yum install openvpn.$HOSTTYPE 2. Copy /usr/share/openvpn/easy-rsa/2.0 to /etc/openvpn/easy-rsa 3. cd /etc/openvpn/easy-rsa 4. Edit vars appropriately.

equableunalaskaΑσφάλεια

9 Δεκ 2013 (πριν από 3 χρόνια και 4 μήνες)

103 εμφανίσεις

CIS 290


LINUX Security

Lab #17: OpenVPN


Configuring OpenVPN


Server Side

1. Install OpenVPN

yum install openvpn.$HOSTTYPE


2. Copy /usr/share/openvpn/easy
-
rsa/2.0 to /etc/openvpn/easy
-
rsa


3. cd /etc/openvpn/easy
-
rsa


4. Edit vars appropriately.


5. .

vars


6. ./clean
-
all


7. Before continuing, make sure the system time is correct.


8. ./build
-
ca


9. ./build
-
inter $( hostname | cut
-
d.
-
f1 )


10. ./build
-
dh


11. mkdir /etc/openvpn/keys


12. cp
-
ai keys/$( hostname | cut
-
d.
-
f1 ).{crt,key} keys/ca.crt


keys/dh1024.pem /etc/openvpn/keys/


13. cp
-
ai /usr/share/doc/openvpn
-
*/sample
-
config
-
files/roadwarrior
-
server.conf /etc/openvpn/server.conf


14. Edit /etc/openvpn/server.conf appropriately to set your
configuration and key paths.


15. chkconfig
--
level
2345 openvpn on


16. Modify /etc/openvpn/server.conf to point keys to /etc/openvpn/keys


17. service openvpn start


-
OR
-


/usr/share/doc/openvpn
-
2.1.4/sample
-
scripts/openvpn.init start


18. service openvpn status



Configuring OpenVPN


Client

Sid
e


On the server:

1. /etc/openvpn/easy
-
rsa


2. . vars


3. ./build
-
key username


On the client:


4. Copy username.key, username.crt and ca.crt from server to
/etc/openvpn/keys/.


5. cp
-
ai /usr/share/doc/openvpn
-
*/sample
-
config
-
files/roadwarrior
-
client.conf

/etc/openvpn/client.conf


6. Edit /etc/openvpn/client.conf appropriately to set your
configuration (just like server configuration, port,

compression,..) and key paths.


7
. chkconfig –level 2345 openvpn on


8. service openvpn start