wiki'd

by JoKeru

OpenVPN

$ apt-get install openvpn

$ cd /usr/share/doc/openvpn/examples/easy-rsa/2.0/
$ vi vars
$ . ./vars
$ ./clean-all
$ ./build-ca
$ ./build-key-server wiki
$ ./build-key road-warrior
$ ./build-dh

$ mkdir /etc/openvpn/keys
$ cd keys/
$ cp ca.key ca.crt dh1024.pem wiki.key wiki.crt /etc/openvpn/keys/
$ openvpn --genkey --secret /etc/openvpn/keys/ta.key

$ mkdir /etc/openvpn/ccd
$ vi /etc/openvpn/ccd/road-warrior

$ vi /etc/openvpn/server.conf
$ /etc/init.d/openvpn start

$ echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
$ sysctl -p /etc/sysctl.conf
$ iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -j SNAT --to 50.60.70.80

/etc/openvpn/ccd/road-warrior

push "redirect-gateway"

/etc/openvpn/server.conf

local 50.60.70.80
port 1194
proto udp
dev tun0
server 192.168.10.0 255.255.255.0

ca keys/ca.crt
cert keys/wiki.crt
key keys/wiki.key
dh keys/dh1024.pem
#crl-verify keys/crl.pem
tls-server
tls-auth keys/ta.key 0
cipher AES-256-CBC
tls-cipher DHE-RSA-AES256-SHA
comp-lzo

client-config-dir ccd

tun-mtu 1500
fragment 1400
mssfix

keepalive 1 15
persist-key
persist-tun

cd /etc/openvpn
daemon
user nobody
group nogroup
chroot .
writepid openvpn.pid
status openvpn-status.log
log-append /var/log/openvpn.log
verb 3
mute 20

[http://openvpn.se/files/binary/openvpn-gui-1.0.3.exe|http://openvpn.se/files/binary/openvpn-gui-1.0.3.exe]

C:\Program Files\OpenVPN\config\wiki\wiki.ovpn

client
remote 50.60.70.80 1194
nobind
dev tun
proto udp

ca ca.crt
cert road-warrior.crt
key road-warrior.key
tls-auth ta.key 1
tls-remote wiki
ns-cert-type server
cipher AES-256-CBC
tls-cipher DHE-RSA-AES256-SHA
comp-lzo

tun-mtu 1500
fragment 1400
mssfix

persist-key
persist-tun

mute-replay-warnings
pause-exit

Comments