SmartNote

User Tools

Site Tools

You are here: start » openvpn_key_auth

Sidebar

Tags Cloud
alert apache apt ascii auth bash centos certificate checkinstall chroot cron debian debuild dedikit etch format freebsd grub https ip iptables kernel libwww linux load_average logrotate logs minimal_install mldonkey mysql nginx openvpn perl php proxy realip rsync semaphores sftp squeeze ssh table tun ubuntu user ustats vhost vim watchdog wheezy
openvpn_key_auth

Table of Contents

, , , , ,

Аутентификация по ключу в openvpn (FreeBSD 7.x)

1) Устанавливаем 

make install clean -C /usr/ports/security/openvpn

2) Включаем 

echo "openvpn_enable=\"YES\"" >> /etc/rc.conf

3) Создаем директорию /usr/local/etc/openvpn/ 

mkdir /usr/local/etc/openvpn/

4) Заполняем конфиг /usr/local/etc/openvpn/openvpn.conf 

local SERVER_IP
port 1194
proto udp
dev tun
link-mtu 1402
mssfix
ifconfig 192.168.15.1 192.168.15.2
secret /usr/local/etc/openvpn/openvpn.key
keepalive 15 60
ping-timer-rem
cipher AES-256-CBC
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
mlock
verb 3
log-append /usr/local/etc/openvpn/openvpn.log

5) Генерим ключ 

/usr/local/sbin/openvpn --genkey --secret /usr/local/etc/openvpn/openvpn.key

6) Создаем клиентский конфиг и ключ 

mkdir /usr/local/etc/openvpn/clients/

cp /usr/local/etc/openvpn/openvpn.key /usr/local/etc/openvpn/clients/client.key

remote SERVER_IP 1194
nobind
proto udp
dev tun
ifconfig 192.168.15.2 192.168.15.1
secret client.key
keepalive 15 60
cipher AES-256-CBC
comp-lzo
verb 3
status openvpn.status
redirect-gateway
dhcp-option DNS 8.8.8.8
fragment 1460
mssfix
openvpn_key_auth.txt · Last modified: 2013/12/15 16:46 by kyxap

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki