OPENVPN with User-Authentication: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
(Die Seite wurde neu angelegt: „=Install= *sudo apt install openvpn =Server= ==Create DH Key== *cd /etc/openvpn *openssl dhparam -out dh2048.pem 2048 Place also openvpn-ca.crt openvpn-linux.…“)
 
Zeile 15: Zeile 15:
 
topology subnet
 
topology subnet
 
server 172.31.2.0 255.255.255.0
 
server 172.31.2.0 255.255.255.0
route-gateway 172.31.2.1
+
push "route 192.168.191.0 255.255.255.0"
push 'route-gateway 172.31.2.1'
 
 
cipher AES-256-CBC
 
cipher AES-256-CBC
link-mtu 1558
+
link-mtu 1542
 
status /tmp/cool-vpn.status
 
status /tmp/cool-vpn.status
 
keepalive 10 30
 
keepalive 10 30

Version vom 24. Oktober 2019, 13:31 Uhr

Install

  • sudo apt install openvpn

Server

Create DH Key

  • cd /etc/openvpn
  • openssl dhparam -out dh2048.pem 2048

Place also openvpn-ca.crt openvpn-linux.crt openvpn-linux.key in this directory

Server Config

  • vi /etc/openvpn/server.conf
dev tun
mode server
tls-server
port 5000
topology subnet
server 172.31.2.0 255.255.255.0
push "route 192.168.191.0 255.255.255.0"
cipher AES-256-CBC
link-mtu 1542
status /tmp/cool-vpn.status
keepalive 10 30
client-to-client
max-clients 150
verb 3
dh /etc/openvpn/dh2048.pem
ca /etc/openvpn/openvpn-ca.crt
cert /etc/openvpn/openvpn-linux.crt
key /etc/openvpn/openvpn-linux.key
comp-lzo
persist-key
persist-tun
duplicate-cn
plugin /usr/lib/x86_64-linux-gnu/openvpn/plugins/openvpn-plugin-auth-pam.so /etc/pam.d/login
Abgerufen von „http://wiki.ixheim.de/index.php?title=OPENVPN_with_User-Authentication&oldid=18793