OPENVPN WINDOWS LINUX: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
 
(13 dazwischenliegende Versionen von 2 Benutzern werden nicht angezeigt)
Zeile 1: Zeile 1:
 
=LINUX=
 
=LINUX=
 +
===cert vezeichnis erstellen===
 +
mkdir /root/openvpn-certs
 
===CA erstellen===
 
===CA erstellen===
 +
cd /root/openvpn-certs
 
  openssl dhparam -out dh1024.pem 1024
 
  openssl dhparam -out dh1024.pem 1024
 
  openssl genrsa -des3 -out openvpn-ca.key 1024
 
  openssl genrsa -des3 -out openvpn-ca.key 1024
Zeile 6: Zeile 9:
  
 
===Windows Client-Zertifikate erstellen===
 
===Windows Client-Zertifikate erstellen===
 +
cd /root/openvpn-certs
 
  openssl genrsa -out openvpn-windows.key
 
  openssl genrsa -out openvpn-windows.key
 
  openssl req -new -key openvpn-windows.key -out openvpn-windows.csr
 
  openssl req -new -key openvpn-windows.key -out openvpn-windows.csr
Zeile 12: Zeile 16:
  
 
===Linux Client-Zertifikate erstellen===
 
===Linux Client-Zertifikate erstellen===
 +
cd /root/openvpn-certs
 
  openssl genrsa -out openvpn-linux.key
 
  openssl genrsa -out openvpn-linux.key
 
  openssl req -new -key openvpn-linux.key -out openvpn-linux.csr
 
  openssl req -new -key openvpn-linux.key -out openvpn-linux.csr
Zeile 17: Zeile 22:
 
   -CAkey openvpn-ca.key -CAcreateserial -out openvpn-linux.crt
 
   -CAkey openvpn-ca.key -CAcreateserial -out openvpn-linux.crt
  
==Installation==
+
==Installation Openvpn==
 
  apt-get install openvpn
 
  apt-get install openvpn
 +
==Kopieren der cert-datein==
 +
cd /root/openvpn-certs
 +
cp openvpn-ca.crt dh1024.pem openvpn-linux.crt openvpn-linux.key /etc/openvpn/
 +
==openvpn config datei anlegen==
 +
  cat /etc/openvpn/server.conf
 +
dev tun
 +
mode server
 +
tls-server
 +
#proto tcp-server
 +
port 5000
 +
topology subnet
 +
server 172.31.2.0 255.255.255.0
 +
route-gateway 172.31.2.1
 +
push 'route-gateway 172.31.2.1'
 +
cipher AES-256-CBC
 +
link-mtu 1558
 +
status /tmp/cool-vpn.status
 +
keepalive 10 30
 +
client-to-client
 +
max-clients 150
 +
verb 3
 +
dh /etc/openvpn/dh1024.pem
 +
ca /etc/openvpn/openvpn-ca.crt
 +
cert /etc/openvpn/openvpn-linux.crt
 +
key /etc/openvpn/openvpn-linux.key
 +
comp-lzo
 +
persist-key
 +
persist-tun
 +
duplicate-cn
 +
 +
===Testen===
 +
openvpn --config /etc/openvpn/server.conf
 +
 +
==Windows==
 +
===Konfiguration===
 +
Den Client unter http://openvpn.net/index.php/download/community-downloads.html downloaden _NICHT_ "OpenVPN Connect"
 +
 +
===Dateien nach C:\\Program Files\OpenVpn\config\ übertragen===
 +
openvpn-ca.crt
 +
openvpn-windows.crt
 +
openvpn-windows.key
 +
 +
===C:\\Program Files\OpenVpn\config\config.ovpn===
 +
port 5000 #udp by default
 +
dev tun0
 +
remote 192.168.240.42
 +
tls-client
 +
ca C:\\Program Files\\OpenVpn\\config\\openvpn-ca.crt
 +
cert C:\\Program Files\\OpenVpn\\config\\openvpn-windows.crt
 +
key C:\\Program Files\\OpenVpn\\config\\openvpn-windows.key
 +
#tun-mtu 1500
 +
#tun-mtu-extra 32
 +
mssfix 1450
 +
pull
 +
comp-lzo
 +
verb 3

Aktuelle Version vom 13. März 2018, 15:25 Uhr

LINUX

cert vezeichnis erstellen

mkdir /root/openvpn-certs

CA erstellen

cd /root/openvpn-certs
openssl dhparam -out dh1024.pem 1024
openssl genrsa -des3 -out openvpn-ca.key 1024
openssl req -new -key openvpn-ca.key -x509 -days 365 -out openvpn-ca.crt

Windows Client-Zertifikate erstellen

cd /root/openvpn-certs
openssl genrsa -out openvpn-windows.key
openssl req -new -key openvpn-windows.key -out openvpn-windows.csr
openssl x509 -req -days 365 -in openvpn-windows.csr -CA openvpn-ca.crt \
 -CAkey openvpn-ca.key -CAcreateserial -out openvpn-windows.crt

Linux Client-Zertifikate erstellen

cd /root/openvpn-certs
openssl genrsa -out openvpn-linux.key
openssl req -new -key openvpn-linux.key -out openvpn-linux.csr
openssl x509 -req -days 365 -in openvpn-linux.csr -CA openvpn-ca.crt \
 -CAkey openvpn-ca.key -CAcreateserial -out openvpn-linux.crt

Installation Openvpn

apt-get install openvpn

Kopieren der cert-datein

cd /root/openvpn-certs
cp openvpn-ca.crt dh1024.pem openvpn-linux.crt openvpn-linux.key /etc/openvpn/

openvpn config datei anlegen

 cat /etc/openvpn/server.conf 
dev tun
mode server
tls-server
#proto tcp-server
port 5000
topology subnet
server 172.31.2.0 255.255.255.0
route-gateway 172.31.2.1
push 'route-gateway 172.31.2.1'
cipher AES-256-CBC
link-mtu 1558
status /tmp/cool-vpn.status
keepalive 10 30
client-to-client
max-clients 150
verb 3
dh /etc/openvpn/dh1024.pem
ca /etc/openvpn/openvpn-ca.crt
cert /etc/openvpn/openvpn-linux.crt
key /etc/openvpn/openvpn-linux.key
comp-lzo
persist-key
persist-tun
duplicate-cn

Testen

openvpn --config /etc/openvpn/server.conf

Windows

Konfiguration

Den Client unter http://openvpn.net/index.php/download/community-downloads.html downloaden _NICHT_ "OpenVPN Connect"

Dateien nach C:\\Program Files\OpenVpn\config\ übertragen

openvpn-ca.crt
openvpn-windows.crt
openvpn-windows.key

C:\\Program Files\OpenVpn\config\config.ovpn

port 5000 #udp by default
dev tun0
remote 192.168.240.42
tls-client
ca C:\\Program Files\\OpenVpn\\config\\openvpn-ca.crt
cert C:\\Program Files\\OpenVpn\\config\\openvpn-windows.crt
key C:\\Program Files\\OpenVpn\\config\\openvpn-windows.key
#tun-mtu 1500
#tun-mtu-extra 32
mssfix 1450
pull
comp-lzo
verb 3
Abgerufen von „http://wiki.ixheim.de/index.php?title=OPENVPN_WINDOWS_LINUX&oldid=16745