_

Zertifikate generieren wie unter OpenVPN mit Windows und Zertifikaten

Installation

• apt-get install openvpn

Config Directory

• /etc/openvpn

Config File Server

• /etc/openvpn/server.conf

dev tun
mode server
tls-server
#proto tcp-server
port 5000
ifconfig 172.26.251.1 172.26.251.2
ifconfig-pool 172.26.251.5 172.26.251.20 # IP range clients
route 172.26.251.0 255.255.255.0
push "route 150.100.2.254 255.255.255.255"
status /tmp/cool-vpn.status
keepalive 10 30
client-to-client
max-clients 150
verb 3
dh /etc/openvpn/cool/dh1024.pem
ca /etc/openvpn/cool/openvpn-ca.crt
cert /etc/openvpn/cool/openvpn-duras.crt
key /etc/openvpn/cool/openvpn-duras.key
comp-lzo
persist-key
persist-tun
duplicate-cn
plugin /usr/lib/openvpn/openvpn-auth-pam.so /etc/pam.d/login (falls Benutzerauth gewünscht)

Installation

• apt-get install openvpn

Config Directory

• /etc/openvpn

Config File Client

• /etc/openvpn/client.conf

port 5000 #udp by default
daemon
dev tun0
remote openvpn.xinux.com
tls-client
ca /etc/openvpn/certs/openvpn-ca.crt
cert /etc/openvpn/certs/xinux-andreas.crt
key /etc/openvpn/certs/xinux-andreas.key
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
pull
comp-lzo
route 192.168.254.0 255.255.255.0
verb 3
auth-user-pass (wenn Benutzerauth gewünscht)

Vorlage:HOWTO Vorlage:VPN