Changes between Initial Version and Version 1 of TipAndDoc/network/vpn/openvpn/purebridge


Ignore:
Timestamp:
Jul 4, 2010 6:57:13 PM (15 years ago)
Author:
mitty
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • TipAndDoc/network/vpn/openvpn/purebridge

    v1 v1  
     1[[PageOutline]] 
     2 
     3 = OpenVPN with no "server-bridge" = 
     4 * OpenVPN 2.1.0 with Ubuntu lucid 
     5 
     6 
     7 = making certs = 
     8 * vpnserver:~$ sudo aptitude install -R openvpn bridge-utils -y 
     9 * vpnserver:~$ sudo cp -av /usr/share/doc/openvpn/examples/easy-rsa/2.0/ /etc/openvpn/easy-rsa 
     10 
     11 * vpnserver:~$ sudo vim /etc/openvpn/easy-rsa/vars 
     12 
     13 * root@vpnserver:/etc/openvpn/easy-rsa# . ./vars 
     14 * root@vpnserver:/etc/openvpn/easy-rsa# ./clean-all 
     15 * root@vpnserver:/etc/openvpn/easy-rsa# ./build-ca 
     16{{{ 
     17writing new private key to 'ca.key' 
     18----- 
     19 
     20The Subject's Distinguished Name is as follows 
     21countryName           :PRINTABLE:'JP' 
     22stateOrProvinceName   :PRINTABLE:'Ibraki' 
     23localityName          :PRINTABLE:'Tsukuba' 
     24organizationName      :PRINTABLE:'example.org' 
     25organizationalUnitName:PRINTABLE:'OpenVPN Server' 
     26commonName            :PRINTABLE:'vpnserver' 
     27emailAddress          :IA5STRING:'vpn@example.org' 
     28}}} 
     29 * root@vpnserver:/etc/openvpn/easy-rsa# ./build-key vpnclient 
     30{{{ 
     31writing new private key to 'vpnclient.key' 
     32----- 
     33 
     34The Subject's Distinguished Name is as follows 
     35countryName           :PRINTABLE:'JP' 
     36stateOrProvinceName   :PRINTABLE:'Ibraki' 
     37localityName          :PRINTABLE:'Tsukuba' 
     38organizationName      :PRINTABLE:'example.org' 
     39organizationalUnitName:PRINTABLE:'OpenVPN Client' 
     40commonName            :PRINTABLE:'vpnclient' 
     41emailAddress          :IA5STRING:'vpn@example.org' 
     42}}} 
     43 * root@vpnserver:/etc/openvpn/easy-rsa# ./build-dh 
     44 
     45 == copy files for server == 
     46 * root@vpnserver:/etc/openvpn/easy-rsa# cp -a keys/ca.crt keys/dh1024.pem keys/vpnserver.crt keys/vpnserver.key /etc/openvpn/ 
     47 
     48 == copy files for client == 
     49 * root@vpnserver:/etc/openvpn/easy-rsa# mkdir ~/client 
     50 * root@vpnserver:/etc/openvpn/easy-rsa# cp -a keys/ca.crt keys/vpnclient.crt keys/vpnclient.key ~/client/ 
     51 
     52 * root@vpnserver:~# tar czf client.tar.gz client/ 
     53   * client.tar.gz => vpnclient with sftp