Openvpn

From VoIPmonitor.org
Revision as of 13:31, 27 August 2015 by Petr.halounek (talk | contribs)
Jump to navigation Jump to search

Centos 7

Install ovpn

a)From epel repository for enterprise linux 7

we need to add epel repository if it was not done before [how to use yum]

wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
rpm -i epel-release-latest-7.noarch.rpm
yum install openvpn

b)Using package for enterprise linux 7 from fedoraproject.org

wget https://dl.fedoraproject.org/pub/epel/7/x86_64/o/openvpn-2.3.8-1.el7.x86_64.rpm
rpm -i openvpn-2.3.8-1.el7.x86_64.rpm

setting up server

generating server and client keys

yum install easy-rsa
mkdir -p /etc/openvpn/easy-rsa/keys
cp -rf /usr/share/openvpn/easy-rsa/2.0/* /etc/openvpn/easy-rsa
cp /usr/share/doc/openvpn-*/sample/sample-config-files/server.conf /etc/openvpn

You can set export KEY_* in this file for not need to enter credentials for each key separately

vim /etc/openvpn/easy-rsa/vars

Sourcing defined values

cd /etc/openvpn/easy-rsa/
source ./vars

generating server ca,keys

cd /etc/openvpn/easy-rsa/
./clean-all
./build-ca
./build-key-server server
./build-dh
cd keys
cp dh2048.pem ca.crt server.crt server.key /etc/openvpn

generating client keys

cd /etc/openvpn/easy-rsa
./build-key client

note:When asked for 'common name' please fill in unique name for client (it will be listed in openvpn.log after login)

enabling service

ln -s /lib/systemd/system/openvpn\@.service /etc/systemd/system/multi-user.target.wants/openvpn\@server.service
sytemctl start openvpn@server
sytemctl status openvpn@server
sytemctl stop openvpn@server


debian