
Following the step:
This video tutorial divided in two parts. First part is server side installation and 2 part is client side installation
Centos 6.4:
Wan interface card = eth0 = 192.168.10.120
Lan interface card = eth1 = 192.168.0.20
Window client:
Wan interface card = 192.168.10.116
Lan interface card ip address = 192.168.0.244
Login server as root user
-----------------------------------
Step 1 - First command you can put
yum install gcc make rpm-build autoconf.noarch zlib-devel pam-devel openssl-devel --y
Step 2 - Second you put confirm wget install on centos
Yum install wget --y
Step 3 - Now can download LZO RPM and Configure RPMForge Repo
wget http://openvpn.net/release/lzo-1.08-4...
Step 4 - Now add correct repo for your server
CentOS 6 32-bit (x86):
wget http://pkgs.repoforge.org/rpmforge-re...
CentOS 6 64-bit (x86_64):
wget http://pkgs.repoforge.org/rpmforge-re...
step 5 - Then build the rpm package using this command
rpmbuild --rebuild lzo-1.08-4.rf.src.rpm
rpm -Uvh lzo-*.rpm
rpm -Uvh rpmforge-release*
step 6 - Installing OpenVPN
yum install openvpn --y
step 7- Copy the easy-rsa folder to /etc/openvpn/, use this command
cp -R /usr/share/doc/openvpn-2.2.2/easy-rsa/ /etc/openvpn/
Step 7 -- Now edit it
Vi /etc/openvpn/easy-rsa/2.0/vars
export KEY_CONFIG='$EASY_RSA/whichopensslcnf $EASY_RSA'
replace it with
export KEY_CONFIG=/etc/openvpn/easy-rsa/2.0/openssl-1.0.0.cnf
Step 8 -- Create the certificate using these commands:
cd /etc/openvpn/easy-rsa/2.0
chmod 755 *
source ./vars
./vars
./clean-all
Step 9 -- It's time to build necessary CA file:
./build-ca
Step 10 -- Time to build Key Server:
./build-key-server server
Step 11 -- Now issue command below to build Diffie Hellman:
./build-dh
Step 12 -- Create OpenVPN config file:
Vi /etc/openvpn/server.conf
port 1194 #- port
proto udp #- protocol
dev tun
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
reneg-sec 0
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login #- Comment this line if you are using FreeRADIUS
#plugin /etc/openvpn/radiusplugin.so /etc/openvpn/radiusplugin.cnf #- Uncomment this line if you are using FreeRADIUS
client-cert-not-required
username-as-common-name
server 192.168.0.0 255.255.255.0
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 5 30
comp-lzo
persist-key
persist-tun
status 1194.log
verb 3
Step 14 -- Lets start OpenVPN service on your server for the very first time:
service openvpn start
Step 15 -- Lets start OpenVPN service on startup
chkconfig openvpn on
Step 16 -- You'll also need to enable IP forwarding
Vi /etc/sysctl.conf
replace 0 with 1 in this line:
net.ipv4.ip_forward = 1
Step 17 -- Issue this command to load the change:
sysctl --p
Step 18 -- Create new Linux username which can also be used to login to the VPN:
useradd username -s /bin/false
Then also create its password:
passwd username
Step 19 -- Now route some iptables
Xen and KVM users use:
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
special for OpenVZ use these two instead:
iptables -t nat -A POSTROUTING -o venet0 -j SNAT --to-source 123.123.123.123
and
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to-source 123.123.123.123
Step 20 -- Now save that iptables and restart rules
Service iptables save
Service iptables restart
if you learn more linux tutorial than visit my official website http://www.broexperts.com/
How to install and configure openvpn on centos 6.4 step by step | |
22 Likes | 22 Dislikes |
19,930 views views | 1,634 followers |
Science & Technology | Upload TimePublished on 2 Apr 2014 |
Không có nhận xét nào:
Đăng nhận xét