Follow step by step to configure OpenVPN server in your server. follow the following steps:
Step1: #yum -y install openvpn-server openvpn-client
if there is proxy in your network then you have to run the following command to by-pass the proxy before starting yum install.
#export http_proxy=http://username:password@serverIP:3128
Step2: cd /usr/share/doc/openvpn-2.2.0/easy-rsa/
Stap3: chmod a+x * <--This command will make executable all files in the dir
Stap4: mkdir keys < This command will make key dir to save new keys
Stap5: ./vars
Now build your server key with the following commands
Stap6: ./build-ca
Step7: ./build-key-server server
Step8: ./build-dh
Step9: cp /usr/share/doc/openvpn-2.0.9/easy-rsa/keys/* /etc/openvpn/
Now change dir
Step10: cd /etc/openvpn/
Now copy the server.conf file from the following location
Step11: cp /usr/share/doc/openvpn-2.0.9/sample-config-files/server.conf
Step12: vi server.conf
you will see the following entry in the file.
local a.b.c.d
port 1194
;proto tcp
proto udp
;dev tap
dev tun
;dev-node MyTap
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key # This file should be kept secret
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist /etc/openvpn/ipp.txt
;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
;server-bridge
push "route 192.168.10.0 255.255.255.0"
;client-config-dir ccd
;route 192.168.40.128 255.255.255.248
;client-config-dir ccd
;route 10.9.0.0 255.255.255.252
;learn-address ./script
;push "redirect-gateway def1 bypass-dhcp"
;push "dhcp-option DNS 208.67.222.222"
;push "dhcp-option DNS 208.67.220.220"
;client-to-client
;duplicate-cn
keepalive 10 120
;tls-auth ta.key 0 # This file is secret
;cipher BF-CBC # Blowfish (default)
;cipher AES-128-CBC # AES
;cipher DES-EDE3-CBC # Triple-DES
comp-lzo
;max-clients 100
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
log openvpn.log
;log-append openvpn.log
verb 3
;mute 20
In this file you have to find the following lines
local liveIP address
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
ifconfig-pool-persist /etc/openvpn/ipp.txt
push "route 192.168.10.0 255.255.255.0" <-- change this ip to your IP network
now you can start your openvpn server
/etc/init.d/openvpn start
chkconfig openvpn on
OpenVPN configuration on client.
write you comments here for instant reply:
Step1: #yum -y install openvpn-server openvpn-client
if there is proxy in your network then you have to run the following command to by-pass the proxy before starting yum install.
#export http_proxy=http://username:password@serverIP:3128
Step2: cd /usr/share/doc/openvpn-2.2.0/easy-rsa/
Stap3: chmod a+x * <--This command will make executable all files in the dir
Stap4: mkdir keys < This command will make key dir to save new keys
Stap5: ./vars
Now build your server key with the following commands
Stap6: ./build-ca
Step7: ./build-key-server server
Step8: ./build-dh
Step9: cp /usr/share/doc/openvpn-2.0.9/easy-rsa/keys/* /etc/openvpn/
Now change dir
Step10: cd /etc/openvpn/
Now copy the server.conf file from the following location
Step11: cp /usr/share/doc/openvpn-2.0.9/sample-config-files/server.conf
Step12: vi server.conf
you will see the following entry in the file.
local a.b.c.d
port 1194
;proto tcp
proto udp
;dev tap
dev tun
;dev-node MyTap
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key # This file should be kept secret
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist /etc/openvpn/ipp.txt
;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
;server-bridge
push "route 192.168.10.0 255.255.255.0"
;client-config-dir ccd
;route 192.168.40.128 255.255.255.248
;client-config-dir ccd
;route 10.9.0.0 255.255.255.252
;learn-address ./script
;push "redirect-gateway def1 bypass-dhcp"
;push "dhcp-option DNS 208.67.222.222"
;push "dhcp-option DNS 208.67.220.220"
;client-to-client
;duplicate-cn
keepalive 10 120
;tls-auth ta.key 0 # This file is secret
;cipher BF-CBC # Blowfish (default)
;cipher AES-128-CBC # AES
;cipher DES-EDE3-CBC # Triple-DES
comp-lzo
;max-clients 100
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
log openvpn.log
;log-append openvpn.log
verb 3
;mute 20
In this file you have to find the following lines
local liveIP address
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
ifconfig-pool-persist /etc/openvpn/ipp.txt
push "route 192.168.10.0 255.255.255.0" <-- change this ip to your IP network
now you can start your openvpn server
/etc/init.d/openvpn start
chkconfig openvpn on
OpenVPN configuration on client.
write you comments here for instant reply:
if you have any query you can ask her for instant reply
ReplyDelete