Openvpn Roadwarrior zu Firewall Pfsense: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 1: | Zeile 1: | ||
| + | =Pfsense= | ||
[[Datei:Openvpn-Pfsense-Roadwarrior.png]] | [[Datei:Openvpn-Pfsense-Roadwarrior.png]] | ||
| + | =Client= | ||
<pre> | <pre> | ||
dev tun | dev tun | ||
Aktuelle Version vom 10. Februar 2022, 11:52 Uhr
Pfsense
Client
dev tun persist-tun persist-key data-ciphers AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-128-CBC data-ciphers-fallback AES-128-CBC auth SHA256 tls-client client resolv-retry infinite remote 10.66.252.10 1194 udp4 verify-x509-name "openvpn-server-cert" name remote-cert-tls server explicit-exit-notify <ca> -----BEGIN CERTIFICATE----- MIIDWjCCAkKgAwIBAgIINjSon37jCnMwDQYJKoZIhvcNAQELBQAwIzEUMBIGA1UE AxMLaW50ZXJuYWwtY2ExCzAJBgNVBAYTAkRFMB4XDTIyMDIwMjExMzA1OVoXDTMy MDEzMTExMzA1OVowIzEUMBIGA1UEAxMLaW50ZXJuYWwtY2ExCzAJBgNVBAYTAkRF MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaK/YSVj9wBqmI1rgkKv h9z/gXk7CiezwJy9hRTT7V6ZvEUjTrcu6JBsac0DeSNfgX+/Xdoy4hUUCXnaYLUQ sACmERbILdr1463nF5TaolfpZDz/nLv+G/wgSLlmleQ38e0GaAgJUHSFRy7cuA6Y GnB3rDGzWU84xo7aZXrdfKP6Uu+5PmEQjWnTFbaxuuM6OE4IEikxtnE5+/Ct0js5 uGzKL7imK7FVsAZpC+eTa6bWssc2kUc4QbOkGt82PFbPGxq3bqB6DfA9YyqwqlwG pKIvg17rYbx7i+IBcjyEsJ+6pKmR71/iem5fXSU7Xv8f6ktXPxTEzlICcDC2p/Fb JwIDAQABo4GRMIGOMB0GA1UdDgQWBBRXYIcZcf83FwUIyhEx0d/1FGPK9TBSBgNV HSMESzBJgBRXYIcZcf83FwUIyhEx0d/1FGPK9aEnpCUwIzEUMBIGA1UEAxMLaW50 ZXJuYWwtY2ExCzAJBgNVBAYTAkRFggg2NKiffuMKczAMBgNVHRMEBTADAQH/MAsG A1UdDwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEANLJyx9G6v5c95LENH/8oF2kF Q+NbFfH3AD7XiQOYO7JhwijjQ1tYL5GKoiaK3aNZt/CEPrh5gZiTY2ftpF0lleiU NFGQRW/GYQYerWpoILEQ/suZMPDS1JSZRmSBM/P6gdAxqouulg7tgeEdEfC7kkRW jFWYm6Az7AlC7X0HHSCF2Q2nH43PuRH/uP2nN6eK+UqTITRr/mCkfsdnLQQJN8Gb WV1CNwJg+NpbEskj+xGYrBcsTs2G+X1AVPYB2GUI3P5JH/fu1e/3A40Ig51yWVJ1 pj0Tlgff9ofq0JESapaAONsNYeGXWgh0K1/ybkKxZV1KbbahSy1ffVVRrEUUow== -----END CERTIFICATE----- </ca> <cert> -----BEGIN CERTIFICATE----- MIIDoDCCAoigAwIBAgIBAzANBgkqhkiG9w0BAQsFADAjMRQwEgYDVQQDEwtpbnRl cm5hbC1jYTELMAkGA1UEBhMCREUwHhcNMjIwMjEwMTEyNjM4WhcNMzIwMjA4MTEy NjM4WjAbMQswCQYDVQQGEwJERTEMMAoGA1UEAxMDdnBuMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEAooWRuL89duLxVdOc5SY1+g2h5YI88PAC9L7pF5P6 PnNkaaexRMlSWXg1az/6f8bl1WFJz+gozWj3VEhYTvhRCvg8/8iW+mz6qjel6ASL AZdCpxsAjVFsCwW1ziguR82s3+cYNeawdeNQhTCi+vIGMkYLukJiqLECIrldrITN 42iNNDq8noyKc33D99T/zJ69LyL75blN2aYnPwoM1iaJGg7T20Cc9bgjj9FB9oVY Uxp0a4NaVdWIj1Ews54kify+WnHK+YNEcKidVPRvo/KENrH1impCAjy5eIVnAgXh gjovzWFA/ghT32r+Fzf5GGTlu2arxEt+AVXEcADHPMqrHwIDAQABo4HmMIHjMAkG A1UdEwQCMAAwCwYDVR0PBAQDAgXgMDEGCWCGSAGG+EIBDQQkFiJPcGVuU1NMIEdl bmVyYXRlZCBVc2VyIENlcnRpZmljYXRlMB0GA1UdDgQWBBTz72LCOfCuzUe2EISa QMChFunNETBSBgNVHSMESzBJgBRXYIcZcf83FwUIyhEx0d/1FGPK9aEnpCUwIzEU MBIGA1UEAxMLaW50ZXJuYWwtY2ExCzAJBgNVBAYTAkRFggg2NKiffuMKczATBgNV HSUEDDAKBggrBgEFBQcDAjAOBgNVHREEBzAFggN2cG4wDQYJKoZIhvcNAQELBQAD ggEBAKosycYdzKON2tt9OhlHcPSVWwMVpSaYr+6sKLIUMV8kMOcVvehVasmAHvN3 bX5vNRHb2mZsKHUVxXASB1hODUEOExZlG/ZG/njf18uaOQ0HHZPDzxzBtMZ5lLCd kMLOJCzKyjdZ3eVjvCJ1lsJwBYJsbWlzb/2ljtuJcHWtTmSIg4XNqt1I4502U4D+ 2MOouVm6qgzci1Tgcp+1Okm97vDlgLiVHAf1iDRKg3r/mAjWsG9AIC6ANwhTHOKP xBs/q5Vx2fyBTzAXDE6ssIE8gRaDx1wu2ksFnMKJyC3A3pB4PV5DzyO7FT6AZ1/d BVgrqyxxN0zJYrBRBxR1SyfsyLI= -----END CERTIFICATE----- </cert> <key> -----BEGIN PRIVATE KEY----- MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCihZG4vz124vFV 05zlJjX6DaHlgjzw8AL0vukXk/o+c2Rpp7FEyVJZeDVrP/p/xuXVYUnP6CjNaPdU SFhO+FEK+Dz/yJb6bPqqN6XoBIsBl0KnGwCNUWwLBbXOKC5Hzazf5xg15rB141CF MKL68gYyRgu6QmKosQIiuV2shM3jaI00OryejIpzfcP31P/Mnr0vIvvluU3Zpic/ CgzWJokaDtPbQJz1uCOP0UH2hVhTGnRrg1pV1YiPUTCzniSJ/L5accr5g0RwqJ1U 9G+j8oQ2sfWKakICPLl4hWcCBeGCOi/NYUD+CFPfav4XN/kYZOW7ZqvES34BVcRw AMc8yqsfAgMBAAECggEAKJXOdCJdyQiXV+WGcrr+E7m/yj6h1VE6i7/5GYg8n8fV NYVJAXJ8/BbG0Eej2LDkyEqJUkAZoGIsEYIXe3ELW//ty7pd6Z+5YTSQW8Z2qCkL 3gsiMig5IO+GHTtvg0LbfvaI1z0KqAXiH8CrkptJ7NgNKbBWTuYVMHK179UiTT1y ymSgO12TuTxbzjEKhgL2wjYhpEJfhuw3SU/WioShsPnVVRq+7VxDk8YT+ruIJ/qY OVH01QVLF3aDPfL1lj/mtyo71YhGv2tBLWbEAzHVyaxIdrAWsu4BzhnHGCmOzuXg e0mlRMUm+SWfFb0a/07yj4zA05yzotwhcvX1nSSmcQKBgQDSDXeD8a1J2qi0i6Ai MEIOY5lhqLK3pu+2E3pQFGYZo1+/z9U8V2eFy/FTk04spTwemaRx/dq+BYwPeYvY i2G706UXU6vBH2nzoXOfB/hpd1MaTg5UuNgYl+84joTf6A736/KWCgurftIMRWmM n83viDG5n/E2GLddOyrOD/7V5QKBgQDGEnfY+f20zkPCZFdEbRFujMRjXAc/PRJi MTzWB29X0ZqNCbKUhHyWYaWu/iSy7d1UuedyItNW/j940NvmjT0sRkbB+s73yzj1 tkHRPE/O7AMg5BDiolLQ7auHrNaFxYSrhUw/C/m4k/UCySM5YJBs4pkEyCI7JsjR 5npNF/zsswKBgEUFldMuc/HDvxHsm4cAcoRF6B22EFvWqAgdaGCuA0rDa3Ac/AWi 9up5NGhxDAwRk6q+c9HdR6aPLhHbr79NNaVBi4sZvGNuTiN3VwXX2aHWSuFm6sCe KKwUKNBdzH3CxEBlMMZqsKD+wEi1+lPyIvplt2k2jE1pW79v9MXXbbadAoGBALMa rg6gd16QCUt1Kkgwi8u4NDlYVSFE2yO5PDaZAICbgzI3a6jKaFIfOA+VtZ+qYTIk 7HkTrqECRGi+C6pdWsx3O7JaVd5RgE8HIFrQO6ZzWZzbPb2BZHuR/kIv8seBxKbI YRq9fHEAMVP0hwpyHAapnA5r3jA4sOzEiSC/KTDrAoGBALAarrqYUCEeX0S3WfS6 HdrdDMQnxJSLPMMujqai/nsFieVIpBZgw+jd/RlkmMV/1DJn1atgF65Y1C/iNhuO vMfcvGvKfd5/PykwWCHk7ZD1OBiiL92bK4HT6bf61GtU0Bk5ov7WL2O1QPjrp6rs l2rK9W8U4t9EorF5QlwyEe8g -----END PRIVATE KEY----- </key> key-direction 1 <tls-auth> # # 2048 bit OpenVPN static key # -----BEGIN OpenVPN Static key V1----- 2a2d98055970642452e2e4db218af7d0 661180af8b53654a9f960b42ad9cfcf4 0dd512783e3568abfd6ac52c57dea3a1 5b320ca185cd1bddad1b66a172ee4569 0239660879c054f941e37bbbb7c7b38c b3d9dd0e896f141e1cd498e00c10860f 94212efe0d0f759a2a3d72bb6e4d8dcb 46aa146b38079d0028fd77262f5902a9 a462dc6a38c9d725ee558842ef05b2e2 35bf13e40db7b1aae90c5715c0399700 23140c98cf0eefb6c4160bea8f8b17b5 915baa57dc01659cc3ac660cae5ffa90 a500c00f64302b681d8fce698472a700 b2bdf76744f80bb1f982aa6dc7d40722 b03c521324021a7d7c0be53d4643f8d8 821a9bb00485f812676f85d01f81f1bd -----END OpenVPN Static key V1----- </tls-auth>