Tuesday, March 18, 2014

OpenVpn

6 comments:

  1. Software and MotorcyclesMarch 18, 2014 at 10:44 AM

    ==================================================
    CLIENTE
    ==================================================

    remote xx.xx.xx.xx
    port 1194
    dev tun

    tls-client
    ca ca.crt
    cert cliente01.crt
    key cliente01.key

    pull

    ; tun-mtu 1500
    ; fragment 1300
    ; mssfix
    ; dev-node my-tap
    ; ping-restart 60
    ; ping-timer-rem
    ; persist-tun
    ; persist-key
    ; resolv-retry 86400

    ping 10
    comp-lzo
    verb 4
    mute 10

    ReplyDelete
  2. Software and MotorcyclesMarch 18, 2014 at 10:46 AM

    ==================================================
    SERVER - /etc/openvpn/server.conf
    ==================================================

    local xx.xx.xx.xx
    port 1194
    proto udp
    dev tun
    ca /etc/openvpn/pki/easy-rsa/2.0/keys/ca.crt
    cert /etc/openvpn/pki/easy-rsa/2.0/keys/server.crt
    key /etc/openvpn/pki/easy-rsa/2.0/keys/server.key
    dh /etc/openvpn/pki/easy-rsa/2.0/keys/dh2048.pem

    server 10.8.0.0 255.255.255.0

    ifconfig-pool-persist /etc/openvpn/ipp.txt
    client-config-dir /etc/openvpn/ccd

    keepalive 10 120

    cipher BF-CBC # Blowfish (default)
    comp-lzo
    max-clients 20
    user openvpn
    group openvpn
    persist-key
    persist-tun
    status /var/log/openvpn/openvpn-status.log
    verb 4

    ReplyDelete
  3. Software and MotorcyclesMarch 18, 2014 at 10:47 AM

    ==================================================
    CCD - /etc/openvpn/ccd/cliente01
    ==================================================

    ifconfig-push 10.8.0.2 10.8.0.1

    ReplyDelete
  4. Software and MotorcyclesMarch 18, 2014 at 10:59 AM

    ==================================================
    CCD - /etc/openvpn/ccd/cliente02
    ==================================================
    ; para acceder al server desde el cliente, usar (en cliente) 10.8.0.1
    ifconfig-push 10.8.0.6 10.8.0.5

    ReplyDelete
  5. Software and MotorcyclesAugust 12, 2014 at 11:37 AM

    local 11.22.33.44
    port 61194
    proto udp
    dev tun
    ca /etc/openvpn/pki/easy-rsa/2.0/keys/ca.crt
    cert /etc/openvpn/pki/easy-rsa/2.0/keys/server.crt
    key /etc/openvpn/pki/easy-rsa/2.0/keys/server.key
    dh /etc/openvpn/pki/easy-rsa/2.0/keys/dh2048.pem

    server 10.8.0.0 255.255.255.0
    topology subnet
    ifconfig 10.8.0.1 255.255.255.0
    push "topology subnet"
    push "route-gateway 10.8.0.1"

    push "route 192.168.0.0 255.255.255.0"
    push "route 192.168.1.0 255.255.255.0"
    push "route 192.168.2.0 255.255.255.0"
    push "route 192.168.3.0 255.255.255.0"

    client-config-dir /etc/openvpn/ccd
    keepalive 10 120
    cipher BF-CBC # Blowfish (default)
    comp-lzo
    max-clients 20
    user openvpn
    group openvpn
    persist-key
    persist-tun
    status /var/log/openvpn/openvpn-status.log
    verb 5

    ReplyDelete
    Replies
    1. Software and MotorcyclesAugust 12, 2014 at 11:40 AM

      ^^^ Con esta configuracion el server asigna automaticamente las IP a los clientes. De cualquier manera hacer falta crear el archivo en ccd/NOMBRE_CLIENTE

      Delete

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)