Hi friends today's I will show to you how to install openvpn on centos 6.4 step by step. Openvpn installation is very complex but in this video tutorial everyone can install and configure openvpn very easy.
Following the step:
This video tutorial divided in two parts. First part is server side installation and 2 part is client side installation
Centos 6.4:
Wan interface card = eth0 = 192.168.10.120
Lan interface card = eth1 = 192.168.0.20
Window client:
Wan interface card = 192.168.10.116
Lan interface card ip address = 192.168.0.244
Login server as root user
-----------------------------------
Step 1 - First command you can put
yum install gcc make rpm-build autoconf.noarch zlib-devel pam-devel openssl-devel --y
Step 2 - Second you put confirm wget install on centos
Yum install wget --y
Step 3 - Now can download LZO RPM and Configure RPMForge Repo
wget http://openvpn.net/release/lzo-1.08-4...
Step 4 - Now add correct repo for your server
CentOS 6 32-bit (x86):
wget http://pkgs.repoforge.org/rpmforge-re...
CentOS 6 64-bit (x86_64):
wget http://pkgs.repoforge.org/rpmforge-re...
step 5 - Then build the rpm package using this command
rpmbuild --rebuild lzo-1.08-4.rf.src.rpm
rpm -Uvh lzo-*.rpm
rpm -Uvh rpmforge-release*
step 6 - Installing OpenVPN
yum install openvpn --y
step 7- Copy the easy-rsa folder to /etc/openvpn/, use this command
cp -R /usr/share/doc/openvpn-2.2.2/easy-rsa/ /etc/openvpn/
Step 7 -- Now edit it
Vi /etc/openvpn/easy-rsa/2.0/vars
export KEY_CONFIG='$EASY_RSA/whichopensslcnf $EASY_RSA'
replace it with
export KEY_CONFIG=/etc/openvpn/easy-rsa/2.0/openssl-1.0.0.cnf
Step 8 -- Create the certificate using these commands:
cd /etc/openvpn/easy-rsa/2.0
chmod 755 *
source ./vars
./vars
./clean-all
Step 9 -- It's time to build necessary CA file:
./build-ca
Step 10 -- Time to build Key Server:
./build-key-server server
Step 11 -- Now issue command below to build Diffie Hellman:
./build-dh
Step 12 -- Create OpenVPN config file:
Vi /etc/openvpn/server.conf
port 1194 #- port
proto udp #- protocol
dev tun
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
reneg-sec 0
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login #- Comment this line if you are using FreeRADIUS
#plugin /etc/openvpn/radiusplugin.so /etc/openvpn/radiusplugin.cnf #- Uncomment this line if you are using FreeRADIUS
client-cert-not-required
username-as-common-name
server 192.168.0.0 255.255.255.0
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 5 30
comp-lzo
persist-key
persist-tun
status 1194.log
verb 3
Step 14 -- Lets start OpenVPN service on your server for the very first time:
service openvpn start
Step 15 -- Lets start OpenVPN service on startup
chkconfig openvpn on
Step 16 -- You'll also need to enable IP forwarding
Vi /etc/sysctl.conf
replace 0 with 1 in this line:
net.ipv4.ip_forward = 1
Step 17 -- Issue this command to load the change:
sysctl --p
Step 18 -- Create new Linux username which can also be used to login to the VPN:
useradd username -s /bin/false
Then also create its password:
passwd username
Step 19 -- Now route some iptables
Xen and KVM users use:
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
special for OpenVZ use these two instead:
iptables -t nat -A POSTROUTING -o venet0 -j SNAT --to-source 123.123.123.123
and
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to-source 123.123.123.123
Step 20 -- Now save that iptables and restart rules
Service iptables save
Service iptables restart
if you learn more linux tutorial than visit my official website http://www.broexperts.com/
How to install and configure openvpn on centos 6.4 step by step | |
| 22 Likes | 22 Dislikes |
| 19,930 views views | 1,634 followers |
| Science & Technology | Upload TimePublished on 2 Apr 2014 |
Không có nhận xét nào:
Đăng nhận xét