
(→OpenVPN serveri seadistamine - OpenBSD) |
(→OpenVPN serveri seadistamine - OpenBSD) |
||
| 85. rida: | 85. rida: | ||
status /var/log/openvpn-status.log | status /var/log/openvpn-status.log | ||
verb 3 | verb 3 | ||
| + | |||
| + | Käivitamiseks tuleb öelda | ||
| + | |||
| + | # cd /etc/openvpn | ||
| + | # openvpn --config openvpn.conf | ||
===OpenVPN kliendi seadistamine - Debian=== | ===OpenVPN kliendi seadistamine - Debian=== | ||
Redaktsioon: 25. juuli 2008, kell 14:08
Sisukord
Eesmärk
Seadistada käima turvaline ühenduse OpenBSD ja Debian arvutite vahel, kusjuures OpenBSD juures töötab OpenVPN server režiimis ning Debianil klient režiimis.
OpenVPN serveri seadistamine - OpenBSD
Paigalda pakett openvpn
# pkg_add openvpn
Seejärel tuleb moodustada mõned kataloogid ja failid
# mkdir /etc/openvpn /etc/openvpn/keys # touch /etc/openvpn/keys/index.txt # echo 01 > /etc/openvpn/keys/serial # cp /usr/local/share/examples/openvpn/easy-rsa/openssl.cnf /etc/openvpn
Seada sobivab keskkonnamuutujad
# . /usr/local/share/examples/openvpn/easy-rsa/vars
Seejärel tuleb genereerida sertifikaadid
- CA
# cd /etc/openvpn/keys # /usr/local/share/examples/openvpn/easy-rsa/build-ca
- OpenVPN serveri sertifikaat
# /usr/local/share/examples/openvpn/easy-rsa/build-key-server server
- OpenVPN kliendi sertifikaat
# /usr/local/share/examples/openvpn/easy-rsa/build-key sid1
- Diffie-Hellmani ajad
# /usr/local/share/examples/openvpn/easy-rsa/build-dh
Serveri poolel sobib kasutada sellist seadistusfaili bridge režiimis
# cat /etc/openvpn/openvpn.conf local 10.0.10.251 port 1194 proto udp dev-type tap dev tun0 ca keys/ca.crt cert keys/server.crt key keys/server.key dh keys/dh1024.pem server-bridge 172.16.0.254 255.255.255.0 172.16.0.210 172.16.0.220 ifconfig-pool-persist /tmp/ipp.txt push "redirect-gateway local def1" keepalive 10 120 comp-lzo user nobody group nobody persist-key persist-tun status /var/log/openvpn-status.log verb 3
Ning sellist seadistusfaili route režiimis
# cat /etc/openvpn/openvpn.conf local 10.0.10.251 port 1194 proto udp dev tun0 ca keys/ca.crt cert keys/server.crt key keys/server.key dh keys/dh1024.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist /tmp/ipp.txt push "redirect-gateway local def1" keepalive 10 120 comp-lzo user nobody group nobody persist-key persist-tun status /var/log/openvpn-status.log verb 3
Käivitamiseks tuleb öelda
# cd /etc/openvpn # openvpn --config openvpn.conf
OpenVPN kliendi seadistamine - Debian
Paigaldada pakett openvpn
# apt-get install openvpn
