Openvpn net2net psk: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) (Die Seite wurde neu angelegt: „=Install= *Install Openvpn“) |
Thomas (Diskussion | Beiträge) |
||
| (6 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
| Zeile 1: | Zeile 1: | ||
| + | =Scenario= | ||
| + | Two Hosts | ||
| + | *tiazel | ||
| + | **IP:10.84.252.32 | ||
| + | **NET:172.16.32.0 | ||
| + | *zee | ||
| + | **IP:10.84.252.31 | ||
| + | **NET:172.16.31.0 | ||
=Install= | =Install= | ||
*[[Install Openvpn]] | *[[Install Openvpn]] | ||
| + | =Create a PSK= | ||
| + | *root@tiazel:~# *openvpn --genkey --secret /etc/openvpn/preshared.key | ||
| + | *root@tiazel:~# scp /etc/openvpn/preshared.key 10.84.252.31:/etc/openvpn/ | ||
| + | =tiazel= | ||
| + | ==/etc/openvpn/server.conf== | ||
| + | <pre> | ||
| + | remote 10.84.252.31 | ||
| + | local 10.84.252.32 | ||
| + | dev tun | ||
| + | ifconfig 192.168.61.2 192.168.61.1 | ||
| + | secret /etc/openvpn/preshared.key | ||
| + | ping 20 | ||
| + | ping-restart 45 | ||
| + | ping-timer-rem | ||
| + | persist-tun | ||
| + | persist-key | ||
| + | comp-lzo | ||
| + | port 5005 | ||
| + | float | ||
| + | script-security 2 | ||
| + | up /etc/openvpn/openvpn.up | ||
| + | verb 3 | ||
| + | </pre> | ||
| + | ==/etc/openvpn/openvpn.up== | ||
| + | #!/bin/bash | ||
| + | ip route add 172.16.31.0/24 via $5 | ||
| + | *chmod +x /etc/openvpn/openvpn.up | ||
| + | |||
| + | =zee= | ||
| + | ==/etc/openvpn/server.conf== | ||
| + | <pre> | ||
| + | remote 10.84.252.32 | ||
| + | local 10.84.252.31 | ||
| + | dev tun | ||
| + | ifconfig 192.168.61.1 192.168.61.2 | ||
| + | secret /etc/openvpn/preshared.key | ||
| + | ping 20 | ||
| + | ping-restart 45 | ||
| + | ping-timer-rem | ||
| + | persist-tun | ||
| + | persist-key | ||
| + | comp-lzo | ||
| + | port 5005 | ||
| + | float | ||
| + | script-security 2 | ||
| + | up /etc/openvpn/openvpn.up | ||
| + | verb 3 | ||
| + | </pre> | ||
| + | ==/etc/openvpn/openvpn.up== | ||
| + | #!/bin/bash | ||
| + | ip route add 172.16.32.0/24 via $5 | ||
| + | *chmod +x /etc/openvpn/openvpn.up | ||
| + | |||
| + | =Start on both sides= | ||
| + | *openvpn --config /etc/openvpn/server.conf | ||
Aktuelle Version vom 25. Juli 2017, 13:35 Uhr
Scenario
Two Hosts
- tiazel
- IP:10.84.252.32
- NET:172.16.32.0
- zee
- IP:10.84.252.31
- NET:172.16.31.0
Install
Create a PSK
- root@tiazel:~# *openvpn --genkey --secret /etc/openvpn/preshared.key
- root@tiazel:~# scp /etc/openvpn/preshared.key 10.84.252.31:/etc/openvpn/
tiazel
/etc/openvpn/server.conf
remote 10.84.252.31 local 10.84.252.32 dev tun ifconfig 192.168.61.2 192.168.61.1 secret /etc/openvpn/preshared.key ping 20 ping-restart 45 ping-timer-rem persist-tun persist-key comp-lzo port 5005 float script-security 2 up /etc/openvpn/openvpn.up verb 3
/etc/openvpn/openvpn.up
#!/bin/bash ip route add 172.16.31.0/24 via $5
- chmod +x /etc/openvpn/openvpn.up
zee
/etc/openvpn/server.conf
remote 10.84.252.32 local 10.84.252.31 dev tun ifconfig 192.168.61.1 192.168.61.2 secret /etc/openvpn/preshared.key ping 20 ping-restart 45 ping-timer-rem persist-tun persist-key comp-lzo port 5005 float script-security 2 up /etc/openvpn/openvpn.up verb 3
/etc/openvpn/openvpn.up
#!/bin/bash ip route add 172.16.32.0/24 via $5
- chmod +x /etc/openvpn/openvpn.up
Start on both sides
- openvpn --config /etc/openvpn/server.conf