User Tools

Site Tools


Sidebar


Tags Cloud
openvpn_key_auth

Аутентификация по ключу в openvpn (FreeBSD 7.x)

1) Устанавливаем

make install clean -C /usr/ports/security/openvpn

2) Включаем

echo "openvpn_enable=\"YES\"" >> /etc/rc.conf

3) Создаем директорию /usr/local/etc/openvpn/

mkdir /usr/local/etc/openvpn/

4) Заполняем конфиг /usr/local/etc/openvpn/openvpn.conf

local SERVER_IP
port 1194
proto udp
dev tun
link-mtu 1402
mssfix
ifconfig 192.168.15.1 192.168.15.2
secret /usr/local/etc/openvpn/openvpn.key
keepalive 15 60
ping-timer-rem
cipher AES-256-CBC
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
mlock
verb 3
log-append /usr/local/etc/openvpn/openvpn.log

5) Генерим ключ

/usr/local/sbin/openvpn --genkey --secret /usr/local/etc/openvpn/openvpn.key

6) Создаем клиентский конфиг и ключ

mkdir /usr/local/etc/openvpn/clients/

cp /usr/local/etc/openvpn/openvpn.key /usr/local/etc/openvpn/clients/client.key

remote SERVER_IP 1194
nobind
proto udp
dev tun
ifconfig 192.168.15.2 192.168.15.1
secret client.key
keepalive 15 60
cipher AES-256-CBC
comp-lzo
verb 3
status openvpn.status
redirect-gateway
dhcp-option DNS 8.8.8.8
fragment 1460
mssfix
openvpn_key_auth.txt · Last modified: 2013/12/15 16:46 by kyxap